idnits 2.17.00 (12 Aug 2021) /tmp/idnits5784/draft-nystrom-pkcs9-v2-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There is 1 instance of lines with non-ascii characters in the document. == It seems as if not all pages are separated by form feeds - found 0 form feeds but 38 pages Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 12 instances of too long lines in the document, the longest one being 1 character in excess of 72. == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 215: '... MAY CONTAIN { PKCSEntityAtt...' RFC 2119 keyword, line 240: '... MAY CONTAIN { NaturalPerson...' RFC 2119 keyword, line 359: '...ng. Applications SHOULD use the IA5Str...' RFC 2119 keyword, line 364: '... systems MUST be able to recognize a...' RFC 2119 keyword, line 417: '... document, applications SHOULD use the...' (14 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 186 has weird spacing: '...eNumber sta...' == Line 192 has weird spacing: '...iceName telex...' == Line 1013 has weird spacing: '... -- new attri...' -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 2000) is 8101 days in the past. Is this intentional? -- Found something which looks like a code comment -- if you have code sections in the document, please surround them with '' and '' lines. Checking references for intended status: Informational ---------------------------------------------------------------------------- -- Missing reference section? '14' on line 1728 looks like a reference -- Missing reference section? '3' on line 1693 looks like a reference -- Missing reference section? '16' on line 1734 looks like a reference -- Missing reference section? '17' on line 1737 looks like a reference -- Missing reference section? '18' on line 1740 looks like a reference -- Missing reference section? '5' on line 1699 looks like a reference -- Missing reference section? '7' on line 1706 looks like a reference -- Missing reference section? '15' on line 1731 looks like a reference -- Missing reference section? '6' on line 1702 looks like a reference -- Missing reference section? '11' on line 1718 looks like a reference -- Missing reference section? '2' on line 1690 looks like a reference -- Missing reference section? '22' on line 1754 looks like a reference -- Missing reference section? '1' on line 1687 looks like a reference -- Missing reference section? '8' on line 1709 looks like a reference -- Missing reference section? '20' on line 1747 looks like a reference -- Missing reference section? '21' on line 1750 looks like a reference -- Missing reference section? '4' on line 1696 looks like a reference -- Missing reference section? '10' on line 1715 looks like a reference -- Missing reference section? '13' on line 1725 looks like a reference -- Missing reference section? '12' on line 1722 looks like a reference -- Missing reference section? '9' on line 1712 looks like a reference -- Missing reference section? '19' on line 1743 looks like a reference Summary: 4 errors (**), 0 flaws (~~), 6 warnings (==), 25 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 INTERNET-DRAFT M. Nystrom 3 Expires: September 2000 B. Kaliski 4 Intended Category: Informational RSA Laboratories 5 March 2000 7 Selected Object Classes and Attribute Types 8 PKCS #9 v2.0 10 11 Status of this Memo 13 This document is an Internet-Draft and is in full conformance with 14 all provisions of Section 10 of RFC2026 except that the right to 15 produce derivative works is not granted. This document represents a 16 republication of PKCS#9 v 2.0 from RSA Laboratories' Public-Key 17 Cryptography Standards (PKCS) series, and change control is retained 18 within the PKCS process. 20 Internet-Drafts are working documents of the Internet Engineering 21 Task Force (IETF), its areas, and its working groups. Note that other 22 groups may also distribute working documents as Internet-Drafts. 24 Internet-Drafts are draft documents valid for a maximum of six months 25 and may be updated, replaced, or obsoleted by other documents at any 26 time. It is inappropriate to use Internet-Drafts as reference 27 material or to cite them other than as "work in progress." 29 The list of current Internet-Drafts can be accessed at 30 http://www.ietf.org/ietf/1id-abstracts.txt 32 The list of Internet-Draft Shadow Directories can be accessed at 33 http://www.ietf.org/shadow.html. 35 Abstract 37 This document provides a selection of object classes and attribute 38 types for use in conjunction with public-key cryptography and LDAP 39 [LDAP} accessibe directories. It also includes ASN.1 syntax for all 40 constructs. 42 Table of Contents 44 1 Introduction .................................................. 3 45 2 Definitions, notation and document convention ................. 3 46 2.1 Definitions ................................................. 3 47 2.2 Notation and document convention ............................ 4 48 3 Overview ...................................................... 4 49 4 Auxiliary object classes ...................................... 5 50 4.1 The "pkcsEntity" auxiliary object class ..................... 5 51 4.2 The "naturalPerson" auxiliary object class .................. 6 52 5 Selected attribute types ...................................... 6 53 5.1 Attribute types for use with the "pkcsEntity" object class .. 6 54 5.2 Attribute types for use with the "naturalPerson" object class 7 55 5.3 Attribute types for use in PKCS #7 data ..................... 12 56 5.4 Attribute types for use in PKCS #10 certificate requests .... 16 57 5.5 Attribute types for use in PKCS #12 "PFX" PDUs or PKCS #15 58 tokens ...................................................... 17 59 5.6 Attributes defined in S/MIMIE ............................... 18 60 6 Matching rules ................................................ 19 61 6.1 Case ignore match ........................................... 19 62 6.2 Signing time match .......................................... 19 63 7 Security considerations ....................................... 20 64 8 Author's addresses ............................................ 20 66 Appendices 68 A ASN.1 Module .................................................. 21 69 B BNF schema summary ............................................ 29 70 B.1 Syntaxes .................................................... 29 71 B.2 Object classes .............................................. 30 72 B.3 Attribute types ............................................. 30 73 B.4 Matching rules .............................................. 35 74 C Intellectual property considerations .......................... 35 75 D Revision history .............................................. 35 76 E References .................................................... 36 77 F About PKCS .................................................... 38 79 1. Introduction 81 This document defines two new auxiliary object classes, pkcsEntity 82 and naturalPerson, and selected attribute types for use with these 83 classes. It also defines some attribute types for use in conjunction 84 with PKCS #7 [14] (and S/MIME CMS [3]) digitally signed messages, 85 PKCS #10 [16] certificate-signing requests, PKCS #12 [17] personal 86 information exchanges and PKCS #15 [18] cryptographic tokens. 87 Matching rules for use with these attributes are also defined, 88 whenever necessary. 90 2. Definitions, notation and document conventions 92 2.1 Definitions 94 For the purposes of this document, the following definitions apply. 96 ASN.1 Abstract Syntax Notation One, as defined in [5]. 98 Attributes An ASN.1 type that specifies a set of 99 attributes. Each attribute contains an attribute type 100 (specified by object identifier) and one or more 101 attribute values. Some attribute types are restricted 102 in their definition to have a single value; others 103 may have multiple values. This type is defined in [7]. 105 CertificationRequestInfo 106 An ASN.1 type that specifies a subject name, a public 107 key, and a set of attributes. This type is defined in 108 [16]. 110 ContentInfo An ASN.1 type that specifies content exchanged 111 between entities. The contentType field, 112 which has type OBJECT IDENTIFIER, specifies the 113 content type, and the content field, whose type is 114 defined by the contentType field, contains the 115 content value. This type is defined in [14] and [3]. 117 PrivateKeyInfo A type that specifies a private key and a set of 118 extended attributes. This type and the associated 119 EncryptedPrivateKeyInfo type are defined in [15]. 121 SignerInfo A type that specifies per-signer information in the 122 signed-data content type, including a set of 123 attributes authenticated by the signer, and a set of 124 attributes not authenticated by the signer. This 125 type is defined in [14] and [3]. 127 DER Distinguished Encoding Rules for ASN.1, as defined 128 in [6]. 130 UCS Universal Multiple-Octet Coded Character Set, as 131 defined in [11]. 133 UTF8String UCS Transformation Format encoded string. The UTF-8 134 encoding is defined in [11]. 135 2.2 Notation and document conventions 137 In this document, all ASN.1 types and values are written in bold 138 Helvetica. Attribute type and object class definitions are written in 139 the ASN.1 value notation defined in [5]. Appendix B contains most of 140 these definitions written in the augmented BNF notation defined in 141 [2] as well. This has been done in an attempt to simplify the task of 142 integrating this work into LDAP [22] development environments. 144 The keywords "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 145 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 146 document are to be interpreted as described in [1]. 148 3. Overview 150 This document specifies two new auxiliary object classes, pkcsEntity 151 and naturalPerson, and some new attribute types and matching rules. 152 All ASN.1 object classes, attributes, matching rules and types are 153 exported for use in other environments. 155 Attribute types defined in this document that are useful in 156 conjunction with storage of PKCS-related data and the pkcsEntity 157 object class includes PKCS #12 PFX PDUs, PKCS #15 tokens and 158 encrypted private keys. 160 Attribute types defined in this document that are useful in 161 conjunction with PKCS #10 certificate requests and the naturalPerson 162 object class includes electronic-mail address, pseudonym, 163 unstructured name, and unstructured address. 165 Attribute types defined in this document that are useful in PKCS #7 166 digitally signed messages are content type, message digest, signing 167 time, sequence number, random nonce and countersignature. The 168 attributes would be used in the authenticatedAttributes and 169 unauthenticatedAttributes fields of a SignerInfo or an 170 AuthenticatedData ([3]) value. 172 Attribute types that are useful especially in PKCS #10 certification 173 requests are the challenge password and the extension-request 174 attribute. The attributes would be used in the attributes field of a 175 CertificationRequestInfo value. 177 Note - The attributes types (from [8]) in Table 1, and probably 178 several others, might also be helpful in PKCS #10, PKCS #12 and PKCS 179 #15-aware applications. 181 businessCategory preferredDeliveryMethod 182 commonName presentationAddress 183 countryName registeredAddress 184 description roleOccupant 185 destinationIndicator serialNumber 186 facsimileTelephoneNumber stateOrProvinceName 187 iSDNAddress streetAddress 188 localityName supportedApplicationContext 189 member surname 190 objectClass telephoneNumber 191 organizationName teletexTerminalIdentifier 192 physicalDeliveryOfficeName telexNumber 193 postalAddress title 194 postalCode x121Address 195 postOfficeBox 197 Table 1: ISO/IEC 9594-6 attribute types useful in PKCS documents 199 4. Auxiliary object classes 201 This document defines two new auxiliary object classes: pkcsEntity 202 and naturalPerson. 204 4.1 The pkcsEntity auxiliary object class 206 The pkcsEntity object class is a general-purpose auxiliary object 207 class that is intended to hold attributes about PKCS-related 208 entities. It has been designed for use within directory services 209 based on the LDAP protocol [22] and the X.500 family of protocols, 210 where support for PKCS-defined attributes is considered useful. 212 pkcsEntity OBJECT-CLASS ::= { 213 SUBCLASS OF { top } 214 KIND auxiliary 215 MAY CONTAIN { PKCSEntityAttributeSet } 216 ID pkcs-9-oc-pkcsEntity 217 } 219 PKCSEntityAttributeSet ATTRIBUTE ::= { 220 pKCS7PDU | 221 userPKCS12 | 222 pKCS15Token | 223 encryptedPrivateKeyInfo, 224 ... -- For future extensions 225 } 227 Attributes in the PKCSEntityAttributeSet are defined in Section 5. 229 4.2 The naturalPerson auxiliary object class 231 The naturalPerson object class is a general-purpose auxiliary object 232 class that is intended to hold attributes about human beings. It has 233 been designed for use within directory services based on the LDAP 234 protocol [22] and the X.500 family of protocols, where support for 235 these attributes is considered useful. 237 naturalPerson OBJECT-CLASS ::= { 238 SUBCLASS OF { top } 239 KIND auxilary 240 MAY CONTAIN { NaturalPersonAttributeSet } 241 ID pkcs-9-oc-naturalPerson 242 } 244 NaturalPersonAttributeSet ATTRIBUTE ::= { 245 emailAddress | 246 unstructuredName | 247 unstructuredAddress | 248 dateOfBirth | 249 placeOfBirth | 250 gender | 251 countryOfCitizenship | 252 countryOfResidence | 253 pseudonym | 254 serialNumber, 255 ... -- For future extensions 256 } 258 Attributes in the NaturalPersonAttributeSet are defined in Section 5. 260 5. Selected attribute types 262 5.1 Attribute types for use with the "pkcsEntity" object class 264 5.1.1 PKCS #7 PDU 266 PKCS #7 provides several formats for enveloped, signed and otherwise 267 protected data. When such information is stored in a directory 268 service, the pKCS7PDU attribute may be used. 270 pKCS7PDU ATTRIBUTE ::= { 271 WITH SYNTAX ContentInfo 272 ID pkcs-9-at-pkcs7PDU 273 } 275 5.1.2 PKCS #12 token 277 PKCS #12 provides a format for exchange of personal identity 278 information. When such information is stored in a directory service, 279 the userPKCS12 attribute should be used. 281 userPKCS12 ATTRIBUTE ::= { 282 WITH SYNTAX PFX 283 ID pkcs-9-at-userPKCS12 284 } 286 This type was originally defined in [20]. 288 5.1.3 PKCS #15 token 290 PKCS #15 provides a format for cryptographic tokens. When software 291 variants of such tokens are stored in a directory service, the 292 pKCS15Token attribute should be used. 294 pKCS15Token ATTRIBUTE ::= { 295 WITH SYNTAX PKCS15Token 296 ID pkcs-9-at-pkcs15Token 297 } 299 5.1.4 PKCS #8 encrypted private key information 301 PKCS #8 provides a format for encrypted private keys. When such 302 information is stored in a directory service, the 303 encryptedPrivateKeyInfo attribute should be used. 305 encryptedPrivateKeyInfo ATTRIBUTE ::= { 306 WITH SYNTAX EncryptedPrivateKeyInfo 307 ID pkcs-9-at-encryptedPrivateKeyInfo 308 } 310 5.2 Attribute types for use with the "naturalPerson" object class 312 5.2.1 Electronic-mail address 314 The emailAddress attribute type specifies the electronic-mail address 315 or addresses of a subject as an unstructured ASCII string. The 316 interpretation of electronic-mail addresses is intended to be 317 specified by certificate issuers etc.; no particular interpretation 318 is required. 320 emailAddress ATTRIBUTE ::= { 321 WITH SYNTAX IA5String (SIZE(1..pkcs-9-ub-emailAddress)) 322 EQUALITY MATCHING RULE pkcs9CaseIgnoreMatch 323 ID pkcs-9-at-emailAdress 324 } 326 An electronic-mail address attribute can have multiple attribute 327 values. When comparing two email addresses, case is irrelevant. The 328 pkcs9CaseIgnoreMatch is defined in Section 6. 330 Note - It is likely that other standards bodies overseeing 331 electronic-mail systems will, or have, registered electronic-mail 332 address attribute types specific to their system. The electronic-mail 333 address attribute type defined here was intended as a short-term 334 substitute for those specific attribute types, but is included here 335 for backwards-compatibility reasons. 337 5.2.2 Unstructured name 339 The unstructuredName attribute type specifies the name or names of a 340 subject as an unstructured ASCII string. The interpretation of 341 unstructured names is intended to be specified by certificate issuers 342 etc.; no particular interpretation is required. 344 unstructuredName ATTRIBUTE ::= { 345 WITH SYNTAX PKCS9String {pkcs-9-ub-unstructuredName} 346 EQUALITY MATCHING RULE pkcs9CaseIgnoreMatch 347 ID pkcs-9-at-unstructuredName 348 } 350 PKCS9String { INTEGER : maxSize} ::= CHOICE { 351 ia5String IA5String (SIZE(1..maxSize)), 352 directoryString DirectoryString {maxSize} 353 } 355 An unstructured-name attribute can have multiple attribute values. 356 When comparing two unstructured names, case is irrelevant. 358 The PKCS9String type is defined as a choice of IA5String and 359 DirectoryString. Applications SHOULD use the IA5String type when 360 generating attribute values in accordance with this version of this 361 document, unless internationalization issues makes this impossible. 362 In that case, the UTF8String alternative of the DirectoryString 363 alternative is the preferred choice. PKCS #9-attribute processing 364 systems MUST be able to recognize and process all string types in 365 PKCS9String values. 367 Note - Version 1.1 of this document defined unstructuredName as 368 having the syntax IA5String, but did contain a note explaining that 369 this might be changed to a CHOICE of different string types in future 370 versions. To better accommodate international names, this type has 371 been extended to also include a directory string in this version of 372 this document. Since [21] does not support a directory string type 373 containing IA5Strings, a separate syntax object identifier has been 374 defined (see [21] and Appendix B). 376 5.2.3 Unstructured address 378 The unstructuredAddress attribute type specifies the address or 379 addresses of a subject as an unstructured directory string. The 380 interpretation of unstructured addresses is intended to be specified 381 by certificate issuers etc; no particular interpretation is required. 382 A likely interpretation is as an alternative to the postalAddress 383 attribute type defined in [8]. 385 unstructuredAddress ATTRIBUTE ::= { 386 WITH SYNTAX DirectoryString {pkcs-9-ub-unstructuredAddress} 387 EQUALITY MATCHING RULE caseIgnoreMatch 388 ID pkcs-9-at-unstructuredAddress 389 } 391 An unstructured-address attribute can have multiple attribute values. 392 The caseIgnoreMatch matching rule is defined in [8]. 394 Note 1 - It is recommended to use the ASN.1 type TeletexString's 395 new-line character (hexadecimal code 0d) as a line separator in 396 multi-line addresses. 398 Note 2 - Previous versions of this document defined 399 unstructuredAddress as having the following syntax: 401 CHOICE { 402 teletexString TeletexString, 403 printableString PrintableString, 404 } 406 But also mentioned the possibility of a future definition as follows: 408 CHOICE { 409 teletexString TeletexString, 410 printableString PrintableString, 411 universalString UniversalString 412 } 414 In this version of this document, the X.520 type DirectoryString has 415 been used in order to be more aligned with international standards 416 and current practice. When generating attribute values in accordance 417 with this version of this document, applications SHOULD use the 418 PrintableString alternative unless internationalization issues makes 419 this impossible. In those cases, the UTF8String alternative SHOULD be 420 used. PKCS #9-attribute processing systems MUST be able to recognize 421 and process all string types in DirectoryString values. 423 5.2.4 Date of birth 425 The dateOfBirth attribute specifies the date of birth for the subject 426 it is associated with. 428 dateOfBirth ATTRIBUTE ::= { 429 WITH SYNTAX GeneralizedTime 430 EQUALITY MATCHING RULE generalizedTimeMatch 431 SINGLE VALUE TRUE 432 ID pkcs-9-at-dateOfBirth 433 } 435 dateOfBirth attributes must be single-valued. The 436 generalizedTimeMatch matching rule is defined in [8]. 438 5.2.5 Place of birth 440 The placeOfBirth attribute specifies the place of birth for the 441 subject it is associated with. 443 placeOfBirth ATTRIBUTE ::= { 444 WITH SYNTAX DirectoryString {pkcs-9-ub-placeOfBirth} 445 EQUALITY MATCHING RULE caseExactMatch 446 SINGLE VALUE TRUE 447 ID pkcs-9-at-placeOfBirth 448 } 450 placeOfBirth attributes must be single-valued. The caseExactMatch 451 matching rule is defined in [8]. 453 5.2.6 Gender 455 The gender attribute specifies the gender of the subject it is 456 associated with. 458 gender ATTRIBUTE ::= { 459 WITH SYNTAX PrintableString (SIZE(1) ^ 460 FROM ("M" | "F" | "m" | "f")) 461 EQUALITY MATCHING RULE caseIgnoreMatch 462 SINGLE VALUE TRUE 463 ID pkcs-9-at-gender 465 } 467 The letter "M" (or "m") represents "male" and the letter "F" (or "f") 468 represents "female". gender attributes must be single-valued. 470 5.2.7 Country of citizenship 472 The countryOfCitizenship attribute specifies the (claimed) countries 473 of citizenship for the subject it is associated with. It SHALL be a 474 2-letter acronym of a country in accordance with [4]. 476 countryOfCitizenship ATTRIBUTE ::= { 477 WITH SYNTAX PrintableString (SIZE(2) ^ CONSTRAINED BY { 478 -- Must be a two-letter country acronym in accordance with 479 -- ISO/IEC 3166 --}) 480 EQUALITY MATCHING RULE caseIgnoreMatch 481 ID pkcs-9-at-countryOfCitizenship 482 } 484 Attributes of this type need not be single-valued. 486 5.2.8 Country of residence 488 The countryOfResidence attribute specifies the (claimed) country of 489 residence for the subject is associated with. It SHALL be a 2-letter 490 acronym of a country in accordance with [4]. 492 countryOfResidence ATTRIBUTE ::= { 493 WITH SYNTAX PrintableString (SIZE(2) ^ CONSTRAINED BY { 494 -- Must be a two-letter country acronym in accordance with 495 -- ISO/IEC 3166 --}) 496 EQUALITY MATCHING RULE caseIgnoreMatch 497 ID pkcs-9-at-countryOfResidence 498 } 500 Attributes of this type need not be single-valued, since it is 501 possible to be a resident of several countries. 503 5.2.9 Pseudonym 505 The pseudonym attribute type shall contain a pseudonym of a subject. 506 The exact interpretation of pseudonyms is intended to be specified by 507 certificate issuers etc.; no particular interpretation is required. 509 pseudonym ATTRIBUTE ::= { 510 WITH SYNTAX DirectoryString {pkcs-9-ub-pseudonym} 511 EQUALITY MATCHING RULE caseExactMatch 512 ID id-at-pseudonym 514 } 516 Note - The pseudonym attribute has received an object identifier in 517 the joint-iso-itu-t object identifier tree. 519 The caseExactMatch matching rule is defined in [8]. 521 5.2.10 Serial number 523 The serialNumber attribute is defined in [8]. 525 5.3 Attribute types for use in PKCS #7 data 527 5.3.1 Content type 529 The contentType attribute type specifies the content type of the 530 ContentInfo value being signed in PKCS #7 (or S/MIME CMS) digitally 531 signed data. In such data, the contentType attribute type is required 532 if there are any PKCS #7 authenticated attributes. 534 contentType ATTRIBUTE ::= { 535 WITH SYNTAX ContentType 536 EQUALITY MATCHING RULE objectIdentifierMatch 537 SINGLE VALUE TRUE 538 ID pkcs-9-at-contentType 539 } 541 ContentType ::= OBJECT IDENTIFIER 543 As indicated, content-type attributes must have a single attribute 544 value. For two content-type values to match, their octet string 545 representation must be of equal length and corresponding octets 546 identical. The objectIdentifierMatch matching rule is defined in [7]. 548 Note - This attribute type is described in [3] as well. 550 5.3.2 Message digest 552 The messageDigest attribute type specifies the message digest of the 553 contents octets of the DER-encoding of the content field of the 554 ContentInfo value being signed in PKCS #7 digitally signed data, 555 where the message digest is computed under the signer's message 556 digest algorithm. The message-digest attribute type is required in 557 these cases if there are any PKCS #7 authenticated attributes 558 present. 560 messageDigest ATTRIBUTE ::= { 561 WITH SYNTAX MessageDigest 562 EQUALITY MATCHING RULE octetStringMatch 563 SINGLE VALUE TRUE 564 ID pkcs-9-at-messageDigest 565 } 567 MessageDigest ::= OCTET STRING 569 As indicated, a message-digest attribute must have a single attribute 570 value. For two messageDigest values to match, their octet string 571 representation must be of equal length and corresponding octets 572 identical. The octetStringMatch matching rule is defined in [8]. 574 Note - This attribute is described in [3] as well. 576 5.3.3 Signing time 578 The signingTime attribute type is intended for PKCS #7 digitally 579 signed data. It specifies the time at which the signer (purportedly) 580 performed the signing process. 582 signingTime ATTRIBUTE ::= { 583 WITH SYNTAX SigningTime 584 EQUALITY MATCHING RULE signingTimeMatch 585 SINGLE VALUE TRUE 586 ID pkcs-9-at-signingTime 587 } 589 SigningTime ::= Time -- imported from ISO/IEC 9594-8 591 A signing-time attribute must have a single attribute value. 593 The signingTimeMatch matching rule (defined in Section 6.1) returns 594 TRUE if an attribute value represents the same time as a presented 595 value. 597 Quoting from [3]: 598 "Dates between 1 January 1950 and 31 December 2049 (inclusive) MUST 599 be encoded as UTCTime. Any dates with year values before 1950 or 600 after 2049 MUST be encoded as GeneralizedTime. [Further,] UTCTime 601 values MUST be expressed in Greenwich Mean Time (Zulu) and MUST 602 include seconds (i.e., times are YYMMDDHHMMSSZ), even where the 603 number of seconds is zero. Midnight (GMT) must be represented as 604 "YYMMDD000000Z". Century information is implicit, and the century 605 shall be determined as follows: 606 - Where YY is greater than or equal to 50, the year shall be 607 interpreted as 19YY; and 608 - Where YY is less than 50, the year shall be interpreted as 609 20YY. 611 GeneralizedTime values shall be expressed in Greenwich Mean Time 612 (Zulu) and must include seconds (i.e., times are YYYYMMDDHHMMSSZ), 613 even where the number of seconds is zero. GeneralizedTime values 614 must not include fractional seconds." 616 Note 1 - The definition of SigningTime matches the definition of Time 617 specified in [10]. 619 Note 2 - No requirement is imposed concerning the correctness of the 620 signing time, and acceptance of a purported signing time is a matter 621 of a recipient's discretion. It is expected, however, that some 622 signers, such as time-stamp servers, will be trusted implicitly. 624 5.3.4 Random nonce 626 The randomNonce attribute type is intended for PKCS #7 digitally 627 signed data. It may be used by a signer unable (or unwilling) to 628 specify the time at which the signing process was performed. Used in 629 a correct manner, it will make it possible for the signer to protect 630 against certain attacks, i.e. replay attacks. 632 randomNonce ATTRIBUTE ::= { 633 WITH SYNTAX RandomNonce 634 EQUALITY MATCHING RULE octetStringMatch 635 SINGLE VALUE TRUE 636 ID pkcs-9-at-randomNonce 637 } 639 RandomNonce ::= OCTET STRING (SIZE(4..MAX)) 640 -- At least four bytes long 642 A random nonce attribute must have a single attribute value. 644 5.3.5 Sequence number 646 The sequenceNumber attribute type is intended for PKCS #7 digitally 647 signed data. A signer wishing to associate a sequence number to all 648 signature operations (much like a physical checkbook) may use it as 649 an alternative to the randomNonce attribute. Used in a correct 650 manner, it will make it possible for the signer to protect against 651 certain attacks, i.e. replay attacks. 653 sequenceNumber ATTRIBUTE ::= { 654 WITH SYNTAX SequenceNumber 655 EQUALITY MATCHING RULE integerMatch 656 SINGLE VALUE TRUE 657 ID pkcs-9-at-sequenceNumber 658 } 659 SequenceNumber ::= INTEGER (1..MAX) 661 A sequence number attribute must have a single attribute value. 663 The integerMatch matching rule is defined in [8]. 665 5.3.6 Countersignature 667 The counterSignature attribute type specifies one or more signatures 668 on the content octets of the DER encoding of the encryptedDigest 669 field of a SignerInfo value in PKCS #7 digitally signed data. Thus, 670 the countersignature attribute type countersigns (signs in serial) 671 another signature. The countersignature attribute must be an 672 unauthenticated PKCS #7 attribute; it cannot be an authenticated 673 attribute. 675 counterSignature ATTRIBUTE ::= { 676 WITH SYNTAX SignerInfo 677 ID pkcs-9-at-counterSignature 678 } 680 Countersignature values have the same meaning as SignerInfo values 681 for ordinary signatures (see Section 9 of [14] and Section 5.3 of 682 [3]), except that: 684 1. The authenticatedAttributes field must contain a messageDigest 685 attribute if it contains any other attributes, but need not contain a 686 contentType attribute, as there is no content type for 687 countersignatures; and 689 2. The input to the message-digesting process is the content octets 690 of the DER encoding of the signatureValue field of the SignerInfo 691 value with which the attribute is associated. 693 A countersignature attribute can have multiple attribute values. 695 Note 1 - The fact that a countersignature is computed on a signature 696 (encrypted digest) means that the countersigning process need not 697 know the original content input to the signing process. This has 698 advantages both in efficiency and in confidentiality. 700 Note 2 - A countersignature, since it has type SignerInfo, can itself 701 contain a countersignature attribute. Thus it is possible to 702 construct arbitrarily long series of countersignatures. 704 5.4 Attribute types for use with PKCS #10 certificate requests 706 5.4.1 Challenge password 708 The challengePassword attribute type specifies a password by which an 709 entity may request certificate revocation. The interpretation of 710 challenge passwords is intended to be specified by certificate 711 issuers etc; no particular interpretation is required. 713 challengePassword ATTRIBUTE ::= { 714 WITH SYNTAX DirectoryString {pkcs-9-ub-challengePassword} 715 EQUALITY MATCHING RULE caseExactMatch 716 SINGLE VALUE TRUE 717 ID pkcs-9-at-challengePassword 718 } 720 A challenge-password attribute must have a single attribute value. 722 ChallengePassword attribute values generated in accordance with this 723 version of this document SHOULD use the PrintableString encoding 724 whenever possible. If internationalization issues make this 725 impossible, the UTF8String alternative SHOULD be used. PKCS #9- 726 attribute processing systems MUST be able to recognize and process 727 all string types in DirectoryString values. 729 Note - Version 1.1 of this document defined challengePassword as 730 having the syntax CHOICE {PrintableString, T61String}, but did 731 contain a note explaining that this might be changed to a CHOICE of 732 different string types in the future See also Note 2 in section 733 5.2.3. 735 5.4.2 Extension request 737 The extensionRequest attribute type may be used to carry information 738 about certificate extensions the requester wishes to be included in a 739 certificate. 741 extensionRequest ATTRIBUTE ::= { 742 WITH SYNTAX ExtensionRequest 743 SINGLE VALUE TRUE 744 ID pkcs-9-at-extensionRequest 745 } 747 ExtensionRequest ::= Extensions 749 The Extensions type is imported from [10]. 751 5.4.3 Extended-certificate attributes (deprecated) 753 The extendedCertificateAttributes attribute type specified a set of 754 attributes for a PKCS #6 [13] extended certificate in a PKCS #10 755 certification request (the value of the extended certificate- 756 attributes attribute would become the extension in the requested PKCS 757 #6 extended certificate). Since the status of PKCS #6 is historic 758 after the introduction of X.509 v3 certificates [10], the use of this 759 attribute is deprecated. 761 extendedCertificateAttributes ATTRIBUTE ::= { 762 WITH SYNTAX SET OF Attribute 763 SINGLE VALUE TRUE 764 ID pkcs-9-at-extendedCertificateAttributes 765 } 767 An extended certificate attributes attribute must have a single 768 attribute value (that value is a set, which itself may contain 769 multiple values, but there must be only one set). 771 5.5 Attributes for use in PKCS #12 "PFX" PDUs or PKCS #15 tokens 773 5.5.1 Friendly name 775 The friendlyName attribute type specifies a user-friendly name of the 776 object it belongs to. It is referenced in [17]. 778 friendlyName ATTRIBUTE ::= { 779 WITH SYNTAX BMPString (SIZE(1..pkcs-9-ub-friendlyName)) 780 EQUALITY MATCHING RULE caseIgnoreMatch 781 SINGLE VALUE TRUE 782 ID pkcs-9-at-friendlyName 783 } 785 As indicated, friendlyName attributes must have a single attribute 786 value. 788 5.5.2 Local key identifier 790 The localKeyId attribute type specifies an identifier for a 791 particular key. It is only to be used locally in applications. This 792 attribute is referenced in [17]. 794 localKeyId ATTRIBUTE ::= { 795 WITH SYNTAX OCTET STRING 796 EQUALITY MATCHING RULE octetStringMatch 797 SINGLE VALUE TRUE 798 ID pkcs-9-at-localKeyId 800 } 802 As indicated, localKeyId attributes must have a single attribute 803 value. For two localKeyId values to match, their octet string 804 representation must be of equal length and corresponding octets 805 identical. 807 5.6 Attributes defined in S/MIME 809 S/MIME (c.f. [12]) defines some attributes and object identifiers in 810 the PKCS #9 object identifier tree. For completeness, they are 811 mentioned here. 813 5.6.1 Signing description 815 The signingDescription attribute is intended to provide a short 816 synopsis of a message that can be used to present a user with an 817 additional confirmation step before committing to a cryptographic 818 operation. In most cases, the replication of the "Subject:" line 819 from the header of a message should be sufficient and is recommended. 821 signingDescription ATTRIBUTE ::= { 822 WITH SYNTAX DirectoryString {pkcs-9-ub-signingDescription} 823 EQUALITY MATCHING RULE caseIgnoreMatch 824 SINGLE VALUE TRUE 825 ID pkcs-9-at-signingDescription 826 } 828 5.6.2 S/MIME capabilities 830 The syntax and semantics of the smimeCapabilities attribute is 831 defined in [12]. It is included here for the sake of completeness. 833 smimeCapabilities ATTRIBUTE ::= { 834 WITH SYNTAX SMIMECapabilities 835 SINGLE VALUE 836 ID pkcs-9-at-smimeCapabilities 837 } 839 SMIMECapabilities ::= SEQUENCE OF SMIMECapability 841 SMIMECapability ::= SEQUENCE { 842 algorithm ALGORITHM.&id ({SMIMEv3Algorithms}), 843 parameters ALGORITHM.&Type ({SMIMEv3Algorithms}{@algorithm}) 844 } 846 SMIMEv3Algorithms ALGORITHM ::= {... -- See RFC 2633 -- } 848 6. Matching rules 850 This section defines matching rules used in the definition of 851 attributes in this document. 853 6.1 Case ignore match 855 The pkcs9CaseIgnoreMatch rule compares for equality a presented 856 string with an attribute value of type PKCS9String, without regard to 857 the case (upper or lower) of the strings (e.g. "Pkcs" and "PKCS" 858 match). 860 pkcs9CaseIgnoreMatch MATCHING-RULE ::= { 861 SYNTAX PKCS9String {pkcs9-ub-match} 862 ID id-mr-pkcs9CaseIgnoreMatch 863 } 865 The rule returns TRUE if the strings are the same length and 866 corresponding characters are identical except possibly with regard to 867 case. 869 Where the strings being matched are of different ASN.1 syntax, the 870 comparison proceeds as normal so long as the corresponding characters 871 are in both character sets. Otherwise matching fails. 873 6.2 Signing time match 875 The signingTimeMatch rule compares for equality a presented value 876 with an attribute value of type SigningTime. 878 signingTimeMatch MATCHING-RULE ::= { 879 SYNTAX SigningTime 880 ID pkcs-9-mr-signingTimeMatch 881 } 883 The rule returns TRUE if the attribute value represents the same time 884 as the presented value. If a time is specified with seconds (or 885 fractional seconds) absent, the number of seconds (fractional 886 seconds) is assumed to be zero. 888 Where the strings being matched are of different ASN.1 syntax, the 889 comparison proceeds as follows: 891 a) Convert both values to DER-encoded values of type 892 GeneralizedTime, coordinated universal time. If this is not 893 possible the matching fails. 895 b) Compare the strings for equality. The rule returns TRUE if and 896 only if the strings are of the same length and corresponding 897 octets are identical. 899 7. Security considerations 901 Attributes of directory entries are used to provide descriptive 902 information about the real-world objects they represent, which can be 903 people, organizations or devices. Most countries have privacy laws 904 regarding the publication of information about people. 906 The challengePassword attribute should not be stored un-encrypted in 907 a directory. 909 Users of directory-aware applications making use of attributes 910 defined for use with the pkcsEntity object class should make sure 911 that the class's attributes are adequately protected, since they may 912 potentially be read by third parties. If a password-protected value 913 is stored (PKCS #8, #12 or #15), the directory should authenticate 914 the requester before delivering the value to prevent an off-line 915 password-search attack. Note that this potentially raises non- 916 repudiation issues since the directory itself can try a password 917 search to recover a private value, if stored this way. 919 8. Author's addresses 921 Magnus Nystr÷m 922 RSA Laboratories 923 Box 10704 924 S-121 29 Stockholm 925 Sweden 927 Email: magnus@rsasecurity.com 929 Burt Kaliski 930 RSA Laboratories 931 20 Crosby Drive 932 Bedford, MA 01730 USA 934 Email: bkaliski@rsasecurity.com 936 APPENDICES 938 A. ASN.1 module 940 This appendix includes all of the ASN.1 type and value definitions 941 contained in this document in the form of the ASN.1 module PKCS-9. 943 PKCS-9 {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 944 pkcs-9(9) modules(0) pkcs-9(1)} 946 DEFINITIONS IMPLICIT TAGS ::= 948 BEGIN 950 -- EXPORTS All -- 951 -- All types and values defined in this module is exported for use 952 -- in other ASN.1 modules. 954 IMPORTS 956 informationFramework, authenticationFramework, 957 selectedAttributeTypes, upperBounds , id-at 958 FROM UsefulDefinitions {joint-iso-itu-t ds(5) module(1) 959 usefulDefinitions(0) 3} 961 ub-name 962 FROM UpperBounds upperBounds 964 OBJECT-CLASS, ATTRIBUTE, MATCHING-RULE, Attribute, top, 965 objectIdentifierMatch 966 FROM InformationFramework informationFramework 968 ALGORITHM, Extensions, Time 969 FROM AuthenticationFramework authenticationFramework 971 DirectoryString, octetStringMatch, caseIgnoreMatch, caseExactMatch, 972 generalizedTimeMatch, integerMatch, serialNumber 973 FROM SelectedAttributeTypes selectedAttributeTypes 975 ContentInfo, SignerInfo 976 FROM CryptographicMessageSyntax {iso(1) member-body(2) us(840) 977 rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1)} 979 EncryptedPrivateKeyInfo 980 FROM PKCS-8 {iso(1) member-body(2) us(840) rsadsi(113549) 981 pkcs(1) pkcs-8(8) modules(1) pkcs-8(1)} 983 PFX 984 FROM PKCS-12 {iso(1) member-body(2) us(840) rsadsi(113549) 985 pkcs(1) pkcs-12(12) modules(0) pkcs-12(1)} 987 PKCS15Token 988 FROM PKCS-15 {iso(1) member-body(2) us(840) rsadsi(113549) 989 pkcs(1) pkcs-15(15) modules(1) pkcs-15(1)}; 991 -- Upper bounds 993 pkcs-9-ub-pkcs9String INTEGER ::= 255 994 pkcs-9-ub-emailAddress INTEGER ::= pkcs-9-ub-pkcs9String 995 pkcs-9-ub-unstructuredName INTEGER ::= pkcs-9-ub-pkcs9String 996 pkcs-9-ub-unstructuredAddress INTEGER ::= pkcs-9-ub-pkcs9String 997 pkcs-9-ub-challengePassword INTEGER ::= pkcs-9-ub-pkcs9String 998 pkcs-9-ub-friendlyName INTEGER ::= pkcs-9-ub-pkcs9String 999 pkcs-9-ub-signingDescription INTEGER ::= pkcs-9-ub-pkcs9String 1000 pkcs-9-ub-match INTEGER ::= pkcs-9-ub-pkcs9String 1001 pkcs-9-ub-pseudonym INTEGER ::= ub-name 1002 pkcs-9-ub-placeOfBirth INTEGER ::= ub-name 1004 -- Object Identifiers 1006 pkcs-9 OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) 1007 rsadsi(113549) pkcs(1) 9} 1009 -- Main arcs 1010 pkcs-9-mo OBJECT IDENTIFIER ::= {pkcs-9 0} -- Modules branch 1011 pkcs-9-oc OBJECT IDENTIFIER ::= {pkcs-9 24} -- Object class branch 1012 pkcs-9-at OBJECT IDENTIFIER ::= {pkcs-9 25} -- Attribute branch, for 1013 -- new attributes 1014 pkcs-9-sx OBJECT IDENTIFIER ::= {pkcs-9 26} -- For syntaxes (RFC 2252) 1015 pkcs-9-mr OBJECT IDENTIFIER ::= {pkcs-9 27} -- Matching rules 1017 -- Object classes 1018 pkcs-9-oc-pkcsEntity OBJECT IDENTIFIER ::= {pkcs-9-oc 1} 1019 pkcs-9-oc-naturalPerson OBJECT IDENTIFIER ::= {pkcs-9-oc 2} 1021 -- Attributes 1022 pkcs-9-at-emailAddress OBJECT IDENTIFIER ::= {pkcs-9 1} 1023 pkcs-9-at-unstructuredName OBJECT IDENTIFIER ::= {pkcs-9 2} 1024 pkcs-9-at-contentType OBJECT IDENTIFIER ::= {pkcs-9 3} 1025 pkcs-9-at-messageDigest OBJECT IDENTIFIER ::= {pkcs-9 4} 1026 pkcs-9-at-signingTime OBJECT IDENTIFIER ::= {pkcs-9 5} 1027 pkcs-9-at-counterSignature OBJECT IDENTIFIER ::= {pkcs-9 6} 1028 pkcs-9-at-challengePassword OBJECT IDENTIFIER ::= {pkcs-9 7} 1029 pkcs-9-at-unstructuredAddress OBJECT IDENTIFIER ::= {pkcs-9 8} 1030 pkcs-9-at-extendedCertificateAttributes 1031 OBJECT IDENTIFIER ::= {pkcs-9 9} 1033 -- Obsolete (?) attribute identifiers, purportedly from "tentative 1034 -- PKCS #9 draft" 1035 -- pkcs-9-at-issuerAndSerialNumber OBJECT IDENTIFIER ::= {pkcs-9 10} 1036 -- pkcs-9-at-passwordCheck OBJECT IDENTIFIER ::= {pkcs-9 11} 1037 -- pkcs-9-at-publicKey OBJECT IDENTIFIER ::= {pkcs-9 12} 1039 pkcs-9-at-signingDescription OBJECT IDENTIFIER ::= {pkcs-9 13} 1040 pkcs-9-at-extensionRequest OBJECT IDENTIFIER ::= {pkcs-9 14} 1041 pkcs-9-at-smimeCapabilities OBJECT IDENTIFIER ::= {pkcs-9 15} 1043 -- Unused (?) 1044 -- pkcs-9-at-? OBJECT IDENTIFIER ::= {pkcs-9 17} 1045 -- pkcs-9-at-? OBJECT IDENTIFIER ::= {pkcs-9 18} 1046 -- pkcs-9-at-? OBJECT IDENTIFIER ::= {pkcs-9 19} 1048 pkcs-9-at-friendlyName OBJECT IDENTIFIER ::= {pkcs-9 20} 1049 pkcs-9-at-localKeyId OBJECT IDENTIFIER ::= {pkcs-9 21} 1050 pkcs-9-at-userPKCS12 OBJECT IDENTIFIER ::= 1051 {2 16 840 1 113730 3 1 216} 1052 pkcs-9-at-pkcs15Token OBJECT IDENTIFIER ::= {pkcs-9-at 1} 1053 pkcs-9-at-encryptedPrivateKeyInfo OBJECT IDENTIFIER ::= {pkcs-9-at 2} 1054 pkcs-9-at-randomNonce OBJECT IDENTIFIER ::= {pkcs-9-at 3} 1055 pkcs-9-at-sequenceNumber OBJECT IDENTIFIER ::= {pkcs-9-at 4} 1056 pkcs-9-at-pkcs7PDU OBJECT IDENTIFIER ::= {pkcs-9-at 5} 1058 -- IETF PKIX Attribute branch 1059 ietf-at OBJECT IDENTIFIER ::= 1060 {1 3 6 1 5 5 7 9} 1062 pkcs-9-at-dateOfBirth OBJECT IDENTIFIER ::= {ietf-at 1} 1063 pkcs-9-at-placeOfBirth OBJECT IDENTIFIER ::= {ietf-at 2} 1064 pkcs-9-at-gender OBJECT IDENTIFIER ::= {ietf-at 3} 1065 pkcs-9-at-countryOfCitizenship OBJECT IDENTIFIER ::= {ietf-at 4} 1066 pkcs-9-at-countryOfResidence OBJECT IDENTIFIER ::= {ietf-at 5} 1068 -- Syntaxes (for use with LDAP accessible directories) 1069 pkcs-9-sx-pkcs9String OBJECT IDENTIFIER ::= {pkcs-9-sx 1} 1070 pkcs-9-sx-signingTime OBJECT IDENTIFIER ::= {pkcs-9-sx 2} 1072 -- Matching rules 1073 pkcs-9-mr-caseIgnoreMatch OBJECT IDENTIFIER ::= {pkcs-9-mr 1} 1074 pkcs-9-mr-signingTimeMatch OBJECT IDENTIFIER ::= {pkcs-9-mr 2} 1076 -- Arcs with attributes defined elsewhere 1077 smime OBJECT IDENTIFIER ::= {pkcs-9 16} 1079 -- Main arc for S/MIME (RFC 2633) 1080 certTypes OBJECT IDENTIFIER ::= {pkcs-9 22} 1081 -- Main arc for certificate types defined in PKCS #12 1082 crlTypes OBJECT IDENTIFIER ::= {pkcs-9 23} 1084 -- Main arc for crl types defined in PKCS #12 1086 -- Other object identifiers 1087 id-at-pseudonym OBJECT IDENTIFIER ::= {id-at 65} 1089 -- Useful types 1091 PKCS9String {INTEGER : maxSize} ::= CHOICE { 1092 ia5String IA5String (SIZE(1..maxSize)), 1093 directoryString DirectoryString {maxSize} 1094 } 1096 -- Object classes 1098 pkcsEntity OBJECT-CLASS ::= { 1099 SUBCLASS OF { top } 1100 KIND auxiliary 1101 MAY CONTAIN { PKCSEntityAttributeSet } 1102 ID pkcs-9-oc-pkcsEntity 1103 } 1105 naturalPerson OBJECT-CLASS ::= { 1106 SUBCLASS OF { top } 1107 KIND auxiliary 1108 MAY CONTAIN { NaturalPersonAttributeSet } 1109 ID pkcs-9-oc-naturalPerson 1110 } 1112 -- Attribute sets 1114 PKCSEntityAttributeSet ATTRIBUTE ::= { 1115 pKCS7PDU | 1116 userPKCS12 | 1117 pKCS15Token | 1118 encryptedPrivateKeyInfo, 1119 ... -- For future extensions 1120 } 1122 NaturalPersonAttributeSet ATTRIBUTE ::= { 1123 emailAddress | 1124 unstructuredName | 1125 unstructuredAddress | 1126 dateOfBirth | 1127 placeOfBirth | 1128 gender | 1129 countryOfCitizenship | 1130 countryOfResidence | 1131 pseudonym | 1132 serialNumber, 1133 ... -- For future extensions 1134 } 1136 -- Attributes 1138 pKCS7PDU ATTRIBUTE ::= { 1139 WITH SYNTAX ContentInfo 1140 ID pkcs-9-at-pkcs7PDU 1141 } 1143 userPKCS12 ATTRIBUTE ::= { 1144 WITH SYNTAX PFX 1145 ID pkcs-9-at-userPKCS12 1146 } 1148 pKCS15Token ATTRIBUTE ::= { 1149 WITH SYNTAX PKCS15Token 1150 ID pkcs-9-at-pkcs15Token 1151 } 1153 encryptedPrivateKeyInfo ATTRIBUTE ::= { 1154 WITH SYNTAX EncryptedPrivateKeyInfo 1155 ID pkcs-9-at-encryptedPrivateKeyInfo 1156 } 1158 emailAddress ATTRIBUTE ::= { 1159 WITH SYNTAX IA5String (SIZE(1..pkcs-9-ub-emailAddress)) 1160 EQUALITY MATCHING RULE pkcs9CaseIgnoreMatch 1161 ID pkcs-9-at-emailAddress 1162 } 1164 unstructuredName ATTRIBUTE ::= { 1165 WITH SYNTAX PKCS9String {pkcs-9-ub-unstructuredName} 1166 EQUALITY MATCHING RULE pkcs9CaseIgnoreMatch 1167 ID pkcs-9-at-unstructuredName 1168 } 1170 unstructuredAddress ATTRIBUTE ::= { 1171 WITH SYNTAX DirectoryString {pkcs-9-ub-unstructuredAddress} 1172 EQUALITY MATCHING RULE caseIgnoreMatch 1173 ID pkcs-9-at-unstructuredAddress 1174 } 1176 dateOfBirth ATTRIBUTE ::= { 1177 WITH SYNTAX GeneralizedTime 1178 EQUALITY MATCHING RULE generalizedTimeMatch 1179 SINGLE VALUE TRUE 1180 ID pkcs-9-at-dateOfBirth 1181 } 1183 placeOfBirth ATTRIBUTE ::= { 1184 WITH SYNTAX DirectoryString {pkcs-9-ub-placeOfBirth} 1185 EQUALITY MATCHING RULE caseExactMatch 1186 SINGLE VALUE TRUE 1187 ID pkcs-9-at-placeOfBirth 1188 } 1190 gender ATTRIBUTE ::= { 1191 WITH SYNTAX PrintableString (SIZE(1) ^ 1192 FROM ("M" | "F" | "m" | "f")) 1193 EQUALITY MATCHING RULE caseIgnoreMatch 1194 SINGLE VALUE TRUE 1195 ID pkcs-9-at-gender 1196 } 1198 countryOfCitizenship ATTRIBUTE ::= { 1199 WITH SYNTAX PrintableString (SIZE(2))(CONSTRAINED BY { 1200 -- Must be a two-letter country acronym in accordance with 1201 -- ISO/IEC 3166 --}) 1202 EQUALITY MATCHING RULE caseIgnoreMatch 1203 ID pkcs-9-at-countryOfCitizenship 1204 } 1206 countryOfResidence ATTRIBUTE ::= { 1207 WITH SYNTAX PrintableString (SIZE(2))(CONSTRAINED BY { 1208 -- Must be a two-letter country acronym in accordance with 1209 -- ISO/IEC 3166 --}) 1210 EQUALITY MATCHING RULE caseIgnoreMatch 1211 ID pkcs-9-at-countryOfResidence 1212 } 1214 pseudonym ATTRIBUTE ::= { 1215 WITH SYNTAX DirectoryString {pkcs-9-ub-pseudonym} 1216 EQUALITY MATCHING RULE caseExactMatch 1217 ID id-at-pseudonym 1218 } 1220 contentType ATTRIBUTE ::= { 1221 WITH SYNTAX ContentType 1222 EQUALITY MATCHING RULE objectIdentifierMatch 1223 SINGLE VALUE TRUE 1224 ID pkcs-9-at-contentType 1226 } 1228 ContentType ::= OBJECT IDENTIFIER 1230 messageDigest ATTRIBUTE ::= { 1231 WITH SYNTAX MessageDigest 1232 EQUALITY MATCHING RULE octetStringMatch 1233 SINGLE VALUE TRUE 1234 ID pkcs-9-at-messageDigest 1235 } 1237 MessageDigest ::= OCTET STRING 1239 signingTime ATTRIBUTE ::= { 1240 WITH SYNTAX SigningTime 1241 EQUALITY MATCHING RULE signingTimeMatch 1242 SINGLE VALUE TRUE 1243 ID pkcs-9-at-signingTime 1244 } 1246 SigningTime ::= Time -- imported from ISO/IEC 9594-8 1248 randomNonce ATTRIBUTE ::= { 1249 WITH SYNTAX RandomNonce 1250 EQUALITY MATCHING RULE octetStringMatch 1251 SINGLE VALUE TRUE 1252 ID pkcs-9-at-randomNonce 1253 } 1255 RandomNonce ::= OCTET STRING (SIZE(4..MAX)) 1256 -- At least four bytes long 1258 sequenceNumber ATTRIBUTE ::= { 1259 WITH SYNTAX SequenceNumber 1260 EQUALITY MATCHING RULE integerMatch 1261 SINGLE VALUE TRUE 1262 ID pkcs-9-at-sequenceNumber 1263 } 1265 SequenceNumber ::= INTEGER (1..MAX) 1267 counterSignature ATTRIBUTE ::= { 1268 WITH SYNTAX SignerInfo 1269 ID pkcs-9-at-counterSignature 1270 } 1272 challengePassword ATTRIBUTE ::= { 1273 WITH SYNTAX DirectoryString {pkcs-9-ub-challengePassword} 1274 EQUALITY MATCHING RULE caseExactMatch 1275 SINGLE VALUE TRUE 1276 ID pkcs-9-at-challengePassword 1277 } 1279 extensionRequest ATTRIBUTE ::= { 1280 WITH SYNTAX ExtensionRequest 1281 SINGLE VALUE TRUE 1282 ID pkcs-9-at-extensionRequest 1283 } 1285 ExtensionRequest ::= Extensions 1287 extendedCertificateAttributes ATTRIBUTE ::= { 1288 WITH SYNTAX SET OF Attribute 1289 SINGLE VALUE TRUE 1290 ID pkcs-9-at-extendedCertificateAttributes 1291 } 1293 friendlyName ATTRIBUTE ::= { 1294 WITH SYNTAX BMPString (SIZE(1..pkcs-9-ub-friendlyName)) 1295 EQUALITY MATCHING RULE caseIgnoreMatch 1296 SINGLE VALUE TRUE 1297 ID pkcs-9-at-friendlyName 1298 } 1300 localKeyId ATTRIBUTE ::= { 1301 WITH SYNTAX OCTET STRING 1302 EQUALITY MATCHING RULE octetStringMatch 1303 SINGLE VALUE TRUE 1304 ID pkcs-9-at-localKeyId 1305 } 1307 signingDescription ATTRIBUTE ::= { 1308 WITH SYNTAX DirectoryString {pkcs-9-ub-signingDescription} 1309 EQUALITY MATCHING RULE caseIgnoreMatch 1310 SINGLE VALUE TRUE 1311 ID pkcs-9-at-signingDescription 1312 } 1314 smimeCapabilities ATTRIBUTE ::= { 1315 WITH SYNTAX SMIMECapabilities 1316 SINGLE VALUE TRUE 1317 ID pkcs-9-at-smimeCapabilities 1318 } 1320 SMIMECapabilities ::= SEQUENCE OF SMIMECapability 1321 SMIMECapability ::= SEQUENCE { 1322 algorithm ALGORITHM.&id ({SMIMEv3Algorithms}), 1323 parameters ALGORITHM.&Type ({SMIMEv3Algorithms}{@algorithm}) 1324 } 1326 SMIMEv3Algorithms ALGORITHM ::= {...-- See RFC 2633 --} 1328 -- Matching rules 1330 pkcs9CaseIgnoreMatch MATCHING-RULE ::= { 1331 SYNTAX PKCS9String {pkcs-9-ub-match} 1332 ID pkcs-9-mr-caseIgnoreMatch 1333 } 1335 signingTimeMatch MATCHING-RULE ::= { 1336 SYNTAX SigningTime 1337 ID pkcs-9-mr-signingTimeMatch 1338 } 1340 END 1342 B. BNF schema summary This appendix provides augmented BNF [2] 1343 definitions of the object class and most attribute types specified in 1344 this document along with their associated syntaxes and matching 1345 rules. The ABNF definitions have been done in accordance with [21], 1346 in an attempt to ease integration with LDAP-accessible Directory 1347 systems. Lines have been folded in some cases to improve readability. 1349 B.1 Syntaxes 1351 This section defines all syntaxes that are used in this document. 1353 B.1.1 PKCS9String 1355 ( 1356 1.2.840.113549.1.9.26.1 1357 DESC 'PKCS9String' 1358 ) 1360 The encoding of a value in this syntax is the string value itself. 1362 B.1.2 SigningTime 1364 ( 1365 1.2.840.113549.1.9.26.2 1366 DESC 'SigningTime' 1367 ) 1368 Values in this syntax are encoded as printable strings, represented 1369 as specified in [5]. Note that the time zone must be specified. For 1370 example, "199412161032Z". 1372 B.2 Object classes 1374 B.2.1 pkcsEntity 1376 ( 1377 1.2.840.113549.1.9.24.1 1378 NAME 'pkcsEntity' 1379 SUP top 1380 AUXILIARY 1381 MAY ( 1382 pKCS7PDU $ userPKCS12 $ pKCS15Token $ encryptedPrivateKeyInfo 1383 ) 1384 ) 1386 B.2.2 naturalPerson 1388 ( 1389 1.2.840.113549.1.9.24.2 1390 NAME 'naturalPerson' 1391 SUP top 1392 AUXILIARY 1393 MAY ( 1394 emailAddress $ unstructuredName $ unstructuredAddress $ 1395 dateOfBirth & placeOfBirth & gender & countryOfCitizenship & 1396 countryOfResidence & pseudonym & serialNumber 1397 ) 1398 ) 1400 B.3 Attribute types 1402 B.3.1 pKCS7PDU 1404 This attribute is to be stored and requested in binary form, as 1405 pKCS7PDU;binary. The attribute values are BER- or DER-encoded 1406 ContentInfo values. 1408 ( 1409 1.2.840.113549.1.9.25.5 1410 NAME 'pKCS7PDU' 1411 DESC 'PKCS #7 ContentInfo PDU' 1412 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 1413 ) 1415 B.3.2 userPKCS12 1416 This attribute is to be stored and requested in binary form, as 1417 userPKCS12;binary. The attribute values are PFX PDUs stored as binary 1418 (BER- or DER-encoded) data. 1420 ( 1421 2.16.840.1.113730.3.1.216 1422 NAME 'userPKCS12' 1423 DESC 'PKCS #12 PFX PDU for exchange of personal information' 1424 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 1425 ) 1427 B.3.3 pKCS15Token 1429 This attribute is to be stored and requested in binary form, as 1430 pKCS15Token;binary. The attribute values are PKCS15Token PDUs stored 1431 as binary (BER- or DER-encoded) data. 1433 ( 1434 1.2.840.113549.1.9.25.1 1435 NAME 'pKCS15Token' 1436 DESC 'PKCS #15 token PDU' 1437 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 1438 ) 1440 B.3.4 encryptedPrivateKeyInfo 1442 This attribute is to be stored and requested in binary form, as 1443 encryptedPrivateKeyInfo;binary. The attribute values are 1444 EncryptedPrivateKeyInfo PDUs stored as binary (BER- or DER-encoded) 1445 data. 1447 ( 1448 1.2.840.113549.1.9.25.2 1449 NAME 'encryptedPrivateKeyInfo' 1450 DESC 'PKCS #8 encrypted private key info' 1451 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 1452 ) 1454 B.3.5 emailAddress 1456 ( 1457 1.2.840.113549.1.9.1 1458 NAME 'emailAddress' 1459 DESC 'Email address' 1460 EQUALITY pkcs9CaseIgnoreMatch 1461 SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 1462 ) 1464 B.3.6 unstructuredName 1466 ( 1467 1.2.840.113549.1.9.2 1468 NAME 'unstructuredName' 1469 DESC 'PKCS #9 unstructured name' 1470 EQUALITY pkcs9CaseIgnoreMatch 1471 SYNTAX 1.2.840.113549.1.9.26.1 1472 ) 1474 B.3.7 unstructuredAddress 1476 ( 1477 1.2.840.113549.1.9.8 1478 NAME 'unstructuredAddress' 1479 DESC 'PKCS #9 unstructured address' 1480 EQUALITY caseIgnoreMatch 1481 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 1482 ) 1484 B.3.8 dateOfBirth 1486 ( 1487 1.3.6.1.5.5.7.9.1 1488 NAME 'dateOfBirth' 1489 DESC 'Date of birth' 1490 EQUALITY generalizedTimeMatch 1491 SYNTAX 1.3.6.1.4.1.1466.115.121.1.24 1492 SINGLE-VALUE 1493 ) 1495 B.3.9 placeOfBirth 1497 ( 1498 1.3.6.1.5.5.7.9.2 1499 NAME 'placeOfBirth' 1500 DESC 'Place of birth' 1501 EQUALITY caseExactMatch 1502 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 1503 SINGLE-VALUE 1504 ) 1506 B.3.10 gender 1508 ( 1509 1.3.6.1.5.5.7.9.3 1510 NAME 'gender' 1511 DESC 'Gender' 1512 EQUALITY caseIgnoreMatch 1513 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 1514 SINGLE-VALUE 1515 ) 1517 B.3.11 countryOfCitizenship 1519 ( 1520 1.3.6.1.5.5.7.9.4 1521 NAME 'countryOfCitizenship' 1522 DESC 'Country of citizenship' 1523 EQUALITY caseIgnoreMatch 1524 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 1525 ) 1527 B.3.12 countryOfResidence 1529 ( 1530 1.3.6.1.5.5.7.9.5 1531 NAME 'countryOfResidence' 1532 DESC 'Country of residence' 1533 EQUALITY caseIgnoreMatch 1534 SYNTAX 1.3.6.1.4.1.1466.115.121.1.44 1535 ) 1537 B.3.13 pseudonym 1539 ( 1540 2.5.4.65 1541 NAME 'pseudonym' 1542 DESC 'Pseudonym' 1543 EQUALITY caseExactMatch 1544 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 1545 ) 1547 B.3.14 contentType 1549 In the (highly unlikely) event of this attribute being stored in a 1550 Directory it is to be stored and requested in binary form, as 1551 contentType;binary. Attribute values shall be OCTET STRINGs stored as 1552 binary (BER- or DER-encoded) data. 1554 ( 1555 1.2.840.113549.1.9.3 1556 NAME 'contentType' 1557 DESC 'PKCS #7 content type attribute' 1558 EQUALITY objectIdentifierMatch 1559 SYNTAX 1.3.6.1.4.1.1466.115.121.1.38 1560 SINGLE-VALUE 1561 ) 1563 B.3.15 messageDigest 1565 In the (highly unlikely) event of this attribute being stored in a 1566 Directory it is to be stored and requested in binary form, as 1567 messageDigest;binary. Attribute values shall be OCTET STRINGs stored 1568 as binary (BER- or DER-encoded) data. 1570 ( 1571 1.2.840.113549.1.9.4 1572 NAME 'messageDigest' 1573 DESC 'PKCS #7 mesage digest attribute' 1574 EQUALITY octetStringMatch 1575 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 1576 SINGLE-VALUE 1577 ) 1579 B.3.16 signingTime 1581 ( 1582 1.2.840.113549.1.9.5 1583 NAME 'signingTime' 1584 DESC 'PKCS #7 signing time' 1585 EQUALITY signingTimeMatch 1586 SYNTAX 1.2.840.113549.1.9.26.2 1587 SINGLE-VALUE 1588 ) 1590 B.3.17 counterSignature 1592 In the (highly unlikely) event that this attribute is to be stored in 1593 a directory, it is to be stored and requested in binary form, as 1594 counterSignature;binary. Attribute values shall be stored as binary 1595 (BER- or DER-encoded) data. 1597 ( 1598 1.2.840.113549.1.9.6 1599 NAME 'counterSignature' 1600 DESC 'PKCS #7 countersignature' 1601 SYNTAX 1.3.6.1.4.1.1466.115.121.1.5 1602 ) 1604 B.3.18 challengePassword 1606 ( 1607 1.2.840.113549.1.9.7 1608 NAME 'challengePassword' 1609 DESC 'Challenge password for certificate revocations' 1610 EQUALITY caseExactMatch 1611 SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 1612 SINGLE-VALUE 1613 ) 1615 Note - It is not recommended to store unprotected values of this 1616 attribute in a directory. 1618 B.4 Matching rules 1620 B.4.1 pkcs9CaseIgnoreMatch 1622 ( 1623 1.2.840.113549.1.9.27.1 1624 NAME 'pkcs9CaseIgnoreMatch' 1625 SYNTAX 1.2.840.113549.1.9.26.1 1626 ) 1628 B.4.2 signingTimeMatch 1630 ( 1631 1.2.840.113549.1.9.27.3 1632 NAME 'signingTimeMatch' 1633 SYNTAX 1.2.840.113549.1.9.26.2 1634 ) 1636 C. Intellectual property considerations 1638 RSA Security makes no patent claims on the general constructions 1639 described in this document, although specific underlying techniques 1640 may be covered. 1642 License to copy this document is granted provided that it is 1643 identified as "RSA Security Inc. Public-Key Cryptography Standards 1644 (PKCS)" in all material mentioning or referencing this document. 1646 RSA Security makes no representations regarding intellectual property 1647 claims by other parties. Such determination is the responsibility of 1648 the user. 1650 D. Revision history 1652 Version 1.0 1654 Version 1.0 was part of the June 3, 1991 initial public release 1655 of PKCS. Version 1.0 was also published as NIST/OSI Implementors' 1656 Workshop document SEC-SIG-91-24. 1658 Version 1.1 1660 Version 1.1 incorporated several editorial changes, including 1661 updates to the references and the addition of a revision 1662 history. The following substantive changes were made: 1664 - Section 6: challengePassword, unstructuredAddress, and 1665 extendedCertificateAttributes attribute types were added 1666 - Section 7: challengePassword, unstructuredAddress, and 1667 extendedCertificateAttributes object identifiers were added 1669 Version 2.0 1671 Version 2.0 incorporates several editorial changes as well. In 1672 addition, the following substantive changes have been made: 1674 - Addition of a Section defining two new auxiliary object 1675 classes, pkcsEntity and naturalPerson 1676 - Addition of several new attribute types and matching rules for 1677 use in conjunction with these object classes and elsewhere 1678 - Update of all ASN.1 to be in line with the 1997 version of this 1679 syntax 1680 - Addition a "compilable" ASN.1 module 1681 - Addition, in accordance with [21], an ABNF description of all 1682 attributes and object classes 1683 - Addition of an intellectual property considerations section 1685 E. References 1687 [1] S. Bradner. RFC 2119: Key words for use in RFCs to Indicate 1688 Requirement Levels. IETF, March 1997. 1690 [2] D. Crocker, P. Overell. RFC 2234: Augmented BNF for Syntax 1691 Specifications: ABNF. IETF, November 1997. 1693 [3] R. Housley. RFC 2630: Cryptographic Message Syntax CMS. IETF, 1694 June 1999. 1696 [4] ISO/IEC 3166-1:Codes for the representation of names of countries 1697 and their subdivisions - Part 1: Country codes. 1997. 1699 [5] ISO/IEC 8824-1:1999: Information technology - Abstract Syntax 1700 Notation One (ASN.1) - Specification of basic notation.1999. 1702 [6] ISO/IEC 8825-1:1999: Information technology - ASN.1 Encoding 1703 Rules: Specification of Basic Encoding Rules (BER), Canonical 1704 Encoding Rules (CER) and Distinguished Encoding Rules (DER). 1999. 1706 [7] ISO/IEC 9594-2:1997: Information technology - Open Systems 1707 Interconnection - The Directory: Models. 1997. 1709 [8] ISO/IEC 9594-6:1997: Information technology - Open Systems 1710 Interconnection - The Directory: Selected attribute types. 1997. 1712 [9] ISO/IEC 9594-7:1997: Information technology - Open Systems 1713 Interconnection - The Directory: Selected object classes. 1997. 1715 [10] ISO/IEC 9594-8:1997: Information technology - Open Systems 1716 Interconnection - The Directory: Authentication framework. 1997. 1718 [11] ISO/IEC 10646-1: Information Technology - Universal Multiple- 1719 Octet Coded Character Set (UCS) - Part 1: Architecture and Basic 1720 Multilingual Plane. 1993. 1722 [12] B. Ramsdell. RFC 2633: S/MIME Version 3 Message Specification. 1723 IETF, June 1999. 1725 [13] RSA Laboratories. PKCS #6: Extended-Certificate Syntax Standard. 1726 Version 1.5, November 1993. 1728 [14] RSA Laboratories. PKCS #7: Cryptographic Message Syntax 1729 Standard. Version 1.5, November 1993. 1731 [15] RSA Laboratories. PKCS #8: Private-Key Information Syntax 1732 Standard. Version 1.2, November 1993. 1734 [16] RSA Laboratories. PKCS #10: Certification Request Syntax 1735 Standard. Version 1.0, November 1993. 1737 [17] RSA Laboratories. PKCS #12: Personal Information Exchange Syntax 1738 Standard. Version 1.0, June 1999. 1740 [18] RSA Laboratories. PKCS #15: Cryptographic Token Information 1741 Format Standard. Version 1.1 (Draft), December 1999. 1743 [19] S. Santesson, W. Polk, P. Barzin, M. Nystrom. Internet X.509 1744 Public Key Infrastructure - Qualified Certificates Profile. IETF work 1745 in progress, February 2000. 1747 [20] M. Smith. Definition of the inetOrgPerson LDAP Object Class. 1748 IETF work in progress, January 2000. 1750 [21] M. Wahl, A. Coulbeck, T. Howes, S. Kille. RFC 2252: Lightweight 1751 Directory Access Protocol (v3): Attribute Syntax Definitions. IETF, 1752 December 1997. 1754 [22] M. Wahl, T. Howes, S. Kille. RFC 2251: Lightweight Directory 1755 Access Protocol (v3). IETF, December 1997. 1757 F. About PKCS 1759 The Public-Key Cryptography Standards are specifications produced by 1760 RSA Laboratories in cooperation with secure systems developers 1761 worldwide for the purpose of accelerating the deployment of public- 1762 key cryptography. First published in 1991 as a result of meetings 1763 with a small group of early adopters of public-key technology, the 1764 PKCS documents have become widely referenced and implemented. 1765 Contributions from the PKCS series have become part of many formal 1766 and de facto standards, including ANSI X9 documents, PKIX, SET, 1767 S/MIME, and SSL. 1769 Further development of PKCS occurs through mailing list discussions 1770 and occasional workshops, and suggestions for improvement are 1771 welcome. For more information, contact: 1773 PKCS Editor 1774 RSA Laboratories 1775 20 Crosby Drive 1776 Bedford, MA 01730 USA 1777 pkcs-editor@rsasecurity.com 1778 http://www.rsasecurity.com/rsalabs/PKCS