Use of the HSS/LMS Hash-Based Signature Algorithm in the Cryptographic Message Syntax (CMS)
draft-ietf-lamps-cms-hash-sig-10
Revision differences
Document history
Date | Rev. | By | Action |
---|---|---|---|
2020-01-30
|
10 | (System) | RFC Editor state changed to AUTH48-DONE from AUTH48 |
2020-01-28
|
10 | (System) | RFC Editor state changed to AUTH48 from RFC-EDITOR |
2019-12-11
|
10 | (System) | RFC Editor state changed to RFC-EDITOR from EDIT |
2019-09-30
|
10 | (System) | IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor |
2019-09-27
|
10 | (System) | IANA Action state changed to Waiting on RFC Editor from Waiting on Authors |
2019-09-27
|
10 | (System) | IANA Action state changed to Waiting on Authors from In Progress |
2019-09-24
|
10 | (System) | RFC Editor state changed to EDIT |
2019-09-24
|
10 | (System) | IESG state changed to RFC Ed Queue from Approved-announcement sent |
2019-09-24
|
10 | (System) | Announcement was received by RFC Editor |
2019-09-23
|
10 | (System) | IANA Action state changed to In Progress |
2019-09-23
|
10 | Amy Vezza | Downref to RFC 8554 approved by Last Call for draft-ietf-lamps-cms-hash-sig-10 |
2019-09-23
|
10 | Amy Vezza | IESG state changed to Approved-announcement sent from Approved-announcement to be sent |
2019-09-23
|
10 | Amy Vezza | IESG has approved the document |
2019-09-23
|
10 | Amy Vezza | Closed "Approve" ballot |
2019-09-23
|
10 | Amy Vezza | Ballot approval text was generated |
2019-09-19
|
10 | Cindy Morgan | IESG state changed to Approved-announcement to be sent from IESG Evaluation |
2019-09-19
|
10 | Alvaro Retana | [Ballot Position Update] New position, No Objection, has been recorded for Alvaro Retana |
2019-09-19
|
10 | Ignas Bagdonas | [Ballot Position Update] New position, No Objection, has been recorded for Ignas Bagdonas |
2019-09-18
|
10 | Adam Roach | [Ballot Position Update] New position, No Objection, has been recorded for Adam Roach |
2019-09-18
|
10 | Amanda Baber | IANA Experts State changed to Expert Reviews OK |
2019-09-18
|
10 | Amanda Baber | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2019-09-18
|
10 | Suresh Krishnan | [Ballot Position Update] New position, No Objection, has been recorded for Suresh Krishnan |
2019-09-18
|
10 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2019-09-18
|
10 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-10.txt |
2019-09-18
|
10 | (System) | New version approved |
2019-09-18
|
10 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-09-18
|
10 | Russ Housley | Uploaded new revision |
2019-09-18
|
09 | Deborah Brungard | [Ballot Position Update] New position, No Objection, has been recorded for Deborah Brungard |
2019-09-18
|
09 | Warren Kumari | [Ballot comment] Thank you for writing this, and thanks to Joe for the OpsDir review -- it has some useful comments to address. |
2019-09-18
|
09 | Warren Kumari | [Ballot Position Update] New position, No Objection, has been recorded for Warren Kumari |
2019-09-18
|
09 | Alissa Cooper | [Ballot Position Update] New position, No Objection, has been recorded for Alissa Cooper |
2019-09-18
|
09 | Magnus Westerlund | [Ballot Position Update] New position, No Objection, has been recorded for Magnus Westerlund |
2019-09-17
|
09 | Martin Vigoureux | [Ballot Position Update] Position for Martin Vigoureux has been changed to No Objection from No Record |
2019-09-17
|
09 | Martin Vigoureux | [Ballot comment] Hi thank you for this document. There have been recent advances in cryptanalysis and advances in the development of quantum computers. … [Ballot comment] Hi thank you for this document. There have been recent advances in cryptanalysis and advances in the development of quantum computers. Each of these advances pose a threat to widely deployed digital signature algorithms. Recent advances in cryptoanalysis [BH2013] and progress in the development of quantum computers [NAS2019] pose a threat to widely deployed digital signature algorithms. looks redundant. -m |
2019-09-17
|
09 | Martin Vigoureux | Ballot comment text updated for Martin Vigoureux |
2019-09-17
|
09 | Éric Vyncke | [Ballot Position Update] New position, No Objection, has been recorded for Éric Vyncke |
2019-09-15
|
09 | Benjamin Kaduk | [Ballot comment] Thanks for the discussion around my Discuss points, and the updates in response to my comments! |
2019-09-15
|
09 | Benjamin Kaduk | [Ballot Position Update] Position for Benjamin Kaduk has been changed to No Objection from Discuss |
2019-09-14
|
09 | Mirja Kühlewind | [Ballot Position Update] New position, No Objection, has been recorded for Mirja Kühlewind |
2019-09-13
|
09 | (System) | IANA Review state changed to IANA OK - Actions Needed from Version Changed - Review Needed |
2019-09-13
|
09 | Benjamin Kaduk | [Ballot discuss] Two fairly minor points that should be easy to resolve, but seem to be worth some time: I think we need to be … [Ballot discuss] Two fairly minor points that should be easy to resolve, but seem to be worth some time: I think we need to be a bit more clear about what exactly the contents of the signature OCTET STRING are. Section 3 has a fairly abstract note about including enough information to be self-describing (within the HSS/LMS variants), and Section 5 does better with "the single HSS signature value resulting from the signing operation as specified in [HASHSIG]", but it doesn't seem too burdensome to say something like "the string returned from Algorithm 3 in [RFC8554]" or even refer back to the description language at the end of Section 2 and avoid any confusion. Section 5 has a "MUST" for using the same hash for the CMS digestAlgorithm and the HSS/LMS tree, but Section 6 only has a "SHOULD" for the message-digest attribute's digest and the signed attributes digest (the latter of which MUST be the HSS/LMS hash per the previous); should these two requirements be at the same level of normativity? I'm not sure why the one would be more important for correct operation than the other. |
2019-09-13
|
09 | Benjamin Kaduk | [Ballot comment] Section 1 based digital signature, and it is described in [HASHSIG]. The HSS/LMS signature algorithm can only be used for a … [Ballot comment] Section 1 based digital signature, and it is described in [HASHSIG]. The HSS/LMS signature algorithm can only be used for a fixed number of signing operations. [...] nit: with a given key use. A post-quantum cryptosystem [PQC] is a system that is secure against quantum computers that have more than a trivial number of quantum bits (qu-bits). It is open to conjecture when it will be nit(?): I'm much more used to seeing "q-bits" or "qbits" than "qu-bits". Section 2.2 It's a bit unfortunate that we have to mix 0- (signed public keys) and 1-based (tree nodes) indexing, but it seems that this is inherent in RFC 8554 and not really avoidable in this document. Section 3 The signature value identifies the hash function used in the HSS/LMS tree. In [HASHSIG] only the SHA-256 hash function [SHS] is supported, but it also establishes an IANA registry [IANA-LMS] to permit the registration of additional hash functions in the future. (This pattern occurs in several places, but I pick an arbitrary one to comment on) I am not sure that the "In [HASHSIG] only is supported, but it also establishes an IANA registry" is going to present the best interface to readers; the language in Section 2 about "the algorithm specified in [HASHSIG] currently only uses , but it also establishes an IANA registry to permit the registration of additional [...]" seems to give more emphasis on the registry as opposed to the snapshot in [HASHSIG]. On the other hand, someone is probably going to complain that "currently" will not age well... Section 4 It feels a little surprising to make explicit requirements on the keyUsage contents but not say anything about extendedKeyUsage. Having a static whitelist of EKU OIDs is not reasonable, of course, and the PUBLIC-KEY class from RFC 5912 only covers regular keyUsage, but some advice about "encipherment methods are not going to make sense" might still be appropriate. The public key value is an OCTET STRING. Like the signature format, it is designed for easy parsing. The value is the number of levels in the public key, L, followed by the LMS public key. The HSS/LMS public key value can be summarized as: u32str(L) || lms_public_key "Can be summarized as" does not say to me "here is a rigorous protocol specification" (though it does seem to actually be one, given the notation used in this document and 8554). So unlike the signature OCTET STRING contents, this one is not DISCUSS-worthy, since it's in the same section as the thing being described. Section 5 When signed attributes are absent, the HSS/LMS signature is computed over the content. When signed attributes are present, a hash is computed over the content using the same hash function that is used in the HSS/LMS tree, and then a message-digest attribute is constructed to contain the resulting hash value, and then the result of DER encoding the set of signed attributes (which MUST include a content-type attribute and a message-digest attribute, and then the HSS/LMS signature is computed over the DER-encoded output. In nit(?): is this "the message-digest attribute" constructed in the previous step (as opposed to any old message-digest attribute)? Section 6 tracking data can cause a one-time key to be used more than once. As a result, when a private key and the tracking data are stored on non- volatile media or stored in a virtual machine environment, care must be taken to preserve confidentiality and integrity. It might be worth explicitly noting "in the face of failed writes, virtual machine snapshotting or cloning, and other operational concerns". Appendix: ASN.1 Module MTS-HashSig-2013 Once written, the module name can never change? :) |
2019-09-13
|
09 | Benjamin Kaduk | [Ballot Position Update] New position, Discuss, has been recorded for Benjamin Kaduk |
2019-09-12
|
09 | Alexey Melnikov | [Ballot Position Update] New position, No Objection, has been recorded for Alexey Melnikov |
2019-09-11
|
09 | Barry Leiba | [Ballot comment] Thanks, Russ, as always, for a clear and well-written document. Some editorial nits: — Section 1.3 — Each of these advances pose … [Ballot comment] Thanks, Russ, as always, for a clear and well-written document. Some editorial nits: — Section 1.3 — Each of these advances pose a threat to widely deployed digital signature algorithms. “poses”, to match the singular “each”. Recent advances in cryptoanalysis [BH2013] “cryptanalysis”, no “o”. The HSS/LMS signature algorithm does not depend on the difficulty of discrete logarithm or factoring, as a result these algorithms are Comma splice. Make it a semicolon. — Section 2.2 — The second parameter is the number of bytes output by the hash function, m, which is the amount of data associated with each node in the tree. It’s a small thing, but I think the “m” is misplaced where it is, and suggest “…the number of bytes, m, output by the hash function….” — Section 3 — Each format includes a counter and type codes that indirectly providing all of the information that is needed “provide” — Section 5 — When signed attributes are absent, the HSS/LMS signature is computed over the content. When signed attributes are present, a hash is computed over the content using the same hash function that is used in the HSS/LMS tree, and then a message-digest attribute is constructed to contain the resulting hash value, and then the result of DER encoding the set of signed attributes (which MUST include a content-type attribute and a message-digest attribute, and then the HSS/LMS signature is computed over the DER-encoded output. You’re missing a “)” there, which makes it a bit odd. I think it should be “(which MUST include a content-type attribute and a message-digest attribute), and then….” digestAlgorithm MUST contain the one-way hash function used to in the HSS/LMS tree. Remove “to”. — Section 6 — While the consequences of an inadequate pseudo-random number generator (PRNGs) to generate these values is much less severe than the generation of private keys “than in the generation” — Appendix — Just a note that I did not review the ASN.1 module. |
2019-09-11
|
09 | Barry Leiba | [Ballot Position Update] New position, No Objection, has been recorded for Barry Leiba |
2019-09-11
|
09 | Roman Danyliw | IESG state changed to IESG Evaluation from Waiting for Writeup |
2019-09-11
|
09 | Amy Vezza | Placed on agenda for telechat - 2019-09-19 |
2019-09-11
|
09 | Roman Danyliw | Ballot has been issued |
2019-09-11
|
09 | Roman Danyliw | [Ballot Position Update] New position, Yes, has been recorded for Roman Danyliw |
2019-09-11
|
09 | Roman Danyliw | Created "Approve" ballot |
2019-09-11
|
09 | Roman Danyliw | Ballot writeup was changed |
2019-08-10
|
09 | (System) | IANA Review state changed to Version Changed - Review Needed from IANA OK - Actions Needed |
2019-08-10
|
09 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-09.txt |
2019-08-10
|
09 | (System) | New version approved |
2019-08-10
|
09 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-08-10
|
09 | Russ Housley | Uploaded new revision |
2019-08-01
|
08 | Tero Kivinen | Request for Last Call review by SECDIR Completed: Ready. Reviewer: Radia Perlman. |
2019-08-01
|
08 | (System) | IESG state changed to Waiting for Writeup from In Last Call |
2019-07-30
|
08 | (System) | IANA Review state changed to IANA OK - Actions Needed from IANA - Review Needed |
2019-07-30
|
08 | Sabrina Tanamal | (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-lamps-cms-hash-sig-08. If any part of this review is inaccurate, please let … (Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs: The IANA Functions Operator has completed its review of draft-ietf-lamps-cms-hash-sig-08. If any part of this review is inaccurate, please let us know. The IANA Functions Operator understands that, upon approval of this document, there are three actions which we must complete. First, in the SMI Security for S/MIME Module Identifier (1.2.840.113549.1.9.16.0) registry on the Structure of Management Information (SMI) Numbers (MIB Module Registrations) registry page located at: https://www.iana.org/assignments/smi-numbers/ the following registration Decimal: 64 Description: id-mod-mts-hashsig-2013 will have its reference changed to [ RFC-to-be ]. Second, in the SMI Security for S/MIME Algorithms (1.2.840.113549.1.9.16.3) registry on the Structure of Management Information (SMI) Numbers (MIB Module Registrations) registry page located at: https://www.iana.org/assignments/smi-numbers/ the following registration Decimal: 17 Description: id-alg-mts-hashsig will be changed so that the registration becomes: Decimal: 17 Description: id-alg-hss-lms-hashsi Reference: [ RFC-to-be ] Third, also in the SMI Security for S/MIME Algorithms (1.2.840.113549.1.9.16.3) registry on the Structure of Management Information (SMI) Numbers (MIB Module Registrations) registry page located at: https://www.iana.org/assignments/smi-numbers/ a note will be added to the registry as follows: Value 17, "id-alg-hss-lms-hashsig", is also referred to as "id-alg-mts-hashsig". The IANA Functions Operator understands that these are the only actions required to be completed upon approval of this document. Note: The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is meant only to confirm the list of actions that will be performed. Thank you, Sabrina Tanamal Senior IANA Services Specialist |
2019-07-17
|
08 | Dale Worley | Request for Last Call review by GENART Completed: Ready. Reviewer: Dale Worley. Sent review to list. |
2019-07-17
|
08 | Joe Clarke | Request for Last Call review by OPSDIR Completed: Ready. Reviewer: Joe Clarke. Sent review to list. |
2019-07-15
|
08 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Radia Perlman |
2019-07-15
|
08 | Tero Kivinen | Request for Last Call review by SECDIR is assigned to Radia Perlman |
2019-07-15
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Joe Clarke |
2019-07-15
|
08 | Gunter Van de Velde | Request for Last Call review by OPSDIR is assigned to Joe Clarke |
2019-07-11
|
08 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dale Worley |
2019-07-11
|
08 | Jean Mahoney | Request for Last Call review by GENART is assigned to Dale Worley |
2019-07-11
|
08 | Amy Vezza | IANA Review state changed to IANA - Review Needed |
2019-07-11
|
08 | Amy Vezza | The following Last Call announcement was sent out (ends 2019-08-01): From: The IESG To: IETF-Announce CC: rdd@cert.org, lamps-chairs@ietf.org, draft-ietf-lamps-cms-hash-sig@ietf.org, spasm@ietf.org, Tim … The following Last Call announcement was sent out (ends 2019-08-01): From: The IESG To: IETF-Announce CC: rdd@cert.org, lamps-chairs@ietf.org, draft-ietf-lamps-cms-hash-sig@ietf.org, spasm@ietf.org, Tim Hollebeek , tim.hollebeek@digicert.com Reply-To: ietf@ietf.org Sender: Subject: Last Call: (Use of the HSS/LMS Hash-based Signature Algorithm in the Cryptographic Message Syntax (CMS)) to Proposed Standard The IESG has received a request from the Limited Additional Mechanisms for PKIX and SMIME WG (lamps) to consider the following document: - 'Use of the HSS/LMS Hash-based Signature Algorithm in the Cryptographic Message Syntax (CMS)' as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2019-08-01. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document specifies the conventions for using the the HSS/LMS hash-based signature algorithm with the Cryptographic Message Syntax (CMS). In addition, the algorithm identifier and public key syntax are provided. The HSS/LMS algorithm is one form of hash-based digital signature; it is described in RFC 8554. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-hash-sig/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-lamps-cms-hash-sig/ballot/ No IPR declarations have been submitted directly on this I-D. The document contains these normative downward references. See RFC 3967 for additional information: rfc8554: Leighton-Micali Hash-Based Signatures (Informational - IRTF Stream) |
2019-07-11
|
08 | Amy Vezza | IESG state changed to In Last Call from Last Call Requested |
2019-07-11
|
08 | Amy Vezza | Last call announcement was changed |
2019-07-11
|
08 | Roman Danyliw | Last call was requested |
2019-07-11
|
08 | Roman Danyliw | Last call announcement was generated |
2019-07-11
|
08 | Roman Danyliw | Ballot approval text was generated |
2019-07-11
|
08 | Roman Danyliw | Ballot writeup was generated |
2019-07-11
|
08 | Roman Danyliw | IESG state changed to Last Call Requested from Publication Requested |
2019-07-11
|
08 | Roman Danyliw | AD Review: https://mailarchive.ietf.org/arch/msg/spasm/lZmbwO5DYsV1TpSpQdGkq7HPS0A |
2019-05-10
|
08 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-08.txt |
2019-05-10
|
08 | (System) | New version approved |
2019-05-10
|
08 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-05-10
|
08 | Russ Housley | Uploaded new revision |
2019-03-27
|
07 | Cindy Morgan | Shepherding AD changed to Roman Danyliw |
2019-03-24
|
07 | Russ Housley | Added to session: IETF-104: lamps Tue-1120 |
2019-03-14
|
07 | Tim Hollebeek | Shepherd Write-up for draft-ietf-lamps-cms-hash-sig-07 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the … Shepherd Write-up for draft-ietf-lamps-cms-hash-sig-07 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Proposed Standard. Yes, the title page indicates that type of RFC. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary: This document specifies the conventions for using the the HSS/LMS hash-based signature algorithm with the Cryptographic Message Syntax (CMS). In addition, the algorithm identifier and public key syntax are provided. The HSS/LMS algorithm is one form of hash-based digital signature; it is described in draft-mcgrew-hash-sigs-15, which is about to be published as RFC 8554. Working Group Summary: There is consensus for this document in the LAMPS WG. Document Quality: This extension allows the HSS/LMS hash-based signature algorithm described in draft-mcgrew-hash-sigs-15 to be used with the CMS. In addition, the algorithm identifiers allow the hash-based signatures to be used in digital certificates. At least one PKI intends to issue certificates using this algorithm. Personnel: Tim Hollebeek is the document shepherd. Eric Rescorla is the responsible area director. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The document shepherd and other LAMPS WG participants reviewed the document during WG Last Call. All issues raised have been resolved. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No concerns. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No special review needed. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why? The author explicitly stated that he is unaware of any unexpired IPR related to this document. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been submitted against this Internet-Draft. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is consensus for this Proposed Standard document in the LAMPS WG. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No one has threatened an appeal. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. IDnits 2.16.02 is reporting one error due to a reference to "[HASHSIG]" in the Abstract, two possible code comments, and a line with two spaces between two words. The Abstract will be changed to "RFC 8554" when the RFC Editor actually posts the document. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. None needed. (13) Have all references within this document been identified as either normative or informative? Yes, the references are divided into normative and informative. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? [HASHSIG] a.k.a. draft-mcgrew-hash-sigs-15 is in the RFC Editor Queue. All other references are already published. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. [HASHSIG] a.k.a. draft-mcgrew-hash-sigs-15 will be an Informational RFC, so it will be a downward reference that needs to be called out in the IETF Last Call. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. Publication of this document will not change the status of any other document. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). No new IANA registries are needed. The IANA considerations section has all necessary additions and updates, including a new id-alg-hss-lms-hashsig S/MIME algorithm identifier and a reference to the document in the S/MIME Module Identifier registry. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. No new IANA registries are needed. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. ASN.1 is used, and the module in the Appendix compiles without errors or warnings. |
2019-03-14
|
07 | Tim Hollebeek | Responsible AD changed to Eric Rescorla |
2019-03-14
|
07 | Tim Hollebeek | IETF WG state changed to Submitted to IESG for Publication from WG Consensus: Waiting for Write-Up |
2019-03-14
|
07 | Tim Hollebeek | IESG state changed to Publication Requested from I-D Exists |
2019-03-14
|
07 | Tim Hollebeek | IESG process started in state Publication Requested |
2019-03-14
|
07 | Tim Hollebeek | Shepherd Write-up for draft-ietf-lamps-cms-hash-sig-07 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the … Shepherd Write-up for draft-ietf-lamps-cms-hash-sig-07 (1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)? Why is this the proper type of RFC? Is this type of RFC indicated in the title page header? Proposed Standard. Yes, the title page indicates that type of RFC. (2) The IESG approval announcement includes a Document Announcement Write-Up. Please provide such a Document Announcement Write-Up. Recent examples can be found in the "Action" announcements for approved documents. The approval announcement contains the following sections: Technical Summary: This document specifies the conventions for using the the HSS/LMS hash-based signature algorithm with the Cryptographic Message Syntax (CMS). In addition, the algorithm identifier and public key syntax are provided. The HSS/LMS algorithm is one form of hash-based digital signature; it is described in draft-mcgrew-hash-sigs-15, which is about to be published as RFC 8554. Working Group Summary: There is consensus for this document in the LAMPS WG. Document Quality: This extension allows the HSS/LMS hash-based signature algorithm described in draft-mcgrew-hash-sigs-15 to be used with the CMS. In addition, the algorithm identifiers allow the hash-based signatures to be used in digital certificates. At least one PKI intends to issue certificates using this algorithm. Personnel: Tim Hollebeek is the document shepherd. Eric Rescorla is the responsible area director. (3) Briefly describe the review of this document that was performed by the Document Shepherd. If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG. The document shepherd and other LAMPS WG participants reviewed the document during WG Last Call. All issues raised have been resolved. (4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed? No concerns. (5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization? If so, describe the review that took place. No special review needed. (6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of? For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it. In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here. No concerns. (7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed. If not, explain why? The author explicitly stated that he is unaware of any unexpired IPR related to this document. (8) Has an IPR disclosure been filed that references this document? If so, summarize any WG discussion and conclusion regarding the IPR disclosures. No IPR disclosures have been submitted against this Internet-Draft. (9) How solid is the WG consensus behind this document? Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it? There is consensus for this Proposed Standard document in the LAMPS WG. (10) Has anyone threatened an appeal or otherwise indicated extreme discontent? If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director. (It should be in a separate email because this questionnaire is publicly available.) No one has threatened an appeal. (11) Identify any ID nits the Document Shepherd has found in this document. (See https://www.ietf.org/tools/idnits and the Internet-Drafts Checklist). Boilerplate checks are not enough; this check needs to be thorough. IDnits 2.16.02 is reporting one error due to a reference to "[HASHSIG]" in the Abstract, two possible code comments, and a line with two spaces between two words. The Abstract will be changed to "RFC 8554" when the RFC Editor actually posts the document. (12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews. None needed. (13) Have all references within this document been identified as either normative or informative? Yes, the references are divided into normative and informative. (14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state? If such normative references exist, what is the plan for their completion? [HASHSIG] a.k.a. draft-mcgrew-hash-sigs-15 is in the RFC Editor Queue. All other references are already published. (15) Are there downward normative references references (see RFC 3967)? If so, list these downward references to support the Area Director in the Last Call procedure. [HASHSIG] a.k.a. draft-mcgrew-hash-sigs-15 will be an Informational RFC, so it will be a downward reference that needs to be called out in the IETF Last Call. (16) Will publication of this document change the status of any existing RFCs? Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction? If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed. If this information is not in the document, explain why the WG considers it unnecessary. Publication of this document will not change the status of any other document. (17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document. Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries. Confirm that any referenced IANA registries have been clearly identified. Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226). No new IANA registries are needed. The IANA considerations section has all necessary additions and updates, including a new id-alg-hss-lms-hashsig S/MIME algorithm identifier and a reference to the document in the S/MIME Module Identifier registry. (18) List any new IANA registries that require Expert Review for future allocations. Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries. No new IANA registries are needed. (19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc. ASN.1 is used, and the module in the Appendix compiles without errors or warnings. |
2019-03-14
|
07 | Tim Hollebeek | Notification list changed to Tim Hollebeek <tim.hollebeek@digicert.com> |
2019-03-14
|
07 | Tim Hollebeek | Document shepherd changed to Tim Hollebeek |
2019-03-14
|
07 | Tim Hollebeek | IETF WG state changed to WG Consensus: Waiting for Write-Up from WG Document |
2019-03-14
|
07 | Tim Hollebeek | Changed consensus to Yes from Unknown |
2019-03-14
|
07 | Tim Hollebeek | Intended Status changed to Proposed Standard from None |
2019-03-06
|
07 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-07.txt |
2019-03-06
|
07 | (System) | New version approved |
2019-03-06
|
07 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-03-06
|
07 | Russ Housley | Uploaded new revision |
2019-02-26
|
06 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-06.txt |
2019-02-26
|
06 | (System) | New version approved |
2019-02-26
|
06 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-02-26
|
06 | Russ Housley | Uploaded new revision |
2019-02-22
|
05 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-05.txt |
2019-02-22
|
05 | (System) | New version approved |
2019-02-22
|
05 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-02-22
|
05 | Russ Housley | Uploaded new revision |
2019-02-12
|
04 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-04.txt |
2019-02-12
|
04 | (System) | New version approved |
2019-02-12
|
04 | (System) | Request for posting confirmation emailed to previous authors: Russ Housley |
2019-02-12
|
04 | Russ Housley | Uploaded new revision |
2018-12-20
|
03 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-03.txt |
2018-12-20
|
03 | (System) | New version approved |
2018-12-20
|
03 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2018-12-20
|
03 | Russ Housley | Uploaded new revision |
2018-10-17
|
02 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-02.txt |
2018-10-17
|
02 | (System) | New version approved |
2018-10-17
|
02 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2018-10-17
|
02 | Russ Housley | Uploaded new revision |
2018-09-23
|
01 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-01.txt |
2018-09-23
|
01 | (System) | New version approved |
2018-09-23
|
01 | (System) | Request for posting confirmation emailed to previous authors: Russell Housley |
2018-09-23
|
01 | Russ Housley | Uploaded new revision |
2018-09-17
|
00 | Russ Housley | This document now replaces draft-housley-cms-mts-hash-sig instead of None |
2018-09-04
|
00 | Russ Housley | New version available: draft-ietf-lamps-cms-hash-sig-00.txt |
2018-09-04
|
00 | (System) | WG -00 approved |
2018-08-31
|
00 | Russ Housley | Set submitter to "Russ Housley ", replaces to (none) and sent approval email to group chairs: lamps-chairs@ietf.org |
2018-08-31
|
00 | Russ Housley | Uploaded new revision |