Diffie-Hellman Proof-of-Possession Algorithms
Draft of message to be sent after approval:
From: The IESG <email@example.com> To: IETF-Announce <firstname.lastname@example.org> Cc: RFC Editor <email@example.com> Subject: Protocol Action: 'Diffie-Hellman Proof-of-Possession Algorithms' to Proposed Standard (draft-schaad-pkix-rfc2875-bis-08.txt) The IESG has approved the following document: - 'Diffie-Hellman Proof-of-Possession Algorithms' (draft-schaad-pkix-rfc2875-bis-08.txt) as Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-schaad-pkix-rfc2875-bis/
Technical Summary This document is an update to RFC 2875 ("Diffie-Hellman Proof-of-Possession Algorithms"). It extends 2875 to include support for the Elliptic Curve Diffie-Hellman algorithm along with the SHA-2 family of hash functions. The proof-of-possession methods described in this document are used in a Certificate Service Request to demonstrate possession of a private key that is not capable of producing a digital signature. Certificate Signing Requests are normally signed by the private key matching the public conveyed in the request. Certain algorithms such as the Diffie-Hellman family are incapable of creating digital signatures. By leveraging their key exchange properties, the Diffie-Hellman algorithms can be used to provide a proof-of-possession analogous to a digital signature and sufficient to allow validation of a Certificate Signing Request. Working Group Summary This draft is not the product of a WG. RFC 2875 was a product of the PKIX WG, but when the author asked for WG adoption there was only lukewarm response. This is pretty normal for algorithm-type drafts because the updates basically do the same thing as the RFC they're updating but use longer outputs and new OIDs (i.e., they're not very interesting from a technical point of view). The draft was presented to the PKIX WG in Paris, where the author received some comments that were incorporated. Document Quality Although dense with ASN.1 and cryptographic equations, the 2875bis document is quite attainable. The author has implemented the methods described in the document and provided sample ASN.1 encodings to demonstrate the expected output of several combinations of the Diffie-Hellman and hash algorithms. Personnel Peter Yee (peter at akayla.com) is the document shepherd. Sean Turner (turners at ieca.com) is the responsible Area Director.