Using Cryptographic Message Syntax (CMS) to Protect Firmware Packages
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com> Subject: Protocol Action: 'Using CMS to Protect Firmware Packages' to Proposed Standard The IESG has approved the following document: - 'Using CMS to Protect Firmware Packages ' <draft-housley-cms-fw-wrap-12.txt> as a Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sam Hartman. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-housley-cms-fw-wrap-12.txt
Technical Summary This document describes the use of the Cryptographic Message Syntax (CMS) to protect firmware packages, which provide object code for one or more hardware module components. CMS is specified in RFC 3852. A digital signature is used to protect the firmware package from undetected modification and provide data origin authentication. Encryption is optionally used to protect the firmware package from disclosure, and compression is optionally used to reduce the size of the protected firmware package. A firmware package loading receipt can optionally be generated to acknowledge the successful loading of a firmware package. Similarly, a firmware package load error report can optionally be generated to convey the failure to load a firmware package. Working Group Summary This is an individual submission, but the author has asked participants of the S/MIME WG to review this document. Several people did provide comments. Protocol Quality This document was reviewed by Sam Hartman for the IESG.