--- 1/draft-ietf-lamps-samples-03.txt 2021-05-18 15:13:10.489319338 -0700 +++ 2/draft-ietf-lamps-samples-04.txt 2021-05-18 15:13:10.561321159 -0700 @@ -1,18 +1,18 @@ lamps D.K. Gillmor, Ed. Internet-Draft ACLU -Intended status: Informational 14 May 2021 -Expires: 15 November 2021 +Intended status: Informational 18 May 2021 +Expires: 19 November 2021 S/MIME Example Keys and Certificates - draft-ietf-lamps-samples-03 + draft-ietf-lamps-samples-04 Abstract The S/MIME development community benefits from sharing samples of signed or encrypted data. This document facilitates such collaboration by defining a small set of X.509v3 certificates and keys for use when generating such samples. Status of This Memo @@ -22,21 +22,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at https://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on 15 November 2021. + This Internet-Draft will expire on 19 November 2021. Copyright Notice Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/ license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights @@ -63,65 +63,67 @@ 3.1. RSA Certification Authority Root Certificate . . . . . . 7 3.2. RSA Certification Authority Secret Key . . . . . . . . . 8 3.3. RSA Certification Authority Cross-signed Certificate . . 9 4. Alice's Sample Certificates . . . . . . . . . . . . . . . . . 10 4.1. Alice's Signature Verification End-Entity Certificate . . 10 4.2. Alice's Signing Private Key Material . . . . . . . . . . 11 4.3. Alice's Encryption End-Entity Certificate . . . . . . . . 12 4.4. Alice's Decryption Private Key Material . . . . . . . . . 13 4.5. PKCS12 Object for Alice . . . . . . . . . . . . . . . . . 14 5. Bob's Sample . . . . . . . . . . . . . . . . . . . . . . . . 17 - 5.1. Bob's Signature Verification End-Entity Certificate . . . 18 + 5.1. Bob's Signature Verification End-Entity Certificate . . . 17 5.2. Bob's Signing Private Key Material . . . . . . . . . . . 18 5.3. Bob's Encryption End-Entity Certificate . . . . . . . . . 19 5.4. Bob's Decryption Private Key Material . . . . . . . . . . 20 5.5. PKCS12 Object for Bob . . . . . . . . . . . . . . . . . . 21 6. Example Ed25519 Certification Authority . . . . . . . . . . . 24 - 6.1. Ed25519 Certification Authority Root Certificate . . . . 25 + 6.1. Ed25519 Certification Authority Root Certificate . . . . 24 6.2. Ed25519 Certification Authority Secret Key . . . . . . . 25 6.3. Ed25519 Certification Authority Cross-signed Certificate . . . . . . . . . . . . . . . . . . . . . . . 25 7. Carlos's Sample Certificates . . . . . . . . . . . . . . . . 26 7.1. Carlos's Signature Verification End-Entity Certificate . 26 7.2. Carlos's Signing Private Key Material . . . . . . . . . . 27 7.3. Carlos's Encryption End-Entity Certificate . . . . . . . 27 7.4. Carlos's Decryption Private Key Material . . . . . . . . 27 7.5. PKCS12 Object for Carlos . . . . . . . . . . . . . . . . 28 8. Dana's Sample Certificates . . . . . . . . . . . . . . . . . 29 8.1. Dana's Signature Verification End-Entity Certificate . . 29 - 8.2. Dana's Signing Private Key Material . . . . . . . . . . . 29 + 8.2. Dana's Signing Private Key Material . . . . . . . . . . . 30 8.3. Dana's Encryption End-Entity Certificate . . . . . . . . 30 8.4. Dana's Decryption Private Key Material . . . . . . . . . 30 - 8.5. PKCS12 Object for Dana . . . . . . . . . . . . . . . . . 30 + 8.5. PKCS12 Object for Dana . . . . . . . . . . . . . . . . . 31 9. Security Considerations . . . . . . . . . . . . . . . . . . . 32 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 11. Document Considerations . . . . . . . . . . . . . . . . . . . 32 - 11.1. Document History . . . . . . . . . . . . . . . . . . . . 32 - 11.1.1. Substantive Changes from draft-ietf-*-02 to - draft-ietf-*-03 . . . . . . . . . . . . . . . . . . . 32 - 11.1.2. Substantive Changes from draft-ietf-*-01 to - draft-ietf-*-02 . . . . . . . . . . . . . . . . . . . 32 - 11.1.3. Substantive Changes from draft-ietf-*-00 to + 11.1. Document History . . . . . . . . . . . . . . . . . . . . 33 + 11.1.1. Substantive Changes from draft-ietf-*-03 to + draft-ietf-*-04 . . . . . . . . . . . . . . . . . . . 33 + 11.1.2. Substantive Changes from draft-ietf-*-02 to + draft-ietf-*-03 . . . . . . . . . . . . . . . . . . . 33 + 11.1.3. Substantive Changes from draft-ietf-*-01 to + draft-ietf-*-02 . . . . . . . . . . . . . . . . . . . 33 + 11.1.4. Substantive Changes from draft-ietf-*-00 to draft-ietf-*-01 . . . . . . . . . . . . . . . . . . . 33 - 11.1.4. Substantive Changes from draft-dkg-*-05 to + 11.1.5. Substantive Changes from draft-dkg-*-05 to draft-ietf-*-00 . . . . . . . . . . . . . . . . . . . 33 - 11.1.5. Substantive Changes from draft-dkg-*-04 to + 11.1.6. Substantive Changes from draft-dkg-*-04 to draft-dkg-*-05 . . . . . . . . . . . . . . . . . . . 33 - 11.1.6. Substantive Changes from draft-dkg-*-03 to + 11.1.7. Substantive Changes from draft-dkg-*-03 to draft-dkg-*-04 . . . . . . . . . . . . . . . . . . . 33 - 11.1.7. Substantive Changes from draft-dkg-*-02 to - draft-dkg-*-03 . . . . . . . . . . . . . . . . . . . 33 - 11.1.8. Substantive Changes from draft-dkg-*-01 to - draft-dkg-*-02 . . . . . . . . . . . . . . . . . . . 33 - 11.1.9. Substantive Changes from draft-dkg-*-00 to - draft-dkg-*-01 . . . . . . . . . . . . . . . . . . . 33 - 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 33 + 11.1.8. Substantive Changes from draft-dkg-*-02 to + draft-dkg-*-03 . . . . . . . . . . . . . . . . . . . 34 + 11.1.9. Substantive Changes from draft-dkg-*-01 to + draft-dkg-*-02 . . . . . . . . . . . . . . . . . . . 34 + 11.1.10. Substantive Changes from draft-dkg-*-00 to + draft-dkg-*-01 . . . . . . . . . . . . . . . . . . . 34 + 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 34 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 13.1. Normative References . . . . . . . . . . . . . . . . . . 34 13.2. Informative References . . . . . . . . . . . . . . . . . 35 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 36 1. Introduction The S/MIME ([RFC8551]) development community, in particular the e-mail development community, benefits from sharing samples of signed and/or encrypted data. Often the exact key material used does not @@ -304,38 +306,38 @@ * Name: "Sample LAMPS RSA Certification Authority" 3.1. RSA Certification Authority Root Certificate This cerificate is used to verify certificates issued by the example RSA Certification Authority. -----BEGIN CERTIFICATE----- MIIDezCCAmOgAwIBAgITcBn0xb/zdaeCQlqp6yZUAGZUCDANBgkqhkiG9w0BAQ0F - ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 - aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx - MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowVTExMC8GA1UEAxMoU2FtcGxlIExB - TVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UECxMITEFNUFMg - V0cxDTALBgNVBAoTBElFVEYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB + ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo + U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx + MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowVTENMAsGA1UEChMESUVURjERMA8G + A1UECxMITEFNUFMgV0cxMTAvBgNVBAMTKFNhbXBsZSBMQU1QUyBSU0EgQ2VydGlm + aWNhdGlvbiBBdXRob3JpdHkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC2GGPTEFVNdi0LsiQ79A0Mz2G+LRJlbX2vNo8STibAnyQ9VzFrGJHjUhRX/Omr OP3rDCB2SYfBPVwd0CdC6z9qfJkcVxDc1hK+VS9vKncL0IPUYlkJwWuMpXa1Ielz +zCuV+gjV83Uvn6wTn39MCmymu7nFPzihcuOnbMYOCdMmUbi1Dm8TX9P6itFR3hi IHpSKMbkoXlM1837WaFfx57kBIoIuNjKEyPIuK9wGUAeppc5QAHJg95PPEHNHlmM yhBzClmgkyozRSeSrkxq9XeJKU94lWGaZ0zb4karCur/eiMoCk3YNV8L3styvcMG 1qUDCAaKx6FZEf7hE9RN6L3bAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYD VR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSRMI58BxcMp/EJKGU2GmccaHb0WTANBgkq - hkiG9w0BAQ0FAAOCAQEAY02+M6kP215ji21w/fGQ6qZ0FlbgL3VS/zmoHZ4Jd82Y - 5A/Hh/bCaDHI8Cb0tMkF7tU+Ly4LX2ruH5VQLjgntCGsaD+pYAH4eGd7Nleras++ - IGnhfdfLQHAIzqAZFNjb0xQ6QjRFQrBRfCJKnvYx5NFmLeTuIjSGEqJhADF7EpVQ - X3kYQ52RfeY9EbcaNG0jHlrz9A3XDmpliyZ6ASh+RqVHoNht302WymkZvZMHgBpC - RptVcy0EbkILYL3CG0ollTPkuI2Lo7nCZJGplT8HZTbCab/ssCf1YFpqK2SOGchC - BUw2pCMnWMNMFQjvFc4QwNNFrRaGOeO4allo52D6eA== + hkiG9w0BAQ0FAAOCAQEACDXWlJGjzKadNMPcFlZInZC+Hl7RLrcBDR25jMCXg9yL + IwGVEcNp2fH4+YHTRTGLH81aPADMdUGHgpfcfqwjesavt/mO0T0S0LjJ0RVm93fE + heSNUHUigVR9njTVw2EBz7e2p+v3tOsMnunvm6PIDgHxx0W6mjzMX7lG74bJfo+v + dx+jI/aXt+iih5pi7/2Yu9eTDVu+S52wsnF89BEJeV0r+EmGDxUv47D+5KuQpKM9 + U/isXpwC6K/36T8RhhdOQXDq0Mt91TZ4dJTT0m3cmo80zzcxsKMDStZHOOzCBtBq + uIbwWw5Oa72o/Iwg9v+W0WkSBCWEadf/uK+cRicxrQ== -----END CERTIFICATE----- 3.2. RSA Certification Authority Secret Key This secret key material is used by the example RSA Certification Authority to issue new certificates. -----BEGIN PRIVATE KEY----- MIIE+wIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC2GGPTEFVNdi0L siQ79A0Mz2G+LRJlbX2vNo8STibAnyQ9VzFrGJHjUhRX/OmrOP3rDCB2SYfBPVwd @@ -373,73 +375,73 @@ "draft-lamps-sample-certs-keygen.ca.rsa.seed". 3.3. RSA Certification Authority Cross-signed Certificate If an e-mail client only trusts the Ed25519 Certification Authority Root Certificate found in Section 6.1, they can use this intermediate CA certificate to verify any end entity certificate issued by the example RSA Certification Authority. -----BEGIN CERTIFICATE----- - MIIC5zCCApmgAwIBAgITcTQnnf8DUsvAdvkX7mUemYos7DAFBgMrZXAwWTE1MDMG - A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp - dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx - MzU0NFoYDzIwNTIwOTI3MDY1NDE4WjBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMg - UlNBIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzEN - MAsGA1UEChMESUVURjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALYY + MIIC5zCCApmgAwIBAgITcTQnnf8DUsvAdvkX7mUemYos7DAFBgMrZXAwWTENMAsG + A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM + QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx + MzU0NFoYDzIwNTIwOTI3MDY1NDE4WjBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL + EwhMQU1QUyBXRzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0 + aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALYY Y9MQVU12LQuyJDv0DQzPYb4tEmVtfa82jxJOJsCfJD1XMWsYkeNSFFf86as4/esM IHZJh8E9XB3QJ0LrP2p8mRxXENzWEr5VL28qdwvQg9RiWQnBa4yldrUh6XP7MK5X 6CNXzdS+frBOff0wKbKa7ucU/OKFy46dsxg4J0yZRuLUObxNf0/qK0VHeGIgelIo xuSheUzXzftZoV/HnuQEigi42MoTI8i4r3AZQB6mlzlAAcmD3k88Qc0eWYzKEHMK WaCTKjNFJ5KuTGr1d4kpT3iVYZpnTNviRqsK6v96IygKTdg1Xwvey3K9wwbWpQMI BorHoVkR/uET1E3ovdsCAwEAAaN8MHowDwYDVR0TAQH/BAUwAwEB/zAXBgNVHSAE EDAOMAwGCmCGSAFlAwIBMAIwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSRMI58 BxcMp/EJKGU2GmccaHb0WTAfBgNVHSMEGDAWgBRropV9uhSb5C0E0Qek0YLkLmuM - tTAFBgMrZXADQQAXVKenodj2S7ct9xaQhUZQhpbvFPX7G1fUNH+7hBthwYBQm1gy - rSI/zpJ4I9seDTN4e2cWf2BbOhYE4WOgdoUB + tTAFBgMrZXADQQBnQ+0eFP/BBKz8bVELVEPw9WFXwIGnyH7rrmLQJSE5GJmm7cYX + FFJBGyc3NWzlxxyfJLsh0yYh04dxdM8R5hcD -----END CERTIFICATE----- 4. Alice's Sample Certificates Alice has the following information: * Name: "Alice Lovelace" * E-mail Address: "alice@smime.example" 4.1. Alice's Signature Verification End-Entity Certificate This certificate is used for verification of signatures made by Alice. -----BEGIN CERTIFICATE----- MIIDzzCCAregAwIBAgITN0EFee11f0Kpolw69Phqzpqp1zANBgkqhkiG9w0BAQ0F - ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 - aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx - MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzEXMBUGA1UEAxMOQWxpY2UgTG92 - ZWxhY2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkq + ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo + U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx + MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzENMAsGA1UEChMESUVURjERMA8G + A1UECxMITEFNUFMgV0cxFzAVBgNVBAMTDkFsaWNlIExvdmVsYWNlMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPSJ6Fg4Fj5Nmn9PkrYo0jTkfCv4TfA/ pdO/KLpZbJOAEr0sI7AjaO7B1GuMUFJeSTulamNfCwDcDkY63PQWl+DILs7GxVwX urhYdZlaV5hcUqVAckPvedDBc/3rz4D/esFfs+E7QMFtmd+K04s+A8TCNO12DRVB DpbP4JFD9hsc8prDtpGmFk7rd0q8gqnhxBW2RZAeLqzJOMayCQtws1q7ktkNBR2w ZX5ICjecF1YJFhX4jrnHwp/iELGqqaNXd3/Y0pG7QFecN7836IPPdfTMSiPR+peC rhJZwLSewbWXLJe3VMvbvQjoBMpEYlaJBUIKkO1zQ1Pq90njlsJLOwIDAQABo4Gv MIGsMAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB4GA1Ud EQQXMBWBE2FsaWNlQHNtaW1lLmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQw DgYDVR0PAQH/BAQDAgbAMB0GA1UdDgQWBBS79syyLR0GEhyXrilqkBDTIGZmczAf BgNVHSMEGDAWgBSRMI58BxcMp/EJKGU2GmccaHb0WTANBgkqhkiG9w0BAQ0FAAOC - AQEAfJC5d/T2BRJqtvOfdUe005rRzp4oY9mNdSOIGBTWBOMLEXqtzGrJyNW6QbpA - A4k2pA9wm2xj0NocJyONKKKmivMV7YUnxpRSN9uUM23g3DfeSWwoo0ZT7YKO5MWp - cv9Ifq0S70T2mympzRMhe1W3uR9AbS0saLQHPEJ5sxRSDSsla3AIQ+mFzUkxK37X - 0Y1B5kz1v7h7Oty4ADrV+Ye4HJlfKV+9h0ilG01/QPFcaOV69Ax9X5vxhK9/FsUt - TGKH6kCtvnbDI3H5oyB87x5MnvU/HENdUeIoM+FMXtRD0qDm4JNj1XxfnYR6eTyl - XjCWOO/3PQUnQvDBPuEMITvAAw== + AQEAc4miNqfOqaBpI3f+CpJDhxtuZ2P9HjQEQ+v6BdP7GKJ19naIs3BjJOd64roA + KHAp+c284VvyVXWJ99FMX8q2ZUQMxH+xh6oAfzcozmnd6XaVWHg4eHIjSo27PmhK + E1oAJKKhDbdbEcZXL2+x1V+duGymWtaD01DZZukKYr7agyHahiXRn/C9cy31wbqN + sy9x0fjPQg6+DqatiQpMz9EIae6aCHHBhOiPU7IPkazgPYgkLD59fk4PGHnYxs1F + hdO6zZk9E8zwlc1ALgZa/iSbczisqckN3qGehD2s16jMhwFXLJtBiN+uCDgNG/D0 + qyTbY4fgKieUHx/tHuzUszZxJg== -----END CERTIFICATE----- 4.2. Alice's Signing Private Key Material This private key material is used by Alice to create signatures. -----BEGIN PRIVATE KEY----- MIIE+gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC09InoWDgWPk2a f0+StijSNOR8K/hN8D+l078oullsk4ASvSwjsCNo7sHUa4xQUl5JO6VqY18LANwO Rjrc9BaX4MguzsbFXBe6uFh1mVpXmFxSpUByQ+950MFz/evPgP96wV+z4TtAwW2Z @@ -474,40 +476,40 @@ "92c89d4330d3d8e31d4fde9b9d0fe6e9fc142141dd65a45e5b436f05". This seed is the first 224 bits of the [SHA256] digest of the string "draft-lamps-sample-certs-keygen.alice.sign.seed". 4.3. Alice's Encryption End-Entity Certificate This certificate is used to encrypt messages to Alice. -----BEGIN CERTIFICATE----- MIIDzzCCAregAwIBAgITDy0lvRE5l0rOQlSHoe49NAaKtDANBgkqhkiG9w0BAQ0F - ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 - aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx - MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzEXMBUGA1UEAxMOQWxpY2UgTG92 - ZWxhY2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkq + ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo + U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx + MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzENMAsGA1UEChMESUVURjERMA8G + A1UECxMITEFNUFMgV0cxFzAVBgNVBAMTDkFsaWNlIExvdmVsYWNlMIIBIjANBgkq hkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpUp+ovBouOP6AFQJ+RpwpODxxzY60n1 lJ53pTeNSiJlWkwtw/cxQq0t4uD2vWYB8gOUH/CVt2Zp1c+auzPKJ2Zu5mY6kHm+ hVB+IthjLeI7Htg6rNeuXq50/TuTSxX5R1I1EXGt8p6hAQVeA5oZ2afHg4b97enV 8gozR0/Nkug4AkXmbk7THNc8vvjMUJanZ/VmS4TgDqXjWShplcI3lcvvBZMswt41 /0HJvmSwqpS6oQcAx3Weag0yCNj1V9V9yu/3DjcYbwW2lJf5NbMHbM1LY4X5chWf NEbkN6hQury/zxnlsukgn+fHbqvwDhJLAgFpW/jA/EB/WI+whUpqtQIDAQABo4Gv MIGsMAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB4GA1Ud EQQXMBWBE2FsaWNlQHNtaW1lLmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQw DgYDVR0PAQH/BAQDAgUgMB0GA1UdDgQWBBSiU0HVRDyAKRV8ASPw546vzfN3DzAf BgNVHSMEGDAWgBSRMI58BxcMp/EJKGU2GmccaHb0WTANBgkqhkiG9w0BAQ0FAAOC - AQEALQ1vufCQBX+6OfmdNhnVy491UaTRaVhjDteUIu6S4PYSi/ow+E8TYGNOw6R3 - Itm1XP511BF2Zfwu4FHuoQwtOodokuIdJXUVKtRRRLEemqgJUuJz9MRF4jPD0PMc - fjhMTBNNI2ll0vuV0t9kUW5uonCdUKvddUcltCp6ojcpUVp6rvXUbkRdsR3KUJw3 - wxk0BgvwLhEHOg1yu6DUunCdb62QTbxhXec9i6zi6szDk87zOL23qejFtvhjGJi2 - RdFHV1NMYtzJdDsCpM7nc8C04+5zepj9PHU3TkwHuIUxBJ5FQA1ReLNrfx7uIYBX - S3wwgDct4A/f28UPnT3+AXmUhw== + AQEAgUl4oJyxMpwWpAylOvK6NEbMl1gD5H14EC4Muxq1u0q2XgXOSBHI6DfX/4LD + sfx7fSIus8gWVY3WqMeuOA7IizkBD+GDEu8uKveERRXZncxGwy2MfbH1Ib3U8QzT + jqB8+dz2AwYeMxODWq9opwtA/lTOkRg8uuivZfg/m5fFo/QshlHNaaTDVEXsU4Ps + 98Hm/3gznbvhdjFbZbi4oZ3tAadRlE5K9JiQaJYOnUmGpfB8PPwDR6chMZeegSQA + W++OIKqHrg/WEh4yiuPfqmAvX2hZkPpivNJYdTPUXTSO7K459CyqbqG+sNOo2kc1 + nTXl85RHNrVKQK+L0YWY1Q+hWA== -----END CERTIFICATE----- 4.4. Alice's Decryption Private Key Material This private key material is used by Alice to decrypt messages. -----BEGIN PRIVATE KEY----- MIIE+gIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQCalSn6i8Gi44/o AVAn5GnCk4PHHNjrSfWUnnelN41KImVaTC3D9zFCrS3i4Pa9ZgHyA5Qf8JW3ZmnV z5q7M8onZm7mZjqQeb6FUH4i2GMt4jse2Dqs165ernT9O5NLFflHUjURca3ynqEB @@ -540,194 +542,190 @@ This secret key was generated using provable prime generation found in [FIPS186-4] using the seed "1cf74849f7445f466c4272251f5f96b77fa0698b3e98b3f1ee8207bf". This seed is the first 224 bits of the [SHA256] digest of the string "draft-lamps-sample-certs-keygen.alice.encrypt.seed". 4.5. PKCS12 Object for Alice This PKCS12 ([RFC7292]) object contains the same information as presented in Section 4.1, Section 4.2, Section 4.3, Section 4.4, and - Section 3.1. + Section 3.3. It is locked with the simple five-letter password "alice". -----BEGIN PKCS12----- - MIIYwAIBAzCCGFgGCSqGSIb3DQEHAaCCGEkEghhFMIIYQTCCBI8GCSqGSIb3DQEH + MIIYKAIBAzCCF8AGCSqGSIb3DQEHAaCCF7EEghetMIIXqTCCBI8GCSqGSIb3DQEH BqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIWQKs PyUaB9YCAhTCgIIESCsrTOUTY394FyrjkeCBSV1dw7I3o9oZN7N6Ux2KyIamsWiJ 77t7RL1/VSxSBLjVV8Sn5+/o3mFjr5NkyQbWuky33ySVy3HZUdZc2RTooyFEdRi8 - x82dzEaVmab7pW4zpt9PTNtjiCMDLs8WQJbco+pKfzP5O5kztKF2TpmHPOqZea2Z - 5sfr/RUNeMwdM7KqCCa38Uu0EXuY4YDmoc3grLAKfGx3C+GXn0kkonHNdo00CPwe - ulnTbVqDB76u1UUSPHr3OU6Q2plIbyLdRGKTQvW7hj0YcbQilGu6j0PXZA4NfQSm - KtVo7sU+udAoL3FM9GxGjpiJul4ATP+4JaqtCGjJAXyI6+xDg4HUmL8yF6IMk99R - uHwAOq8kZuxhldLl7jSUBhrDs42OWsYaHtlQTZTiIFfAP1IQeMOkW7GjE0Hx0K2E - zXm/peGG0ITKgphQB4FfXYRETjhD7FUvQwVy2DfjapqGsc0yDwg/UDYlz2XSK0hv - 7EOuS/SL9Dpbth0DlUAmrVG+XifCT6Ev59XfZRhP72v5T0m1e3/BuX+ZhTdvIapQ - Gdjz05KwekTsSc8RaCQ9BlTvpl1eVMsHTPeQOWDw4Bfb8vLd2C3uSUACvzbSBZR0 - QzGs7XvSO02EsmvP/J3V4M0b/jvhczSQQUsA2SBuefIHKNwPxGa2Wdn8XW8mJgJH - uQda6RpL6jBi5nusGGqEeD6OLhKIwx97QGRi5ZW3q7z9aTAWUp4/DPQk0QVdIA6u - PUyKtrZhQTkzp2kkgHJdHxUz1SzdCe6PYRqZMn+eAFuFDHKu3fKWNTNlBxE+hbU1 - F6NKmIJ4QtjBr2NkkFdxa66vZzA62ZR1uTVYRFs2P+STUS3RgTsk/dNIehJQRRfX - XaFE4lmtFrmQZBAExWTPTFgKeJkqymCeRuOceJX5ej4nEC0ouaxNAkb07FlUrajm - WA7y9k5/8J3T1w2uYVcdyVlv129HNvdlqKJzUasLdsyg5+yOWZGJZzRX5tPp/jID - vAWD8/8Eo2rGElb8BxJIZEX46To7nkuODbDUcRDjswQ7UB+S+cCcI/qEjnEgyFKP - ehxGaTJgxiFof2aKHuRZM207IIvoUAfincgdNBKK/KiTxg63Fb2gHspTqH0w2n7q - so4D3rrH8yla1wfMxOnx47EAOwYPSiVDyEBiQmqBm8gbhwMoBueMXu7wKzctC+xG - IaaQ4VLzxQfFn5Thxb3Y0yBMLDXVP5ZCye3TCX3JlgjzzkailiTDhvE8sbeKdEJk - 0Ui8pGEO+zQR7npzFFK/axe0Al/4lwnyrWX9R9rxDSDr2kLDxPtfbNQLpgPXfEpO - SN3kLkEWqC6jSko55f5+wP1i3b8NT5gfGjW5Kp42a0zoq/5huFdVqhrmw5lVlrc2 - oSipVTtaeWXeEQJeq6uA6xiqnH0uhBJQh4IQEBmpStIpxbKD8i1F1kqIFHv7WpEh - MKE8qq4wggR3BgkqhkiG9w0BBwagggRoMIIEZAIBADCCBF0GCSqGSIb3DQEHATAc + x82dzEaVmab7pW4zpoG/IVR6OTizcWJOooGoE0ORim6y2G+iRZ3ePBUq0+8eSNYW + +jIWov9abdFqj9j1bQKj/Hrdje2TCdl6a9sSlTFYvIxBWUdPlZDwvCQqwiCWmXeI + 6T9EpZldksDjr5N+zFhSLoRwABGRU8jXSU9AEsem9DFxoqZq8VsQcegQFY6aJcZO + Xel7IECIAgK8nZlKCTzyNVALxeFw0ijWnW4ltDaqcC6GepmuINiqqdD94YAOHxRl + 1lKU4mLknSJ36W4T7vaI4fp98sK0nGpaDzQheu6BbQ+dVd44q52MDwvqvD0Y7UjF + IVEP3V9Ebfn641CR0mIcVCUynxb3aaKjhgBKTGbYsKtPue974rDPIArMs2Heo8y3 + cq+f7Jce0IVCglRatN6rSyJBF8JlBQW5pZGco8AwTM1pK3RrdIDziheA8DIBB+KT + 4JZBO6UprlcZ5wBY6ncXWa5E4feb57Cd3bB+zJuubBX9f4yG/J0cSF59w92c/6Qb + i4EFk6tAiz19PxuLLwjco71e69Jiav19Ph/WJpf/XCEurw7K+VAeZALFW41G/D30 + WIBRC2shisHB3j8+3fNPcvi4Fy3EkZNW4lrZFAjbBtloCxk5rcfRS7vxucAvC5X9 + 4bm0xEcdOysnuplH77u+CWWxjCk414SlKZTUbwc1a0B6yRDvojUMZkDzMqsxyYjn + JG5QhMFQrTyALwCgJsP/rAf5xPhG2p+9Qul0yiBIIZwvKNKRQKL+YLcvYvTh1bhj + rUflYzzvviyXCy9LcX2GBop9yBFJzIcmKfL0MGua6WIkWX2BIjhGTtu6VThmRHuf + OsqNg/ZrNCTYa7e1D6gwP5uFRecSZdASf+0XTe6M7e/vaN4Go4A3H8+d53SYQP6n + pTt/a0DTHzY77aNMh+mzkIHC1W3zUdlS48tUyJMiAN3Tt+RfhHZfgloJ7IdcYdM2 + O1I+UD/5L9ghxN8dh13Fi3rDyn6Y5xB1xFuZ0mLjoEI+3Pr1+B9Kgf+o/hxFttfx + 1uP1XcHt0a4gBr6g7fwGNssfw5S6g6hS9UDTAYOpvLaatil2TZmeYZzij19ssv36 + kr1VaRV9xcQCbY05ucD+buymFXPn/rhVdxhgIydmvOtdzDozy0WFDTvgjUBNeRnC + eMVD6AlWdWOlmBqOcIlJS0aY2FWm8Kju62XZA8YIRowlLysuq3zIqDmzmqJFKwuA + mRMZmUVhophMEn86rwob3Z87gNbyy1U/dXi+s6Vybx/kiwDXjfyhWBnhn1gkhgiv + oOhGtt+yAliCVuHQlEloQeQN04C5QTU0d1WOj489Ft6wpvm0tqcl6NpnRYUhbCoF + XhFr4wswggR3BgkqhkiG9w0BBwagggRoMIIEZAIBADCCBF0GCSqGSIb3DQEHATAc BgoqhkiG9w0BDAEDMA4ECPoEFEHQGB9dAgIU5oCCBDAOrGHyN47xktt1J1VvWQZN BYIMFzLN6p2/zKotGf7EMdgSdwlxkhKTWxunfoP/gfRD6boXTAA7ukJDsHXZrfXF - KjI4HI2oa/NihwqctphcLonBJXcofuHv+loP9MPLtwtzPrLxQIC2neas5QW6ygLM - h4gyvWSQXU7f8ZscbiVH3g8R5dcHOzFuEdjnlkDEfvhrchYsP2o4gVoj43VVk6tk - UV+6mIeDGqMB8T+CDWjzcWHabN/2ZDXSuh65fPOSfmIbxsvRtuJMU+ODsziUAK7L - nnLPmnk1M5mEwJNL3W93CHZTqf6fXxyEjlyE9OIPEBvHyYHg7yQ77+D08KJJ1dVG - kPC1yjwoIci2uXJpTMvu8F6Nw/MLKKUpkEqKKwj9k3u86x7wHsP+aqtCZRQxZfgw - RlroNuvBl3RZnPRYsv0gYXhIJLf+TPqTxEqZvcz0GcbFdaIonPs7BmI3yQDXo53f - rKkf4Fx6xcrLC7Lk4GRFkaB9oYSz30Mxvvj5KMUt4uvdKgynT0aw2uKTF9ocQMqN - O1s+tMeXlFEVkPqKZey9aJLewdwGvBDMZx3Qp9CDMmPvBMIYBmEHXE1Hi8VCPiE7 - sjrx0s3zI9LmJfswVcOOV/xmOyF7XM0Hn3+m8/pP1v7bIPl8od4BYN9RE67fKanv - /3H18VUvaFXXwRSfIN3a5p0083XwkkgzJqFGxHppppWwZNAfXqP2n0JhfWqur6+f - N/tXF3MV7r//8nkKWGfDyOJo3hn601BMZlsLBqCbYchtY3iGbnLmTcgzGNdLSnSE - GWPIyWh512QA69wxguGLCQzd8Jqf+0+Bc4ZPVPZ/jfbSbR6dsYHoi6Yr7ngW720N - PxXn3I1k0h3w94DIa3dp7jz5NUpmb1qeBt06ueYiZoAxgKs8hpo4KiuCYYPAikD5 - 3SPV4kQXBOBMWMBCVEDaf/fjAYJ0Wyl6z3gb0vIdQXuVWQTMNHyvfKJJ7bt95pKw - tfadAxAQk1qTZjK47GFOHynqCD0blo3rSUWYpwKkqOYEhauBT/JUW5KvsZQwMvDf - FKFDdUR5Xhgz5DaGTY4QdHAdnjIuUG0niHqSuGGgKwUQ33uBtHifaEFLFMWitujP - NPO3niZEHTt/uUup3lXeDBVXl+FKYG2Z4lBXjJ/tXrJ+fhr7aMvHSBBG57YhhlDt - oqoah138a49jiaY5I0l0tRxTZ+8dDwKOuWfQJoPDsOl0qXcIT8WAHEmnLsLo8TE+ - /yCIAYtgrYonbKhEYTliQCSeXXKVLjiPwBnw655i3jUt4PbQpQg+v9uM5sACJs3V - A30fa9DSAx299MFicKN2c2L75CmOLhOe/9qke6END49P1898uYmPg9DQ7MwSBN6S - P98bbF4CKzgYHQpo1nLKLkpv91brjlJPP6CS63A5YyIJ6yKHksO3LfWu73bHqXRn - MIID/wYJKoZIhvcNAQcGoIID8DCCA+wCAQAwggPlBgkqhkiG9w0BBwEwHAYKKoZI - hvcNAQwBAzAOBAidIqBxZFwvagICFCKAggO4foBE9nhZu0eKb/b/1iebuyBbEh0W - QD8kz4dK8r9UmWzGuv6HEldGqyv2dmdMtKonDaF/+70EcPiH38BzFsu/CastRnR8 - 4Cinf+ttgOnE07OjIsszsPMA7967LOw00DABH9DkGs0v4Jo86T9NdT2OOzyytji7 - Ibe716O7weJIVOdi623dV6Wx3Zy8gQn+WvIU03QcLErGGvkt3RHl3IztWRFNbZte - 5iGI+eARoS2z+Dg/HtzUhSbnDUZI2TL8L5OnXZnfCq4vLDaM3s5vCWHNKTZscxZu - fQ8StiE6lXX+5idtV975r7ZR5HGiafbUb9t0mYjksV4W+l0IjIubZIcK1fqK/gZD - HQRNmsulxluli9Lkx5XB2fg+T/IJd5ookeuof/OU23N7F5qXgg8xVXs/eJtAmn8B - b5uGD27TkA6/q7+2I9GVnpT8IAKSLss4nKMfu3IMgDvouvtEvSmzmOAXGW9NqP4x - cGkruV+vm9pK7Tf0RMf3nqOdArF+Rzh+IFBhvbUBQe59xrsQesvQ0nFQCK70WYzU - LILeucMGapqu1tmpUyqUTYKaKLabEX0PZFe5a46fOV9UFBRlTeOQykzV7Y3QQStm - 0hi6uI3oqkho+6TZwZMuoqEEcF7+yBgU1OLYEGdxRXOPAOPTl/A3UK9Kn/MPmW5d - mhCHX20UgXIOJMlqHBS0cGT0qAx60Oqr8EHar0kEHb5ASoMNUY7mLK8MvjY5IX+4 - 7s2GdmruNaFMf653OTgvuzlfdzTmJX79VFuh/6eoklRb5MtxngPtn33Oi2i7rDG3 - JrcjFAQPavK4YuYef9J1jUEGpKFNQIARf30WM0w8KqWx2Ye1K4QlUvsb2niARTPC - uLITkxqlC5VN8C385kmzS7Je9ScGbXtPF48Z5UpdWEFIl9MYHdzgkYVE4i3cg/Zl - Ocggjyhu/+NmJ4AhZ6kQ/PhR1SrDHb1kaYZ39n+TKS8gRGDXFCsPPQiUub7KRou1 - ptga7v5BK5bZcZpUA9DFoZDN37QBJD4k/wPfykenHgNQDzPDzBc0Ae0QmBAn1Z6O - xqEz3V5n7YdP07yLlPV767MuKa6X7iwquZ9JCx5oto2TQZ4bpGZ8zakPpMr0ifCh - fiUn4A6d6S5Kvab5WrcTVFThq2wYiXgJCI8ZBItrLR48b7hd8wP3pLxz+dCDeGq7 - l21HgQ/9xXvRKm16XBp/AIMH6zXhzneyhlYfwbiyXPRwgYJLzvvA5Wus1GPK+Idh - a77RkO7XOKsiDUWaFbVpiI0cFTCCBZQGCSqGSIb3DQEHAaCCBYUEggWBMIIFfTCC - BXkGCyqGSIb3DQEMCgECoIIFJjCCBSIwHAYKKoZIhvcNAQwBAzAOBAh6FxEuZVQC - kwICFA4EggUAdvl1dkrMJ5FSjZlKPSjK4VLfNDkeErJ9qmzIKptgIq/+VLM1ha+5 - 1rvF9r644zv/AIH2xZ3PQxOloEwdbH2G+Jtkhjrmgz6vLi1O4oqo4mXfs6yeMHR1 - I1MqzOwjd9o9SOyXGogfdoLWyEPs6qEhEZnNGMrjg8nJa/rbqhCuBW1NhH01hN15 - 75JsFluQS38SlaKnB+1ZcZHq1JglCf31471WKHwfJC/AimJ1SHekIU6WjDhVnICo - hY4dzD1MCMFc2/6p90ft+Jf3Azn8a+dBF4iyqNcJShzqlJAgCoP9/4j93UXZmaoz - srBfQsZERH05ZkbIXvfik30Yts161abqsrGaVIj/mbr7YnHF9qefXo/68FISBYn8 - jwackB3MhsFPJ+OiDgaLb6Was/Mrv4Lv2e0z2d+yvjFXPL8GSfBkhomSx3hW84aR - L2d8zqyG0EkH25H4Yl+2G2y8hVQc3STPav+VXMxJFs6D3JHneG/Uf+dcKZSNbP8G - +huahpUFwKaY6edhlMcw1qshVh0tAWJ/lksftZX9dURUihGe01GIqwr3pUAebldu - hZAYKovSF6Ehfc2KXLWB6cabVoWVJA0y8sOSjUgsNMqsg28+aMb9YWgue2kkU+1h - myihPWONcvDdVNKh22ApA109g4SJ1ImrAhLzt/OsIHZabDKzSIZ92y42FJqo2prR - 0w7oWJbZ+S7Hsf7DtJfX+f1h5lQ0s5x7AtwLsTwgDUhquOCVkTUvphvaV1fFX2rc - 887Aq4adqHRMqcPqYufkEgY4ZPMXVWyldGsmEWtwt77GwlHWvqeIjdtwxZdfLuBu - bVf8JET3TYjKfETWgNH7FnquM9YMk/uRV/ga8Dy2sIaui3ilslubCUF4wjKVJx1C - gcSfKqt6c6dEyZdlorOXeeO2rtaTvyqgmrRrpWH+x17Qpw48WTJNl0wGVPO2bQrZ - UlTeNRXM+UzRZjZ/IYOgDz2iX78yI2yCJoSCEbJtcFiKk57H6nuPUYhE38Iqalay - qNmcHvyTJeZnoATW8Lqd4P/vMA0icOTNeK6fqJzvYugFfckaIJK4zqEg8nQBwPCX - NMO7QfasJA3D62K8na/gpuB4qhzpt5Bvl9keztWxYeKQhynCoHmeDC3fjAeAUbSd - NLiVma/NInsUxFUaawNiQNOlnOA05rGJQFAxwS/E0h7ecCYD528HvDpdFBVJSwv6 - 8EWEeJYZnuGTmwJ4cSV7BcrRLIkAOB8WVircR8SBnXeHjC2hJ9sFW3NtvKDYs16B - QIt8gmRzt+ZPtfslLFuM6Cd0wcR4x1Vv40XFuCxditgPysLYDyXlxDNmuzFvVu+D - JsQnP41T/nZSAas+Z2Mkq4YEr9XbOivqo+8rIh3UZvhBC4ijIKXCFn6qT2cTgR+3 - zjLshKAzLAf6XDzsetIcp+mrNCELGWsu7nchgr/g+ETsFgL1Di28ixldIZn6eO7i - 3LMRFKVo17meNR4gQ2vgH/6RdQvBUNy8wUepQUkyQVqLwVSBruDKKln7rnhyUaAm - Oc0E7W9rwlx2109FFbiDB2tWfy7wnvwoHO3oKGSukpFXxV5YoGT2WFxPRk2kmc2q - EOuR/McGo/RSjXfcjs/sL6H2w0MjXndbog4ih3JATQC/VbEejjL/V3VV4YNoHuE5 - IOr1kymb2fUSfsXr/X+zghRkeNr+pGsr2EPgzRerQuEVe5TO6Kmjj04xQDAZBgkq - hkiG9w0BCRQxDB4KAGEAbABpAGMAZTAjBgkqhkiG9w0BCRUxFgQUolNB1UQ8gCkV - fAEj8OeOr83zdw8wggWUBgkqhkiG9w0BBwGgggWFBIIFgTCCBX0wggV5BgsqhkiG - 9w0BDAoBAqCCBSYwggUiMBwGCiqGSIb3DQEMAQMwDgQIqrgO3KJrI7ICAhSlBIIF - AApC2Q85LiwsTo6zuc/hFolYG7JeXbtX+jpO6wFEGBCg/M/5oL4733CCKwQp53IH - jtsDNw7ixtrirxSQRECxgdwSF0PaEZEIvui72NO2uvhGBmlrlX0IlwE7S3hurLaV - R586mbqej5FfzjS7IzirlD5x8fWtNDVr9r6AuCVum2gSQf/h19HcQtiJdwzlSsFh - Mk4dzIwTxz5Ndul/uSKmVO2WyuVnJTnOtZzGeCsHHAUD47zlb+5VHdBlJb4QbH9U - JjAau5mU3K0G8FiOxiycL7IphduovzUOA54/L56HpVfrhLAEtdxZxj40rYRmuHOt - QWOX49cUpjchVU8mFMT2juAkDSHO8Bqc6W5ZejMPf9Y9BpeHIgkPAzYyPOeMvYwH - J2nL0rwKKjtdpXo9fwOzMhmR8jgMDPl/sbtZvBSrciM889aJS/4mxH52erNYMnbZ - Jdz4B1A/awqoy8/yA6kc6xWVdcTvpzmtRxkJkP6Aa/Vq87ti21apsOouPqhAQgnw - tfRC/B3RgSF60TRsnm6/aeOFAOEuQf8khuYVKAll4zx20odvx/nBlzYH6dcYH5MV - ugbNK4/uBpa7W8qwk2pP8n8VgSpxqYjYX613vPWwZ9tH1yQBzFd5va49VsInVrnS - BGXP2pWbkdvl/ndftqhBCncXcsMZCYn4YVD+hdfBpuqfhO8070oOHGkZwwxT1Ge6 - BR81T0YF5zS9+vOZUpl2Ynfoc6Yycu+BFqRGEJXeQYAFdjzeHBS/XsTWoBIspwBY - hpyGQIIakEbIa0/Yg5lOfs+wslHUHMqd49rsyAVyCgJOgil1CcJO0CxqWYGbWzjz - Qs3cYHmiN4ZtC81/1MC+IDS2DlW5Pj87jxXq5hImwhmxrCbe0YD8uPHJ9XVot11B - Pll/llf0Ff4r88HihgAXG1Skwr9ovkbUy+mlQn0KOoC2egoT4SR1CbJnVWgM72KH - jjO5HHpdXgARhp80HzKCNEcay89bT8zQSzTDXrDMkdO5//Xl8P+cfteHkzOEIXQK - 28ufy/5LU+iLb/jQ7qlLZvKNQVFt4KnMSlHF2/3QsJv0At3LTIb27jVbfIico0Wd - pYG6V848UJ5lP3YzUGDAkDxlzJ22KK6dE0AfmJYtI+WhSk4PW/oSf6tq34+jJFcj - LZ8scEvblrAuEAGhk+BGwKIuyI2KiF/KeCSytAp5GA6VoExP3YnyvUTixQqKtCVw - 52JYETq+YFJfPI3+3C9+A80heBHSvDpztWGFL6E1Ouy22D/Fx+8n9t+0Nsqb5Fkv - 7JCg6SQB/1Hm2LPIx0wGVoyul+sHG820yLKRtnzxJigDvROvBpvZodCW5WGzw6Nc - YEQ6qZK51xJ1XUSEGmj0cGwNlmLQjA6nn8H18Id2dOEJOJSbzR5DqZfb8MH0uU2H - uAc7IsvdrNObXYPRmlk1pfLEvN2JGIB3ClZmaZ6A44bvTKLQPl4jGHpxudu5TpiB - 2n6kUVVgd8C9zkLOmd7Y4+FdfaTQ6RvBrCv0B+sWMh8ASYEXHkYEav+VKJRBKRtQ - L+zbT1iBo6BZNi3cpc/OtOEkkZmeddlFMZ8iLq+nxGyc9ffn4PF78uneBcN0gl5Y - bpdUDy3d+ylyhOo+Sb9cY0yY5nzUpf9F5V0/50L3eyi/YO4NltgY+YeUPjts46ID - rwYPrgMS421DwyFaTxVFHUWpy7AHRPRtz5IgoQg2S9iYMUAwGQYJKoZIhvcNAQkU - MQweCgBhAGwAaQBjAGUwIwYJKoZIhvcNAQkVMRYEFLv2zLItHQYSHJeuKWqQENMg - ZmZzMF8wTzALBglghkgBZQMEAgMEQDlL+RWzXUXKOK3W0+XKpnhzbSgygDPAhmlC - fzBpa2Ou3onz/fc+TPyyoXdaGpz+wocWA3g5jBWg3x8Q5ON23EMECPU5AIa9olDB - AgIoAA== + KjI4HI2oa/NihwqctphcLonBJXcofuHv+loP9MPLtwu3Mo1wsWTiHpf5XmxMoZQw + fbrp2ohLugJO1ZRB9RfAUpaAhtFg91pLOtXEpz7GULEyOnYh9R8iu9bSel8bpl4S + +AoxzXD4gYiEU6Yi0/47aRstd3H4u3ERDnUKSoqVstslRSKnK/WrGYUwoy7kNDwy + DBitfosMY0rpWEe5rXTBwJkBodcl3LBpDbNzdbrZw+e+yObJ9zfRlMpl0xVfoiji + q9UbRdgN2yo0RKwF6c63V2RdF5tjQHnNIM3K3tC9zEis11jgn9LeOLB9Cd1qyE4P + WfmHN0gwqDF1eX96TmUipmYM63H6jcbnSc6p7eIZtCrqGjhsTqFwcMg04WaXWeHD + ffLXSZdzIUB+zfC8tftUUEOUX3tX4l1oU7K8uAuQTSK/AXwUj+MbQVhlz8te4FVr + w4ulZ184IYqhD3VdIOxXiZkfSKChRz8/7QacrXFvfKkrcrxS2iHMoxhoJ7WETNtI + slW5R5runj61r50VT4HCFNFQfGBbTtV9AdP7yka9aQDWxPCoXFgeb1Q01F/BigzW + 02JP5Lcrw7ia0y88QbTzWhi57d4he5OIp0wHUiGPh7s792mlltvuSpRKJkOXWv6h + qAj5AsBB8JNvgXP71Ytx2vMdjw6gqzQcxASJ4UHQg0CxmiODLUP+FHAY1CPNSjbR + pHrTi1UFi/+9hYneQci++qPvkCqMuGHVxamd4OLanGJN1NxE1DyMeduapX5rXuPn + g66LPey9GQuE3SBNC2dmjuOy7d8fWXEZqhqLtPfsuwVzdnWb1uAcjRfQPNo+uWe4 + zihYisXK3lqA557dRqdSv+6GL6/OZQOCTaYMyZIWD9jS2gU6T3q2j8uk1LNcL9n8 + aSpQ5xWspBXpzXo39fG6CMeqzZlFCqrvQwYhdXbtxn9Ox/pimmWOlcqAxv+xythW + BMx+il1JEdbCj015wjmsCWNPWlM4AVSholpZhs9Mq6rvgBXi1HJgjD0DpSLCE0xh + /GNoXoOX3LrxfCIDEhT8LyZ2NE59yh3t6pm88soFzaAghdjb1Fkc79nBbcl4NLKg + SmL/7GktkxEznOiSYfnfJ905kjZC08d8RnoGfrDDUWD2ZIhbbxOCq4E3E0Zt13aH + JOXRBOZLC9L2JNeSNiBZZGykh+Pi4TsIzXL2UPQ+dy4DDaEf8yamyY04dlhFsnhD + qr94Y9E3O/rpF0yUb2gCehEgT9nppVuMeridsCkHqemmgVr/52Xv/XK9dx4+YBjL + 4/3Id0/yVJURqDIHH8o4ogF4rflkzOalrZ9nJFugP0UM8oNysaL9yr7/Dli1juV0 + MIIDZwYJKoZIhvcNAQcGoIIDWDCCA1QCAQAwggNNBgkqhkiG9w0BBwEwHAYKKoZI + hvcNAQwBAzAOBAidIqBxZFwvagICFCKAggMgTzrUv4/12Jqnv3AL+P6990uX1ybZ + NcTwC+hMRV0Ho0FuAAybzdSRBAaZch1+8GheU8yz7IYWmLn1PNHxlZ8inIYfmTfk + Pa34Rk8s/RxJIe8LMYL1qjk/FMq/Fpgc0S65S6bXvJ69Hb8gtAoGW8P1b0dd9bvG + NbAk00h5r+IWiH4U8zGpcqWDWRgieGICsY00Hvx4KKMV6FIjFVCTZevORVoyzmSX + ZZgxqrbjw4CZqOWReHPI3aEt5xVX3BihRGi4EIyia6yU10VOZTGBKqWUeKmOA5Gw + SX3mH/kLiya3gwwGvdq1ncXcl7V1STN1HFyp4ebGKg4CsZ6NkWjocwq2PwM/TqoZ + 5i02tqvOeR8lX7LrSegxGH81Kw3nMV4dH5txoVt9hddZCKKGcJ5Z8FlzxFP4BFuF + 7hOmRpUPdxiahJ/GkXDVIAw6BJKd4Q9e6sjJYxTeq4uOP6V4PMuDU7F98X/d9sEx + 2X3b1cJxuA7xtOnKAPsWEyWBg98B+CKG6KwO5s8TlZVmlk15FCUjvFoKCiWIKF4N + vGLiWOIP/jJ9N6Gqp4gNbm51zNFGZ7gZAtvsBSGQSOUPgfZcx2mRxpBmcX8tm5YJ + hmY9EDK13umUUGKrPOrG8c7/MVAQegSKqQuXSfMK6KknXGe7jwjs7xaQaRm9fFHS + 0KbGU3MsLxRGjW/jzjUNAEWDiSYPCVo8E/kd8LETvjAowF772y9o0X1ZzcP7HWcl + oYcO/WSSh4e+FAbgqLo/8KIkGzJ23BAcdx8XAtxzUZhRdHaItnwaJsfTr4TCwq8C + XxJG5u44/z6imqQrVOaXQfvk6sSNGdG62TkacYg2K63D9hcg+TbZPPVSStWXyj8S + N84anzTOxb1yx6aw6IL+uBLC4jISgNFijaF5pwjLSbgTs5Z7skZdCam80xYmdJVO + ES/uqFCQFUSamXXNbotviQk8jWuJFz+BXzPYJN3t+3mp6SmgTZ2zP8FUQEE4GbSH + DqYV621DcWRo/mao8xzX/mvkKm4ddGBldiusoHZaL4gdo2A1qThSMnMBsciC+jEj + DqOr70XhHccTDW8wggWUBgkqhkiG9w0BBwGgggWFBIIFgTCCBX0wggV5BgsqhkiG + 9w0BDAoBAqCCBSYwggUiMBwGCiqGSIb3DQEMAQMwDgQIehcRLmVUApMCAhQOBIIF + AHb5dXZKzCeRUo2ZSj0oyuFS3zQ5HhKyfapsyCqbYCKv/lSzNYWvuda7xfa+uOM7 + /wCB9sWdz0MTpaBMHWx9hvibZIY65oM+ry4tTuKKqOJl37OsnjB0dSNTKszsI3fa + PUjslxqIH3aC1shD7OqhIRGZzRjK44PJyWv626oQrgVtTYR9NYTdee+SbBZbkEt/ + EpWipwftWXGR6tSYJQn99eO9Vih8HyQvwIpidUh3pCFOlow4VZyAqIWOHcw9TAjB + XNv+qfdH7fiX9wM5/GvnQReIsqjXCUoc6pSQIAqD/f+I/d1F2ZmqM7KwX0LGRER9 + OWZGyF734pN9GLbNetWm6rKxmlSI/5m6+2Jxxfann16P+vBSEgWJ/I8GnJAdzIbB + Tyfjog4Gi2+lmrPzK7+C79ntM9nfsr4xVzy/BknwZIaJksd4VvOGkS9nfM6shtBJ + B9uR+GJfthtsvIVUHN0kz2r/lVzMSRbOg9yR53hv1H/nXCmUjWz/BvobmoaVBcCm + mOnnYZTHMNarIVYdLQFif5ZLH7WV/XVEVIoRntNRiKsK96VAHm5XboWQGCqL0heh + IX3Nily1genGm1aFlSQNMvLDko1ILDTKrINvPmjG/WFoLntpJFPtYZsooT1jjXLw + 3VTSodtgKQNdPYOEidSJqwIS87fzrCB2Wmwys0iGfdsuNhSaqNqa0dMO6FiW2fku + x7H+w7SX1/n9YeZUNLOcewLcC7E8IA1IarjglZE1L6Yb2ldXxV9q3PPOwKuGnah0 + TKnD6mLn5BIGOGTzF1VspXRrJhFrcLe+xsJR1r6niI3bcMWXXy7gbm1X/CRE902I + ynxE1oDR+xZ6rjPWDJP7kVf4GvA8trCGrot4pbJbmwlBeMIylScdQoHEnyqrenOn + RMmXZaKzl3njtq7Wk78qoJq0a6Vh/sde0KcOPFkyTZdMBlTztm0K2VJU3jUVzPlM + 0WY2fyGDoA89ol+/MiNsgiaEghGybXBYipOex+p7j1GIRN/CKmpWsqjZnB78kyXm + Z6AE1vC6neD/7zANInDkzXiun6ic72LoBX3JGiCSuM6hIPJ0AcDwlzTDu0H2rCQN + w+tivJ2v4KbgeKoc6beQb5fZHs7VsWHikIcpwqB5ngwt34wHgFG0nTS4lZmvzSJ7 + FMRVGmsDYkDTpZzgNOaxiUBQMcEvxNIe3nAmA+dvB7w6XRQVSUsL+vBFhHiWGZ7h + k5sCeHElewXK0SyJADgfFlYq3EfEgZ13h4wtoSfbBVtzbbyg2LNegUCLfIJkc7fm + T7X7JSxbjOgndMHEeMdVb+NFxbgsXYrYD8rC2A8l5cQzZrsxb1bvgybEJz+NU/52 + UgGrPmdjJKuGBK/V2zor6qPvKyId1Gb4QQuIoyClwhZ+qk9nE4Eft84y7ISgMywH + +lw87HrSHKfpqzQhCxlrLu53IYK/4PhE7BYC9Q4tvIsZXSGZ+nju4tyzERSlaNe5 + njUeIENr4B/+kXULwVDcvMFHqUFJMkFai8FUga7gyipZ+654clGgJjnNBO1va8Jc + dtdPRRW4gwdrVn8u8J78KBzt6ChkrpKRV8VeWKBk9lhcT0ZNpJnNqhDrkfzHBqP0 + Uo133I7P7C+h9sNDI153W6IOIodyQE0Av1WxHo4y/1d1VeGDaB7hOSDq9ZMpm9n1 + En7F6/1/s4IUZHja/qRrK9hD4M0Xq0LhFXuUzuipo49OMUAwGQYJKoZIhvcNAQkU + MQweCgBhAGwAaQBjAGUwIwYJKoZIhvcNAQkVMRYEFKJTQdVEPIApFXwBI/Dnjq/N + 83cPMIIFlAYJKoZIhvcNAQcBoIIFhQSCBYEwggV9MIIFeQYLKoZIhvcNAQwKAQKg + ggUmMIIFIjAcBgoqhkiG9w0BDAEDMA4ECKq4DtyiayOyAgIUpQSCBQAKQtkPOS4s + LE6Os7nP4RaJWBuyXl27V/o6TusBRBgQoPzP+aC+O99wgisEKedyB47bAzcO4sba + 4q8UkERAsYHcEhdD2hGRCL7ou9jTtrr4RgZpa5V9CJcBO0t4bqy2lUefOpm6no+R + X840uyM4q5Q+cfH1rTQ1a/a+gLglbptoEkH/4dfR3ELYiXcM5UrBYTJOHcyME8c+ + TXbpf7kiplTtlsrlZyU5zrWcxngrBxwFA+O85W/uVR3QZSW+EGx/VCYwGruZlNyt + BvBYjsYsnC+yKYXbqL81DgOePy+eh6VX64SwBLXcWcY+NK2EZrhzrUFjl+PXFKY3 + IVVPJhTE9o7gJA0hzvAanOluWXozD3/WPQaXhyIJDwM2MjznjL2MBydpy9K8Cio7 + XaV6PX8DszIZkfI4DAz5f7G7WbwUq3IjPPPWiUv+JsR+dnqzWDJ22SXc+AdQP2sK + qMvP8gOpHOsVlXXE76c5rUcZCZD+gGv1avO7YttWqbDqLj6oQEIJ8LX0Qvwd0YEh + etE0bJ5uv2njhQDhLkH/JIbmFSgJZeM8dtKHb8f5wZc2B+nXGB+TFboGzSuP7gaW + u1vKsJNqT/J/FYEqcamI2F+td7z1sGfbR9ckAcxXeb2uPVbCJ1a50gRlz9qVm5Hb + 5f53X7aoQQp3F3LDGQmJ+GFQ/oXXwabqn4TvNO9KDhxpGcMMU9RnugUfNU9GBec0 + vfrzmVKZdmJ36HOmMnLvgRakRhCV3kGABXY83hwUv17E1qASLKcAWIachkCCGpBG + yGtP2IOZTn7PsLJR1BzKnePa7MgFcgoCToIpdQnCTtAsalmBm1s480LN3GB5ojeG + bQvNf9TAviA0tg5VuT4/O48V6uYSJsIZsawm3tGA/LjxyfV1aLddQT5Zf5ZX9BX+ + K/PB4oYAFxtUpMK/aL5G1MvppUJ9CjqAtnoKE+EkdQmyZ1VoDO9ih44zuRx6XV4A + EYafNB8ygjRHGsvPW0/M0Es0w16wzJHTuf/15fD/nH7Xh5MzhCF0CtvLn8v+S1Po + i2/40O6pS2byjUFRbeCpzEpRxdv90LCb9ALdy0yG9u41W3yInKNFnaWBulfOPFCe + ZT92M1BgwJA8ZcydtiiunRNAH5iWLSPloUpOD1v6En+rat+PoyRXIy2fLHBL25aw + LhABoZPgRsCiLsiNiohfyngksrQKeRgOlaBMT92J8r1E4sUKirQlcOdiWBE6vmBS + XzyN/twvfgPNIXgR0rw6c7VhhS+hNTrsttg/xcfvJ/bftDbKm+RZL+yQoOkkAf9R + 5tizyMdMBlaMrpfrBxvNtMiykbZ88SYoA70Trwab2aHQluVhs8OjXGBEOqmSudcS + dV1EhBpo9HBsDZZi0IwOp5/B9fCHdnThCTiUm80eQ6mX2/DB9LlNh7gHOyLL3azT + m12D0ZpZNaXyxLzdiRiAdwpWZmmegOOG70yi0D5eIxh6cbnbuU6Ygdp+pFFVYHfA + vc5Czpne2OPhXX2k0Okbwawr9AfrFjIfAEmBFx5GBGr/lSiUQSkbUC/s209YgaOg + WTYt3KXPzrThJJGZnnXZRTGfIi6vp8RsnPX35+Dxe/Lp3gXDdIJeWG6XVA8t3fsp + coTqPkm/XGNMmOZ81KX/ReVdP+dC93sov2DuDZbYGPmHlD47bOOiA68GD64DEuNt + Q8MhWk8VRR1FqcuwB0T0bc+SIKEINkvYmDFAMBkGCSqGSIb3DQEJFDEMHgoAYQBs + AGkAYwBlMCMGCSqGSIb3DQEJFTEWBBS79syyLR0GEhyXrilqkBDTIGZmczBfME8w + CwYJYIZIAWUDBAIDBEC6rujtKFi2F7NJGihlmT4ptDGckray1zjr1/Hql/5Qw7iL + BSuc4wEGnDSBEZuE9oFnyTbrzzEtebTsXluPRoV5BAj1OQCGvaJQwQICKAA= -----END PKCS12----- 5. Bob's Sample Bob has the following information: * Name: "Bob Babbage" * E-mail Address: "bob@smime.example" 5.1. Bob's Signature Verification End-Entity Certificate This certificate is used for verification of signatures made by Bob. -----BEGIN CERTIFICATE----- MIIDyjCCArKgAwIBAgITaqOkD33fBy/kGaVsmPv8LghbwzANBgkqhkiG9w0BAQ0F - ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 - aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx - MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODEUMBIGA1UEAxMLQm9iIEJhYmJh - Z2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkqhkiG + ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo + U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx + MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODENMAsGA1UEChMESUVURjERMA8G + A1UECxMITEFNUFMgV0cxFDASBgNVBAMTC0JvYiBCYWJiYWdlMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5nAF0glRof9NjBKke6g+7RLrOgRfwQjcH+2z m0Af67FJRNrEwTuOutlWamUA3p9+wb7XqizVHOQhVesjwgp8PJpo8Adm8ar84d2t tey1OVdxaCJuNe7SJjfrwShB6NvAm7S8CDG3+EapkO9fzn2pWwaREQ6twWtHi1QT 51PduRtiQ1oqsuJk8LBDgUMZlKUsaXfF8GKzJlGuaLRl5/3Kfr9+b6VkCDuxTZYL Zxt6+a3/QkaC3I9m2ygPubtHFJB5P5+s8boROSKm1OB1gsLow8eF9S7OtcGGeooZ JiJUQCR14NaU5bIyfKEZV2YStXwdztoEJJ2fRURIK+8YnwlB3QIDAQABo4GtMIGq MAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMBwGA1UdEQQV MBOBEWJvYkBzbWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1Ud DwEB/wQEAwIGwDAdBgNVHQ4EFgQUF8WEe9Cn73aQOLizbwi8krWeK5QwHwYDVR0j - BBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29FkwDQYJKoZIhvcNAQENBQADggEBAAuI - HBlSzjFLhh85KHCq/fBLkaaR8Qbc9gnpj2WqMgwWQfIBqWAFBet3qduR6i0fV5At - Ekc7GS67T7k3WOt2WxkvB+9sy5kmk7TZ+BtBfO93Bm1zrgRiiVxuU5Fc9EJp5BJh - Cgu3et97Zt8cbuHeUfoE1pp/0ERUlP+e1M4f2W9NpmPZG1bXSViMIIhcZ8DwM7CP - s47VHveVD6y6T9tA4gSnzGMZ3O0PpuBclNjqcllmUeYup5vWtCXQZDLMGI/2aTPr - 5kwic53yJvma7phSLb0tXCYLkP2PZUKGTKSOTBi2fv2S68TFtcV+/E9oqdYYFkSF - sQuJdp+NGywuXUbKXBY= + BBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29FkwDQYJKoZIhvcNAQENBQADggEBAG7e + QY6Px7WZC5vCbF5hjOitxoz3oyM+LRcSTGWoYXdmlwsNUzy31pE3dtADvevRtsP8 + uN7xyfK6XZBzhShA/BtkkqYGiFvXDpluOxWmqC0WPmc1PNK2mHil+pGMfvnUwnxd + 6gKcHED5p+bUhDyIH2fy9hGyeOUs8nvi+7/HwBipN+nA/PfsPn+aU4l1K6qDoG/i + kwyuiWcFFlc5yE5rkAe2J0/a4+HtzNmTK4jB/4GbyI6xlUszPlEqKE+Es10Xut/y + UWL5nKKaqpRRd07Pq371MpFQs2+zXt4fGheKzZU3XXrIPcAPyJjWiyU1DzpqgSJM + OIp/HtXdFscHb9+Qic8= -----END CERTIFICATE----- 5.2. Bob's Signing Private Key Material This private key material is used by Bob to create signatures. -----BEGIN PRIVATE KEY----- MIIE+wIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDmcAXSCVGh/02M EqR7qD7tEus6BF/BCNwf7bObQB/rsUlE2sTBO4662VZqZQDen37BvteqLNUc5CFV 6yPCCnw8mmjwB2bxqvzh3a217LU5V3FoIm417tImN+vBKEHo28CbtLwIMbf4RqmQ @@ -762,40 +760,40 @@ "f4afaacbb5473f360e06ac32e00188fe4173ae15c99bcf043a8b8f6e". This seed is the first 224 bits of the [SHA256] digest of the string "draft-lamps-sample-certs-keygen.bob.sign.seed". 5.3. Bob's Encryption End-Entity Certificate This certificate is used to encrypt messages to Bob. -----BEGIN CERTIFICATE----- MIIDyjCCArKgAwIBAgITMHxHQA+GJjocYtLrgy+WwNeGlDANBgkqhkiG9w0BAQ0F - ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 - aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0xOTEx - MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODEUMBIGA1UEAxMLQm9iIEJhYmJh - Z2UxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMIIBIjANBgkqhkiG + ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo + U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx + MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODENMAsGA1UEChMESUVURjERMA8G + A1UECxMITEFNUFMgV0cxFDASBgNVBAMTC0JvYiBCYWJiYWdlMIIBIjANBgkqhkiG 9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtHAlBNMiBIk8iJqwHk/yDoFWwj8P9Z1uYdq 1aqIuofvjoAyjdA8TbsBRGdmvaIOSQOepsNjW1ko7lE8HlDs9JHn1E+tzH3mKfn+ G2erY+alkMJTXPvMAUdCA8+e1OJ7k91gYXDpzIWrP3Kc0xTlsJ8tGJ6mhydJX3wP 0/HuyHpfKQQfDusPH8S5yidPciWuB7Wj0X4xY1pUAz2rSSAlnGvhEzKFbW43BPjY XPUnRWMtXFya1djq6Eb9M/klbhdZheDLLsjLUSXYU70r9VXGM/qcjd/NhWYphCeB cqswaM5mXLYdm0mFmqoecF62mUE0DiNdhwKTtnefd0cll+D3FQIDAQABo4GtMIGq MAwGA1UdEwEB/wQCMAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMBwGA1UdEQQV MBOBEWJvYkBzbWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1Ud DwEB/wQEAwIFIDAdBgNVHQ4EFgQUSrOsMVMCSZxN42554CVhlT6IYiUwHwYDVR0j - BBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29FkwDQYJKoZIhvcNAQENBQADggEBAGZa - Xm87evc/aRDWHNaO0pw12MtMnLJKmlaRna4O9oVEl2vWHYBLzHq/JBmP9mg20XK6 - VPdx/DXNJUXaT/ipPPZxcaK45G6SfLv3O+LicylqVEFwr974kCEUHSRimAOHf36K - 0YY0aBMPuxqrIONVBejYvP+JrCJ5jvv8y/HFkKXJKNT3QFK/kdNiojFMgE2K7JFb - /GATsodsBlks+ZreTXldn9kurQT5w6SvPBYyV12+/uW57wHuAIMGmaPxo7YgLTAL - kgBaLuyXlJ6t4h68syk0gBoynd7j6XWX5N7M8rvn0bcBOByLc9t83vlz4vhhM+Zs - rC90rHyWKmwwzOYKXww= + BBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29FkwDQYJKoZIhvcNAQENBQADggEBAC2c + Y8FgaxgB+Dx9gAFj35ae1vgzYiWI3Ax3FSxogo/GzpK//LB4215oeBuKXbm0ixBn + 4nojxD7PMlM0i+ilAvVNJNaHY9TtgIgq8V/C0C7vL8SdBN01e5ZRI764ohu9ivYv + Ixvvt7gzvSTpe+NUT1i09xNgsC8v19WB/BwkqMAgDqMxqCxT4fyrvVwpxNBke75j + E6Q3xCjfdOWYcfMLK7EsTSgimYuonZjN7v/yqTdjn/iVH+agL/2MlSfiU36w/Yf1 + 7EM09uKGH/Javh+2Vjd0j8rE/q2Iaac5VI91M6xz5oDZUknycBKKinR+nJWMt5AK + UAaL2Mjl3YtrUGBpxxY= -----END CERTIFICATE----- 5.4. Bob's Decryption Private Key Material This private key material is used by Bob to decrypt messages. -----BEGIN PRIVATE KEY----- MIIE/AIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQCq0cCUE0yIEiTy ImrAeT/IOgVbCPw/1nW5h2rVqoi6h++OgDKN0DxNuwFEZ2a9og5JA56mw2NbWSju UTweUOz0kefUT63MfeYp+f4bZ6tj5qWQwlNc+8wBR0IDz57U4nuT3WBhcOnMhas/ @@ -828,182 +826,179 @@ This secret key was generated using provable prime generation found in [FIPS186-4] using the seed "98c8998652958929e889e3419f3bfd0edfe0aca15da3060dedf8a1e8". This seed is the first 224 bits of the [SHA256] digest of the string "draft-lamps-sample-certs-keygen.bob.encrypt.seed". 5.5. PKCS12 Object for Bob This PKCS12 ([RFC7292]) object contains the same information as presented in Section 5.1, Section 5.2, Section 5.3, Section 5.4, and - Section 3.1. + Section 3.3. It is locked with the simple three-letter password "bob". -----BEGIN PKCS12----- - MIIYsAIBAzCCGEgGCSqGSIb3DQEHAaCCGDkEghg1MIIYMTCCBIcGCSqGSIb3DQEH + MIIYGAIBAzCCF7AGCSqGSIb3DQEHAaCCF6EEghedMIIXmTCCBIcGCSqGSIb3DQEH BqCCBHgwggR0AgEAMIIEbQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIe/d6 qDQ/28QCAhQGgIIEQJKA5kzRVm9d6rEwC/0RyBSgpPuSROUQTjspt6EhBZlgHc3u FTCPaO5P/vpeWaCnBRarGFn3DmqA3JT+59bmRpGdiP3Zrlk2EbHi0yrd2P3UFDnX - qRkkI+7pf6eOHWJRniS1APVXnfNqNyqgdbaTq+jPJF8C2oQVWhddDKphCLtw2WFD - 87Exe6LcdcON0T3jIR+GA4hESmgBJrYRqcYmUH1ycbiJLaN2mzB5XYZay7yzB7id - sFUvVg1rsxHtadFsKVsu3socdJzkE1sq4dFbuwtOe7VwWeWN8Q0O5vJY9cnao94j - X5ylNcl1DkrD9vuyXxDlvXciqVwLj54SO+MplCak0motOeMDv+W/h8fWRFm9HFVy - dXiIS3iIzUMjjQR238260aRZph+KM+KDIRtBtDJ6sMqYqoyulviw1uk1lMlUOEzf - NZosWGrOsSEd0KQnIDMIz0P3j0E4WzLDih43LVedYIQCtZ3qiDX/qzBZenHr43Pj - f1DzUqrB9ODH+FhA7i1yfLfckMPn8i0Q/DnCJvgNDhOEqDdGeccuF+HbTHENKv/Q - 5XmulWIb8IwLXFMgvLFej31M5Evtgq4tct7Kz/W4ABCMbyUs2KUhjILGwNm0eqUW - xJXhlWVtAevnNHCMHUHeCTdPgdLWmlKCIezyvsx5u+pM4D74hZXMu6mtRT2WoijH - enxuadehCL2McCYkLeapyhPJw8oxNQcbqZi29nBVyW6cOdokaLkg/CH/aCdLkV6L - zMRHuKtbgXYZiAdM9A+GYJ/bOC3NARnG8GWLeccGhUJsYdAouqNfQgXp9yd9VOsE - muiJDcunL0qS8a+np0roTdo16aDwCFcHvy9N+bmlgOF6qtA2xAips2tzXFi+cS3W - T/pKtwjcB0s/MeMtvFBXzdArN6GWGx/IPHIrOYTJH/H6qAX12s1otCsEqi0mua44 - JmnlJXUzMuO7X7yS/CF15VkkUMPJbCRfor7pjXfQuOIYPSo9pMhHndBPnBLq9AzB - X3l2TNM4SIklZOzaSDzqj5bvDACn/O6Yhr+w2NATB0TV4p1vGI3aHHNuZPV3BPsU - SmDHe+8fuFX2ipzo5tjoh86lNdIi0q/ouWup/k/1ySOUrcJVHP+i9nPtNOwgPIiv - z41RohJx5dnGnYIvcjEdsTfVOfe+SOS8cGZqGvO3nRWnUVwcIC9RTt3/6S5UXPbJ - ATLk8SR6ALFI+J/SlNBbVxiYNm+xEoRIqkGormxFjay3h3+G7KGpQ7uN1L4k/AT5 - 0J7AkYoU4rziF8Ze00UGuzMB47y0ZaIM7U/xfUNAALH8ucmLYQI9TcJUCXPOSD63 - q41tXO/LyGeJgy8QC3vWOqbCBRLHscGvAJz/NDBh4+z2r9XMT+1UXmWcJ02LQg9O - qZYBAxKOOsNpdwxSul5V2JRDRVtj0ps6Ac2SsXznnJFMRRMaXtnNH7JXqXB7MIIE + qRkkI+7pf6eOHWJRntJA+KJS8v3tZ/hpiEKAEav/Mq0IFNFyEiZpCkbKCX5auDb1 + p5c3J2MNg/WNBfpGJUHKVIzuIF3H+8LfFgayRsDsppoUMffR+GmdL8nxLiqhraHD + +Iqr3LpEroNi/iZQWUTFTUlaePf/2KMqaHOuy41IVvcH1jIcLXHGNa66S8AP/Hj2 + TJPPg/lve76DVaGdEnx4QJd4pBFQac90zmhxU1HZrvzubK9t4e5lr80wpd2djvZK + wSLzUgtQZXq8pSs1r85vrb3KItdYGF6SZpX029FS7rY3uYth5SYVUQWdUYYY3S0/ + nsaLg4MCWUO4Sh7nYJZl5Ijkk9LS7JhmwKvizHRRTXbLyRDH06e+jCRgLcU2WSUq + 1bEr9Jy0ucK8zNPTf8HWBTS0ubvy4JfO3mVp4REX/8ozXlLztWGblFGbyaJ9Y4ga + LM3JpKxMtb1UTxoAyj3iFwGlGZFGKBlWplr+OdkKkC4dloFE22IINfLdRNLV9mPO + aGZhsDheB8iVOtN01u91BlU68Q7AL1ryXWUSjouKGRSU6uMDLZ7rw0wlZC1m4oLG + BF8CmO4ELmbOci78fBs/qDXlf3BJazcNtciamEsQPYRGkHASBRYtoDfVy6mTT40o + obdrZigcvCwttDBu7RtynAQVZ8DvKzxFGhe2p2Yc9H5A5ML7IwqNtYzheduBAQTE + jAU2jMqwnZN5wULEnH2TF6KAQNrKdtBYMbqkToKgxf5Zf+cJZbyQq7WM6nVfOM7g + kcFdeHDn/CWoSNHI1+JA3wSDM06zkU5HMd2MpT1RLTSaemImUKCAGYieJmwNQxR9 + aYHBBw5BNBw1XRB7WRka2Uah0Xq/wAgaI/o9L+mShDRFJjFi+t8AV3KR0WWHg02O + 9qchX7P5H3Sy/tq8yUQIol+hRiRjkfi9qy6AxIRttrK4WbW4scUtBZSkg9uFkTVU + ybnV6WvBpn2SrnwF/E1ueKARVmouWJ/7fiLJXk6wVvVtuBZw2gE5QGfuCwq0PQsC + xPx8MhNl1KZYDVCGsyUr/LMHeKNc31S2HLGQK7kh/o+QQazafiJocQ+kRbS1VX1D + nQlIhz4zvKsBgzHpoe3wQcfAY5sp2ubepsZ5T/YHkmroBmvA4g1vi7nlCetgxXrh + 2V6OXvaZ+BnfsYxJeUZGnNMNEDFlzS7xB18ojtT5JN0o+9tLsdikdikl69IsVv+2 + eCv9Go+wh19cSAL24rkzdKVuiIAXS7tzel3eWGjdKoq3Ke+tfJtobSGrB39xgLVr + 3ho63hd+qTUyjcAhVL3hAJinv+/KT0jR8fq+CDsXMnCEWugHhwB+66NOr876MIIE bwYJKoZIhvcNAQcGoIIEYDCCBFwCAQAwggRVBgkqhkiG9w0BBwEwHAYKKoZIhvcN AQwBAzAOBAjiGuDSkfG4UwICFLWAggQogyL08hPtUl52dkO+BVimcGXW3FmDrT0D gU3Drd0P76KzYzd2lLuGb9dx84wx0XnFIXeBM4F3QSDbCK4tOuJ6JRaEeUoCAyZd - XyHtLjVeuozt2xHBDUgQVEO1dZHtk1VUbRX0LGmGnaBj/d9AQs55CH+IveZc10hC - gDVi767NiMeje4PvFQy2l4GBgkM18d3zS55SmhM7EkTpbkxWD33pZZKzM56RoRXD - LB9oL44NzghfRwz4m4dqS3M2+u6gr21yC7vztnLZChU6F8+huVa1FZy7vs5BPIKV - 7jzoo8GKXicKiu0IFolgBbVJ3qDrT5HQ996EPdVFex86GTOpXo0FtK3D3I1yA3gi - ihrW8QOzf9ASjDsnjzSJgg2WyvQcBYPXsWb8uI9ryL2xJpdwMuuYR7Fnq9e8HyHd - Gyp0CkXW52oPPjuUIOwuJH2Amucwba9Y25OgVdT3ScVMCMkVAcwNA2fA7cRR5z1O - V4fq/Kgy/dxfE/6s2XMhK4Ff2lLZv8W+3yVqczJEI2VNrLpbS/nTJzNQ0LNIuA87 - zyTRTRp3NixJVEOrMm5A1TI0MHOg8SHO061iLOMxSN3AoniUFWOCkSbujLRf82ju - iXENwYgIHx2nz6MHiSgR0DDytDN+vhy0NZ9cJuvWnr9S6hqBEH6AsDJ/5mBs40ek - 4lZYErGQtscjhHypRB7y9BJfKnKBHDkkpqja273rv+2lZEnXOWApTKXNJ8ixWuBT - 19dKx+ui5DsA5a5Dqi5uXtxpBHZhdRUsivKfvJN3/f8GxhTINgsq6fUgQXrs/aL7 - ZznlKBMOFA0eaY5LYlkdOdOVsHskKcn+yevBvm3XPjPXyzvwSPjBIhMM2Sf1UQOr - HnOey0IMNK4yz3faol8juOtPEEMdDCMRpgw4xqFTY+HOU5FUyOUb9hJaBUCU2O5K - 8jcOcPm7PRWGmCKxvNFFI9O+SvTQ2P0TN4845C/pFbefambcODf2q5WG730QMXC3 - ArXHk3NrBs43djkHk8A+21uTlVfoNLBbuASzxdek/m8YQU4li4+5/nsQFB2tBy/y - b1q3yiaxxCQ8zPWCdcQJir56qpIj5jYzD4IZDITPlF1G9Vt/2ykmEUerRhxD/uar - MHnxQRySYCK5/EBeil4MWl5T/PlZ9EWjgRGdwwk/XY0DPSuaAwgixbApuillyxHq - dPWViQbhs4Z1dNbhhiW30brcQeJ8UJy0h16yaBXHGoLaeZW2C+6BJMu1Lwgvgfjs - zjd68X4hWvxwEhtLPRw9YYVqBf90wmI2N/bOc77YWuRGmyWSYtB6kHBBEWD7jzIy - DUyF6xTYl+LGT/Hii/wYypsYyF/weCSnYVGFipKDrEl8wwHldK5yfgsiwqrQcyAG - R3Gsm/fJbIBFgqCkBSz2OKZofvkT52ZJo+o2LdvA3wkwggP/BgkqhkiG9w0BBwag - ggPwMIID7AIBADCCA+UGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECEyHXPVs - ncxTAgIUQ4CCA7j7eVyD9inewNbLNe/S00qi9VdBtXZrqiNNg3yxJ7Vuitpy7G/T - uCBfqZ2D9A1YHVvL+8ECumxTKMnC21vxPlMVGRhHAi0O/XYIW/bzBT76Cf5AFXFx - sjXgd5n0QQLf3uyMbCUNYB9GLN1sqZ4os+VeG5/icL4CDEpeVdKggR2UywvpQV4q - CcTnABwekbTvBWbwpwme7miK2o+fNKIaxmMnVimqQLw8fB66WBqIJSaTcZhnnPuQ - 9S4BMq0dSPrk4XRHuBkgYoo5sOvImGzgPQkIkjOpxsOliKpbn/3K4TQwPGh1dSgC - OizzfMGj9Xf5dG2GxCH3/qdmVw0hszIo+KOG/ULmHwAjI4jY6/najq26bzblYRki - k+cPy29AWHfYVFEuu5Q+sVwE1gwAyC4N3sK2k8ImesVldAAxu6q3RJ8m++CGlTW6 - Df337ADOj6u01Ox5zEKlZ5vDudajdcktuqgRkIgB2vabF4M4B++nnHfQs0bJ5T9y - uZwtWabXSMdaparAutRYPrhHz9EiyKmwDAMV++OL1NqMyloDeXb+1h2Z/DqdpDTJ - 8zB2OIMoA6tEbhosiF8FKxzB0uBDWWGPbABKlilM+7ZRHGkw7fp14hKIluywaehh - hmmC7uznApUqT1ZvQuH5eGKnLZxn/BpVh+NnV5q9tGrFJ4KAgbu1AP6om2CsloDg - pc7DJ4cyyx3AckJvVaOVx4KGl+iN7DxzgRG8MzgR+w2bRzHTd7QuopWRRn3oWqzX - I/6YrPNjW+bvVchMfeddo5hLD58JvNaK//QtfHQb1DrXCXA7Fs/wG6Ta9gOrbklj - GbB8ClspBraxYp3MiUPIDkzw3YYmTf/P9zGhw/nwucR6sguC165NWkMYcOASjcyd - +7A/Ni+O7DZ4T0wF1SPH9Arbls4SNCKGPKAQhBWhZDN1nldrWboJEy/sMHAg7pyM - rhI7BF2c4DicIVcYUZ+dK36vRJ7a0V0zlAnKFAAyClw9k7mRml61z5RthyK55Nkv - uXH5UCJZMgv7SAU3+ExQ75pmV8mM9XKrkHorkrXmGcDYvt7oRry9UcWHc8h8srVM - CZQKoCSv8C2L/E8/7pjXl1sn6YL+kQ2ACkV8Jw7UXHWyEf0XWf/R7CV4+jeJVizQ - cGLsX29O0lGeJjDyHMJA1JUFyc0Uc0F9lRsTPGgrrTTo74zMoLzstSDIGw5k2d1n - Mka0MWXO4B8JDDVDdAckUwz29cuzLg7m2AbU3dPqnVdO4ALEgjokzVETnTH2/odf - s/ymMIIFmAYJKoZIhvcNAQcBoIIFiQSCBYUwggWBMIIFfQYLKoZIhvcNAQwKAQKg - ggUuMIIFKjAcBgoqhkiG9w0BDAEDMA4ECI7/QgJtNtktAgIU7ASCBQgXBP8kjxSM - lA99hMWickSjzMRulhZcpuirDr/NmwwaYCdQ+BA1APHK4tWmuzmNRzjfuRUHYzcX - THwOOYSml5u0d8ijKOhcXuN2cDgQXfy2yyjQrWcw+ZKCXTaJhm06qw68Gl947keP - g6+GLbon0/NPA9yCXdBA+p9a/sLCAZWfj+Ge0ECuI9ITiACV8ByqTG0kGbTVDAOg - B2w4o4yxie2BZqOmvUnceb7fg08vThSx/U6lx6w9QngIHE3ItfGOOw7MPvxZW8pj - 436Pz3FOzK3PljR8SQWqtyXymAFDEfvaMHBIKbljAfPcGFZCCvZulYnV/YtZxWye - s323HpGFC0ACRzI2Bf+SynkRbglOj6jqhctGFchhq5GtSuKwxj75vxklOnoLW3RF - bZB2qAxmCFJmBpboVILoPLYN397N2RhQKCIS2rx5LEX/xYPDpVraIZVI23j+n84n - 3vI3nI4nQrWDSEBN5tT4jcTvg9D1ErzgV8m/IcMELp+9hlb+i4xyCndiYAX51Obv - gerzxfh1pX79Q9h/9xWnKLBwFODofeOuSuzTIqhYsh+si8w0F54pn5+XYSfDUwXO - QsjhUYP9R5HCtuE3RIeSHmUga27TJFN+rqaxhCmTD6OvtDAkh1DKsChppVpGi1XK - +BM4uUfDyvqju/frKg2i/eQM9bsN9tJVNZfmUjJCfw2ozBrg3VyVZPy6R9ldJpjK - QVKoXfDnNqVriIiG7TcaMNx+JYsxSVhUBRy9KZwhQsTWhbsUqIlzw5p14i7QkHJJ - FIS9/sHfDyV5hSz67+HWm2tlkqF7Ul0C2WzO8cnQMPSQyoDoiDjKiaxwZKiX+xFS - ql5whDBVlMJFGr10k4UmQqEoPkSj0TRnayenTV+lQXmqUx4GOliCRfuOHIXK+r6o - OoEBjyLO+Ryu4Tr1aigFXKiuoodRGNa1j6uHNwHj4cvvbBkrMudjeJSMnVQA3Ezy - YL1+kPU0m3/t6mrM/JnYp3gYlViLyxCkUp/i1EcOvS0jmJQHvyqPUQGnXDiq9Gf+ - MLiKLv4FqzybP8AnblB6+ILjhWP55PZhhdp8OK+uah4G5UwgFsPTrpie4ELYJ4rJ - 01Z2IBHNzch+Fy6FXCruuKi1h/IOp3h7QnLtjnulvC/hDDPXILFGNLCIVDv99FrY - LHzG3EpwL8DgsadcAohLL641sNYDsBho/pGYaAwJo2JfLcXXO/GcTdu/ry1dEX2+ - O4QKFSrno3r33aqGgG4c/Qn+ZEi3D4mgjib84WcRQZPds3LGkQXIDtpcET3VpB1J - eXhr3ucLT9FIUf99HA8ViDGvdd0Ih/cLDk8Ozblg2xdYKwMJV6NYwWvA7OYPBryw - GRjbvT6sa/vqpe9v+4YPczYL4PJJXLnll3jbCOCFJ7OBjq1pPS2op8s5LpWXgQtT - vxDq9rajwyVxR2Lfje06LrQxmAINTA8/xOMpkg2Hy7Uo2HOCnA0vPWATR13bTSXd - tvN1nq6KjdHnZZBZEKTXtn2VR6wIlq/K1wCLSYx58zEE8w52dSLo7xM8NEDSZyiF - sTmvJvANcCgH9VRvCAzT+oKlntVxIo3WVS6h734qGjQ0r+DIwS+e0zEY00jxqtXx - SR4WiWU+Gu26a93CptUJ43xMGPm9ejoe754oHsBXCMGT+tEelnGedUZdubwfMz6S - OJvZxjV2K6xVEn/X5D0Ze6jXfm1BuhuBwzMCaoCpmn2QMTwwFQYJKoZIhvcNAQkU - MQgeBgBiAG8AYjAjBgkqhkiG9w0BCRUxFgQUSrOsMVMCSZxN42554CVhlT6IYiUw - ggWQBgkqhkiG9w0BBwGgggWBBIIFfTCCBXkwggV1BgsqhkiG9w0BDAoBAqCCBSYw - ggUiMBwGCiqGSIb3DQEMAQMwDgQII2LYrVswSIECAhR2BIIFAMshejgTFzITz7hq - JkiP9aeH9JVVVHSfuzg8YJte35Ws4d31jNO5SJwCohwcfrZ2/s1LL5+CpkbtKZVH - Uih1p0V77m6wDNejLKGER7Zz5Oh5Vuvmuz68G9BTKHpfldNXlBU4CTBLIoaPJ93L - zrHVDxwvYPYEz5GmSbVwW2OBZwHjpTpLrDnSwbtc4pIIwjhrqucc9WA891cyuPdV - I8ljxuEGoQM9VOd9Id//ApmsiLng7cXfcHmO3oKb372b0V53yf7zXDn2tGibvYJj - 1eKL9QsRH1MfCPE5k5D50iaXbcpq7B7G44aOKLRRHwx4z8DSftQ3Kz5tlO6WB2lZ - b+YOEn54sBOeEnDmuj8BZrphVcb63mT0uN0nVmapLhsnG8HCKWkQaiHQwzpinR2v - VcziZP8TQkxYPjnw2CzTkK4KnABRcZ1CaCtWwWutXQdPId5UsOF7jcncYjocJYlU - 54NDPOZo7cAz4iihEORMeckxrFRemEpNqDn5/+yY1gSHNWNl4hzwYVnfp5IjgE0Y - dJcUALAu7ZOGTOlcyaDnQkBSEFjGoT99V68tQfgk8uDPzr3CTyBGVQGjqKFAauez - Htk7kixhqERiPPQ3Tk9U8lgwtLIyi8b2L4unNDj2AgHM+7Z90tHjW7mfk7mYbVjh - ons4InEw5FiFYe5y0d0Z2kmyCKrz7WKJTCZ/IJ9vRkvd48xT5bTOQCzKfbZoryMM - EstVmW85khWpHcbHhAU9KTqoIxDQTnxWQxQzFi8KXNPBJ4Qy7rp40P8ApMT5ddX9 - 31uZKZYaTtjxesMosp+ZF2uUh6id1Um/maTXZgrEE9AZ5SorlclRrZ3Mf3O98Rfy - JjN23jbzVAKJcnerCZtP7xGg4sG3grI6zZ7ZlJmeOsv047ihSwcg7IR+PCdaguEp - uSa6fwYnGgHbILNNrBVB/3+ohRdpLNynbcBXot/WT05/v0dg9bdxAkC2N/pcFUTX - FVk+R9O4LfJUu5+WOzZ539y2keD2e4h3/EcUfu3gduZTf9m58TUYeexFDeRueoDl - Zd6t31TN6gNpUOMVcashOnx6e/TwZdi/BYZcsvXnSXQO4lK/UT7XLDDzpI2MFhRP - HSvQImONOTbu8hSEBhQQD4nvUh6J+qo8MpheesJ1QRqNt8R16TfRaItH4KES8Snj - wyVrpRVMub+aPOLBuzGblCUZxybPXd7fZGLKt+x4H5HKWWbN4m3J0/YgeRYrunDD - 3I6U8rRC1mzrogZkqp5etYGT1AVgNfjaADL/FN+CVyjgo7tqSGndTNMhDJNee346 - w5Jxz4CtWb93AKWb5nHJu05xXJp2OkpbJ3J8CvdpOQbFfpGYesRavVH0GcwY9h6w - Oz7J5U2zVB0OF9/9tAvAItd0YtbAt7qSK1SLKLwXdt18+NHtHrWURS8msGbtguaB - 3FEInTYsUsafT2JIw17m+aI1oqK7N9vgOn12oQyGYl92xNRFqB8kjKpQuh7TwQgi - jNqGK9vOhZUDqg8CSTYPwOdOIx6Bfghn9lvcs/EkoB5c7dizVhCs1I1ncHZkhIFq - nMbOEVl9FXM86ZeE3nekOGXGTDRu2QpuVgD0K8/6TODB6TMLL8yWr8ds7fwJXU0r - NrLfKDie16En6/3+TuBqoqajdlYwaTRYYG/8YXFiGZ413XhjrkP1OXKkz/OtdLIa - g6pmBIDoeUCCiDPDBJobDH2f+jpzMTwwFQYJKoZIhvcNAQkUMQgeBgBiAG8AYjAj - BgkqhkiG9w0BCRUxFgQUF8WEe9Cn73aQOLizbwi8krWeK5QwXzBPMAsGCWCGSAFl - AwQCAwRAfOXgg9B0m7kIxySptHcG/y4B6QwUH80E7GdroberTesDhYKYf0BCxSwN - wr0+uHwOtaa3iuPcHpIygAtHAOvdDgQInW+pd7qujQUCAigA + XyHtLjVeuozt2xHBDUgQVEO1dZHtk1VUgzLSCha1rXjcwpa4+8xqqoVM3Cl5uBh6 + QLUNey8Z3YlKlk018Tdge6OOUrg72BPKppNfJlN4TnOFwMVMA/qHAJl4pL1YDpmc + 5BZm4tMg0HvPiz96uwjEhw1GZFGOgZIogeVJuqCNiZPDjCFEDgnCw6sciS5Bi+dX + Km0VUdamSr93e2eEPLbzxZR0E0A3IcOj66iHuZpU9YhKzsAIhLMxT8kF81I0ZZzj + 8N+P1hnkjdVWuJLg77pkXxQJyvuT0e2oc9r/DCHjckneen3+E66IKsYbib7sX4g6 + 2oFBJs+7xQopy69pC8jCn3fx61t7AFx2RIvuVHY/eU4sXoWkJNqQ3Vxj2SPWKjzJ + 4IIvWVxIFiQjjOtDFdGYPGukJXn62Lbb8CFgam9s4jDKnr0LHIngVeUIgi4wkvva + QzZTzXfUApezQgQqy4x+ogdiYF1UOa0OaqvrGRiiJlMdRi0/MDy+jzkX5cULhxkF + vdBNCirv+3zBaiJ5Eu6q0zP5Cxi2qXhSbehZqvTPB4dD/vu9yxHpZmUCvzm7H213 + Tdrb9WxHOc92ZpBzsfiCA1smVwTDFVGa/kqN6noPw0qWZANIk27/+apsTkBYaVpa + jpfn9eydi5eV2+pEQV08fh4OJfiKbHS0l2E3Gp/rPm9lVgmCmjBWh+Di1k4qgF/f + lsxWgzXNOxPntpohnM6AZDxW9Sk+BElDLYS4WFwUg679BsJG6hQqAZKvG/8agSH2 + k+TKKYUbXbFVCB0+iuNZIwgf4qxGzvI5+Iok+OcxuGCqwOu30QbfECEG01QbKETn + ic3kMiZ5Cxt7NQSuyEYAQ/AmvM4qo0x7Tw1r7tR8BcAEF6fGxd2VXIV8Tr/pXGO2 + HL+0iIHs+Ob67zlTHr7wUB4tCp9LC3IIWdsr7KcSRNEMXpUIFI0etCjNgCU3iT+R + 915215OfWNGxQfaXTEyMVNaT1HpwihIisSb9QHbagaRLbYmqJ+ILSECADYQPEWf+ + LTO1tcOhkIb6BiwVWUuOOqNj6ILJM2XvmknATyUj9MYcd77xOJzMrJE5VtaM5BVT + oRpcOLfhYOmihceGSEqXX5golkqfLUze7zlslNWMYTTLw6tC6I+c/IUIWJnZT4m2 + RbTQ0krfPn94zbTjrG42HS5+Ke3ySV6Fv8MZ+s93yY1v9iB6cVPEUteLRc+C7e7t + lw0bQ2+MyAkjenS5Td+3tC7lR42O2CSfY2SaOsRv+EaYjTGzf9F3TM706o5+VZrM + gtIKtw2okRcjRhaKDfhui6jo46YYzWbrgOS3vzc60VcwggNnBgkqhkiG9w0BBwag + ggNYMIIDVAIBADCCA00GCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECEyHXPVs + ncxTAgIUQ4CCAyDSBlYeFnsa4vtKApbLnd9FENDYeYqkKmj0lkDagMqHC22/nQ9v + gz2lOo5FQJoaJx/WSorQt0Jny1QP9vZd2t+bkfoaXOR0MtmFY5SOtYEudJplrCz+ + ZEw8JlePJRP0Q3lnwEiSk5NnXLRWNzurIeuyZEd1VbTvi/rF22sRWlmU335L67zj + P1sPeXkBpIYCPLHw8E4rkaC8G1ko5wyrnhuqL4ItzhvOORvgRaDflpP9WTj9LVUv + FD5D59zgb0ptaW0jIw4JplIGXIEZIynW4KfkWy2YJvsXiuLHvN3Z8qL6VtxNGk1s + g340uKkUUlzmtDJqGT9RVkoYBXxN7KYesbSttONhPwdv/MxHrEo8TGHZAvbmwgft + hOUrc/WVtUopPEs4QgrsA8d0MrSd5lVtPW0XPsBPEnLuh7dqAlmgztYlP4Yztk2/ + JJ+E4MosmhRjbKzM2N5WuGlDC5m9KF/5JjNVwQ7e8gMeUv/3gizgCG/4Mgng0VGG + IxGzzBoQXPWCKdT3sLQVyt4/pqPBpZYnP09bmkkY/UIa1unNB+WWpLOkKSzD5wRv + /2xmNO2D37DnHwTFYC51ZblKz7FGjOgCwG95VPc8NQ8aG5rqpQ+muq/Jil5mXgNw + IDeM4bawa01UKEzqTGQUb3gsJMGiVOhgtOrBiO9Kx/2PJolUuwZGcbo4oGSVR7KH + lLgIuC8aIQDyFURVYRCNwOw5U7JN5arkvZ4ty0/qk5UbjxQuDkF8o6ZdViO3l0Do + C+6zvncDx4HvUd6uQ+u/kZfr8qfwM5o6D2qXhS/ZHSkq2xwIzb47uUUqaeg3yOZJ + ++na7gC+ibtHXXnNsHUvPbpCn9qViFhzilcQZYq0tZxDKa0E/pzEP/IA4IG24wEL + GnyuUIHXBS9T0MchTxl7BglycOPRDnFKzMQfUXY1rAErK76cs3y4VQDbfYDiOzsa + 1qqMApIX4i/qKFdRvDuLxtZQbVA/rNumm40LPUQ5OvEngIESA74G+//YQbVjbMjP + y+hm7/15q5LRo9YxCS49KGlz4NG1QMWjnfkpOCNVZVpaQ7TPGOIYzBL6kTCCBZgG + CSqGSIb3DQEHAaCCBYkEggWFMIIFgTCCBX0GCyqGSIb3DQEMCgECoIIFLjCCBSow + HAYKKoZIhvcNAQwBAzAOBAiO/0ICbTbZLQICFOwEggUIFwT/JI8UjJQPfYTFonJE + o8zEbpYWXKboqw6/zZsMGmAnUPgQNQDxyuLVprs5jUc437kVB2M3F0x8DjmEppeb + tHfIoyjoXF7jdnA4EF38tsso0K1nMPmSgl02iYZtOqsOvBpfeO5Hj4Ovhi26J9Pz + TwPcgl3QQPqfWv7CwgGVn4/hntBAriPSE4gAlfAcqkxtJBm01QwDoAdsOKOMsYnt + gWajpr1J3Hm+34NPL04Usf1OpcesPUJ4CBxNyLXxjjsOzD78WVvKY+N+j89xTsyt + z5Y0fEkFqrcl8pgBQxH72jBwSCm5YwHz3BhWQgr2bpWJ1f2LWcVsnrN9tx6RhQtA + AkcyNgX/ksp5EW4JTo+o6oXLRhXIYauRrUrisMY++b8ZJTp6C1t0RW2QdqgMZghS + ZgaW6FSC6Dy2Dd/ezdkYUCgiEtq8eSxF/8WDw6Va2iGVSNt4/p/OJ97yN5yOJ0K1 + g0hATebU+I3E74PQ9RK84FfJvyHDBC6fvYZW/ouMcgp3YmAF+dTm74Hq88X4daV+ + /UPYf/cVpyiwcBTg6H3jrkrs0yKoWLIfrIvMNBeeKZ+fl2Enw1MFzkLI4VGD/UeR + wrbhN0SHkh5lIGtu0yRTfq6msYQpkw+jr7QwJIdQyrAoaaVaRotVyvgTOLlHw8r6 + o7v36yoNov3kDPW7DfbSVTWX5lIyQn8NqMwa4N1clWT8ukfZXSaYykFSqF3w5zal + a4iIhu03GjDcfiWLMUlYVAUcvSmcIULE1oW7FKiJc8OadeIu0JBySRSEvf7B3w8l + eYUs+u/h1ptrZZKhe1JdAtlszvHJ0DD0kMqA6Ig4yomscGSol/sRUqpecIQwVZTC + RRq9dJOFJkKhKD5Eo9E0Z2snp01fpUF5qlMeBjpYgkX7jhyFyvq+qDqBAY8izvkc + ruE69WooBVyorqKHURjWtY+rhzcB4+HL72wZKzLnY3iUjJ1UANxM8mC9fpD1NJt/ + 7epqzPyZ2Kd4GJVYi8sQpFKf4tRHDr0tI5iUB78qj1EBp1w4qvRn/jC4ii7+Bas8 + mz/AJ25QeviC44Vj+eT2YYXafDivrmoeBuVMIBbD066YnuBC2CeKydNWdiARzc3I + fhcuhVwq7riotYfyDqd4e0Jy7Y57pbwv4Qwz1yCxRjSwiFQ7/fRa2Cx8xtxKcC/A + 4LGnXAKISy+uNbDWA7AYaP6RmGgMCaNiXy3F1zvxnE3bv68tXRF9vjuEChUq56N6 + 992qhoBuHP0J/mRItw+JoI4m/OFnEUGT3bNyxpEFyA7aXBE91aQdSXl4a97nC0/R + SFH/fRwPFYgxr3XdCIf3Cw5PDs25YNsXWCsDCVejWMFrwOzmDwa8sBkY270+rGv7 + 6qXvb/uGD3M2C+DySVy55Zd42wjghSezgY6taT0tqKfLOS6Vl4ELU78Q6va2o8Ml + cUdi343tOi60MZgCDUwPP8TjKZINh8u1KNhzgpwNLz1gE0dd200l3bbzdZ6uio3R + 52WQWRCk17Z9lUesCJavytcAi0mMefMxBPMOdnUi6O8TPDRA0mcohbE5rybwDXAo + B/VUbwgM0/qCpZ7VcSKN1lUuoe9+Kho0NK/gyMEvntMxGNNI8arV8UkeFollPhrt + umvdwqbVCeN8TBj5vXo6Hu+eKB7AVwjBk/rRHpZxnnVGXbm8HzM+kjib2cY1dius + VRJ/1+Q9GXuo135tQbobgcMzAmqAqZp9kDE8MBUGCSqGSIb3DQEJFDEIHgYAYgBv + AGIwIwYJKoZIhvcNAQkVMRYEFEqzrDFTAkmcTeNueeAlYZU+iGIlMIIFkAYJKoZI + hvcNAQcBoIIFgQSCBX0wggV5MIIFdQYLKoZIhvcNAQwKAQKgggUmMIIFIjAcBgoq + hkiG9w0BDAEDMA4ECCNi2K1bMEiBAgIUdgSCBQDLIXo4ExcyE8+4aiZIj/Wnh/SV + VVR0n7s4PGCbXt+VrOHd9YzTuUicAqIcHH62dv7NSy+fgqZG7SmVR1IodadFe+5u + sAzXoyyhhEe2c+ToeVbr5rs+vBvQUyh6X5XTV5QVOAkwSyKGjyfdy86x1Q8cL2D2 + BM+Rpkm1cFtjgWcB46U6S6w50sG7XOKSCMI4a6rnHPVgPPdXMrj3VSPJY8bhBqED + PVTnfSHf/wKZrIi54O3F33B5jt6Cm9+9m9Fed8n+81w59rRom72CY9Xii/ULER9T + HwjxOZOQ+dIml23KauwexuOGjii0UR8MeM/A0n7UNys+bZTulgdpWW/mDhJ+eLAT + nhJw5ro/AWa6YVXG+t5k9LjdJ1ZmqS4bJxvBwilpEGoh0MM6Yp0dr1XM4mT/E0JM + WD458Ngs05CuCpwAUXGdQmgrVsFrrV0HTyHeVLDhe43J3GI6HCWJVOeDQzzmaO3A + M+IooRDkTHnJMaxUXphKTag5+f/smNYEhzVjZeIc8GFZ36eSI4BNGHSXFACwLu2T + hkzpXMmg50JAUhBYxqE/fVevLUH4JPLgz869wk8gRlUBo6ihQGrnsx7ZO5IsYahE + Yjz0N05PVPJYMLSyMovG9i+LpzQ49gIBzPu2fdLR41u5n5O5mG1Y4aJ7OCJxMORY + hWHuctHdGdpJsgiq8+1iiUwmfyCfb0ZL3ePMU+W0zkAsyn22aK8jDBLLVZlvOZIV + qR3Gx4QFPSk6qCMQ0E58VkMUMxYvClzTwSeEMu66eND/AKTE+XXV/d9bmSmWGk7Y + 8XrDKLKfmRdrlIeondVJv5mk12YKxBPQGeUqK5XJUa2dzH9zvfEX8iYzdt4281QC + iXJ3qwmbT+8RoOLBt4KyOs2e2ZSZnjrL9OO4oUsHIOyEfjwnWoLhKbkmun8GJxoB + 2yCzTawVQf9/qIUXaSzcp23AV6Lf1k9Of79HYPW3cQJAtjf6XBVE1xVZPkfTuC3y + VLufljs2ed/ctpHg9nuId/xHFH7t4HbmU3/ZufE1GHnsRQ3kbnqA5WXerd9UzeoD + aVDjFXGrITp8env08GXYvwWGXLL150l0DuJSv1E+1yww86SNjBYUTx0r0CJjjTk2 + 7vIUhAYUEA+J71IeifqqPDKYXnrCdUEajbfEdek30WiLR+ChEvEp48Mla6UVTLm/ + mjziwbsxm5QlGccmz13e32RiyrfseB+RyllmzeJtydP2IHkWK7pww9yOlPK0QtZs + 66IGZKqeXrWBk9QFYDX42gAy/xTfglco4KO7akhp3UzTIQyTXnt+OsOScc+ArVm/ + dwClm+ZxybtOcVyadjpKWydyfAr3aTkGxX6RmHrEWr1R9BnMGPYesDs+yeVNs1Qd + Dhff/bQLwCLXdGLWwLe6kitUiyi8F3bdfPjR7R61lEUvJrBm7YLmgdxRCJ02LFLG + n09iSMNe5vmiNaKiuzfb4Dp9dqEMhmJfdsTURagfJIyqULoe08EIIozahivbzoWV + A6oPAkk2D8DnTiMegX4IZ/Zb3LPxJKAeXO3Ys1YQrNSNZ3B2ZISBapzGzhFZfRVz + POmXhN53pDhlxkw0btkKblYA9CvP+kzgwekzCy/Mlq/HbO38CV1NKzay3yg4nteh + J+v9/k7gaqKmo3ZWMGk0WGBv/GFxYhmeNd14Y65D9TlypM/zrXSyGoOqZgSA6HlA + gogzwwSaGwx9n/o6czE8MBUGCSqGSIb3DQEJFDEIHgYAYgBvAGIwIwYJKoZIhvcN + AQkVMRYEFBfFhHvQp+92kDi4s28IvJK1niuUMF8wTzALBglghkgBZQMEAgMEQEA7 + SD/WvuMDyvP1ipdXA2WUre12gbn4LB27Hc9hSCYJoGBNjjnqCgLnkrOGYn3c0JQa + BlUu13AJnVU2Ep4R+DwECJ1vqXe6ro0FAgIoAA== -----END PKCS12----- 6. Example Ed25519 Certification Authority The example Ed25519 Certification Authority has the following information: * Name: "Sample LAMPS Ed25519 Certification Authority" 6.1. Ed25519 Certification Authority Root Certificate This certificate is used to verify certificates issued by the example Ed25519 Certification Authority. -----BEGIN CERTIFICATE----- - MIIBtzCCAWmgAwIBAgITH59R65FuWGNFHoyc0N3iWesrXzAFBgMrZXAwWTE1MDMG - A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp - dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx - MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjBZMTUwMwYDVQQDEyxTYW1wbGUgTEFNUFMg - RWQyNTUxOSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTERMA8GA1UECxMITEFNUFMg - V0cxDTALBgNVBAoTBElFVEYwKjAFBgMrZXADIQCEgUZ9yI/rkX/82DihqzVIZQZ+ + MIIBtzCCAWmgAwIBAgITH59R65FuWGNFHoyc0N3iWesrXzAFBgMrZXAwWTENMAsG + A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM + QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx + MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjBZMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL + EwhMQU1QUyBXRzE1MDMGA1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlm + aWNhdGlvbiBBdXRob3JpdHkwKjAFBgMrZXADIQCEgUZ9yI/rkX/82DihqzVIZQZ+ RKE3URyp+eN2TxJDBKNCMEAwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMC - AQYwHQYDVR0OBBYEFGuilX26FJvkLQTRB6TRguQua4y1MAUGAytlcANBAAT3T+Jj - w5uooVELMI2DzCYtjU9rnxFE9NaMp5elOelf/Wxc3Wd89UJTvqN3JZmXrv4Fg0jB - SHqS/mTcQIFaHgI= + AQYwHQYDVR0OBBYEFGuilX26FJvkLQTRB6TRguQua4y1MAUGAytlcANBAFAJrlWo + QjzwT0ph7rXe023x3GaLPMXMwQI2Of+apkdG2mH9ID6PE1bu3gRRqIH5w2tyS+xF + Jw0ouxcJyAyXEQ4= -----END CERTIFICATE----- 6.2. Ed25519 Certification Authority Secret Key This secret key material is used by the example Ed25519 Certification Authority to issue new certificates. -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEIAt889xRDvxNT8ak53T7tzKuSn6CQDe8fIdjrCiSFRcp -----END PRIVATE KEY----- @@ -1013,61 +1008,61 @@ 6.3. Ed25519 Certification Authority Cross-signed Certificate If an e-mail client only trusts the RSA Certification Authority Root Certificate found in Section 3.1, they can use this intermediate CA certificate to verify any end entity certificate issued by the example Ed25519 Certification Authority. -----BEGIN CERTIFICATE----- MIICvzCCAaegAwIBAgITR49T5oAgYhF5+eBYQ3ZBZIMuujANBgkqhkiG9w0BAQsF - ADBVMTEwLwYDVQQDEyhTYW1wbGUgTEFNUFMgUlNBIENlcnRpZmljYXRpb24gQXV0 - aG9yaXR5MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAgFw0yMDEy - MTUyMTM1NDRaGA8yMDUyMDkyNzA2NTQxOFowWTE1MDMGA1UEAxMsU2FtcGxlIExB - TVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxETAPBgNVBAsTCExB - TVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCowBQYDK2VwAyEAhIFGfciP65F//Ng4oas1 + ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo + U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0yMDEy + MTUyMTM1NDRaGA8yMDUyMDkyNzA2NTQxOFowWTENMAsGA1UEChMESUVURjERMA8G + A1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBMQU1QUyBFZDI1NTE5IENl + cnRpZmljYXRpb24gQXV0aG9yaXR5MCowBQYDK2VwAyEAhIFGfciP65F//Ng4oas1 SGUGfkShN1Ecqfnjdk8SQwSjfDB6MA8GA1UdEwEB/wQFMAMBAf8wFwYDVR0gBBAw DjAMBgpghkgBZQMCATACMA4GA1UdDwEB/wQEAwIBBjAdBgNVHQ4EFgQUa6KVfboU m+QtBNEHpNGC5C5rjLUwHwYDVR0jBBgwFoAUkTCOfAcXDKfxCShlNhpnHGh29Fkw - DQYJKoZIhvcNAQELBQADggEBAHdUlo6cO0/YS6gMtuj7iNJjI5PaZ3F6muSjl+Ai - MCPHGJaeVTzhcEnSNlvjXnM77Npxk2Z20342+sveBxfd80ZbTmVTek2IzaVdhxUi - kEX4pCh28u+b+87BLQjb5Jmhph7105zqC0vxOtJS2y8zSdK2l8SwI/U6jlgEZJGv - pcH5x9eLtrgmDGGqbHDv5BaAGGkM6pIwuw5xdukxKTMt6rXLLLqAX3xenDaY0rxo - SkbeHUYO19MQ7LZmoKYe4Y/J7v4P+62cdjJi1Ob9qpGbvbQwh43GgkYZdTFY2qlY - Uj0cLXSzdaBIXllPGCscqC058bGO+gdYJ241EclbB5nm88Q= + DQYJKoZIhvcNAQELBQADggEBAGV0x0OEzgYlRKixMcztiikxxJDbmRat1pcipD15 + 1n8kiBoGhsT4fNZJVoL0OQBa/WTMntL+qcAk2itqZCNIeZeGklUljXBAz5tkDRAF + f/v99LEcsZTcuIbnJqz35danQkp4/upG4hPkfx+nbc1bsVylrITwIGOpnGhz7z3m + VCk03DFE3Qt4w9mlv9yuMse33nmsBGXog/XZvM2JRY0iKt0xksQqQD9uYm7MoMeH + qQs3Ot7EaoPj54xyWvy42run6TLUye64D94SNjB/q/wjL96bsVIKGrRn10T1ybCh + 4F5HD00hQZgP15Dlb1rg+vskN8MSk5nuD+6z1VsugioW0+k= -----END CERTIFICATE----- 7. Carlos's Sample Certificates Carlos has the following information: * Name: "Carlos Turing" * E-mail Address: "carlos@smime.example" 7.1. Carlos's Signature Verification End-Entity Certificate This certificate is used for verification of signatures made by Carlos. -----BEGIN CERTIFICATE----- - MIICBzCCAbmgAwIBAgITP14fVCTRtAFDeA9zwYoXhR52ljAFBgMrZXAwWTE1MDMG - A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp - dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx - MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MRYwFAYDVQQDEw1DYXJsb3MgVHVyaW5n - MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAqMAUGAytlcAMhAMLO + MIICBzCCAbmgAwIBAgITP14fVCTRtAFDeA9zwYoXhR52ljAFBgMrZXAwWTENMAsG + A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM + QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx + MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL + EwhMQU1QUyBXRzEWMBQGA1UEAxMNQ2FybG9zIFR1cmluZzAqMAUGAytlcAMhAMLO gDIs3mHITYRNYO+RnOedrq5/HuQHXSPyAKaS98ito4GwMIGtMAwGA1UdEwEB/wQC MAAwFwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB8GA1UdEQQYMBaBFGNhcmxvc0Bz bWltZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIG wDAdBgNVHQ4EFgQUZIXjO5wdWs3mC7oafwi+xJzMhD8wHwYDVR0jBBgwFoAUa6KV - fboUm+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EASWxvdJhtfO7zjO9wypAto3Fga8ik - 9EsAvl8MCUCBw91Rmrj01P8jiAmCwxsb9VR4PPcq6GIjXCnjB5UrV/4XBw== + fboUm+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EAwVGQWbdy6FQIpTFsaWvG2/US2fnS + 6B+BzgCrkGQKWX1WgkTj4MEOqL+0cFXLr7ZQ2DQUo2iXyTAu58BR6btcCQ== -----END CERTIFICATE----- 7.2. Carlos's Signing Private Key Material This private key material is used by Carlos to create signatures. -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEILvvxL741LfX+Ep3Iyye3Cjr4JmONIVYhZPM4M9N1IHY -----END PRIVATE KEY----- @@ -1075,134 +1070,139 @@ lamps-sample-certs-keygen.carlos.sign.25519.seed". 7.3. Carlos's Encryption End-Entity Certificate This certificate is used to encrypt messages to Carlos. It contains an SMIMECapabilities extension to indicate that Carlos's MUA expects ECDH with HKDF using SHA-256; uses AES-128 key wrap, as indicated in [RFC8418]. -----BEGIN CERTIFICATE----- - MIICNDCCAeagAwIBAgITfz0Bv+b1OMAT79aCh3arViNvhDAFBgMrZXAwWTE1MDMG - A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp - dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx - MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MRYwFAYDVQQDEw1DYXJsb3MgVHVyaW5n - MREwDwYDVQQLEwhMQU1QUyBXRzENMAsGA1UEChMESUVURjAqMAUGAytlbgMhAC5o + MIICNDCCAeagAwIBAgITfz0Bv+b1OMAT79aCh3arViNvhDAFBgMrZXAwWTENMAsG + A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM + QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx + MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL + EwhMQU1QUyBXRzEWMBQGA1UEAxMNQ2FybG9zIFR1cmluZzAqMAUGAytlbgMhAC5o MczTIMiddTUYTc/WymEqXw8hZm1QbIz2xX2gFDx0o4HdMIHaMCsGCSqGSIb3DQEJ DwQeMBwwGgYLKoZIhvcNAQkQAxMwCwYJYIZIAWUDBAEFMAwGA1UdEwEB/wQCMAAw FwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB8GA1UdEQQYMBaBFGNhcmxvc0BzbWlt ZS5leGFtcGxlMBMGA1UdJQQMMAoGCCsGAQUFBwMEMA4GA1UdDwEB/wQEAwIDCDAd BgNVHQ4EFgQUgSmg+iOgSyCMDXgA3u3aFss0JbkwHwYDVR0jBBgwFoAUa6KVfboU - m+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EA3jEXyWtu/jK7ZZrnc89k3gzfai2As+ZV - NRfRCcYIQbvSRShV3x4WXtZd07hLSOtWL7sg6oBdTMUEFgDAJRRGBg== + m+QtBNEHpNGC5C5rjLUwBQYDK2VwA0EAzss75UzFuADPfd4hQdo5jyAQ3GvkyyvI + BdBGnWtJ1eT1WuMaIMhi1rH4vPGPd9scwW+sqd9fG+pv3MShl+zKAQ== -----END CERTIFICATE----- 7.4. Carlos's Decryption Private Key Material This private key material is used by Carlos to decrypt messages. -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VuBCIEIIH5782H/otrhLy9Dtvzt79ffsvpcVXgdUczTdUvSQsK -----END PRIVATE KEY----- This secret key is the [SHA256] digest of the ASCII string "draft- lamps-sample-certs-keygen.carlos.encrypt.25519.seed". 7.5. PKCS12 Object for Carlos This PKCS12 ([RFC7292]) object contains the same information as presented in Section 7.1, Section 7.2, Section 7.3, Section 7.4, and - Section 6.1. + Section 6.3. It is locked with the simple five-letter password "carlos". -----BEGIN PKCS12----- - MIIJ9gIBAzCCCY4GCSqGSIb3DQEHAaCCCX8Eggl7MIIJdzCCAvcGCSqGSIb3DQEH + MIIK/gIBAzCCCpYGCSqGSIb3DQEHAaCCCocEggqDMIIKfzCCAvcGCSqGSIb3DQEH BqCCAugwggLkAgEAMIIC3QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIwS3R pT1mkyMCAhS7gIICsGKkBm0nci9VHfqxOTWy/lkKyQeF5bwsF/9gZrqUym1KtHZF a4rSJIPUctmzqVnhGmfW9m+LEi7Em9rRmUIQbDZt4kQDG5eDk7AdhyDnB3uZDG1W - 4cAeUVUiojGLgHFGe2/iIhW+JQTCbGDsAXqowalvoZZ5mJx98Rzb77JXyiKgY/a6 - uiolRqr27yj0e9CGkA385Hp9n4gcqyGuZ5OYUa0zKRtZB+Zdqcu/365uTP3MUgud - 3kK/ESRMRjdRGERlaD84fuhKvI9Elf6yoUkpwW7yHuDTVsLPWeuoPcpOIe/oT7cm - HIoQNb2dTY0+HmSCNe3vbHiELsOzUSUat6JhE/uTHiJUVtL01NMcACdvXKqT1eXG - DdD+Em9N0Di93m2qmXrP1N/AoKGTheB28XwsRicnoBvn4TKULQHaMx/UreYrX3AK - yJJ4/8ENKQ+UipGt5xBKs/aLnWI9L75Cy3JP5v5myc4T1mvqjlVlay42o5nQYycF - tOVjtI/TaBDi5lMBS+r4RPqAp2LfApjrBy6Z0hNLahEO7jsCfyDuxu/UBmncjueG - T9OTzN0HwxhwpqfVWVbZzqo2k/7Tu1HVR4LoGQR/+Z6+v3DnLugRVahleObk7ZjX - HPaO/EunXeokrJouz94jKgo1nTpRKfQ40AnXtKpbrY/457hI+fiODYh6JVdkUgXP - 4f5vuwqiPPY0b/MCr9b+TPNLM1kVpkE1nFsrItNtD9XvktnKBHmSzRXxqeNowQKW - nKyUnvV5iUjxdbiE4xX8/fl4TLSL4+Z4SlJZn376LWpAN82PtgfI6uYJkacvBkxz - Eulxbw96hRbEraIwRkwijOfUV7UjoCPjMYA8Zh1x5JTiE4UWWLs8aq9tM0Z16sVz - C1GhT9snSmeWuTtIqOSqJ+lnAbEZzfj4DSRcdUYwggKvBgkqhkiG9w0BBwagggKg + 4cAeUVXJMzGfnwtzy5TzBZzEo5nnVX74Al+PDW9wdpbv2TIriL0m29fBT+7HVS9F + Z/95XokSwbb6mmCYeGiPpNEaoeUeuU4zrh/k+JJqDuqNsU66I30wH0CFmk3aarBV + 3LkEeCjKFkngzMOZqiKZu8D2hEUjsGQ9ALsRn7P+hIWNFIgjvqgcCMTF8fLK1C/8 + vYGD+HOpnn23nLele4b/qpFYx5kJ0bOK1Zo1SpgUQ7Bu6gectUceyOgi7CjRScuV + ew7918ZY0ugyYoIWAT0kecPM0TFtxAn19JPXo4jBYAlwUtx7GYAlDkgZCb/0dbkv + 4L+PAeJK4kVDREDQ6ch/6/hlqU8xHeNzdagEWYL6FxWDiHebASxIvZzqkLd7RV9m + dL1FXst9R9G74jOs0WMMFmd9toyOhD0q6Gl9catOrolCVS/CKaC0CucsJfiKrlJ/ + duQkt/JwcELveuOg60u2uaGKUqHmFhd3+6omk+wNBoY+0D5MmBZ/xnrVELGmzp94 + q0f/HfZPT6sxkYBGuP2eUA/qr/zimNG3TuGVch/MdnduuVhvAYLyh1gbA8yRm+I/ + zGCVuAqhsHITTx7Fqc3tyVp/mLYUO0QuwmgAw6NhzwKZf5N+tR0DZGcgw8rZpeJA + yTxVFcjzXvoShxog7RroR9Nc4FwJhWI4BO241OHFEiQZeRk8vzI8WIFXnn6t42/q + j1mV7Ba42zxPEGoY3mObKwjR6rDp6KwmmfkghpwMPU3qP2/ASV8WT1+9GIYHc5Am + 9CmSOTiQMluW70Ra2k5ZMlwnbKNyMRbjUB/yHwwwggKvBgkqhkiG9w0BBwagggKg MIICnAIBADCCApUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECOMzXMste/8a AgIUlICCAmgXa+q2JhTLvWsj5SKLdMninTk5uB6HhOsDKYR9GDg/cABqUFxycROG JeJuewIRkJhsfdXJi+TSRtnQOqpyVM9oRUdxcbGuCI98fEbLmVyr7KF8GudTgC+b - y+76DSmhfyPgFn02rHwnMb88Zu1SpvrEAY/sifQy957dbRA8oAUvfGhR5sVL7Mrz - 6GtTtYgPNkKvjnNS3Tv1tOxHLwWWsxzW5/6AKY9hc4XuPJSY0jdEUW2PSIggoZQW - jwlfb97H4Vvn/p8S/qKTUcsGXzFEn1WGXX+yp6acRABooK9Kg+qtNmPJl/nXgVib - GuCffGVC4IGxxqJaCaGHIUEfBmNRSW/p6JbIASKUshw7iFeZVAfRcwN8mbMsJShk - qgNy/KQGBSnbrzTZhoNPrUlMArU/Egccf6LpuMZP8PdeSueG3tM/xOt8D4tZmEyK - pmcuQqXenFZIXdbleUB96OKXqrn4Nf77rMd5VL/R263jDCh9hw5IZIWzyN3HsxrR - Qa0PjHFbQudoOEcfYwEmU9t5Av4o1flRLLV4m75ZZjKEtBZ0P4P8+7sYiaBf+9lk - SL38WglKJ7EfGm7T0+L1fciDEyYH/L7B9OcIGlUsSBBYeOjsmY8gnw9sgt3UcK3g - ZX+xiXIHV18yBY10EDaWy/ipv2lmYdw2EoPVwrS3jZ0gGLu8hNDkn1W6l2mJvZMa - cKN/cuOL3m/EDpdXEDe9NEmufm5C3QwATW8NjoV4vUkZ9V+jQOCghq4rwot4+dHY - 1GAAUfhchjfJgwR1ISzy8ZpO6KTGDuer5Vu1acpB3Mq/GZPqM8SucAl8P1fK6pwL - MIICNwYJKoZIhvcNAQcGoIICKDCCAiQCAQAwggIdBgkqhkiG9w0BBwEwHAYKKoZI - hvcNAQwBAzAOBAho9g0tQyYTvwICFIGAggHwqGucSvjuG1dKf42hcgjkAUEv5NW5 - pX3C+Qfe6Nb4gxPw8yIu8vCdymupa3bBI7Qxd/ickCQAo7E2JGr5qjc6ftx6Us/H - 5ySspVi9cz5qOVRTVwSQn+jttPCmtBq17PPyBlqT4U0dNeSDT87+ea3W/u/QQdwa - Q3jdV9U5Li7Ni5F4ZDFIkmtUPEfrr0p4cgSAUDv6ZZBjpesM5WOIrEcNNHtkWjS4 - jVvNMS64s1/rg1CA3FKjyQ/R8mNi7+FlPV2CKT1FD1iXgU6MLM1SS7JFR05maI/t - HQtxFBFZkbYcKCGokz47e53MYvbtYR8nobZLJ5EJh9jHPZUjrNIl7hXxh7iOsZ36 - N+3hn/2OM2uuB0fviJFwOoHu+c7HCaBUzSekpVGnEfxTEUXq9FT9utqhzuixEE+L - KQ3+19d5TXgYKpWsS3B54+uZee11QZ3ejDh1NvdkWj0EuQ7C1hf2zEi7q35OdllW - tCNzIuf1Ls5mO+ezjXBtkAYByaykiUjubfFPNKowGhKOiZpq9IG2mWaXCJe1BWha - iFpTET+HehLSK9OYvHj39jvx/Cpmtq3j1OFsy7l3n7n7OhmFaNrPmra/vgKFRUbV - brijCLOemLbbg7JfKQpe4VXBpT9OAj6t38LCtV2IAoxKr9Ctxueq/AdINDCBxAYJ - KoZIhvcNAQcBoIG2BIGzMIGwMIGtBgsqhkiG9w0BDAoBAqBaMFgwHAYKKoZIhvcN - AQwBAzAOBAgNhfODEdzSrQICFF0EOCEqFie1peicS9OSXNQjLwbN3kO8lYM2HqeS - ZoEKJ4JSFlV1kWW3xwfu5aZKrGEYBfGMd8renRijMUIwGwYJKoZIhvcNAQkUMQ4e - DABjAGEAcgBsAG8AczAjBgkqhkiG9w0BCRUxFgQUgSmg+iOgSyCMDXgA3u3aFss0 - JbkwgcQGCSqGSIb3DQEHAaCBtgSBszCBsDCBrQYLKoZIhvcNAQwKAQKgWjBYMBwG - CiqGSIb3DQEMAQMwDgQINFcqIEMfd9UCAhS1BDgZruEsSaBY+Cm9WKR8HhH3JXh+ - AoMSrwkDCKytWt+MNIXB0jY2QZHDbN3uFn7qHw06MDthnKniazFCMBsGCSqGSIb3 - DQEJFDEOHgwAYwBhAHIAbABvAHMwIwYJKoZIhvcNAQkVMRYEFGSF4zucHVrN5gu6 - Gn8IvsSczIQ/MF8wTzALBglghkgBZQMEAgMEQEy0qwQQs3QR/VwU7MgIK6ZCWGF9 - 0SgeIWjctI024YVnsTg1i8dbFW8rPanAovq3K+gwPqtRoYsjE6KPCycGzX0ECJDj - aZkfy4FnAgIoAA== + eaLjn6HYkWpv7lWdvsFG8BEy6Jqi3/tP9PgNvpCYgVVM7yx6SX8QArcLSQkxbTsv + Ae0iN18H89W9xOHEz4Z2qHYyb7f0pPHrmpTGC6qmtvo1gNRsKTF0wYeQ5Sy/9U3f + oM6bIcrOvHDksaco4+5n0zeySDETY8W4mO1K0uC/t0oTOScYGBeRhVr0DQapZGT/ + Ej5LpgjXOuosAoT3IKnMwK3C0OZ8oBzcvgSpeAa/V/OTKDpZb22yq6sEaHAPoUqb + cKRJmB6HC5mdLs3n0uP1vlZuYsHu7Evt0Uhns9pbklJDiCgM+4SFgKTRbd6Xt8bf + GHkWnmpv4pQL7jjzA3epP2DHyC8MJaDvleWY7Z3t/IEtkzVxflLo8kT21edz12cm + uFVK9ilMW3eJuyiRyFXFPgVsuNi/HFnijXFgxzAncP7fFP5MCsOo6daiEjJjemKf + J3D+HdD60gFih/eX9V+tGl4y7/jtxCRA/54mit4sCy3LC0++lEp9AtFwGYrDw825 + uGj27a7mE26qgGdGXdzT9UJ8FfUsIoRPrG38Q4mhS10pTarNucWOGjkftZiKJLay + rfMRf3HYxOI/7iupfxYLK/4/FODijaHzAfSdQf2Bo7csPaz2HQkK/0nyO+tt68S9 + pUCjEfV6Liy22tang/jXxPFbBDK/P68MnmgR8C3PcYhPJCo/K0JR2/8F8pVVEqd5 + MIIDPwYJKoZIhvcNAQcGoIIDMDCCAywCAQAwggMlBgkqhkiG9w0BBwEwHAYKKoZI + hvcNAQwBAzAOBAho9g0tQyYTvwICFIGAggL43SpNCoshZX3ikmK1mOIJpS2Ah8Xv + 94S/5NA8kwHtaNXpLrjYr3CyRL93USm55uvGAtECR/EblON9zeo2p0gK2JPSbDr6 + /1oovo7UoZNRoRBZ8pUegVWJswNWjqvzVu5JIRmpD05XjVDKHbFqiXAqtj9/w3q0 + Qq/p/M9UrLWD93hyLNdIppWr2KR2it9mASTKEHX9dqXcTOG0Kp2GmrfGNteGL02j + qVKZaZyYI8gkSxhVLS9zzgf1OynAkzYQsoo+GKhdAW1fJECemAyPc3L+eeARw/SY + q1d5QVwxKfYpIJ2wiiavdeRVNbWiwV7Ti+P9PtPx/hV22NNLwMhvnJcHaSS1PaOi + SjoxFJ1EJWGEs0QwcdwM8iN3oVuqT5HU/edMgx9TLNTiE1g2GEq59I/RwBtCL8Dh + OzKnUb4PU1Z81+HimV3KPI8g3cduhYaBR4HfqAhMnc+w5HXI6J3C1NtAE/izZ1Y2 + Od7l+GTJfjPgzIy0hjqfbMt8uU9D9aPr2XjNOWoKRSojae16v8bLx+dFn6RMxFUS + g3nLEZ6EDpyrJfpGPm6mPgZKSXtvnHuFcbS+utkRuVAtqu07r2XpkGBIJLNVIRHU + 5gLACbTj9TPcAce6RLoaYSDgOuFK0YZMdwzhsAI0YMpyHsUEZpQ5tjWSBY6ENbvF + 7+QhmDnf6N3Bj+vxUtGS40pVsYCGbmOD7UM5QpUxIgVkpPrfRokOZs/fi9sW+Xy6 + eQ2Brbn3t9C2TAsORYzFbuBwuTCqFW/rXHS6iffJpx2eAg3DCqaUAJjptSV/yzj4 + vxiXlDB3fMRcpNd5Je7DoHS4axuj7SLHdpNoUHs+qQsG6yDM5BEuXWGxo/L9sGhe + XQrUnkZ4m4g01sfgTOfDNurXx/oP0ym+B50q6nLUWv0tYZpmCVil358dIEGPPSMY + AMXh05tIPFdYSJ3WLs0cxy5X4sXZl5w16Pzeb9SF5topqRUb5PDTfVr2bQUMwTbp + 99FcOQf6cg8HXyT+8b4qKp9WyjCBxAYJKoZIhvcNAQcBoIG2BIGzMIGwMIGtBgsq + hkiG9w0BDAoBAqBaMFgwHAYKKoZIhvcNAQwBAzAOBAgNhfODEdzSrQICFF0EOCEq + Fie1peicS9OSXNQjLwbN3kO8lYM2HqeSZoEKJ4JSFlV1kWW3xwfu5aZKrGEYBfGM + d8renRijMUIwGwYJKoZIhvcNAQkUMQ4eDABjAGEAcgBsAG8AczAjBgkqhkiG9w0B + CRUxFgQUgSmg+iOgSyCMDXgA3u3aFss0JbkwgcQGCSqGSIb3DQEHAaCBtgSBszCB + sDCBrQYLKoZIhvcNAQwKAQKgWjBYMBwGCiqGSIb3DQEMAQMwDgQINFcqIEMfd9UC + AhS1BDgZruEsSaBY+Cm9WKR8HhH3JXh+AoMSrwkDCKytWt+MNIXB0jY2QZHDbN3u + Fn7qHw06MDthnKniazFCMBsGCSqGSIb3DQEJFDEOHgwAYwBhAHIAbABvAHMwIwYJ + KoZIhvcNAQkVMRYEFGSF4zucHVrN5gu6Gn8IvsSczIQ/MF8wTzALBglghkgBZQME + AgMEQBHyJX3OKcho7aA/NqwHVbHwPGEYx1yP5T+GbVI3dnmpHWBqcN68OFozv+H9 + j3+ocgkzQE1+n7B9euUKdG8Xw/YECJDjaZkfy4FnAgIoAA== -----END PKCS12----- 8. Dana's Sample Certificates Dana has the following information: * Name: "Dana Hopper" * E-mail Address: "dna@smime.example" 8.1. Dana's Signature Verification End-Entity Certificate This certificate is used for verification of signatures made by Dana. -----BEGIN CERTIFICATE----- - MIICAzCCAbWgAwIBAgITaWZI+hVtn8pQZviAmPmBXzWfnjAFBgMrZXAwWTE1MDMG - A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp - dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx - MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MRQwEgYDVQQDEwtEYW5hIEhvcHBlcjER - MA8GA1UECxMITEFNUFMgV0cxDTALBgNVBAoTBElFVEYwKjAFBgMrZXADIQCy2h3h + MIICAzCCAbWgAwIBAgITaWZI+hVtn8pQZviAmPmBXzWfnjAFBgMrZXAwWTENMAsG + A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM + QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx + MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL + EwhMQU1QUyBXRzEUMBIGA1UEAxMLRGFuYSBIb3BwZXIwKjAFBgMrZXADIQCy2h3h hkaKDY67PuCuNLnnrQiHdSWYpPlgFsOif85vrqOBrjCBqzAMBgNVHRMBAf8EAjAA MBcGA1UdIAQQMA4wDAYKYIZIAWUDAgEwATAdBgNVHREEFjAUgRJkYW5hQHNtaW1l LmV4YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgbAMB0G A1UdDgQWBBRIA4bBabh4ba7e88wGsDOsVzLdljAfBgNVHSMEGDAWgBRropV9uhSb - 5C0E0Qek0YLkLmuMtTAFBgMrZXADQQAqTjekfJCBctK5gm1kAnOvxPCe/xGTU9bm - E42ScgS/GIPMyPgdeIn67Y9WkY715VgkZdw/PPlnSakKL+zj3zAO + 5C0E0Qek0YLkLmuMtTAFBgMrZXADQQDpORBZitzXGYUjxnoKVLIcWL5xner97it5 + VKxEf8E7AeAp96POPEu//2jXnh4qAT40ymW0wrqxU1NT8WW/dSgC -----END CERTIFICATE----- 8.2. Dana's Signing Private Key Material This private key material is used by Dana to create signatures. -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VwBCIEINZ8GPfmQh2AMp+uNIsZMbzvyTOltwvEt13usjnUaW4N -----END PRIVATE KEY----- @@ -1210,107 +1210,113 @@ lamps-sample-certs-keygen.dana.sign.25519.seed". 8.3. Dana's Encryption End-Entity Certificate This certificate is used to encrypt messages to Dana. It contains an SMIMECapabilities extension to indicate that Dana's MUA expects ECDH with HKDF using SHA-256; uses AES-128 key wrap, as indicated in [RFC8418]. -----BEGIN CERTIFICATE----- - MIICMDCCAeKgAwIBAgITDksKNqnvupyaO2gkjlIdwN7zpzAFBgMrZXAwWTE1MDMG - A1UEAxMsU2FtcGxlIExBTVBTIEVkMjU1MTkgQ2VydGlmaWNhdGlvbiBBdXRob3Jp - dHkxETAPBgNVBAsTCExBTVBTIFdHMQ0wCwYDVQQKEwRJRVRGMCAXDTIwMTIxNTIx - MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MRQwEgYDVQQDEwtEYW5hIEhvcHBlcjER - MA8GA1UECxMITEFNUFMgV0cxDTALBgNVBAoTBElFVEYwKjAFBgMrZW4DIQDgMaI2 + MIICMDCCAeKgAwIBAgITDksKNqnvupyaO2gkjlIdwN7zpzAFBgMrZXAwWTENMAsG + A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM + QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx + MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL + EwhMQU1QUyBXRzEUMBIGA1UEAxMLRGFuYSBIb3BwZXIwKjAFBgMrZW4DIQDgMaI2 AWkU9LG8CvaRHgDSEY9d72Y8ENZeMwibPugkVKOB2zCB2DArBgkqhkiG9w0BCQ8E HjAcMBoGCyqGSIb3DQEJEAMTMAsGCWCGSAFlAwQBBTAMBgNVHRMBAf8EAjAAMBcG A1UdIAQQMA4wDAYKYIZIAWUDAgEwATAdBgNVHREEFjAUgRJkYW5hQHNtaW1lLmV4 YW1wbGUwEwYDVR0lBAwwCgYIKwYBBQUHAwQwDgYDVR0PAQH/BAQDAgMIMB0GA1Ud DgQWBBSd303UBe+a7GCGvCdtBOnOWtyPpDAfBgNVHSMEGDAWgBRropV9uhSb5C0E - 0Qek0YLkLmuMtTAFBgMrZXADQQC9eaCofJkXN6GbED+J2ZLcQvah8kBwLIcDzxpP - ZYQkN5IIWwXW7D9PEMTGdWlhe9h8IvluIuzIqTpyXKaWiY4K + 0Qek0YLkLmuMtTAFBgMrZXADQQD6f7DCCxXzpnY3BwmrIuf/SNQSf//Otri7USkd + 9GF+VthGS+9KJ4HTBCh0ZGuHIU9EgnfgdSL1UR3WUkL7tv8A -----END CERTIFICATE----- 8.4. Dana's Decryption Private Key Material This private key material is used by Dana to decrypt messages. -----BEGIN PRIVATE KEY----- MC4CAQAwBQYDK2VuBCIEIGxZt8L7lY48OEq4gs/smQ4weDhRNMlYHG21StivPfz3 -----END PRIVATE KEY----- This seed is the [SHA256] digest of the ASCII string "draft-lamps- sample-certs-keygen.dana.encrypt.25519.seed". 8.5. PKCS12 Object for Dana This PKCS12 ([RFC7292]) object contains the same information as presented in Section 8.1, Section 8.2, Section 8.3, Section 8.4, and - Section 6.1. + Section 6.3. It is locked with the simple four-letter password "dana". -----BEGIN PKCS12----- - MIIJ3gIBAzCCCXYGCSqGSIb3DQEHAaCCCWcEggljMIIJXzCCAu8GCSqGSIb3DQEH + MIIK5gIBAzCCCn4GCSqGSIb3DQEHAaCCCm8EggprMIIKZzCCAu8GCSqGSIb3DQEH BqCCAuAwggLcAgEAMIIC1QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIZNqH TA2APx0CAhQXgIICqK+HFHF6dF5qwlWM6MRCXw11VKrcYBff65iLABPyGvWENnVM TTPpDLqbGm6Yd2eLntPZvJoVe5Sf2+DW4q3BZ9aKuEdneBBk8mDJ6/Lq1+wFxY5k - WaBHTA68eH9ovHvrGaK8MkxBSoK7x05uD95di3m5y9XQFU1YsBB6miqD3mUsaPVE - FeSrFr9aaylqcG9vP9uohbSe19szDmY41/cuKx7C1Qq6hd06TK8rw8aRg0pfrYCu - WuXHQ9pTNf0gNWaLI0vJgo5DrkZzSX+2imCTTjgjbarBCKbRHesA1oXNpFHT8wl6 - npErKI6tknS9TYimz/Laidjs431+HWlBll4pDxfSb+gasoGgH8kANnxrlNpm36i7 - EmfFcRfloucJFovOjLijAPb8zUfmT0XSLYKQLIHgwShY2A+b+tmZgx/JU/6/eIxw - z76wCYQ3n1HTFu+DpmIDF7hlkJAc7OFEoo3hhXSe41vJtTz2dw1Dq5kiR7i6MAXe - GiI5ZpUpuTf5ICO9ZHmbQPOnf/fTN17KhvoJnc0dCGj3L9KPzeeKo/xOBY6DUVkx - nc/KdEDuajISt1MSZWO/j2lEhlYalOU6x9xvPOG61hue1lesEcAnnMFYArcn6gH+ - MDp6zrXbhemPTwITwiwgUWWYAQEuXIEvoYv1qC0izF8yqfB7EEaO1GRwNdUl3HS6 - FjR2/hGXaZnqFyEkDPv8U0MYY0tXknuA/XNpqW0NaXwUf4DEZzG3Negjqa9irXSr - bze5aTl7CshrxTy77ff4XgsZzbHbJANY+1Z82k9L9d2kYd7PJtn4F/q6YUvHNTB8 - JoHvlLU+gP+QYYCHl3v/lsNYtkFe7CzCjJchr9X8Ru+2A6wdDDCskQmUHLXEWOtD - pjLHGfOI9lqKGUcZbQd8pTsMuiL6MIICpwYJKoZIhvcNAQcGoIICmDCCApQCAQAw + WaBHTA6LNml/NkM3za/fr4abKFQnu6DZgZDGbZh2BsgCMmO9TeHgZyepsh3WP4ZO + aYDvSD0LiEzerDPlOBgjYahcNLjv/Dn/dFxtOO3or010TTUoQCqeHJOoq3hJtSI+ + 8n0iXk6gtf1/ROj6JRt/3Aqz/mLMIhuxIg/5K1wxY9AwFT4oyflapNJozGg9qwGi + PWVtEy3QDNvAs3bDfiNQqAfJOEHv2z3Ran7sYuz3vE0FnPfA81oWbazlydjB0P/B + OQ+s6VLbsAosnZq9jv2ZVrCDaDAl/g7oD7fY8qmaC6O2q5/Z3KusfMt+r9En2v81 + H2vjgrpxnDIXjYuLZdrnNE/slRtqadOGR/WQ358RG+yUmRUbHYHGnkjn9fOGLasI + ZUV0aowivcWyF/kR7QV3VVexgqJMX6k1vzSXRoJ/tnA+1/WPWy1mCJeljGOgYqSV + txtVB61Qmc2XP48F7wyaQZvdAU9zfe11/tHAaKKJWBpE1lIuAEkGtIP6ozYJBFjH + I11tBA8fijTnug+S4OvSgjtsRV/+kSEiW4F+pwE8RuTYfUu7q+Ew0LYdLgkH5OyE + sn0b62UFpR/E1D9exWzohrFbIdUCbjtssXucruAqPNhW/abT0zicWu5nvf+Pniow + 2VxvhwoGt5jZ+lkaR5Z+1/GpbMgq47EUyGCgKv+5GAcJxUxINZqLbACJ/MhLfYPB + eJrXz8f5Cigm1wZLisYCqnuc8cGCXjNqNkUlqtzodM8xv4gcgT/zILxmJTZP2q4n + YA4yBQx5/n2G2dZC+pf3kAfbXcp0MIICpwYJKoZIhvcNAQcGoIICmDCCApQCAQAw ggKNBgkqhkiG9w0BBwEwHAYKKoZIhvcNAQwBAzAOBAjxuoiaSZDbnwICFH+AggJg k2hcNYtO0+15uLqXdiNhr5Q0JkYcrHdo0wR6G5AgLmwI+TYi+P8EZUjDIJ4TJ3b4 - 6xv7+3pT8cbEFf6PXcfS8/sCfM7FaV3SpLACLZbBJV52OKE0CAgALX++E7UyqHju - Ty6WnTIE3k+m9dH0dBMAhV/xGcXT91WBVDr9XkAa6dqhrbHS2VMUMfSdl6nJLwGc - y5zVBZzzkV3LhejJRCqY3l+5quwabzumcDwtsVMz8/3j4TwGZzkvRP1+EbYLuAKp - 94rfXAgzGt6f1WwRx7OsGKzcQpSjISw6x51tOaWZK/QnrhdOMt415a9t79HrJ3h7 - 8hqC+HfMTnCNtHEkEntGrlVqKF+isCoHBP/s1k+ZZ6WuASfgJcJMvFgyQ2LMyBVs - AEelovX94Pz1c9PNzgNPSth0CQA1CJJcbLjueZNU4fNmgYuv/OOvTYZZklDQjjAk - wZXlkNM70wsR0QFHZm5CpOQKEPxJUoIuSN77Q5wxP+VJYMYKfPhUYIQd3TQsqGXl - wXbGLvtrz/anmPJFEy0qIPPjwsR9vtN/xYU09t6QHX2bTGN/eWmoqaUrXHCzlW8j - lobS4CgeofaObNYse8dzsfd1BxjhDQ+cvewdDtVBmmm4Z9GG9Mn/Cxm5GI+twH/R - W/tTMCny9EiQV0e+PtAj2rpnsuQbOZka06jEykg6/Ydv9kTjFT8SBSQxtAse2nbY - shdZE/BhkCHyd+Mlj6AFiChsB0htP2dZLFLB8EkKCdB2DdEG/EcJcA5jVx54LG6w - ZVGRr452XJTcn3zTUXFj63D13pHBTuwBvJvO5pVRFh8wggI3BgkqhkiG9w0BBwag - ggIoMIICJAIBADCCAh0GCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECOfJ/s3Y - f5bgAgIUnYCCAfDRW6wHeNExBEJGRcj9eGUoBcXpSJCKCckJSh2ZLMepS0YBgtPk - VDmQheb/A+1CgATSdG2qkNr3f4ACTZYJtyjBlOn6Z2oV/In0nyFXyPTKW+SeTM6N - 1jfcKq2GIgL1687t+PNbYgH/+9QgDvcKiHEFqaQjpzYpyk2CuRdVEbq4r7c/K9h/ - 2NO44aUq/Covon04rk/RG+HnJauQVC+iwuWcVpcoePF1XyP2onx6y8D7dxflKRhP - u6HmD9f68ZwacQzaIodR9q8BJ5bOnabHfYZZuA4KIp7C2zUqEwCMbFkQRJmNfm1D - G/huDK9Bdox436RGm3kP/XuJ8qNCYNS+8GblnX4gV3bO2MpBr+M+Q7Jk5v1xE2Su - /9YHKaI6ok5cI3obozU6PuQzPSN7Yfi/MGC342ZXV5zjnCzGCK/VKRsvdk0f18w5 - oKgibwGPMUXwvY/nVuWMNwkqQUXPsXSU80eTzkvx/oInldp5sHf0lxzaG+quxFwr - GZ8v8i61YJis33pievIe9wwptrscGxQ7CahFtgIEUxzTc1usZOEGF/eQp9hciIZD - MXUCs38nEe7N01QcKRgmuqIYHNt+6OUcljXuoJdLGcMEdXTqi2yVW7peopBTRvPz - z0tJpPZlxtAmw/Hl2zTBiZ0h6zsuRcRcx6ieMIHABgkqhkiG9w0BBwGggbIEga8w - gawwgakGCyqGSIb3DQEMCgECoFowWDAcBgoqhkiG9w0BDAEDMA4ECL2Bz1vW+YZk - AgIUugQ4YOyEjke53NDvCFR0ciUHZ7ref9/wPx5TgV3qzGhfR4bP2rdpiOt9hAHV - K5cmUAR7+wjAJiYdLUQxPjAXBgkqhkiG9w0BCRQxCh4IAGQAYQBuAGEwIwYJKoZI - hvcNAQkVMRYEFJ3fTdQF75rsYIa8J20E6c5a3I+kMIHABgkqhkiG9w0BBwGggbIE - ga8wgawwgakGCyqGSIb3DQEMCgECoFowWDAcBgoqhkiG9w0BDAEDMA4ECFw78Uk8 - K64uAgIU+gQ4id0jRb3JyEM5fdpaeQR+YEeMn+Y5KavplVD5HtgQQY9hhppbQqG4 - af7KY+MT6xus6oNEQeJAE5wxPjAXBgkqhkiG9w0BCRQxCh4IAGQAYQBuAGEwIwYJ - KoZIhvcNAQkVMRYEFEgDhsFpuHhtrt7zzAawM6xXMt2WMF8wTzALBglghkgBZQME - AgMEQNHejohTj3Ewlp/2L19mtFcwBM/tTp7REjcOo+n9jtpzeFVve9dkr76JVAHh - naFM+2tfOF7j5tW5Pn13nEEr0skECC5Dkkzl2MltAgIoAA== + 6xv7+3pT8cbEFf6PXcfS8/sCfM7FaV3SpLACLZbBJV52OKE0CAgALZOLuIz5mGVU + tWI2h1x587KeIv5GRPIxumDebT3Gmkkp9Qoi55hjTgn68olSgDaJF8o5wnfODhkS + o110a3x9OwkJSN1AXfmBfj33KnT8Dc4bTfAZy1S5o1zCtaEqnct2Urb4PeO3LfHB + ErBsvY8HE4D7qh6P5ftXHQHAx/b3hbU8jQP1tR0N9Oh0SiLi//ebCeGXWQRdVjL5 + +VQrhlQF5d4Kz9Zx79oC36g7C2BxCQomur/F9TT12NPzPpaEGGo6ljB6myAHnYw9 + rCxbSxBvbtEtlgJnxxb1Y5Q4ukgyjzK6431Bwq2+iNL0vGc9o2c5ELUPU9zGeLBZ + tXWvdX27aOHjusPfDZl70C5zHiYs1FU6Tkn9Aotc424Q3d2IRTTcYnnjs1VSi1Sr + 4bRyB8zBAQmdQrniBW++7eJm3m/EOU0Yy0noUT169m8KNJrmSspMvKS6pyiYHR4I + BvAIkRIjvdtQvJdQJ+Uyr+HH5daE6golW1917b2bXj/41mvXYkJY6W8x0km1RYhH + QJZphWlvNcrHKo46Unk48Qc/5J5tI+6UDTXFr//V34vcpQ2ktp0MAKl1rBH549ef + CsGQTGoq8XHPhksehEEMRmOJDeKTVkKx8xNhbwb395yFCIxfF2NHeDLXP+JyW+nH + Iy2fnBDlyTiPF7YXyGiPjPAgK8LS8GUE+Zq2rWqrGNkwggM/BgkqhkiG9w0BBwag + ggMwMIIDLAIBADCCAyUGCSqGSIb3DQEHATAcBgoqhkiG9w0BDAEDMA4ECOfJ/s3Y + f5bgAgIUnYCCAvi4NaYP4lpAtuXtE02Zqgl9aLFwsj9B/rikBo6O1ZR/lsryJ4PJ + VGYy6NyBPjG67glJVMYiI3Hge+j66FXKXD/AaiMVD21ZmfrH935Sl4ZUKS9tpTJL + QDw3ejpDEDqJUFJZJ/ybgpRAKoNjhcE3B7F7+WMI8Pr70M1Fbw7ytUCAjOf18sIW + prUA8f8O9dLiGgiWyjE5HMzSXEib5IMRpq5x4Q28pBrT8rVYgoQSSyVkfHtU7LDi + Bm68RfBgEl7jIqLdrt2kKxHC3/lC4xXQgFNXeQO56aRp8Yu4VpoRwraVLUO3tJk+ + pf1zFfmUei/JtiFlC6uf0PvC2B5h6kAZocE1lLxGIDFH7fTd6dzP7qTDbUQ+uEk3 + qsgktT2pcoVnxTanvQmTCEZM9ZKCX5/z7Gkm+z83lGLDDU9oNyRSrxHrRBIvgH4w + 3aGH1v6kfYOWwwwaghQOQIZFyzGVRKXsP7AslL+n4ti831TxqSUZX2qy9LpI4Tjp + 5A/NLMKo3uqmHFlTLnnYUqoppe88FNY8T/LXnHp0KTkuXFmdKJtp1/ydqh18jBk7 + nfLcQFdf1R/5okysblRtaMujlhelymT7MoM8u5C8ceIO7uWX8NI5B/IB+Yn2BvzZ + 9LXoSia/wHjTu7UK610o7WOq9qTYe1i1x+HsmJaOC6hpaQh6b33VWDrHJbl7c/4Z + tvQ9qAzqkqIhFWMRXNK+32jFVAgXrD8U1QHW2ip5s7W/Xtm1AegrhG1nSQgJezYl + OnE/t2PDWuPeW94kR0uv1fNsh6plLyZYf/BaqhoGCHsa/ipD86viVSZDgJ8ASVLF + eLUK3HYFMhJ+MLEzZJffYZAOnbYoyNPNc0vc7dpbk+ZMnlb5bDFcMCpm7+fWOjsC + nsNNL9nqQlNHHCJRKGuxO5rujftbPM7R3GLT9d/u5e9YY5cX0RiDLxomFfflj2Yh + uRoyX+8WzESt98I/KmAraWKXnxOP1FEWajtNCrnGCezDKO3xEHTQhECpg+z7O4mj + MjN6MIHABgkqhkiG9w0BBwGggbIEga8wgawwgakGCyqGSIb3DQEMCgECoFowWDAc + BgoqhkiG9w0BDAEDMA4ECL2Bz1vW+YZkAgIUugQ4YOyEjke53NDvCFR0ciUHZ7re + f9/wPx5TgV3qzGhfR4bP2rdpiOt9hAHVK5cmUAR7+wjAJiYdLUQxPjAXBgkqhkiG + 9w0BCRQxCh4IAGQAYQBuAGEwIwYJKoZIhvcNAQkVMRYEFJ3fTdQF75rsYIa8J20E + 6c5a3I+kMIHABgkqhkiG9w0BBwGggbIEga8wgawwgakGCyqGSIb3DQEMCgECoFow + WDAcBgoqhkiG9w0BDAEDMA4ECFw78Uk8K64uAgIU+gQ4id0jRb3JyEM5fdpaeQR+ + YEeMn+Y5KavplVD5HtgQQY9hhppbQqG4af7KY+MT6xus6oNEQeJAE5wxPjAXBgkq + hkiG9w0BCRQxCh4IAGQAYQBuAGEwIwYJKoZIhvcNAQkVMRYEFEgDhsFpuHhtrt7z + zAawM6xXMt2WMF8wTzALBglghkgBZQMEAgMEQEyKU+C+RuVmgTZpGN9FEY/LofSz + 3TZAOx0TJ3EN12kuTzjcGNxJ+7e4w4xI6CZxP9RqrBM/N6N2fThoArRC6uIECC5D + kkzl2MltAgIoAA== -----END PKCS12----- 9. Security Considerations The keys presented in this document should be considered compromised and insecure, because the secret key material is published and therefore not secret. Applications which maintain blacklists of invalid key material SHOULD include these keys in their lists. @@ -1324,69 +1330,77 @@ [ RFC Editor: please remove this section before publication ] This document is currently edited as markdown. Minor editorial changes can be suggested via merge requests at https://gitlab.com/dkg/lamps-samples or by e-mail to the author. Please direct all significant commentary to the public IETF LAMPS mailing list: "spasm@ietf.org" 11.1. Document History -11.1.1. Substantive Changes from draft-ietf-*-02 to draft-ietf-*-03 +11.1.1. Substantive Changes from draft-ietf-*-03 to draft-ietf-*-04 + + * Order subject/issuer DN components by scope. + + * Put cross-signed intermediate CA certificates into PKCS#12 instead + of self-signed root CA certificates. + +11.1.2. Substantive Changes from draft-ietf-*-02 to draft-ietf-*-03 * Correct encoding of S/MIME Capabilities extension. * Change "Certificate Authority" to "Certification Authority". * Add CertificatePolicies to all intermediate and end-entity certificates. * Add organization and organizational unit to all certificates. -11.1.2. Substantive Changes from draft-ietf-*-01 to draft-ietf-*-02 +11.1.3. Substantive Changes from draft-ietf-*-01 to draft-ietf-*-02 * Added cross-signed certificates for both CAs + * Added S/MIME Capabilities extension for Carlos and Dana's encryption keys, indicating preferred ECDH parameters. * Ensure no serial numbers are negative. * Encode keyUsage extensions in minimum-length BIT STRINGs. -11.1.3. Substantive Changes from draft-ietf-*-00 to draft-ietf-*-01 +11.1.4. Substantive Changes from draft-ietf-*-00 to draft-ietf-*-01 * Added Curve25519 sample certificates (new CA, Carlos, and Dana) -11.1.4. Substantive Changes from draft-dkg-*-05 to draft-ietf-*-00 +11.1.5. Substantive Changes from draft-dkg-*-05 to draft-ietf-*-00 * WG adoption (dkg moves from Author to Editor) -11.1.5. Substantive Changes from draft-dkg-*-04 to draft-dkg-*-05 +11.1.6. Substantive Changes from draft-dkg-*-04 to draft-dkg-*-05 * PEM blobs are now "sourcecode", not "artwork" -11.1.6. Substantive Changes from draft-dkg-*-03 to draft-dkg-*-04 +11.1.7. Substantive Changes from draft-dkg-*-03 to draft-dkg-*-04 * Describe deterministic key generation * label PEM blobs with filenames in XML -11.1.7. Substantive Changes from draft-dkg-*-02 to draft-dkg-*-03 +11.1.8. Substantive Changes from draft-dkg-*-02 to draft-dkg-*-03 * Alice and Bob now each have two distinct certificates: one for signing, one for encryption, and public keys to match. -11.1.8. Substantive Changes from draft-dkg-*-01 to draft-dkg-*-02 +11.1.9. Substantive Changes from draft-dkg-*-01 to draft-dkg-*-02 * PKCS#12 objects are deliberately locked with simple passphrases -11.1.9. Substantive Changes from draft-dkg-*-00 to draft-dkg-*-01 +11.1.10. Substantive Changes from draft-dkg-*-00 to draft-dkg-*-01 * changed all three keys to use RSA instead of RSA-PSS * set keyEncipherment keyUsage flag instead of dataEncipherment in EE certs 12. Acknowledgements This draft was inspired by similar work in the OpenPGP space by Bjarni Runar and juga at [I-D.bre-openpgp-samples].