| draft-ietf-lamps-pkix-shake-07.txt | draft-ietf-lamps-pkix-shake-08.txt | |||
|---|---|---|---|---|
| LAMPS WG P. Kampanakis | LAMPS WG P. Kampanakis | |||
| Internet-Draft Cisco Systems | Internet-Draft Cisco Systems | |||
| Intended status: Standards Track Q. Dang | Intended status: Standards Track Q. Dang | |||
| Expires: July 18, 2019 NIST | Expires: August 4, 2019 NIST | |||
| January 14, 2019 | January 31, 2019 | |||
| Internet X.509 Public Key Infrastructure: Additional Algorithm | Internet X.509 Public Key Infrastructure: Additional Algorithm | |||
| Identifiers for RSASSA-PSS and ECDSA using SHAKEs | Identifiers for RSASSA-PSS and ECDSA using SHAKEs | |||
| draft-ietf-lamps-pkix-shake-07 | draft-ietf-lamps-pkix-shake-08 | |||
| Abstract | Abstract | |||
| Digital signatures are used to sign messages, X.509 certificates and | Digital signatures are used to sign messages, X.509 certificates and | |||
| CRLs (Certificate Revocation Lists). This document describes the | CRLs (Certificate Revocation Lists). This document describes the | |||
| conventions for using the SHAKE function family in Internet X.509 | conventions for using the SHAKE function family in Internet X.509 | |||
| certificates and CRLs as one-way hash functions with the RSA | certificates and CRLs as one-way hash functions with the RSA | |||
| Probabilistic signature and ECDSA signature algorithms. The | Probabilistic signature and ECDSA signature algorithms. The | |||
| conventions for the associated subject public keys are also | conventions for the associated subject public keys are also | |||
| described. | described. | |||
| skipping to change at page 1, line 38 ¶ | skipping to change at page 1, line 38 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on July 18, 2019. | This Internet-Draft will expire on August 4, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 33 ¶ | skipping to change at page 2, line 33 ¶ | |||
| 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 | 9.1. Normative References . . . . . . . . . . . . . . . . . . 9 | |||
| 9.2. Informative References . . . . . . . . . . . . . . . . . 10 | 9.2. Informative References . . . . . . . . . . . . . . . . . 10 | |||
| Appendix A. ASN.1 module . . . . . . . . . . . . . . . . . . . . 11 | Appendix A. ASN.1 module . . . . . . . . . . . . . . . . . . . . 11 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| 1. Change Log | 1. Change Log | |||
| [ EDNOTE: Remove this section before publication. ] | [ EDNOTE: Remove this section before publication. ] | |||
| o draft-ietf-lamps-pkix-shake-08: | ||||
| * Small nits from Russ while in WGLC. | ||||
| o draft-ietf-lamps-pkix-shake-07: | o draft-ietf-lamps-pkix-shake-07: | |||
| * Incorporated Eric's suggestion from WGLC. | * Incorporated Eric's suggestion from WGLC. | |||
| o draft-ietf-lamps-pkix-shake-06: | o draft-ietf-lamps-pkix-shake-06: | |||
| * Added informative references. | * Added informative references. | |||
| * Updated ASN.1 so it compiles. | * Updated ASN.1 so it compiles. | |||
| skipping to change at page 4, line 46 ¶ | skipping to change at page 4, line 48 ¶ | |||
| 3. Terminology | 3. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in BCP | "OPTIONAL" in this document are to be interpreted as described in BCP | |||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 4. Identifiers | 4. Identifiers | |||
| This section defines four new OIDs, for RSASSA-PSS and ECDSA with | This section defines four new object identifiers (OIDs), for RSASSA- | |||
| each of SHAKE-128 and SHAKE-256. The same algorithm identifiers can | PSS and ECDSA with each of SHAKE-128 and SHAKE-256. The same | |||
| be used for identifying a public key in RSASSA-PSS. | algorithm identifiers can be used for identifying a public key in | |||
| RSASSA-PSS. | ||||
| The new identifiers for RSASSA-PSS signatures using SHAKEs are below. | The new identifiers for RSASSA-PSS signatures using SHAKEs are below. | |||
| id-RSASSA-PSS-SHAKE128 OBJECT IDENTIFIER ::= { TBD } | id-RSASSA-PSS-SHAKE128 OBJECT IDENTIFIER ::= { TBD } | |||
| id-RSASSA-PSS-SHAKE256 OBJECT IDENTIFIER ::= { TBD } | id-RSASSA-PSS-SHAKE256 OBJECT IDENTIFIER ::= { TBD } | |||
| [ EDNOTE: "TBD" will be specified by NIST later. ] | [ EDNOTE: "TBD" will be specified by NIST later. ] | |||
| The new algorithm identifiers of ECDSA signatures using SHAKEs are | The new algorithm identifiers of ECDSA signatures using SHAKEs are | |||
| below. | below. | |||
| id-ecdsa-with-shake128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) | id-ecdsa-with-shake128 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) | |||
| country(16) us(840) organization(1) gov(101) | country(16) us(840) organization(1) gov(101) | |||
| csor(3) algorithms(4) id-ecdsa-with-shake(3) | csor(3) algorithms(4) id-ecdsa-with-shake(3) | |||
| skipping to change at page 6, line 8 ¶ | skipping to change at page 6, line 13 ¶ | |||
| contains the actual signature. | contains the actual signature. | |||
| Certificate ::= SEQUENCE { | Certificate ::= SEQUENCE { | |||
| tbsCertificate TBSCertificate, | tbsCertificate TBSCertificate, | |||
| signatureAlgorithm AlgorithmIdentifier, | signatureAlgorithm AlgorithmIdentifier, | |||
| signatureValue BIT STRING } | signatureValue BIT STRING } | |||
| The identifiers defined in Section 4 can be used as the | The identifiers defined in Section 4 can be used as the | |||
| AlgorithmIdentifier in the signatureAlgorithm field in the sequence | AlgorithmIdentifier in the signatureAlgorithm field in the sequence | |||
| Certificate and the signature field in the sequence tbsCertificate in | Certificate and the signature field in the sequence tbsCertificate in | |||
| X.509. The parameters of these signature algorithms are absent as | X.509 [RFC5280]. The parameters of these signature algorithms are | |||
| explained in Section 4. [RFC5280]. | absent as explained in Section 4. | |||
| Conforming CA implementations MUST specify the algorithms explicitly | Conforming CA implementations MUST specify the algorithms explicitly | |||
| by using the OIDs specified in Section 4 when encoding RSASSA-PSS or | by using the OIDs specified in Section 4 when encoding RSASSA-PSS or | |||
| ECDSA with SHAKE signatures in certificates and CRLs. Conforming | ECDSA with SHAKE signatures in certificates and CRLs. Conforming | |||
| client implementations that process RSASSA-PSS or ECDSA with SHAKE | client implementations that process RSASSA-PSS or ECDSA with SHAKE | |||
| signatures when processing certificates and CRLs MUST recognize the | signatures when processing certificates and CRLs MUST recognize the | |||
| corresponding OIDs. Encoding rules for RSASSA-PSS and ECDSA | corresponding OIDs. Encoding rules for RSASSA-PSS and ECDSA | |||
| signature values are specified in [RFC4055] and [RFC5480] | signature values are specified in [RFC4055] and [RFC5480] | |||
| respectively. | respectively. | |||
| End of changes. 7 change blocks. | ||||
| 9 lines changed or deleted | 15 lines changed or added | |||
This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||