Suite B Profile of Certificate Management over CMS
RFC 6403

Approval announcement
Draft of message to be sent after approval:

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>,
    RFC Editor <rfc-editor@rfc-editor.org>
Subject: Document Action: 'Suite B Profile of Certificate Management over CMS' to Informational RFC

The IESG has approved the following document:
- 'Suite B Profile of Certificate Management over CMS'
  <draft-turner-suiteb-cmc-03.txt> as an Informational RFC

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Tim Polk.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-turner-suiteb-cmc/

Technical Summary

This is a profile of RFC 5272-5274 (Certificate Management over CMS)
that is specific to the United States National Security Agency's Suite
B Cryptography specification. In essence, it profiles RFC 5272-5274 to
meet the Suite B requirements.

Working Group Summary

The document was announced on the PKIX WG mailing list, and some
off-list comments were sent to the document authors. There was also a
short presentation on the document at IETF 77. It was not appropriate
to discuss it in the WG itself.

Document Quality

It is expected that this document will be widely adopted by vendors
for the organization that wrote this profile. Most if not all of the
algorithms specified in this profile are already in at least one
popular open-source package.

Personnel

   Sean Turner is the Document Shepherd; Tim Polk is the 
   Responsible Area Director.

RFC Editor Note

(1) In section 5.1., paragraph 1 sentence 1

s/if they are not, the CA MUST reject those/if they are not, the RA MUST reject those/

In section 6.1., paragraph 3

OLD
   When processing end-entity generated SignedData objects, RAs MUST NOT 
NEW
   When processing end-entity generated SignedData objects, CAs MUST NOT