1 / 21

CMS Interoperability Matrix

CMS Interoperability Matrix. Jim Schaad Soaring Hawk Security. Status for RFC 3369. Errata for ASN.1 module Report document is started Signed Data FINISHED Encrypted Data FINISHED. Status for RFC 3370. Key Derivation Algorithms PBKDF2 Message Authentication Code Algorithms

iram
Download Presentation

CMS Interoperability Matrix

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CMS Interoperability Matrix Jim Schaad Soaring Hawk Security

  2. Status for RFC 3369 • Errata for ASN.1 module • Report document is started Signed Data • FINISHED • Encrypted Data • FINISHED

  3. Status for RFC 3370 • Key Derivation Algorithms • PBKDF2 • Message Authentication Code Algorithms • HMAC with SHA-1 • Need final ruling from IESG if these are blocking advancement.

  4. Questions

  5. RSA PSS and CMS Jim Schaad Soaring Hawk Security

  6. Overview • PSS is a “new” signature algorithm for RSA key pairs • Parameters • Digest Hash Algorithm (H1) • Internal Hash Algorithm (H2) • Internal Mask Generation Function (MGF) • MGF Hash Algorithm (H3) • Salt Length (should be length of H2)

  7. Requirements • H1 and H2 SHOULD be the same • H2 and H3 RECOMMENDED to be the same

  8. Resolved Issues • Should key identifier and signature identifier be the same OID • Will be the case for PSS • PSS Parameter comparison • MUST do comparisons if the parameters are present in the certificate.

  9. Questions

  10. RSA KEM Jim Schaad Soaring Hawk Security for Burt Kaliski

  11. Algorithm Review • Generate random value z range 0…n-1 • Encrypt z with recip. pub. key c=E(z) • Derive a KEK k = KDF(z) • Encrypt CEK with KEK wk = KEKk(cek) • EncryptedKeyValue c || wk

  12. CMS Details Use key transport option id-kts2-basic OID ::={ x9-44 schemes(2) kts2-basic(7) } KTS2-Parms ::= SEQUENCE { kas [0] KTS2-KeyAgreementScheme, kws [1] KTS2-SymmetricKeyWrappingScheme, labelMethod [2] KTS2-LabelMethod }

  13. id-kas1-basic OID ::= { x9-44 schemes(2) kas1-basic(1) } KAS1-Parms ::= SEQUENCE { sves [0] KAS1-SecretValueEncapsulationScheme, kdf [1] KAS1-KeyDerivationFunction, otherInfoMethod [2] KAS1-OtherInfoMethod }

  14. Open Issues • Matching rules on usage • SMimeCapabilities • Single ASN.1 module

  15. Questions

  16. ESSbis Jim Schaad Soaring Hawk Security

  17. Changes • Separate the functions of • Receipt Behavior • id-aa-receiptPolicy • ML Loop Detection • id-aa-mlExpandHistory • Rewrite processing rules • Move id-aa-contentIdentifier and id-aa-contentReference to section 4

  18. ReceiptPolicy ReceiptPolicy ::= CHOICE { none [0] NULL, insteadOf [1] SEQUENCE SIZE (1..MAX) OF GeneralNames, inAdditionTo [2] SEQUENCE SIZE (1..MAX) OF GeneralNames } id-aa-receiptPolicy OBJECT IDENTIFIER ::= {id-aa XX}

  19. MLAExpandHistory MLAExpandHistory ::= SEQUENCE SIZE (1..ub-ml-expansion-history) OF MLAData id-aa-mlExpandHistory OBJECT IDENTIFIER ::= {id-aa(2) XX} ub-ml-expansion-history INTEGER ::= 64 MLAData ::= SEQUENCE { mailListIdentifier EntityIdentifier, expansionTime GeneralizedTime }

  20. Status • First draft to be published next week • Open questions on some nested cases for receipt processing behavior • Open questions on MLA attribute propigations

  21. Questions

More Related