datatracker.ietf.org
Sign in
Version 5.6.3.p2, 2014-09-29
Report a bug

Elliptic Curve Cryptography Subject Public Key Information
RFC 5480

Network Working Group                                          S. Turner
Request for Comments: 5480                                          IECA
Updates: 3279                                                   D. Brown
Category: Standards Track                                       Certicom
                                                                  K. Yiu
                                                               Microsoft
                                                              R. Housley
                                                          Vigil Security
                                                                 T. Polk
                                                                    NIST
                                                              March 2009

      Elliptic Curve Cryptography Subject Public Key Information

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (c) 2009 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents in effect on the date of
   publication of this document (http://trustee.ietf.org/license-info).
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.

Abstract

   This document specifies the syntax and semantics for the Subject
   Public Key Information field in certificates that support Elliptic
   Curve Cryptography.  This document updates Sections 2.3.5 and 5, and
   the ASN.1 module of "Algorithms and Identifiers for the Internet
   X.509 Public Key Infrastructure Certificate and Certificate
   Revocation List (CRL) Profile", RFC 3279.

Turner, et al.              Standards Track                     [Page 1]
RFC 5480            ECC SubjectPublicKeyInfo Format           March 2009

Table of Contents

   1. Introduction ....................................................2
      1.1. Terminology ................................................3
   2. Subject Public Key Information Fields ...........................3
      2.1. Elliptic Curve Cryptography Public Key Algorithm
           Identifiers ................................................3
      2.2. Subject Public Key .........................................7
   3. Key Usage Bits ..................................................7
   4. Security Considerations .........................................8
   5. ASN.1 Considerations ...........................................10
   6. IANA Considerations ............................................11
   7. Acknowledgments ................................................11
   8. References .....................................................11
      8.1. Normative References ......................................11
      8.2. Informative References ....................................12
   Appendix A. ASN.1 Module ..........................................13

1.  Introduction

   This document specifies the format of the subjectPublicKeyInfo field
   in X.509 certificates [PKI] that use Elliptic Curve Cryptography
   (ECC).  It updates RFC 3279 [PKI-ALG].  This document specifies the
   encoding formats for public keys used with the following ECC
   algorithms:

      o Elliptic Curve Digital Signature Algorithm (ECDSA);

      o Elliptic Curve Diffie-Hellman (ECDH) family schemes; and

      o Elliptic Curve Menezes-Qu-Vanstone (ECMQV) family schemes.

   Two methods for specifying the algorithms that can be used with the
   subjectPublicKey are defined.  One method allows the key to be used
   with any ECC algorithm, while the other method restricts the usage of
   the key to specific algorithms.  To promote interoperability, this
   document indicates which is required to implement for Certification
   Authorities (CAs) that implement ECC algorithms and relying parties
   that claim to process ECC algorithms.

   The ASN.1 [X.680] module in this document includes ASN.1 for ECC
   algorithms.  It also includes ASN.1 for non-ECC algorithms defined in
   [PKI-ALG] and [PKI-ADALG], even though the associated text is
   unaffected.  By updating all of the ASN.1 from [PKI-ALG] in this
   document, implementers only need to use the module found in this
   document.

Turner, et al.              Standards Track                     [Page 2]
RFC 5480            ECC SubjectPublicKeyInfo Format           March 2009

[include full document text]