datatracker.ietf.org
Sign in
Version 5.3.0, 2014-04-12
Report a bug

Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility
RFC 5035

Document type: RFC - Proposed Standard (August 2007; Errata)
Updates RFC 2634
Document stream: IETF
Last updated: 2013-03-02
Other versions: plain text, pdf, html

IETF State: (None)
Consensus: Unknown
Document shepherd: No shepherd assigned

IESG State: RFC 5035 (Proposed Standard)
Responsible AD: Tim Polk
Send notices to: smime-chairs@tools.ietf.org, jimsch@exmsft.com

Network Working Group                                          J. Schaad
Request for Comments: 5035                       Soaring Hawk Consulting
Updates: 2634                                                August 2007
Category: Standards Track

                Enhanced Security Services (ESS) Update:
                    Adding CertID Algorithm Agility

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   In the original Enhanced Security Services for S/MIME document (RFC
   2634), a structure for cryptographically linking the certificate to
   be used in validation with the signature was introduced; this
   structure was hardwired to use SHA-1.  This document allows for the
   structure to have algorithm agility and defines a new attribute for
   this purpose.

Table of Contents

   1.  Introduction . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.1.  Notation . . . . . . . . . . . . . . . . . . . . . . . . .  2
     1.2.  Updates to RFC 2634  . . . . . . . . . . . . . . . . . . .  2
   2.  Replace Section 5.4 'Signing Certificate Attribute
       Definitions' . . . . . . . . . . . . . . . . . . . . . . . . .  3
   3.  Insert New Section 5.4.1 'Signing Certificate Attribute
       Definition Version 2'  . . . . . . . . . . . . . . . . . . . .  4
   4.  Insert New Section 5.4.1.1 'Certificate Identification
       Version 2' . . . . . . . . . . . . . . . . . . . . . . . . . .  5
   5.  Insert New Section 5.4.2 'Signing Certificate Attribute
       Definition Version 1'  . . . . . . . . . . . . . . . . . . . .  7
   6.  Insert New Section 5.4.2.1 'Certificate Identification
       Version 1' . . . . . . . . . . . . . . . . . . . . . . . . . .  8
   7.  Security Considerations  . . . . . . . . . . . . . . . . . . .  9
   8.  Normative References . . . . . . . . . . . . . . . . . . . . . 10
   Appendix A.  ASN.1 Module  . . . . . . . . . . . . . . . . . . . . 11

Schaad                      Standards Track                     [Page 1]
RFC 5035                    ESSCertID Update                 August 2007

1.  Introduction

   In the original Enhanced Security Services (ESS) for S/MIME document
   [ESS], a structure for cryptographically linking the certificate to
   be used in validation with the signature was defined.  This
   structure, called ESSCertID, identifies a certificate by its hash.
   The structure is hardwired to use a SHA-1 hash value.  The recent
   attacks on SHA-1 require that we define a new attribute that allows
   for the use of different algorithms.  This document performs that
   task.

   This document defines the structure ESSCertIDv2 along with a new
   attribute SigningCertificateV2, which uses the updated structure.
   This document allows for the structure to have algorithm agility by
   including an algorithm identifier and defines a new signed attribute
   to use the new structure.

   This document specifies the continued use of ESSCertID to ensure
   compatibility when SHA-1 is used for certificate disambiguation.

1.1.  Notation

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

1.2.  Updates to RFC 2634

   This document updates Section 5.4 of RFC 2634.  Once the updates are
   applied, the revised section will have the following structure:

   5.4  Signing Certificate Attribute Definitions

   5.4.1  Signing Certificate Attribute Definition Version 2

   5.4.1.1  Certificate Identification Version 2

   5.4.2  Signing Certificate Attribute Definition Version 1

   5.4.2.1  Certificate Identification Version 1

   In addition, the ASN.1 module in Appendix A is replaced.

Schaad                      Standards Track                     [Page 2]
RFC 5035                    ESSCertID Update                 August 2007

2.  Replace Section 5.4 'Signing Certificate Attribute Definitions'

   5.4 Signing Certificate Attribute Definitions

   The signing certificate attribute is designed to prevent simple
   substitution and re-issue attacks, and to allow for a restricted set
   of certificates to be used in verifying a signature.

   Two different attributes exist for this due to a flaw in the original

[include full document text]