draft-ietf-smime-gost-05.txt   draft-ietf-smime-gost-06.txt 
S/MIME Working Group Serguei Leontiev, CRYPTO-PRO S/MIME Working Group Serguei Leontiev, CRYPTO-PRO
Internet Draft Gregory Chudov, CRYPTO-PRO Internet Draft Gregory Chudov, CRYPTO-PRO
Expires March 13, 2006 September 13, 2005 Expires June 21, 2006 December 21, 2005
Intended Category: Informational Intended Category: Standards Track
Using the GOST 28147-89, GOST R 34.11-94, Using the GOST 28147-89, GOST R 34.11-94,
GOST R 34.10-94 and GOST R 34.10-2001 algorithms with the GOST R 34.10-94 and GOST R 34.10-2001 algorithms with the
Cryptographic Message Syntax (CMS) Cryptographic Message Syntax (CMS)
<draft-ietf-smime-gost-05.txt> <draft-ietf-smime-gost-06.txt>
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 37 skipping to change at page 1, line 37
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than a "work in progress." material or to cite them other than a "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html. http://www.ietf.org/1id-abstracts.html.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on March 13, 2006. This Internet-Draft will expire on June 21, 2006.
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2005). Copyright (C) The Internet Society (2005).
Abstract Abstract
This document describes the conventions for using cryptographic This document describes the conventions for using cryptographic
algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, GOST R algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, GOST R
34.11-94, along with Cryptographic Message Syntax (CMS). The CMS is 34.11-94, along with Cryptographic Message Syntax (CMS). The CMS is
used for digital signature, digest, authentication and encryption used for digital signature, digest, authentication and encryption of
arbitrary message contents. arbitrary message contents.
Table of Contents Table of Contents
1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2 1 Introduction . . . . . . . . . . . . . . . . . . . . . . 2
1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3
2 Message Digest Algorithms. . . . . . . . . . . . . . . . 3 2 Message Digest Algorithms. . . . . . . . . . . . . . . . 3
2.1 Message Digest Algorithm GOST R 34.11-94 . . . . . . . . 3 2.1 Message Digest Algorithm GOST R 34.11-94 . . . . . . . . 3
3 Signature Algorithms . . . . . . . . . . . . . . . . . . 4 3 Signature Algorithms . . . . . . . . . . . . . . . . . . 4
3.1 Signature Algorithm GOST R 34.10-94. . . . . . . . . . . 4 3.1 Signature Algorithm GOST R 34.10-94. . . . . . . . . . . 4
3.2 Signature Algorithm GOST R 34.10-2001. . . . . . . . . . 4 3.2 Signature Algorithm GOST R 34.10-2001. . . . . . . . . . 4
skipping to change at page 7, line 10 skipping to change at page 7, line 10
keyWrap(13) none(0) } keyWrap(13) none(0) }
The GOST 28147-89 Key Wrap algorithm is described in sections 6.1 The GOST 28147-89 Key Wrap algorithm is described in sections 6.1
and 6.2 of [CPALGS]. and 6.2 of [CPALGS].
KeyWrapAlgorithm algorithm parameters MUST be present. The syntax KeyWrapAlgorithm algorithm parameters MUST be present. The syntax
for KeyWrapAlgorithm algorithm parameters is for KeyWrapAlgorithm algorithm parameters is
Gost28147-89-KeyWrapParameters ::= Gost28147-89-KeyWrapParameters ::=
SEQUENCE { SEQUENCE {
encryptionParamSet Gost28147-89-ParamSet encryptionParamSet Gost28147-89-ParamSet,
ukm OCTET STRING (SIZE (8)) OPTIONAL
} }
Gost28147-89-ParamSet ::= OBJECT IDENTIFIER Gost28147-89-ParamSet ::= OBJECT IDENTIFIER
Gost28147-89-KeyWrapParameters ukm MUST be absent.
KeyAgreeRecipientInfo ukm MUST be present, and contain eight KeyAgreeRecipientInfo ukm MUST be present, and contain eight
octets. octets.
encryptedKey MUST encapsulate Gost28147-89-EncryptedKey, where encryptedKey MUST encapsulate Gost28147-89-EncryptedKey, where
maskKey MUST be absent. maskKey MUST be absent.
Gost28147-89-EncryptedKey ::= SEQUENCE { Gost28147-89-EncryptedKey ::= SEQUENCE {
encryptedKey Gost28147-89-Key, encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key maskKey [0] IMPLICIT Gost28147-89-Key
OPTIONAL, OPTIONAL,
skipping to change at page 11, line 33 skipping to change at page 11, line 34
Cryptographic algorithm parameters affect rigidity of algorithms. Cryptographic algorithm parameters affect rigidity of algorithms.
The use of parameters not listed in [CPALGS] is NOT RECOMMENDED (see The use of parameters not listed in [CPALGS] is NOT RECOMMENDED (see
Security Considerations section of [CPALGS]). Security Considerations section of [CPALGS]).
Use of the same key for signature and key derivation is NOT Use of the same key for signature and key derivation is NOT
RECOMMENDED. When signed CMS documents are used as an analogue to a RECOMMENDED. When signed CMS documents are used as an analogue to a
manual signing, in the context of Russian Federal Digital Signature manual signing, in the context of Russian Federal Digital Signature
Law [RFDSL], signer certificate MUST contain the keyUsage extension, Law [RFDSL], signer certificate MUST contain the keyUsage extension,
it MUST be critical, and keyUsage MUST NOT include keyEncipherment or it MUST be critical, and keyUsage MUST NOT include keyEncipherment or
keyAgreement. Application SHOULD be submited for examination by an keyAgreement (see [PROFILE], section 4.2.1.3). Application SHOULD be
authorized agency in appropriate levels of target_of_evaluation submited for examination by an authorized agency in appropriate
(TOE), according to [RFDSL], [RFLLIC] and [CRYPTOLIC]. levels of target_of_evaluation (TOE), according to [RFDSL], [RFLLIC]
and [CRYPTOLIC].
9 Appendix Examples 9 Appendix Examples
Examples here are stored in the same format as the examples in [RFC Examples here are stored in the same format as the examples in [RFC
4134], and can be extracted using the same program. 4134], and can be extracted using the same program.
If you want to extract without the program, copy all the lines If you want to extract without the program, copy all the lines
between the "|>" and "|<" markers, remove any page breaks, and remove between the "|>" and "|<" markers, remove any page breaks, and remove
the "|" in the first column of each line. The result is a valid the "|" in the first column of each line. The result is a valid
Base64 blob that can be processed by any Base64 decoder. Base64 blob that can be processed by any Base64 decoder.
9.1 Signed message 9.1 Signed message
This message is signed using certificate from section 4.2 of [CPPK]. This message is signed using the sample certificate from section 4.2
of [CPPK]. The public key (x,y) from the same section can be used to
verify the message signature.
0 296: SEQUENCE { 0 296: SEQUENCE {
4 9: OBJECT IDENTIFIER signedData 4 9: OBJECT IDENTIFIER signedData
15 281: [0] { 15 281: [0] {
19 277: SEQUENCE { 19 277: SEQUENCE {
23 1: INTEGER 1 23 1: INTEGER 1
26 12: SET { 26 12: SET {
28 10: SEQUENCE { 28 10: SEQUENCE {
30 6: OBJECT IDENTIFIER id-GostR3411-94 30 6: OBJECT IDENTIFIER id-GostR3411-94
38 0: NULL 38 0: NULL
skipping to change at page 13, line 41 skipping to change at page 13, line 46
|9w0BBwGgDgQMc2FtcGxlIHRleHQKMYHkMIHhAgEBMIGBMG0xHzAdBgNVBAMMFkdv |9w0BBwGgDgQMc2FtcGxlIHRleHQKMYHkMIHhAgEBMIGBMG0xHzAdBgNVBAMMFkdv
|c3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkGA1UE |c3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkGA1UE
|BhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUuY29t |BhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUuY29t
|AhAr9cYewhG9F8fc1GJmtC4hMAoGBiqFAwICCQUAMAoGBiqFAwICEwUABEDAw0LZ |AhAr9cYewhG9F8fc1GJmtC4hMAoGBiqFAwICCQUAMAoGBiqFAwICEwUABEDAw0LZ
|P4/+JRERiHe/icPbg0IE1iD5aCqZ9v4wO+T0yPjVtNr74caRZzQfvKZ6DRJ7/RAl |P4/+JRERiHe/icPbg0IE1iD5aCqZ9v4wO+T0yPjVtNr74caRZzQfvKZ6DRJ7/RAl
|xlHbjbL0jHF+7XKp |xlHbjbL0jHF+7XKp
|<GostR3410-2001-signed.bin |<GostR3410-2001-signed.bin
9.2 Enveloped message using Key Agreement 9.2 Enveloped message using Key Agreement
This message is encrypted using the sample certificate from section
4.2 of [CPPK] as a recipient certificate. The private key 'd' from
the same section can be used to decrypt this message.
0 420: SEQUENCE { 0 420: SEQUENCE {
4 9: OBJECT IDENTIFIER envelopedData 4 9: OBJECT IDENTIFIER envelopedData
15 405: [0] { 15 405: [0] {
19 401: SEQUENCE { 19 401: SEQUENCE {
23 1: INTEGER 2 23 1: INTEGER 2
26 336: SET { 26 336: SET {
30 332: [1] { 30 332: [1] {
34 1: INTEGER 3 34 1: INTEGER 3
37 101: [0] { 37 101: [0] {
39 99: [1] { 39 99: [1] {
skipping to change at page 16, line 4 skipping to change at page 16, line 13
: } : }
: } : }
: } : }
|>GostR3410-2001-keyagree.bin |>GostR3410-2001-keyagree.bin
|MIIBpAYJKoZIhvcNAQcDoIIBlTCCAZECAQIxggFQoYIBTAIBA6BloWMwHAYGKoUD |MIIBpAYJKoZIhvcNAQcDoIIBlTCCAZECAQIxggFQoYIBTAIBA6BloWMwHAYGKoUD
|AgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQLNVOfRngZcrpcTZhB8n+4HtCDLm |AgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQLNVOfRngZcrpcTZhB8n+4HtCDLm
|mtTyAHi4/4Nk6tIdsHg8ff4DwfQG5DvMFrnF9vYZNxwXuKCqx9GhlLOlNiChCgQI |mtTyAHi4/4Nk6tIdsHg8ff4DwfQG5DvMFrnF9vYZNxwXuKCqx9GhlLOlNiChCgQI
|L/D20YZLMoowHgYGKoUDAgJgMBQGByqFAwICDQAwCQYHKoUDAgIfATCBszCBsDCB |L/D20YZLMoowHgYGKoUDAgJgMBQGByqFAwICDQAwCQYHKoUDAgIfATCBszCBsDCB
|gTBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQKDAlD |gTBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQKDAlD
|cnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0UjM0MTAt |cnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0UjM0MTAt
|MjAwMUBleGFtcGxlLmNvbQIQK/XGHsIRvRfH3NRiZrQuIQQqMCgEIBajHOfOTukN |MjAwMUBleGFtcGxlLmNvbQIQK/XGHsIRvRfH3NRiZrQuIQQqMCgEIBajHOfOTukN
|8ex0aQRoHsefOu24Ox8dSn75pdnLGdXoBAST/YZ+MDgGCSqGSIb3DQEHATAdBgYq |8ex0aQRoHsefOu24Ox8dSn75pdnLGdXoBAST/YZ+MDgGCSqGSIb3DQEHATAdBgYq
|hQMCAhUwEwQItzXhegc1oh0GByqFAwICHwGADDmxivS/qeJlJbZVyQ== |hQMCAhUwEwQItzXhegc1oh0GByqFAwICHwGADDmxivS/qeJlJbZVyQ==
|<GostR3410-2001-keyagree.bin |<GostR3410-2001-keyagree.bin
9.3 Enveloped message using Key Transport 9.3 Enveloped message using Key Transport
This message is encrypted using the sample certificate from section
4.2 of [CPPK] as a recipient certificate. The private key 'd' from
the same section can be used to decrypt this message.
0 423: SEQUENCE { 0 423: SEQUENCE {
4 9: OBJECT IDENTIFIER envelopedData 4 9: OBJECT IDENTIFIER envelopedData
15 408: [0] { 15 408: [0] {
19 404: SEQUENCE { 19 404: SEQUENCE {
23 1: INTEGER 0 23 1: INTEGER 0
26 339: SET { 26 339: SET {
30 335: SEQUENCE { 30 335: SEQUENCE {
34 1: INTEGER 0 34 1: INTEGER 0
37 129: SEQUENCE { 37 129: SEQUENCE {
40 109: SEQUENCE { 40 109: SEQUENCE {
skipping to change at page 19, line 6 skipping to change at page 19, line 20
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
id-CryptoPro-algorithms, id-CryptoPro-algorithms,
gost28147-89-EncryptionSyntax, gost28147-89-EncryptionSyntax,
gostR3410-94-PKISyntax, gostR3410-94-PKISyntax,
gostR3410-2001-PKISyntax, gostR3410-2001-PKISyntax,
ALGORITHM-IDENTIFIER, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions -- in [CPALGS]
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-GostR3410-94 id-GostR3410-94
FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax FROM GostR3410-94-PKISyntax -- in [CPALGS]
gostR3410-94-PKISyntax
id-GostR3410-2001 id-GostR3410-2001
FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax FROM GostR3410-2001-PKISyntax -- in [CPALGS]
gostR3410-2001-PKISyntax
Gost28147-89-ParamSet, Gost28147-89-ParamSet,
Gost28147-89-EncryptedKey Gost28147-89-EncryptedKey
FROM Gost28147-89-EncryptionSyntax FROM Gost28147-89-EncryptionSyntax -- in [CPALGS]
gost28147-89-EncryptionSyntax gost28147-89-EncryptionSyntax
SubjectPublicKeyInfo SubjectPublicKeyInfo
FROM PKIX1Explicit88 {iso(1) identified-organization(3) FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)} id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- CMS/PKCS#7 key agreement algorithms & parameters -- CMS/PKCS#7 key agreement algorithms & parameters
Gost28147-89-KeyWrapParameters ::= Gost28147-89-KeyWrapParameters ::=
SEQUENCE { SEQUENCE {
encryptionParamSet Gost28147-89-ParamSet encryptionParamSet Gost28147-89-ParamSet,
ukm OCTET STRING (SIZE (8)) OPTIONAL
} }
id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::= id-Gost28147-89-CryptoPro-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) } { id-CryptoPro-algorithms keyWrap(13) cryptoPro(1) }
id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::= id-Gost28147-89-None-KeyWrap OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms keyWrap(13) none(0) } { id-CryptoPro-algorithms keyWrap(13) none(0) }
Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= { Gost28147-89-KeyWrapAlgorithms ALGORITHM-IDENTIFIER ::= {
{ Gost28147-89-KeyWrapParameters IDENTIFIED BY { Gost28147-89-KeyWrapParameters IDENTIFIED BY
id-Gost28147-89-CryptoPro-KeyWrap } | id-Gost28147-89-CryptoPro-KeyWrap } |
{ Gost28147-89-KeyWrapParameters IDENTIFIED BY { Gost28147-89-KeyWrapParameters IDENTIFIED BY
id-Gost28147-89-None-KeyWrap } id-Gost28147-89-None-KeyWrap }
skipping to change at page 20, line 46 skipping to change at page 21, line 15
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
gostR3410-94-PKISyntax, ALGORITHM-IDENTIFIER, gostR3410-94-PKISyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions -- in [CPALGS]
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-GostR3410-94, id-GostR3410-94,
GostR3410-94-PublicKeyParameters GostR3410-94-PublicKeyParameters
FROM GostR3410-94-PKISyntax gostR3410-94-PKISyntax FROM GostR3410-94-PKISyntax -- in [CPALGS]
gostR3410-94-PKISyntax
; ;
-- GOST R 34.10-94 signature data type -- GOST R 34.10-94 signature data type
GostR3410-94-Signature ::= GostR3410-94-Signature ::=
OCTET STRING (SIZE (64)) OCTET STRING (SIZE (64))
-- GOST R 34.10-94 signature algorithm & parameters -- GOST R 34.10-94 signature algorithm & parameters
GostR3410-94-CMSSignatureAlgorithms ALGORITHM-IDENTIFIER ::= { GostR3410-94-CMSSignatureAlgorithms ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3410-94 } id-GostR3410-94 }
} }
skipping to change at page 21, line 36 skipping to change at page 22, line 5
-- use in the other ASN.1 modules contained within the Russian -- use in the other ASN.1 modules contained within the Russian
-- Cryptography "GOST" & "GOST R" Specifications, and for the use -- Cryptography "GOST" & "GOST R" Specifications, and for the use
-- of other applications which will use them to access Russian -- of other applications which will use them to access Russian
-- Cryptography services. Other applications may use them for -- Cryptography services. Other applications may use them for
-- their own purposes, but this will not constrain extensions and -- their own purposes, but this will not constrain extensions and
-- modifications needed to maintain or improve the Russian -- modifications needed to maintain or improve the Russian
-- Cryptography service. -- Cryptography service.
IMPORTS IMPORTS
gostR3410-2001-PKISyntax, ALGORITHM-IDENTIFIER, gostR3410-2001-PKISyntax, ALGORITHM-IDENTIFIER,
cryptographic-Gost-Useful-Definitions cryptographic-Gost-Useful-Definitions
FROM Cryptographic-Gost-Useful-Definitions FROM Cryptographic-Gost-Useful-Definitions -- in [CPALGS]
{ iso(1) member-body(2) ru(643) rans(2) { iso(1) member-body(2) ru(643) rans(2)
cryptopro(2) other(1) modules(1) cryptopro(2) other(1) modules(1)
cryptographic-Gost-Useful-Definitions(0) 1 } cryptographic-Gost-Useful-Definitions(0) 1 }
id-GostR3410-2001, id-GostR3410-2001,
GostR3410-2001-PublicKeyParameters GostR3410-2001-PublicKeyParameters -- in [CPALGS]
FROM GostR3410-2001-PKISyntax gostR3410-2001-PKISyntax FROM GostR3410-2001-PKISyntax
gostR3410-2001-PKISyntax
; ;
-- GOST R 34.10-2001 signature data type -- GOST R 34.10-2001 signature data type
GostR3410-2001-Signature ::= GostR3410-2001-Signature ::=
OCTET STRING (SIZE (64)) OCTET STRING (SIZE (64))
-- GOST R 34.10-2001 signature algorithms and parameters -- GOST R 34.10-2001 signature algorithms and parameters
GostR3410-2001-CMSSignatureAlgorithms GostR3410-2001-CMSSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
skipping to change at page 23, line 4 skipping to change at page 23, line 20
Standard of Russian Federation, Government Committee of Standard of Russian Federation, Government Committee of
the Russia for Standards, 2001. (In Russian); the Russia for Standards, 2001. (In Russian);
[GOSTR341194] "Information technology. Cryptographic Data Security. [GOSTR341194] "Information technology. Cryptographic Data Security.
Hashing function.", GOST R 34.10-94, Gosudarstvennyi Hashing function.", GOST R 34.10-94, Gosudarstvennyi
Standard of Russian Federation, Government Committee of Standard of Russian Federation, Government Committee of
the Russia for Standards, 1994. (In Russian); the Russia for Standards, 1994. (In Russian);
[CMS] R. Housley, "Cryptographic Message Syntax", RFC 3369, [CMS] R. Housley, "Cryptographic Message Syntax", RFC 3369,
August 2002 August 2002
[PROFILE] Housley, R., Polk, W., Ford, W. and D. Solo, "Internet
X.509 Public Key Infrastructure: Certificate and CRL
Profile", RFC 3280, April 2002.
[RFC 3851] B. Ramsdell, "Secure/Multipurpose Internet Mail Exten- [RFC 3851] B. Ramsdell, "Secure/Multipurpose Internet Mail Exten-
sions (S/MIME) Version 3.1 Message Specification", RFC sions (S/MIME) Version 3.1 Message Specification", RFC
3851. July 2004 3851. July 2004
[X.208-88] CCITT. Recommendation X.208: Specification of Abstract [X.208-88] CCITT. Recommendation X.208: Specification of Abstract
Syntax Notation One (ASN.1). 1988. Syntax Notation One (ASN.1). 1988.
[X.209-88] CCITT. Recommendation X.209: Specification of Basic [X.209-88] CCITT. Recommendation X.209: Specification of Basic
Encoding Rules for Abstract Syntax Notation One Encoding Rules for Abstract Syntax Notation One
(ASN.1). 1988. (ASN.1). 1988.
skipping to change at page 24, line 9 skipping to change at page 24, line 29
company products and solutions, and also for technical consulting company products and solutions, and also for technical consulting
in PKI. in PKI.
RSA Security Russia and Demos Co Ltd for active collaboration and RSA Security Russia and Demos Co Ltd for active collaboration and
critical help in creation of this document. critical help in creation of this document.
Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and Russ Hously (Vigil Security, LLC, housley@vigilsec.com) and
Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative, Vasilij Sakharov (DEMOS Co Ltd, svp@dol.ru) for initiative,
creating this document. creating this document.
This document is based on a contribution of CRYPTO-PRO Company. Any
substantial use of the text from this document must acknowledge
CRYPTO-PRO. CRYPTO-PRO requests that all material mentioning or
referencing this document identify this as "CRYPTO-PRO CPCMS".
Author's Addresses Author's Addresses
Serguei Leontiev Serguei Leontiev
CRYPTO-PRO CRYPTO-PRO
38, Obraztsova, 38, Obraztsova,
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: lse@cryptopro.ru EMail: lse@cryptopro.ru
Vladimir Popov Vladimir Popov
CRYPTO-PRO CRYPTO-PRO
 End of changes. 22 change blocks. 
26 lines changed or deleted 44 lines changed or added

This html diff was produced by rfcdiff 1.28, available from http://www.levkowetz.com/ietf/tools/rfcdiff/