idnits 2.17.00 (12 Aug 2021) /tmp/idnits21731/draft-turner-additional-new-asn-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** You're using the IETF Trust Provisions' Section 6.b License Notice from 12 Sep 2009 rather than the newer Notice from 28 Dec 2009. (See https://trustee.ietf.org/license-info/) Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There are 2 instances of too long lines in the document, the longest one being 3 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (March 1, 2010) is 4463 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 4049 (Obsoleted by RFC 6019) == Outdated reference: draft-ietf-smime-new-asn1 has been published as RFC 5911 == Outdated reference: draft-ietf-pkix-new-asn1 has been published as RFC 5912 Summary: 3 errors (**), 0 flaws (~~), 3 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group J. Schaad 3 Internet-Draft Soaring Hawk Consulting 4 Intended status: Informational S. Turner 5 Expires: September 2, 2010 IECA, Inc. 6 March 1, 2010 8 Additional New ASN.1 Modules 9 draft-turner-additional-new-asn-00 11 Abstract 13 The Cryptographic Message Syntax (CMS) format, and many associated 14 formats, are expressed using ASN.1. The current ASN.1 modules 15 conform to the 1988 version of ASN.1. This document updates some 16 auxiliary ASN.1 modules to conform to the 2002 version of ASN.1. 17 There are no bits-on-the-wire changes to any of the formats; this is 18 simply a change to the syntax. 20 Status of this Memo 22 This Internet-Draft is submitted to IETF in full conformance with the 23 provisions of BCP 78 and BCP 79. 25 Internet-Drafts are working documents of the Internet Engineering 26 Task Force (IETF), its areas, and its working groups. Note that 27 other groups may also distribute working documents as Internet- 28 Drafts. 30 Internet-Drafts are draft documents valid for a maximum of six months 31 and may be updated, replaced, or obsoleted by other documents at any 32 time. It is inappropriate to use Internet-Drafts as reference 33 material or to cite them other than as "work in progress." 35 The list of current Internet-Drafts can be accessed at 36 http://www.ietf.org/ietf/1id-abstracts.txt. 38 The list of Internet-Draft Shadow Directories can be accessed at 39 http://www.ietf.org/shadow.html. 41 This Internet-Draft will expire on September 2, 2010. 43 Copyright Notice 45 Copyright (c) 2010 IETF Trust and the persons identified as the 46 document authors. All rights reserved. 48 This document is subject to BCP 78 and the IETF Trust's Legal 49 Provisions Relating to IETF Documents 50 (http://trustee.ietf.org/license-info) in effect on the date of 51 publication of this document. Please review these documents 52 carefully, as they describe your rights and restrictions with respect 53 to this document. Code Components extracted from this document must 54 include Simplified BSD License text as described in Section 4.e of 55 the Trust Legal Provisions and are provided without warranty as 56 described in the BSD License. 58 1. Introduction 60 Some developers would like the IETF to use the latest version of 61 ASN.1 in its standards. Most of the RFCs that relate to security 62 protocols still use ASN.1 from the 1988 standard, which has been 63 deprecated. This is particularly true for the standards that relate 64 to PKIX, CMS, and S/MIME. 66 This document updates the following RFCs to use ASN.1 modules that 67 conform to the 2002 version of ASN.1 [ASN1-2002]. 69 RFC 4049, BinaryTime: An Alternate Format for Representing Date 70 and Time in ASN.1 [RFC4049] 72 RFC 4073, Protecting Multiple Contents with the Cryptographic 73 Message Syntax (CMS) [RFC4073] 75 RFC 5752, Multiple Signatures in Cryptographic Message Syntax 76 (CMS) [RFC5752] 78 Note that some of the modules in this document get some of their 79 definitions from places different than the modules in the original 80 RFCs. The idea is that these modules, when combined with the modules 81 in [I-D.ietf-pkix-new-asn1] and [I-D.ietf-smime-new-asn1] can stand 82 on their own and do not need to import definitions from anywhere 83 else. 85 1.1. Requirements Terminology 87 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 88 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 89 document are to be interpreted as described in [RFC2119]. 91 2. ASN.1 Module RFC 4049 93 BinarySigningTimeModule-2009 94 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 95 pkcs-9(9) smime(16) modules(0) TBD-1 } 96 DEFINITIONS IMPLICIT TAGS ::= 97 BEGIN 98 IMPORTS 100 -- From PKIX-CommonTypes-2009 [I-D.ietf-pkix-new-asn1] 102 ATTRIBUTE 103 FROM PKIX-CommonTypes-2009 104 { iso(1) identified-organization(3) dod(6) internet(1) 105 security(5) mechanisms(5) pkix(7) id-mod(0) 106 id-mod-pkixCommon-02(57) } 107 ; 109 -- BinaryTime Definition 111 BinaryTime ::= INTEGER (0..MAX) 113 -- Signing Binary Time Attribute 115 aa-binarySigningTime ATTRIBUTE ::= { 116 TYPE BinarySigningTime 117 IDENTIFIED BY id-aa-binarySigningTime } 119 id-aa-binarySigningTime OBJECT IDENTIFIER ::= { iso(1) 120 member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 121 smime(16) aa(2) 46 } 123 BinarySigningTime ::= BinaryTime 125 END 127 3. ASN.1 Module RFC 4073 129 ContentCollectionModule-2009 130 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 131 pkcs-9(9) smime(16) modules(0) TBD-2 } 132 DEFINITIONS IMPLICIT TAGS ::= 133 BEGIN 134 IMPORTS 136 -- From CryptographicMessageSyntax-2009 [I-D.ietf-smime-new-asn1] 137 CONTENT-TYPE, Attribute, ContentInfo 138 FROM CryptographicMessageSyntax-2009 139 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 140 pkcs-9(9) smime(16) modules(0) cms-2001(14) } 141 ; 143 -- Content Collection Content Type and Object Identifier 145 ct-ContentCollection CONTENT TYPE ::= { 146 ContentCollection IDENTIFIED BY id-ct-contentCollection } 148 id-ct-contentCollection OBJECT IDENTIFIER ::= { 149 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 150 smime(16) ct(1) 19 } 152 ContentCollection ::= SEQUENCE SIZE (1..MAX) OF ContentInfo 154 -- Content With Attributes Content Type and Object Identifier 156 ct-ContentWithAttributes CONTENT TYPE ::= { 157 { ContentWithAttributes IDENTIFIED BY id-ct-contentWithAttrs } 159 id-ct-contentWithAttrs OBJECT IDENTIFIER ::= { 160 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 161 smime(16) ct(1) 20 } 163 ContentWithAttributes ::= SEQUENCE { 164 content ContentInfo, 165 attrs SEQUENCE SIZE (1..MAX) OF Attribute 166 { ContentAttributes } 168 ContentAttributes ATTRIBUTE ::= { ... } 169 END 171 4. ASN.1 Module RFC 5752 173 MultipleSignatures-2009 174 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 175 smime(16) modules(0) TBD-3 } 176 DEFINITIONS IMPLICIT TAGS ::= 177 BEGIN 178 -- EXPORTS All 179 -- The types and values defined in this module are exported for use 180 -- in the other ASN.1 modules. Other applications may use them for 181 -- their own purposes. 183 IMPORTS 185 -- Imports from PKIX-Common-Types-2009 [I-D.ietf-pkix-new-asn1] 187 ATTRIBUTE 188 FROM PKIX-CommonTypes-2009 189 { iso(1) identified-organization(3) dod(6) internet(1) 190 security(5) mechanisms(5) pkix(7) id-mod(0) 191 id-mod-pkixCommon-02(57) } 193 -- Imports from CryptographicMessageSyntax-2009 [I-D.ietf-smime-new-asn1] 195 DigestAlgorithmIdentifier, SignatureAlgorithmIdentifier 196 FROM CryptographicMessageSyntax-2009 197 { iso(1) member-body(2) us(840) rsadsi(113549) 198 pkcs(1) pkcs-9(9) smime(16) modules(0) id-mod-cms-2004-02(41) } 200 -- Imports from ExtendedSecurityServices-2009 [I-D.ietf-smime-new-asn1] 202 ESSCertIDv2 203 FROM ExtendedSecurityServices-2009 204 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 205 smime(16) modules(0) id-mod-ess-2006-02(42) } 206 ; 208 -- Section 3.0 210 at-multipleSignatures ATTRIBUTE ::= { 211 TYPE MultipleSignature 212 IDENTIFIED BY id-aa-multipleSignatures } 214 id-aa-multipleSignatures OBJECT IDENTIFIER ::= { 215 iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) 216 id-aa(2) 51 } 218 MultipleSignatures ::= SEQUENCE { 219 bodyHashAlg DigestAlgorithmIdentifier, 220 signAlg SignatureAlgorithmIdentifier, 221 signAttrsHash SignAttrsHash, 222 cert ESSCertIDv2 OPTIONAL } 224 SignAttrsHash ::= SEQUENCE { 225 algID DigestAlgorithmIdentifier, 226 hash OCTET STRING } 228 END -- of MultipleSignatures-2008 230 5. Security Considerations 232 This document itself does not have any security considerations. The 233 ASN.1 modules keep the same bits-on-the-wire as the modules that they 234 replace. 236 6. IANA Considerations 238 None. 240 7. Normative References 242 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 243 Requirement Levels", BCP 14, RFC 2119, March 1997. 245 [RFC4049] Housley, R., "BinaryTime: An Alternate Format for 246 Representing Date and Time in ASN.1", RFC 4049, 247 April 2005. 249 [RFC4073] Housley, R., "Protecting Multiple Contents with the 250 Cryptographic Message Syntax (CMS)", RFC 4073, May 2005. 252 [RFC5752] Turner, S. and J. Schaad, "Multiple Signatures in 253 Cryptographic Message Syntax (CMS)", RFC 5752, 254 January 2010. 256 [I-D.ietf-smime-new-asn1] 257 Hoffman, P. and J. Schaad, "New ASN.1 Modules for CMS and 258 S/MIME", draft-ietf-smime-new-asn1-07 (work in progress), 259 August 2009. 261 [I-D.ietf-pkix-new-asn1] 262 Hoffman, P. and J. Schaad, "New ASN.1 Modules for PKIX", 263 draft-ietf-pkix-new-asn1-07 (work in progress), 264 August 2009. 266 [ASN1-2002] 267 ITU-T, "ITU-T Recommendation X.680, X.681, X.682, and 268 X.683", 2002. 270 Authors' Addresses 272 Jim Schaad 273 Soaring Hawk Consulting 274 PO Box 675 275 Gold Bar, WA 98251 277 Email: ietf@augustcellars.com 279 Sean Turner 280 IECA, Inc. 281 3057 Nutley Street, Suite 106 282 Fairfax, VA 22031 284 Email: turners@ieca.com