draft-ietf-smime-ibearch-07.txt   draft-ietf-smime-ibearch-08.txt 
G. Appenzeller G. Appenzeller
Stanford University Stanford University
S/MIME Working Group L. Martin S/MIME Working Group L. Martin
Internet Draft Voltage Security Internet Draft Voltage Security
Intended status: Standards Track M. Schertler Intended status: Standards Track M. Schertler
Expires: February 2009 Tumbleweed Communications Expires: March 2009 Tumbleweed Communications
August 2008 September 2008
Identity-based Encryption Architecture and Supporting Data Identity-based Encryption Architecture and Supporting Data
Structures Structures
<draft-ietf-smime-ibearch-07.txt> <draft-ietf-smime-ibearch-08.txt>
Status of this Document Status of this Document
By submitting this Internet-Draft, each author represents By submitting this Internet-Draft, each author represents
that any applicable patent or other IPR claims of which he that any applicable patent or other IPR claims of which he
or she is aware have been or will be disclosed, and any of or she is aware have been or will be disclosed, and any of
which he or she becomes aware will be disclosed, in which he or she becomes aware will be disclosed, in
accordance with Section 6 of BCP 79. accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Internet-Drafts are working documents of the Internet
skipping to change at page 7, line 6 skipping to change at page 7, line 6
The sender of a message obtains the IBE public parameters The sender of a message obtains the IBE public parameters
that he needs from a PPS that is hosted at a well-known URI that he needs from a PPS that is hosted at a well-known URI
or IRI. The IBE public parameters contain all of the or IRI. The IBE public parameters contain all of the
information that the sender needs to create an IBE- information that the sender needs to create an IBE-
encrypted message except for the identity of the recipient. encrypted message except for the identity of the recipient.
Section 4 of this document describes the URI [URI] or IRI Section 4 of this document describes the URI [URI] or IRI
[IRI] of a PPS, the format of IBE public parameters, and [IRI] of a PPS, the format of IBE public parameters, and
how to obtain them from a PPS. The URI or IRI from which how to obtain them from a PPS. The URI or IRI from which
users obtain IBE public parameters MUST be authenticated in users obtain IBE public parameters MUST be authenticated in
some way. PPS servers MUST support TLS 1.1 [TLS] to satisfy some way. PPS servers MUST support TLS 1.1 [TLS] to satisfy
this requirement. This step is shown below in Figure 1. this requirement and SHOULD support its successors. This
step is shown below in Figure 1.
IBE Public Parameter Request IBE Public Parameter Request
-----------------------------> ----------------------------->
Sender PPS Sender PPS
<----------------------------- <-----------------------------
IBE Public Parameters IBE Public Parameters
Figure 1 Requesting IBE Public Parameters Figure 1 Requesting IBE Public Parameters
The sender of an IBE-encrypted message selects the PPS and The sender of an IBE-encrypted message selects the PPS and
skipping to change at page 13, line 29 skipping to change at page 13, line 29
the previously-used districtSerial. the previously-used districtSerial.
The validity field defines lifetime of a specific instance The validity field defines lifetime of a specific instance
of the IBESysParams and is defined to be the following: of the IBESysParams and is defined to be the following:
ValidityPeriod ::= SEQUENCE { ValidityPeriod ::= SEQUENCE {
notBefore GeneralizedTime, notBefore GeneralizedTime,
notAfter GeneralizedTime notAfter GeneralizedTime
} }
The values of notBefore and netAfter MUST be expressed in
Greenwich Mean Time(Zulu), MUST include seconds (i.e. times
are always YYYYMMDDHHMMSSZ), even where the number of
seconds is equal to zero and MUST be expressed to the
nearest second.
A client MUST verify that the date on which it uses the IBE A client MUST verify that the date on which it uses the IBE
public parameters falls between the notBefore time and the public parameters falls between the notBefore time and the
notAfter time of the IBE public parameters and MUST NOT use notAfter time of the IBE public parameters and MUST NOT use
the parameters for IBE encryption operations if they do the parameters for IBE encryption operations if they do
not. not.
IBE public parameters MUST be regenerated and republished IBE public parameters MUST be regenerated and republished
whenever the values of ibePublicParameters, whenever the values of ibePublicParameters,
ibeIdentityType, or ibeParamExtensions change for a ibeIdentityType, or ibeParamExtensions change for a
district. A client SHOULD refetch the IBE public parameters district. A client SHOULD refetch the IBE public parameters
 End of changes. 4 change blocks. 
4 lines changed or deleted 11 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/