Technical Summary
The subjectPublicKeyInfo field of an X.509 certificate carries
three data items: an algorithm identifier, optional parameters, and
a bit string that represents the public key. The parameters are
specific to the algorithm and this field usually contains simple
values needed to characterize the public key algorithm, e.g., the
generator and modulus for Diffie-Hellman. However, X.509 does not
constrain the scope of this parameters field. The ANSI X9.62
standards committee elected to use this field to express
potentially complex limitations on how the public key in the
certificate can be used, e.g., which key derivation functions can
be applied to the bit string that results from a Diffie-Hellman key
exchange.
After considerable debate, the PKIX WG has decided to not express
key usage constraints via this field. Instead, the WG decided that
this sort of information should be expressed via use of distinct
algorithm identifiers. (This decision is consistent with the
observation that current products are not deigned to handle such
key usage restrictions expressed in the subjectPublicKeyInfo
field.)
RFC 4055 such allowed restrictions to be placed in this field when
used with RSA-OAEP. This document changes RFC 4055 to say that
restrictions MUST NOT be present in the certificate's
subjectPublicKeyInfo field when used with RSA-OAEP. It also
replaces incorrect references to the publicKeyAlgorithm field with
references to the subjectPublicKeyInfo field. As a result, this
revised version of RFC 4055 will be consistent with the PKIX WG
conventions adopted for this field.
Working Group Summary
This ID was discussed on the mailing list. A poll was taken on the
PKIX list to determine whether the proposed change was the way
forward and another poll was taken to determine whether the change
would adversely affect implementations. The WG was in favor of the
change and no implementer said it would adversely affect their
products. Further, vendors that implement RFC 4055 support the
change.
Document Quality
This document is a short update of an existing draft and is
comparable in quality to its predecessor.
Personnel
Steve Kent is the document Shepherd. Pasi Eronen is the
responsible security area director.