RFC 5035 - Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility

Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility
RFC 5035

Versions
06


Document	Type	RFC - Proposed Standard (August 2007; Errata) Updates RFC 2634 Was draft-ietf-smime-escertid (smime WG)
	Last updated	2015-10-14
	Stream	IETF
	Formats	plain text pdf html bibtex
	Reviews	SECDIR Last Call Review
Stream	WG state	(None)
	Document shepherd	No shepherd assigned
IESG	IESG state	RFC 5035 (Proposed Standard)
	Consensus Boilerplate	Unknown
	Telechat date
	Responsible AD	Tim Polk
	Send notices to	(None)

Email authors IPR References Referenced by Nits

Network Working Group                                          J. Schaad
Request for Comments: 5035                       Soaring Hawk Consulting
Updates: 2634                                                August 2007
Category: Standards Track

                Enhanced Security Services (ESS) Update:
                    Adding CertID Algorithm Agility

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   In the original Enhanced Security Services for S/MIME document (RFC
   2634), a structure for cryptographically linking the certificate to
   be used in validation with the signature was introduced; this
   structure was hardwired to use SHA-1.  This document allows for the
   structure to have algorithm agility and defines a new attribute for
   this purpose.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1.  Notation . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.2.  Updates to RFC 2634  . . . . . . . . . . . . . . . . . . .  2
   2.  Replace Section 5.4 'Signing Certificate Attribute
       Definitions' . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Insert New Section 5.4.1 'Signing Certificate Attribute
       Definition Version 2'  . . . . . . . . . . . . . . . . . . . .  4
   4.  Insert New Section 5.4.1.1 'Certificate Identification
       Version 2' . . . . . . . . . . . . . . . . . . . . . . . . . .  5
   5.  Insert New Section 5.4.2 'Signing Certificate Attribute
       Definition Version 1'  . . . . . . . . . . . . . . . . . . . .  7
   6.  Insert New Section 5.4.2.1 'Certificate Identification
       Version 1' . . . . . . . . . . . . . . . . . . . . . . . . . .  8
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . .  9
   8.  Normative References . . . . . . . . . . . . . . . . . . . . . 10
   Appendix A.  ASN.1 Module  . . . . . . . . . . . . . . . . . . . . 11

Schaad                      Standards Track                     [Page 1]
RFC 5035                    ESSCertID Update                 August 2007

1.  Introduction

   In the original Enhanced Security Services (ESS) for S/MIME document
   [ESS], a structure for cryptographically linking the certificate to
   be used in validation with the signature was defined.  This
   structure, called ESSCertID, identifies a certificate by its hash.
   The structure is hardwired to use a SHA-1 hash value.  The recent
   attacks on SHA-1 require that we define a new attribute that allows
   for the use of different algorithms.  This document performs that
   task.

   This document defines the structure ESSCertIDv2 along with a new
   attribute SigningCertificateV2, which uses the updated structure.
   This document allows for the structure to have algorithm agility by
   including an algorithm identifier and defines a new signed attribute
   to use the new structure.

   This document specifies the continued use of ESSCertID to ensure
   compatibility when SHA-1 is used for certificate disambiguation.

1.1.  Notation

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

1.2.  Updates to RFC 2634

   This document updates Section 5.4 of RFC 2634.  Once the updates are
   applied, the revised section will have the following structure:

   5.4  Signing Certificate Attribute Definitions

   5.4.1  Signing Certificate Attribute Definition Version 2

   5.4.1.1  Certificate Identification Version 2

   5.4.2  Signing Certificate Attribute Definition Version 1

   5.4.2.1  Certificate Identification Version 1

   In addition, the ASN.1 module in Appendix A is replaced.

Schaad                      Standards Track                     [Page 2]
RFC 5035                    ESSCertID Update                 August 2007

2.  Replace Section 5.4 'Signing Certificate Attribute Definitions'

   5.4 Signing Certificate Attribute Definitions

   The signing certificate attribute is designed to prevent simple
   substitution and re-issue attacks, and to allow for a restricted set
   of certificates to be used in verifying a signature.

   Two different attributes exist for this due to a flaw in the original

Show full document text

Enhanced Security Services (ESS) Update: Adding CertID Algorithm AgilityRFC 5035

Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility
RFC 5035