draft-ietf-lamps-cmp-updates-16.txt   draft-ietf-lamps-cmp-updates-17.txt 
LAMPS Working Group H. Brockhaus, Ed. LAMPS Working Group H. Brockhaus, Ed.
Internet-Draft D. von Oheimb Internet-Draft D. von Oheimb
Updates: 4210, 5912, 6712 (if approved) Siemens Updates: 4210, 5912, 6712 (if approved) Siemens
Intended status: Standards Track J. Gray Intended status: Standards Track J. Gray
Expires: 25 June 2022 Entrust Expires: 16 July 2022 Entrust
22 December 2021 12 January 2022
Certificate Management Protocol (CMP) Updates Certificate Management Protocol (CMP) Updates
draft-ietf-lamps-cmp-updates-16 draft-ietf-lamps-cmp-updates-17
Abstract Abstract
This document contains a set of updates to the syntax and transfer of This document contains a set of updates to the syntax and transfer of
Certificate Management Protocol (CMP) version 2. This document Certificate Management Protocol (CMP) version 2. This document
updates RFC 4210, RFC 5912, and RFC 6712. updates RFC 4210, RFC 5912, and RFC 6712.
The aspects of CMP updated in this document are using EnvelopedData The aspects of CMP updated in this document are using EnvelopedData
instead of EncryptedValue, clarifying the handling of p10cr messages, instead of EncryptedValue, clarifying the handling of p10cr messages,
improving the crypto agility, as well as adding new general message improving the crypto agility, as well as adding new general message
skipping to change at page 1, line 49 skipping to change at page 1, line 49
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 25 June 2022. This Internet-Draft will expire on 16 July 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License. provided without warranty as described in the Revised BSD License.
This document may contain material from IETF Documents or IETF
Contributions published or made publicly available before November
10, 2008. The person(s) controlling the copyright in some of this
material may not have granted the IETF Trust the right to allow
modifications of such material outside the IETF Standards Process.
Without obtaining an adequate license from the person(s) controlling
the copyright in such materials, this document may not be modified
outside the IETF Standards Process, and derivative works of it may
not be created outside the IETF Standards Process, except to format
it for publication as an RFC or to translate it into languages other
than English.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Convention and Terminology . . . . . . . . . . . . . . . 4 1.1. Convention and Terminology . . . . . . . . . . . . . . . 4
2. Updates to RFC 4210 - Certificate Management Protocol 2. Updates to RFC 4210 - Certificate Management Protocol
(CMP) . . . . . . . . . . . . . . . . . . . . . . . . . . 4 (CMP) . . . . . . . . . . . . . . . . . . . . . . . . . . 4
2.1. New Section 1.1. - Changes since RFC 4210 . . . . . . . . 4 2.1. New Section 1.1. - Changes since RFC 4210 . . . . . . . . 4
2.2. New Section 4.5 - Extended Key Usage . . . . . . . . . . 5 2.2. New Section 4.5 - Extended Key Usage . . . . . . . . . . 5
2.3. Update Section 5.1.1. - PKI Message Header . . . . . . . 7 2.3. Update Section 5.1.1. - PKI Message Header . . . . . . . 7
2.4. New Section 5.1.1.3. - CertProfile . . . . . . . . . . . 7 2.4. New Section 5.1.1.3. - CertProfile . . . . . . . . . . . 7
skipping to change at page 3, line 39 skipping to change at page 3, line 29
3.2. New Section 1.1. - Changes since RFC 6712 . . . . . . . . 31 3.2. New Section 1.1. - Changes since RFC 6712 . . . . . . . . 31
3.3. Replace Section 3.6. - HTTP Request-URI . . . . . . . . . 31 3.3. Replace Section 3.6. - HTTP Request-URI . . . . . . . . . 31
3.4. Update Section 6. - IANA Considerations . . . . . . . . . 32 3.4. Update Section 6. - IANA Considerations . . . . . . . . . 32
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32
5. Security Considerations . . . . . . . . . . . . . . . . . . . 33 5. Security Considerations . . . . . . . . . . . . . . . . . . . 33
6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 33 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 33
7. References . . . . . . . . . . . . . . . . . . . . . . . . . 33 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 33
7.1. Normative References . . . . . . . . . . . . . . . . . . 33 7.1. Normative References . . . . . . . . . . . . . . . . . . 33
7.2. Informative References . . . . . . . . . . . . . . . . . 35 7.2. Informative References . . . . . . . . . . . . . . . . . 35
Appendix A. ASN.1 Modules . . . . . . . . . . . . . . . . . . . 36 Appendix A. ASN.1 Modules . . . . . . . . . . . . . . . . . . . 36
A.1. 1988 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 36 A.1. 1988 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 37
A.2. 2002 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 50 A.2. 2002 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 50
Appendix B. History of changes . . . . . . . . . . . . . . . . . 63 Appendix B. History of changes . . . . . . . . . . . . . . . . . 64
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 69 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 69
1. Introduction 1. Introduction
While using CMP [RFC4210] in industrial and IoT environments and While using CMP [RFC4210] in industrial and IoT environments and
developing the Lightweight CMP Profile developing the Lightweight CMP Profile
[I-D.ietf-lamps-lightweight-cmp-profile] some limitations were [I-D.ietf-lamps-lightweight-cmp-profile] some limitations were
identified in the original CMP specification. This document updates identified in the original CMP specification. This document updates
RFC 4210 [RFC4210] and RFC 6712 [RFC6712] to overcome these RFC 4210 [RFC4210] and RFC 6712 [RFC6712] to overcome these
limitations. limitations.
skipping to change at page 12, line 17 skipping to change at page 12, line 17
OPTIONAL, OPTIONAL,
response SEQUENCE OF CertResponse response SEQUENCE OF CertResponse
} }
CertResponse ::= SEQUENCE { CertResponse ::= SEQUENCE {
certReqId INTEGER, certReqId INTEGER,
status PKIStatusInfo, status PKIStatusInfo,
certifiedKeyPair CertifiedKeyPair OPTIONAL, certifiedKeyPair CertifiedKeyPair OPTIONAL,
rspInfo OCTET STRING OPTIONAL rspInfo OCTET STRING OPTIONAL
-- analogous to the id-regInfo-utf8Pairs string defined -- analogous to the id-regInfo-utf8Pairs string defined
-- for regInfo in CertReqMsg [CRMF] -- for regInfo in CertReqMsg [RFC4211]
} }
CertifiedKeyPair ::= SEQUENCE { CertifiedKeyPair ::= SEQUENCE {
certOrEncCert CertOrEncCert, certOrEncCert CertOrEncCert,
privateKey [0] EncryptedKey OPTIONAL, privateKey [0] EncryptedKey OPTIONAL,
-- see [CRMF] for comment on encoding -- see [RFC4211] for comment on encoding
publicationInfo [1] PKIPublicationInfo OPTIONAL publicationInfo [1] PKIPublicationInfo OPTIONAL
} }
CertOrEncCert ::= CHOICE { CertOrEncCert ::= CHOICE {
certificate [0] CMPCertificate, certificate [0] CMPCertificate,
encryptedCert [1] EncryptedKey encryptedCert [1] EncryptedKey
} }
Add the following as a new paragraph right after the ASN.1 syntax: Add the following as a new paragraph right after the ASN.1 syntax:
skipping to change at page 29, line 7 skipping to change at page 29, line 7
[RFC4210] to utilize the parent structure EncryptedKey instead of [RFC4210] to utilize the parent structure EncryptedKey instead of
EncryptedValue as described in Section 2.7 above, the description is EncryptedValue as described in Section 2.7 above, the description is
updated accordingly. updated accordingly.
Replace the comment within the ASN.1 syntax coming after the Replace the comment within the ASN.1 syntax coming after the
definition of POPOSigningKey with the following text (Note: This definition of POPOSigningKey with the following text (Note: This
fixes Errata ID 2615): fixes Errata ID 2615):
-- ********** -- **********
-- * For the purposes of this specification, the ASN.1 comment -- * For the purposes of this specification, the ASN.1 comment
-- * given in [CRMF] pertains not only to certTemplate, but -- * given in [RFC4211] pertains not only to certTemplate, but
-- * also to the altCertTemplate control. -- * also to the altCertTemplate control.
-- ********** -- **********
-- * The signature (using "algorithmIdentifier") is on the -- * The signature (using "algorithmIdentifier") is on the
-- * DER-encoded value of poposkInput (i.e., the "value" OCTETs -- * DER-encoded value of poposkInput (i.e., the "value" OCTETs
-- * of the POPOSigningKeyInput DER). NOTE: If CertReqMsg -- * of the POPOSigningKeyInput DER). NOTE: If CertReqMsg
-- * certReq certTemplate (or the altCertTemplate control) -- * certReq certTemplate (or the altCertTemplate control)
-- * contains the subject and publicKey values, then poposkInput -- * contains the subject and publicKey values, then poposkInput
-- * MUST be omitted and the signature MUST be computed on the -- * MUST be omitted and the signature MUST be computed on the
-- * DER-encoded value of CertReqMsg certReq (or the DER- -- * DER-encoded value of CertReqMsg certReq (or the DER-
-- * encoded value of AltCertTemplate). If -- * encoded value of AltCertTemplate). If
skipping to change at page 31, line 9 skipping to change at page 31, line 9
To indicate and explain why delayed delivery of all kinds of To indicate and explain why delayed delivery of all kinds of
PKIMessages may be handled at transfer level and/or at CMP level, the PKIMessages may be handled at transfer level and/or at CMP level, the
introduction of RFC 6712 [RFC6712] is updated. introduction of RFC 6712 [RFC6712] is updated.
Replace the third paragraph of this section with the following text: Replace the third paragraph of this section with the following text:
In addition to reliable transport, CMP requires connection and error In addition to reliable transport, CMP requires connection and error
handling from the transfer protocol, which is all covered by HTTP. handling from the transfer protocol, which is all covered by HTTP.
Moreover, delayed delivery of CMP response messages may be handled at Moreover, delayed delivery of CMP response messages may be handled at
transfer level regardless of the message contents. Since CMP Updates transfer level regardless of the message contents. Since CMP Updates
[I-D.ietf-lamps-cmp-updates] extends the polling mechanism specified [thisRFC] extends the polling mechanism specified in the second
in the second version of CMP [RFC4210] to cover all types of PKI version of CMP [RFC4210] to cover all types of PKI management
management transactions, delays detected at application level may transactions, delays detected at application level may also be
also be handled within CMP, using pollReq and pollReq messages. handled within CMP, using pollReq and pollReq messages.
3.2. New Section 1.1. - Changes since RFC 6712 3.2. New Section 1.1. - Changes since RFC 6712
The following subsection describes feature updates to RFC 6712 The following subsection describes feature updates to RFC 6712
[RFC6712]. They are related to the base specification. Hence [RFC6712]. They are related to the base specification. Hence
references to the original sections in RFC 6712 [RFC6712] are used references to the original sections in RFC 6712 [RFC6712] are used
whenever possible. whenever possible.
Insert this section at the end of the current Section 1: Insert this section at the end of the current Section 1:
skipping to change at page 33, line 30 skipping to change at page 33, line 30
feedback. feedback.
7. References 7. References
7.1. Normative References 7.1. Normative References
[I-D.ietf-lamps-cmp-algorithms] [I-D.ietf-lamps-cmp-algorithms]
Brockhaus, H., Aschauer, H., Ounsworth, M., and J. Gray, Brockhaus, H., Aschauer, H., Ounsworth, M., and J. Gray,
"Certificate Management Protocol (CMP) Algorithms", Work "Certificate Management Protocol (CMP) Algorithms", Work
in Progress, Internet-Draft, draft-ietf-lamps-cmp- in Progress, Internet-Draft, draft-ietf-lamps-cmp-
algorithms-08, 17 November 2021, algorithms-09, 22 December 2021,
<https://datatracker.ietf.org/doc/html/draft-ietf-lamps- <https://datatracker.ietf.org/doc/html/draft-ietf-lamps-
cmp-algorithms-08>. cmp-algorithms-09>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC2510] Adams, C. and S. Farrell, "Internet X.509 Public Key [RFC2510] Adams, C. and S. Farrell, "Internet X.509 Public Key
Infrastructure Certificate Management Protocols", Infrastructure Certificate Management Protocols",
RFC 2510, DOI 10.17487/RFC2510, March 1999, RFC 2510, DOI 10.17487/RFC2510, March 1999,
<https://www.rfc-editor.org/info/rfc2510>. <https://www.rfc-editor.org/info/rfc2510>.
skipping to change at page 34, line 5 skipping to change at page 34, line 5
[RFC2985] Nystrom, M. and B. Kaliski, "PKCS #9: Selected Object [RFC2985] Nystrom, M. and B. Kaliski, "PKCS #9: Selected Object
Classes and Attribute Types Version 2.0", RFC 2985, Classes and Attribute Types Version 2.0", RFC 2985,
DOI 10.17487/RFC2985, November 2000, DOI 10.17487/RFC2985, November 2000,
<https://www.rfc-editor.org/info/rfc2985>. <https://www.rfc-editor.org/info/rfc2985>.
[RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification
Request Syntax Specification Version 1.7", RFC 2986, Request Syntax Specification Version 1.7", RFC 2986,
DOI 10.17487/RFC2986, November 2000, DOI 10.17487/RFC2986, November 2000,
<https://www.rfc-editor.org/info/rfc2986>. <https://www.rfc-editor.org/info/rfc2986>.
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
10646", STD 63, RFC 3629, DOI 10.17487/RFC3629, November
2003, <https://www.rfc-editor.org/info/rfc3629>.
[RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen, [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen,
"Internet X.509 Public Key Infrastructure Certificate "Internet X.509 Public Key Infrastructure Certificate
Management Protocol (CMP)", RFC 4210, Management Protocol (CMP)", RFC 4210,
DOI 10.17487/RFC4210, September 2005, DOI 10.17487/RFC4210, September 2005,
<https://www.rfc-editor.org/info/rfc4210>. <https://www.rfc-editor.org/info/rfc4210>.
[RFC4211] Schaad, J., "Internet X.509 Public Key Infrastructure [RFC4211] Schaad, J., "Internet X.509 Public Key Infrastructure
Certificate Request Message Format (CRMF)", RFC 4211, Certificate Request Message Format (CRMF)", RFC 4211,
DOI 10.17487/RFC4211, September 2005, DOI 10.17487/RFC4211, September 2005,
<https://www.rfc-editor.org/info/rfc4211>. <https://www.rfc-editor.org/info/rfc4211>.
skipping to change at page 34, line 31 skipping to change at page 34, line 35
[RFC5480] Turner, S., Brown, D., Yiu, K., Housley, R., and T. Polk, [RFC5480] Turner, S., Brown, D., Yiu, K., Housley, R., and T. Polk,
"Elliptic Curve Cryptography Subject Public Key "Elliptic Curve Cryptography Subject Public Key
Information", RFC 5480, DOI 10.17487/RFC5480, March 2009, Information", RFC 5480, DOI 10.17487/RFC5480, March 2009,
<https://www.rfc-editor.org/info/rfc5480>. <https://www.rfc-editor.org/info/rfc5480>.
[RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70, [RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70,
RFC 5652, DOI 10.17487/RFC5652, September 2009, RFC 5652, DOI 10.17487/RFC5652, September 2009,
<https://www.rfc-editor.org/info/rfc5652>. <https://www.rfc-editor.org/info/rfc5652>.
[RFC5912] Hoffman, P. and J. Schaad, "New ASN.1 Modules for the
Public Key Infrastructure Using X.509 (PKIX)", RFC 5912,
DOI 10.17487/RFC5912, June 2010,
<https://www.rfc-editor.org/info/rfc5912>.
[RFC5958] Turner, S., "Asymmetric Key Packages", RFC 5958, [RFC5958] Turner, S., "Asymmetric Key Packages", RFC 5958,
DOI 10.17487/RFC5958, August 2010, DOI 10.17487/RFC5958, August 2010,
<https://www.rfc-editor.org/info/rfc5958>. <https://www.rfc-editor.org/info/rfc5958>.
[RFC6402] Schaad, J., "Certificate Management over CMS (CMC) [RFC6402] Schaad, J., "Certificate Management over CMS (CMC)
Updates", RFC 6402, DOI 10.17487/RFC6402, November 2011, Updates", RFC 6402, DOI 10.17487/RFC6402, November 2011,
<https://www.rfc-editor.org/info/rfc6402>. <https://www.rfc-editor.org/info/rfc6402>.
[RFC6712] Kause, T. and M. Peylo, "Internet X.509 Public Key [RFC6712] Kause, T. and M. Peylo, "Internet X.509 Public Key
Infrastructure -- HTTP Transfer for the Certificate Infrastructure -- HTTP Transfer for the Certificate
skipping to change at page 35, line 26 skipping to change at page 35, line 26
<https://www.rfc-editor.org/info/rfc8933>. <https://www.rfc-editor.org/info/rfc8933>.
[RFC9045] Housley, R., "Algorithm Requirements Update to the [RFC9045] Housley, R., "Algorithm Requirements Update to the
Internet X.509 Public Key Infrastructure Certificate Internet X.509 Public Key Infrastructure Certificate
Request Message Format (CRMF)", RFC 9045, Request Message Format (CRMF)", RFC 9045,
DOI 10.17487/RFC9045, June 2021, DOI 10.17487/RFC9045, June 2021,
<https://www.rfc-editor.org/info/rfc9045>. <https://www.rfc-editor.org/info/rfc9045>.
7.2. Informative References 7.2. Informative References
[AIS31] Bundesamt für Sicherheit in der Informationstechnik (BSI), [AIS31] Bundesamt fuer Sicherheit in der Informationstechnik
Killmann, W., and W. Schindler, "A proposal for: (BSI), Killmann, W., and W. Schindler, "A proposal for:
Functionality classes for random number generators, Functionality classes for random number generators,
version 2.0", 18 September 2011, version 2.0", 18 September 2011,
<https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/ <https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/
Zertifizierung/Interpretationen/AIS_31_Functionality_class Zertifizierung/Interpretationen/AIS_31_Functionality_class
es_for_random_number_generators_e.pdf>. es_for_random_number_generators_e.pdf>.
[CVE-2008-0166] [CVE-2008-0166]
National Institute of Science and Technology (NIST), National Institute of Science and Technology (NIST),
"National Vulnerability Database - CVE-2008-0166", 13 May "National Vulnerability Database - CVE-2008-0166", 13 May
2008, <https://nvd.nist.gov/vuln/detail/CVE-2008-0166>. 2008, <https://nvd.nist.gov/vuln/detail/CVE-2008-0166>.
[I-D.ietf-lamps-lightweight-cmp-profile] [I-D.ietf-lamps-lightweight-cmp-profile]
Brockhaus, H., Oheimb, D. V., and S. Fries, "Lightweight Brockhaus, H., Oheimb, D. V., and S. Fries, "Lightweight
Certificate Management Protocol (CMP) Profile", Work in Certificate Management Protocol (CMP) Profile", Work in
Progress, Internet-Draft, draft-ietf-lamps-lightweight- Progress, Internet-Draft, draft-ietf-lamps-lightweight-
cmp-profile-08, 19 November 2021, cmp-profile-09, 17 December 2021,
<https://datatracker.ietf.org/doc/html/draft-ietf-lamps- <https://datatracker.ietf.org/doc/html/draft-ietf-lamps-
lightweight-cmp-profile-08>. lightweight-cmp-profile-09>.
[IEEE.802.1AR_2018] [IEEE.802.1AR_2018]
IEEE, "IEEE Standard for Local and metropolitan area IEEE, "IEEE Standard for Local and metropolitan area
networks - Secure Device Identity", IEEE 802.1AR-2018, networks - Secure Device Identity", IEEE 802.1AR-2018,
DOI 10.1109/IEEESTD.2018.8423794, 2 August 2018, DOI 10.1109/IEEESTD.2018.8423794, 2 August 2018,
<https://ieeexplore.ieee.org/document/8423794>. <https://ieeexplore.ieee.org/document/8423794>.
[ISO.20543-2019] [ISO.20543-2019]
International Organization for Standardization (ISO), International Organization for Standardization (ISO),
"Information technology -- Security techniques -- Test and "Information technology -- Security techniques -- Test and
skipping to change at page 36, line 28 skipping to change at page 36, line 28
technical-sessions/presentation/heninger>. technical-sessions/presentation/heninger>.
[NIST.SP.800-90Ar1] [NIST.SP.800-90Ar1]
Barker, Elaine B. and John M. Kelsey, "Recommendation for Barker, Elaine B. and John M. Kelsey, "Recommendation for
Random Number Generation Using Deterministic Random Bit Random Number Generation Using Deterministic Random Bit
Generators", NIST NIST SP 800-90Ar1, Generators", NIST NIST SP 800-90Ar1,
DOI 10.6028/NIST.SP.800-90Ar1, June 2015, DOI 10.6028/NIST.SP.800-90Ar1, June 2015,
<https://nvlpubs.nist.gov/nistpubs/SpecialPublications/ <https://nvlpubs.nist.gov/nistpubs/SpecialPublications/
NIST.SP.800-90Ar1.pdf>. NIST.SP.800-90Ar1.pdf>.
Appendix A. ASN.1 Modules [PKCS11] RSA Laboratories, "The Public-Key Cryptography Standards -
Cryptographic Token Interface Standard. Version 2.10",
December 1999,
<https://www.cryptsoft.com/pkcs11doc/STANDARD/
pkcs11v2-10.pdf>.
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>.
[RFC2202] Cheng, P. and R. Glenn, "Test Cases for HMAC-MD5 and HMAC-
SHA-1", RFC 2202, DOI 10.17487/RFC2202, September 1997,
<https://www.rfc-editor.org/info/rfc2202>.
[RFC5912] Hoffman, P. and J. Schaad, "New ASN.1 Modules for the
Public Key Infrastructure Using X.509 (PKIX)", RFC 5912,
DOI 10.17487/RFC5912, June 2010,
<https://www.rfc-editor.org/info/rfc5912>.
Appendix A. ASN.1 Modules
A.1. 1988 ASN.1 Module A.1. 1988 ASN.1 Module
This section contains the updated ASN.1 module for [RFC4210]. This This section contains the updated ASN.1 module for [RFC4210]. This
module replaces the module in Appendix F of that document. Although module replaces the module in Appendix F of that document. Although
a 2002 ASN.1 module is provided, this 1988 ASN.1 module remains the a 2002 ASN.1 module is provided, this 1988 ASN.1 module remains the
normative module as per the policy of the PKIX working group. normative module as per the policy of the PKIX working group.
PKIXCMP {iso(1) identified-organization(3) PKIXCMP {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-mod-cmp2021-88(99)} id-mod(0) id-mod-cmp2021-88(99)}
skipping to change at page 39, line 4 skipping to change at page 39, line 27
recipNonce [6] OCTET STRING OPTIONAL, recipNonce [6] OCTET STRING OPTIONAL,
-- nonces used to provide replay protection, senderNonce -- nonces used to provide replay protection, senderNonce
-- is inserted by the creator of this message; recipNonce -- is inserted by the creator of this message; recipNonce
-- is a nonce previously inserted in a related message by -- is a nonce previously inserted in a related message by
-- the intended recipient of this message -- the intended recipient of this message
freeText [7] PKIFreeText OPTIONAL, freeText [7] PKIFreeText OPTIONAL,
-- this may be used to indicate context-specific instructions -- this may be used to indicate context-specific instructions
-- (this field is intended for human consumption) -- (this field is intended for human consumption)
generalInfo [8] SEQUENCE SIZE (1..MAX) OF generalInfo [8] SEQUENCE SIZE (1..MAX) OF
InfoTypeAndValue OPTIONAL InfoTypeAndValue OPTIONAL
-- this may be used to convey context-specific information -- this may be used to convey context-specific information
-- (this field not primarily intended for human consumption) -- (this field not primarily intended for human consumption)
} }
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
-- text encoded as UTF-8 String [RFC3629] (note: Each -- text encoded as UTF-8 String [RFC3629]
-- UTF8String MAY include an [RFC3066] language tag
-- to indicate the language of the contained text
-- see [RFC2482] for details)
PKIBody ::= CHOICE { -- message-specific body elements PKIBody ::= CHOICE { -- message-specific body elements
ir [0] CertReqMessages, --Initialization Request ir [0] CertReqMessages, --Initialization Request
ip [1] CertRepMessage, --Initialization Response ip [1] CertRepMessage, --Initialization Response
cr [2] CertReqMessages, --Certification Request cr [2] CertReqMessages, --Certification Request
cp [3] CertRepMessage, --Certification Response cp [3] CertRepMessage, --Certification Response
p10cr [4] CertificationRequest, --imported from [PKCS10] p10cr [4] CertificationRequest, --imported from [RFC2986]
popdecc [5] POPODecKeyChallContent, --pop Challenge popdecc [5] POPODecKeyChallContent, --pop Challenge
popdecr [6] POPODecKeyRespContent, --pop Response popdecr [6] POPODecKeyRespContent, --pop Response
kur [7] CertReqMessages, --Key Update Request kur [7] CertReqMessages, --Key Update Request
kup [8] CertRepMessage, --Key Update Response kup [8] CertRepMessage, --Key Update Response
krr [9] CertReqMessages, --Key Recovery Request krr [9] CertReqMessages, --Key Recovery Request
krp [10] KeyRecRepContent, --Key Recovery Response krp [10] KeyRecRepContent, --Key Recovery Response
rr [11] RevReqContent, --Revocation Request rr [11] RevReqContent, --Revocation Request
rp [12] RevRepContent, --Revocation Response rp [12] RevRepContent, --Revocation Response
ccr [13] CertReqMessages, --Cross-Cert. Request ccr [13] CertReqMessages, --Cross-Cert. Request
ccp [14] CertRepMessage, --Cross-Cert. Response ccp [14] CertRepMessage, --Cross-Cert. Response
skipping to change at page 44, line 8 skipping to change at page 44, line 28
CertResponse ::= SEQUENCE { CertResponse ::= SEQUENCE {
certReqId INTEGER, certReqId INTEGER,
-- to match this response with corresponding request (a value -- to match this response with corresponding request (a value
-- of -1 is to be used if certReqId is not specified in the -- of -1 is to be used if certReqId is not specified in the
-- corresponding request, which can only be a p10cr) -- corresponding request, which can only be a p10cr)
status PKIStatusInfo, status PKIStatusInfo,
certifiedKeyPair CertifiedKeyPair OPTIONAL, certifiedKeyPair CertifiedKeyPair OPTIONAL,
rspInfo OCTET STRING OPTIONAL rspInfo OCTET STRING OPTIONAL
-- analogous to the id-regInfo-utf8Pairs string defined -- analogous to the id-regInfo-utf8Pairs string defined
-- for regInfo in CertReqMsg [CRMF] -- for regInfo in CertReqMsg [RFC4211]
} }
CertifiedKeyPair ::= SEQUENCE { CertifiedKeyPair ::= SEQUENCE {
certOrEncCert CertOrEncCert, certOrEncCert CertOrEncCert,
privateKey [0] EncryptedKey OPTIONAL, privateKey [0] EncryptedKey OPTIONAL,
-- see [CRMF] for comment on encoding -- see [RFC4211] for comment on encoding
-- Changed from Encrypted Value to EncryptedKey as a CHOICE of -- Changed from Encrypted Value to EncryptedKey as a CHOICE of
-- EncryptedValue and EnvelopedData due to the changes made in -- EncryptedValue and EnvelopedData due to the changes made in
-- CMP Updates [thisRFC] -- CMP Updates [thisRFC]
-- Using the choice EncryptedValue is bit-compatible to the -- Using the choice EncryptedValue is bit-compatible to the
-- syntax without this change -- syntax without this change
publicationInfo [1] PKIPublicationInfo OPTIONAL publicationInfo [1] PKIPublicationInfo OPTIONAL
} }
CertOrEncCert ::= CHOICE { CertOrEncCert ::= CHOICE {
certificate [0] CMPCertificate, certificate [0] CMPCertificate,
skipping to change at page 51, line 14 skipping to change at page 51, line 30
-- see also the behavioral clarifications to CRMF codified in -- see also the behavioral clarifications to CRMF codified in
-- Appendix C of this specification -- Appendix C of this specification
CertificationRequest CertificationRequest
FROM PKCS-10 FROM PKCS-10
{iso(1) identified-organization(3) dod(6) internet(1) security(5) {iso(1) identified-organization(3) dod(6) internet(1) security(5)
mechanisms(5) pkix(7) id-mod(0) id-mod-pkcs10-2009(69)} mechanisms(5) pkix(7) id-mod(0) id-mod-pkcs10-2009(69)}
-- (specified in RFC 2986 with 1993 ASN.1 syntax and IMPLICIT -- (specified in RFC 2986 with 1993 ASN.1 syntax and IMPLICIT
-- tags). Alternatively, implementers may directly include -- tags). Alternatively, implementers may directly include
-- the [PKCS10] syntax in this module -- the [RFC2986] syntax in this module
localKeyId localKeyId
FROM PKCS-9 FROM PKCS-9
{iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
modules(0) pkcs-9(1)} modules(0) pkcs-9(1)}
-- The import of localKeyId is added due to the updates made in -- The import of localKeyId is added due to the updates made in
-- CMP Updates [thisRFC] -- CMP Updates [thisRFC]
EnvelopedData, SignedData EnvelopedData, SignedData
FROM CryptographicMessageSyntax-2009 FROM CryptographicMessageSyntax-2009
skipping to change at page 52, line 47 skipping to change at page 53, line 16
freeText [7] PKIFreeText OPTIONAL, freeText [7] PKIFreeText OPTIONAL,
-- this may be used to indicate context-specific instructions -- this may be used to indicate context-specific instructions
-- (this field is intended for human consumption) -- (this field is intended for human consumption)
generalInfo [8] SEQUENCE SIZE (1..MAX) OF generalInfo [8] SEQUENCE SIZE (1..MAX) OF
InfoTypeAndValue OPTIONAL InfoTypeAndValue OPTIONAL
-- this may be used to convey context-specific information -- this may be used to convey context-specific information
-- (this field not primarily intended for human consumption) -- (this field not primarily intended for human consumption)
} }
PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
-- text encoded as UTF-8 String [RFC3629] (note: each -- text encoded as UTF-8 String [RFC3629]
-- UTF8String MAY include an [RFC3066] language tag
-- to indicate the language of the contained text;
-- see [RFC2482] for details)
PKIBody ::= CHOICE { -- message-specific body elements PKIBody ::= CHOICE { -- message-specific body elements
ir [0] CertReqMessages, --Initialization Request ir [0] CertReqMessages, --Initialization Request
ip [1] CertRepMessage, --Initialization Response ip [1] CertRepMessage, --Initialization Response
cr [2] CertReqMessages, --Certification Request cr [2] CertReqMessages, --Certification Request
cp [3] CertRepMessage, --Certification Response cp [3] CertRepMessage, --Certification Response
p10cr [4] CertificationRequest, --imported from [PKCS10] p10cr [4] CertificationRequest, --imported from [RFC2986]
popdecc [5] POPODecKeyChallContent, --pop Challenge popdecc [5] POPODecKeyChallContent, --pop Challenge
popdecr [6] POPODecKeyRespContent, --pop Response popdecr [6] POPODecKeyRespContent, --pop Response
kur [7] CertReqMessages, --Key Update Request kur [7] CertReqMessages, --Key Update Request
kup [8] CertRepMessage, --Key Update Response kup [8] CertRepMessage, --Key Update Response
krr [9] CertReqMessages, --Key Recovery Request krr [9] CertReqMessages, --Key Recovery Request
krp [10] KeyRecRepContent, --Key Recovery Response krp [10] KeyRecRepContent, --Key Recovery Response
rr [11] RevReqContent, --Revocation Request rr [11] RevReqContent, --Revocation Request
rp [12] RevRepContent, --Revocation Response rp [12] RevRepContent, --Revocation Response
ccr [13] CertReqMessages, --Cross-Cert. Request ccr [13] CertReqMessages, --Cross-Cert. Request
ccp [14] CertRepMessage, --Cross-Cert. Response ccp [14] CertRepMessage, --Cross-Cert. Response
skipping to change at page 63, line 43 skipping to change at page 64, line 10
-- id-kp-cmcRA OBJECT IDENTIFIER ::= { id-kp 28 } -- id-kp-cmcRA OBJECT IDENTIFIER ::= { id-kp 28 }
id-kp-cmKGA OBJECT IDENTIFIER ::= { id-kp 32 } id-kp-cmKGA OBJECT IDENTIFIER ::= { id-kp 32 }
END END
Appendix B. History of changes Appendix B. History of changes
Note: This appendix will be deleted in the final version of the Note: This appendix will be deleted in the final version of the
document. document.
From version 16 -> 17:
* Removed the pre-RFC5378 work disclaimer after the RFC 4210 authors
granted BCP78 rights to the IETF Trust
* Removed note on usage of language tags in UTF8String due to
reference to references to outdated/historic RFCs
* Resolved some nits reported by I-D nit checker tool
From version 15 -> 16: From version 15 -> 16:
* Updated IPR disclaimer * Updated IPR disclaimer
From version 14 -> 15: From version 14 -> 15:
* Updated Section 2.16 clarifying the usage of CRLSource (see thread * Updated Section 2.16 clarifying the usage of CRLSource (see thread
"CRL update retrieval - WG Last Call for draft-ietf-lamps-cmp- "CRL update retrieval - WG Last Call for draft-ietf-lamps-cmp-
updates-14 and draft-ietf-lamps-lightweight-cmp-profile-08") updates-14 and draft-ietf-lamps-lightweight-cmp-profile-08")
* Updated Section 2.22 adding further references regarding random * Updated Section 2.22 adding further references regarding random
number generation (see thread "CMP draft WGLC: measuring entropy, number generation (see thread "CMP draft WGLC: measuring entropy,
CA certificates") CA certificates")
* Fixed some nits * Fixed some nits
From version 13 -> 14: From version 13 -> 14:
* Extended id-it-caCerts support message to allow transporting to- * Extended id-it-caCerts support message to allow transporting to-
be-trusted root CA certificates; added respective security be-trusted root CA certificates; added respective security
consideration (see thread "Generalizing the CMP "Get CA consideration (see thread "Generalizing the CMP "Get CA
skipping to change at page 65, line 27 skipping to change at page 65, line 49
* Add Section 2.10 to add an additional hashAlg field to the * Add Section 2.10 to add an additional hashAlg field to the
CertStatus type to support certificates signed with a signature CertStatus type to support certificates signed with a signature
algorithm not explicitly indicating a hash algorithm in the algorithm not explicitly indicating a hash algorithm in the
AlgorithmIdentifier (see thread "Hash algorithm to us for AlgorithmIdentifier (see thread "Hash algorithm to us for
calculating certHash") calculating certHash")
* Added newly registered OIDs and temporarily registered URI suffix * Added newly registered OIDs and temporarily registered URI suffix
* Exchanged the import of CertificationRequest from RFC 2986 to the * Exchanged the import of CertificationRequest from RFC 2986 to the
definition from RFC 6402 Appendix A.1 (see thread "CMP Update of definition from RFC 6402 Appendix A.1 (see thread "CMP Update of
CertificationRequest") CertificationRequest")
* Corrected the definition of LocalKeyIdValue in Appendix A.1 * Corrected the definition of LocalKeyIdValue in Appendix A.1
* Updated new RFC numbers for I-D.ietf-lamps-crmf-update-algs * Updated new RFC numbers for draft-lamps-crmf-update-algs
From version 9 -> 10: From version 9 -> 10:
* Added 1988 ASN.1 syntax for localKeyId attribute to Appendix A.1 * Added 1988 ASN.1 syntax for localKeyId attribute to Appendix A.1
From version 08 -> 09: From version 08 -> 09:
* Deleted specific definition of CMP CA and CMP RA in Section 2.2 * Deleted specific definition of CMP CA and CMP RA in Section 2.2
and only reference RFC 6402 for definition of id-kp-cmcCA and id- and only reference RFC 6402 for definition of id-kp-cmcCA and id-
kp-cmcRA to resolve the ToDo below based on feedback of Tomas kp-cmcRA to resolve the ToDo below based on feedback of Tomas
skipping to change at page 66, line 21 skipping to change at page 66, line 43
CMP-RA CMP-RA
* Added ToDos to Section 2.12 and 2.13 * Added ToDos to Section 2.12 and 2.13
From version 06 -> 07: From version 06 -> 07:
* Added David von Oheimb as co-author * Added David von Oheimb as co-author
* Changed to XML V3 * Changed to XML V3
* Added Section 2.3 to enable a CMP protocol version number 3 in the * Added Section 2.3 to enable a CMP protocol version number 3 in the
PKIHeader for cases where EnvelopedData is to be used (see thread PKIHeader for cases where EnvelopedData is to be used (see thread
"Mail regarding draft-ietf-lamps-cmp-updates"). "Mail regarding draft-ietf-lamps-cmp-updates").
* Added Section 2.4 to refer to [I-D.ietf-lamps-crmf-update-algs] * Added Section 2.4 to refer to draft-ietf-lamps-crmf-update-algs
for the update of id-PasswordBasedMac for PKI message protection for the update of id-PasswordBasedMac for PKI message protection
using passwords or shared secrets. using passwords or shared secrets.
* Updated Section 2.6 to introduce the protocol version number 3 to * Updated Section 2.6 to introduce the protocol version number 3 to
properly indicate support of EnvelopedData instead of properly indicate support of EnvelopedData instead of
EncryptedValue in case a transaction requires use of EnvelopedData EncryptedValue in case a transaction requires use of EnvelopedData
(see thread "Mail regarding draft-ietf-lamps-cmp-updates"). (see thread "Mail regarding draft-ietf-lamps-cmp-updates").
* Update Section 2.14 to make the minimal changes to the respective * Update Section 2.14 to make the minimal changes to the respective
section in CMP more explicit. section in CMP more explicit.
* Added Sections 2.15 and 2.16 to address the new cmp2021 protocol * Added Sections 2.15 and 2.16 to address the new cmp2021 protocol
version in Section 7 Version Negotiation. version in Section 7 Version Negotiation.
* Updated Section 2.17 to add new OIDs for id-regCtrl-algId and id- * Updated Section 2.17 to add new OIDs for id-regCtrl-algId and id-
regCtrl-rsaKeyLen for registration at IANA. regCtrl-rsaKeyLen for registration at IANA.
* Added Section 2.20 to update the general rules of interpretation * Added Section 2.20 to update the general rules of interpretation
in Appendix D.1 regarding the new cmp2021 version. in Appendix D.1 regarding the new cmp2021 version.
* Added Section 2.21 to update the Algorithm Use Profile in * Added Section 2.21 to update the Algorithm Use Profile in
Appendix D.2 with the reference to the new CMP Algorithms document Appendix D.2 with the reference to the new CMP Algorithms document
as decided at IETF 108. as decided at IETF 108.
* Updates Section 3.1 to delete the description of a discovery * Updates Section 3.1 to delete the description of a discovery
 End of changes. 33 change blocks. 
55 lines changed or deleted 62 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/