draft-ietf-smime-sha2-07.txt | draft-ietf-smime-sha2-08.txt | |||
---|---|---|---|---|

S/MIME WG Sean Turner, IECA | S/MIME WG Sean Turner, IECA | |||

Intended Status: Standard Track | Intended Status: Standard Track | |||

Expires: March 18, 2009 | Expires: March 24, 2009 | |||

Using SHA2 Algorithms with Cryptographic Message Syntax | Using SHA2 Algorithms with Cryptographic Message Syntax | |||

draft-ietf-smime-sha2-07.txt | draft-ietf-smime-sha2-08.txt | |||

Status of this Memo | Status of this Memo | |||

By submitting this Internet-Draft, each author represents that any | By submitting this Internet-Draft, each author represents that any | |||

applicable patent or other IPR claims of which he or she is aware | applicable patent or other IPR claims of which he or she is aware | |||

have been or will be disclosed, and any of which he or she becomes | have been or will be disclosed, and any of which he or she becomes | |||

aware will be disclosed, in accordance with Section 6 of BCP 79. | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||

Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||

Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||

skipping to change at page 1, line 33 | skipping to change at page 1, line 33 | |||

and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||

time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||

material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||

The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||

http://www.ietf.org/ietf/1id-abstracts.txt | http://www.ietf.org/ietf/1id-abstracts.txt | |||

The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||

http://www.ietf.org/shadow.html | http://www.ietf.org/shadow.html | |||

This Internet-Draft will expire on March 18, 2008. | This Internet-Draft will expire on March 24, 2008. | |||

Copyright Notice | Copyright Notice | |||

Copyright (C) The IETF Trust (2008). | Copyright (C) The IETF Trust (2008). | |||

Abstract | Abstract | |||

This document describes the conventions for using the Secure Hash | This document describes the conventions for using the Secure Hash | |||

Algorithm (SHA) message digest algorithms (SHA-224, SHA-256, SHA-384, | Algorithm (SHA) message digest algorithms (SHA-224, SHA-256, SHA-384, | |||

SHA-512) with the Cryptographic Message Syntax (CMS). It also | SHA-512) with the Cryptographic Message Syntax (CMS). It also | |||

skipping to change at page 2, line 13 | skipping to change at page 2, line 13 | |||

Elliptic Curve DSA (ECDSA) signature algorithms. | Elliptic Curve DSA (ECDSA) signature algorithms. | |||

Conventions used in this document | Conventions used in this document | |||

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||

"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||

document are to be interpreted as described in [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||

Table of Contents | Table of Contents | |||

1. Introduction......................................... 2 | 1. Introduction...................................................2 | |||

2. Message Digest Algorithms.............................. 3 | 2. Message Digest Algorithms......................................3 | |||

2.1. SHA-224......................................... 4 | 2.1. SHA-224...................................................4 | |||

2.2. SHA-256......................................... 4 | 2.2. SHA-256...................................................4 | |||

2.3. SHA-384......................................... 4 | 2.3. SHA-384...................................................4 | |||

2.4. SHA-512......................................... 4 | 2.4. SHA-512...................................................4 | |||

3. Signature Algorithms.................................. 5 | 3. Signature Algorithms...........................................5 | |||

3.1. DSA............................................ 5 | 3.1. DSA.......................................................5 | |||

3.2. RSA............................................ 6 | 3.2. RSA.......................................................6 | |||

3.3. ECDSA.......................................... 6 | 3.3. ECDSA.....................................................6 | |||

4. Security Considerations................................ 7 | 4. Security Considerations........................................7 | |||

5. IANA Considerations................................... 7 | 5. IANA Considerations............................................7 | |||

6. References.......................................... 7 | 6. References.....................................................7 | |||

6.1. Normative References.............................. 7 | 6.1. Normative References......................................7 | |||

6.2. Informative References............................ 8 | 6.2. Informative References....................................8 | |||

1. Introduction | 1. Introduction | |||

This document specifies the algorithm identifiers and specifies | This document specifies the algorithm identifiers and specifies | |||

parameters for the message digest algorithms SHA-224, SHA-256, SHA- | parameters for the message digest algorithms SHA-224, SHA-256, SHA- | |||

384, and SHA-512 for use with the Cryptographic Message Syntax (CMS) | 384, and SHA-512 for use with the Cryptographic Message Syntax (CMS) | |||

[RFC3852]. The message digest algorithms are defined in [SHS] and | [RFC3852]. The message digest algorithms are defined in [SHS] and | |||

reference code is provided in [RFC4634]. | reference code is provided in [RFC4634]. | |||

This document also specifies the algorithm identifiers and parameters | This document also specifies the algorithm identifiers and parameters | |||

skipping to change at page 5, line 22 | skipping to change at page 5, line 22 | |||

signatureAlgorithm field of SignedData. Also, signature algorithm | signatureAlgorithm field of SignedData. Also, signature algorithm | |||

identifiers are located in the SignerInfo signatureAlgorithm field of | identifiers are located in the SignerInfo signatureAlgorithm field of | |||

countersignature attributes. | countersignature attributes. | |||

Signature values are located in the SignerInfo signature field of | Signature values are located in the SignerInfo signature field of | |||

SignedData. Also, signature values are located in the SignerInfo | SignedData. Also, signature values are located in the SignerInfo | |||

signature field of countersignature attributes. | signature field of countersignature attributes. | |||

3.1. DSA | 3.1. DSA | |||

[RFC3370] section 3.1 specifies the conventions for DSA with SHA1 | [RFC3370] section 3.1 specifies the conventions for DSA with SHA-1 | |||

public key algorithm identifiers, parameters, public keys, and | public key algorithm identifiers, parameters, public keys, and | |||

signature values. DSA with SHA2 algorithms uses the same conventions | signature values. DSA with SHA2 algorithms uses the same conventions | |||

for these public key algorithm identifiers, parameters, public keys, | for these public key algorithm identifiers, parameters, public keys, | |||

and signature values. DSA MAY be used with SHA-224 and SHA-256. | and signature values. DSA MAY be used with SHA-224 and SHA-256. | |||

DSA has not been specified with SHA-384 and SHA-512. SHA-384 and | DSA has not been specified with SHA-384 and SHA-512. SHA-384 and | |||

SHA-512 are not supported because the maximum bit length of p | SHA-512 are not supported because the maximum bit length of p | |||

(specified as L) is 3072 for DSA. For consistent cryptographic | (specified as L) is 3072 for DSA. For consistent cryptographic | |||

strength, SHA-384 would be used with DSA where L is 7608, and SHA-512 | strength, SHA-384 would be used with DSA where L is 7680, and SHA-512 | |||

would be used with DSA where L is 15360. | would be used with DSA where L is 15360. | |||

The algorithm identifier for DSA with SHA-224 signature values is: | The algorithm identifier for DSA with SHA-224 signature values is: | |||

id-dsa-with-sha224 OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) | id-dsa-with-sha224 OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) | |||

country(16) us(840) organization(1) gov(101) csor(3) | country(16) us(840) organization(1) gov(101) csor(3) | |||

algorithms(4) id-dsa-with-sha2(3) 1 } | algorithms(4) id-dsa-with-sha2(3) 1 } | |||

The algorithm identifier for DSA with SHA-256 signature values is: | The algorithm identifier for DSA with SHA-256 signature values is: | |||

skipping to change at page 6, line 40 | skipping to change at page 6, line 40 | |||

sha512WithRSAEncryption OBJECT IDENTIFIER ::= { iso(1) | sha512WithRSAEncryption OBJECT IDENTIFIER ::= { iso(1) | |||

member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 13 } | member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 13 } | |||

When any of these four object identifiers appears within an | When any of these four object identifiers appears within an | |||

AlgorithmIdentifier, the parameters MUST be NULL. Implementations | AlgorithmIdentifier, the parameters MUST be NULL. Implementations | |||

MUST accept the parameters being absent as well as present. | MUST accept the parameters being absent as well as present. | |||

3.3. ECDSA | 3.3. ECDSA | |||

[RFC3278] section 2.1 specifies the conventions for ECDSA with SHA1 | [RFC3278] section 2.1 specifies the conventions for ECDSA with SHA-1 | |||

public key algorithm identifiers, parameters, public keys, and | public key algorithm identifiers, parameters, public keys, and | |||

signature values. ECDSA with SHA2 algorithms uses the same | signature values. ECDSA with SHA2 algorithms uses the same | |||

conventions for these public key algorithm identifiers, parameters, | conventions for these public key algorithm identifiers, parameters, | |||

public keys, and signature values, except that the digestAlgorithm | public keys, and signature values, except that the digestAlgorithm | |||

MUST include the corresponding message digest algorithm identifier, | MUST include the corresponding message digest algorithm identifier, | |||

and not the sha-1 object identifier. ECDSA MAY be used with SHA-224, | and not the sha-1 object identifier. ECDSA MAY be used with SHA-224, | |||

SHA-256, SHA-384, or SHA-512. | SHA-256, SHA-384, or SHA-512. | |||

The algorithm identifier for ECDSA with SHA-224 signature values is: | The algorithm identifier for ECDSA with SHA-224 signature values is: | |||

End of changes. 7 change blocks. | ||||

21 lines changed or deleted | | 21 lines changed or added | ||

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ |