Update to Digital Signatures on Internet-Draft Documents
RFC 8358

Document Type RFC - Informational (March 2018; Errata)
Updates RFC 5485
Was draft-housley-id-sig-update (individual in gen area)
Last updated 2018-03-13
Stream IETF
Formats plain text pdf html bibtex
Reviews
Stream WG state Submitted to IESG for Publication
Document shepherd Jim Schaad
Shepherd write-up Show (last changed 2017-11-13)
IESG IESG state RFC 8358 (Informational)
Consensus Boilerplate Yes
Telechat date
Responsible AD Alissa Cooper
Send notices to (None)
IANA IANA review state IANA OK - Actions Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                        R. Housley
Request for Comments: 8358                                Vigil Security
Updates: 5485                                                 March 2018
Category: Informational
ISSN: 2070-1721

        Update to Digital Signatures on Internet-Draft Documents

Abstract

   RFC 5485 specifies the conventions for digital signatures on
   Internet-Drafts.  The Cryptographic Message Syntax (CMS) is used to
   create a detached signature, which is stored in a separate companion
   file so that no existing utilities are impacted by the addition of
   the digital signature.

   The RFC Editor recently published the first RFC that includes non-
   ASCII characters in a text file.  The conventions specified in RFC
   7997 were followed.  We assume that non-ASCII characters will soon
   start appearing in Internet-Drafts as well.  This document updates
   the handling of digital signatures on Internet-Drafts that contain
   non-ASCII characters in a text file.

   This document updates RFC 5485.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are candidates for any level of Internet
   Standard; see Section 2 of RFC 7841.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   https://www.rfc-editor.org/info/rfc8358.

Housley                       Informational                     [Page 1]
RFC 8358              Update to Digital Signatures            March 2018

Copyright Notice

   Copyright (c) 2018 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
     1.2.  ASN.1 . . . . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  Detached Signature Files  . . . . . . . . . . . . . . . . . .   4
   3.  Additional Content Types  . . . . . . . . . . . . . . . . . .   4
   4.  Need for Canonicalization . . . . . . . . . . . . . . . . . .   5
     4.1.  ASCII, UTF-8, and HTML File Canonicalization  . . . . . .   6
     4.2.  XML File Canonicalization . . . . . . . . . . . . . . . .   6
     4.3.  No Canonicalization of Other File Formats . . . . . . . .   7
   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   7
   6.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   7.  Deployment and Operational Considerations . . . . . . . . . .   7
   8.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   7
     8.1.  Normative References  . . . . . . . . . . . . . . . . . .   7
     8.2.  Informative References  . . . . . . . . . . . . . . . . .   9
   Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . .   9
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .   9

Housley                       Informational                     [Page 2]
RFC 8358              Update to Digital Signatures            March 2018

1.  Introduction

   RFC 5485 [IDSIG] specifies the conventions for digital signatures on
   Internet-Drafts.  The Cryptographic Message Syntax (CMS) [CMS] is
   used to create a detached signature, which is stored in a separate
   companion file so that no existing utilities are impacted by the
   addition of the digital signature.

   The RFC Editor recently published the first RFC that includes non-
   ASCII characters in a text file.  The conventions specified in RFC
   7997 [RFCED] were followed.  We assume that non-ASCII characters will
   soon start appearing in Internet-Drafts as well.  This document
   updates the handling of digital signatures on Internet-Drafts that
   contain non-ASCII characters in a text file.

   This document updates RFC 5485 [IDSIG], which contains the
   conventions that have been used by the IETF Secretariat to digitally
   sign Internet-Drafts for the past few years.  The IETF Secretariat
   generates the digital signature shortly after the Internet-Draft is
Show full document text