Using Cryptographic Message Syntax (CMS) to Protect Firmware Packages
RFC 4108

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>
Subject: Protocol Action: 'Using CMS to Protect Firmware 
         Packages' to Proposed Standard 

The IESG has approved the following document:

- 'Using CMS to Protect Firmware Packages '
   <draft-housley-cms-fw-wrap-12.txt> as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group. 

The IESG contact person is Sam Hartman.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-housley-cms-fw-wrap-12.txt

Technical Summary

   This document describes the use of the Cryptographic Message Syntax
   (CMS) to protect firmware packages, which provide object code for one
   or more hardware module components.  CMS is specified in RFC 3852.  A
   digital signature is used to protect the firmware package from
   undetected modification and provide data origin authentication.
   Encryption is optionally used to protect the firmware package from
   disclosure, and compression is optionally used to reduce the size of
   the protected firmware package.  A firmware package loading receipt
   can optionally be generated to acknowledge the successful loading of a
   firmware package.  Similarly, a firmware package load error report can
   optionally be generated to convey the failure to load a firmware
   package.

Working Group Summary

   This is an individual submission, but the author has asked
   participants of the S/MIME WG to review this document.  Several people
   did provide comments.

Protocol Quality

   This document was reviewed by Sam Hartman for the IESG.