Skip to main content

Cryptographic Message Syntax (CMS) Content Constraints Extension

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>
Subject: Protocol Action: 'Cryptographic Message Syntax (CMS) Content Constraints Extension' to Proposed Standard

The IESG has approved the following document:

- 'Cryptographic Message Syntax (CMS) Content Constraints Extension '
   <draft-housley-cms-content-constraints-extn-06.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Tim Polk.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

This document specifies the syntax and semantics for the Cryptographic
Message Syntax (CMS) content constraints extension.  This extension is
used to determine whether a public key is appropriate to use in the
processing of a protected content.  In particular, the CMS content
constraints extension is one part of the authorization decision; it is
used when validating a digital signature on a CMS SignedData content or
validating a message authentication code (MAC) on a CMS AuthenticatedData
content or CMS AuthEnvelopedData content.  The signed or authenticated
content type is identified by an ASN.1 object identifier, and this
extension indicates the content types that the public key is authorized to
validate.  If the authorization check is successful, the CMS content
constraints extension also provides default values for absent attributes.

Working Group Summary

This document is an individual submission.  It provides an authorization
mechanism for use with the Trust Anchor Management Protocol (TAMP).

Document Quality

The document is detailed and clear. It has been implemented as part of a
not-yet-released open source library.


   Geoff Beier is the Document Shepherd for this document.
   Tim Polk is the Responsible Area Director.

RFC Editor Note