Technical Summary
This document describes the use of the Cryptographic Message Syntax
(CMS) to protect firmware packages, which provide object code for one
or more hardware module components. CMS is specified in RFC 3852. A
digital signature is used to protect the firmware package from
undetected modification and provide data origin authentication.
Encryption is optionally used to protect the firmware package from
disclosure, and compression is optionally used to reduce the size of
the protected firmware package. A firmware package loading receipt
can optionally be generated to acknowledge the successful loading of a
firmware package. Similarly, a firmware package load error report can
optionally be generated to convey the failure to load a firmware
package.
Working Group Summary
This is an individual submission, but the author has asked
participants of the S/MIME WG to review this document. Several people
did provide comments.
Protocol Quality
This document was reviewed by Sam Hartman for the IESG.