Cryptographic Message Syntax (CMS) Content Constraints Extension
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: Internet Architecture Board <firstname.lastname@example.org>, RFC Editor <email@example.com> Subject: Protocol Action: 'Cryptographic Message Syntax (CMS) Content Constraints Extension' to Proposed Standard The IESG has approved the following document: - 'Cryptographic Message Syntax (CMS) Content Constraints Extension ' <draft-housley-cms-content-constraints-extn-06.txt> as a Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Tim Polk. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-housley-cms-content-constraints-extn-06.txt
Technical Summary This document specifies the syntax and semantics for the Cryptographic Message Syntax (CMS) content constraints extension. This extension is used to determine whether a public key is appropriate to use in the processing of a protected content. In particular, the CMS content constraints extension is one part of the authorization decision; it is used when validating a digital signature on a CMS SignedData content or validating a message authentication code (MAC) on a CMS AuthenticatedData content or CMS AuthEnvelopedData content. The signed or authenticated content type is identified by an ASN.1 object identifier, and this extension indicates the content types that the public key is authorized to validate. If the authorization check is successful, the CMS content constraints extension also provides default values for absent attributes. Working Group Summary This document is an individual submission. It provides an authorization mechanism for use with the Trust Anchor Management Protocol (TAMP). Document Quality The document is detailed and clear. It has been implemented as part of a not-yet-released open source library. Personnel Geoff Beier is the Document Shepherd for this document. Tim Polk is the Responsible Area Director.