| draft-schaad-curdle-oid-registry-02.txt | draft-schaad-curdle-oid-registry-03.txt | |||
|---|---|---|---|---|
| Curdle J. Schaad | Curdle J. Schaad | |||
| Internet-Draft August Cellars | Internet-Draft August Cellars | |||
| Intended status: Informational R. Andrews | Intended status: Informational R. Andrews | |||
| Expires: March 16, 2018 Symantec Website Security | Expires: July 29, 2018 DigiCert, Inc. | |||
| September 12, 2017 | January 25, 2018 | |||
| IANA Registration for Donated Symantec Website Security Object | IANA Registration for new Cryptographic Algorithm Object Identifier | |||
| Identifier Range | Range | |||
| draft-schaad-curdle-oid-registry-02 | draft-schaad-curdle-oid-registry-03 | |||
| Abstract | Abstract | |||
| When the Curdle Security Working Group was chartered, a range of | When the Curdle Security Working Group was chartered, a range of | |||
| object identifiers was donated by Symantec Website Security for the | object identifiers was donated by DigiCert, Inc. for the purpose of | |||
| purpose of registering the Edwards Elliptic Curve key agreement and | registering the Edwards Elliptic Curve key agreement and signature | |||
| signature algorithms. This donated set of OIDs allowed for shorter | algorithms. This donated set of OIDs allowed for shorter values than | |||
| values than would be possible using the existing S/MIME or PKIX arcs. | would be possible using the existing S/MIME or PKIX arcs. This | |||
| This document describes the range of identifiers that were assigned | document describes the range of identifiers that were assigned in | |||
| in that donated range, transfers control of that range to IANA, and | that donated range, transfers control of that range to IANA, and | |||
| establishes IANA allocation policies for any future assignments | establishes IANA allocation policies for any future assignments | |||
| within that range. | within that range. | |||
| Contributing to this document | Contributing to this document | |||
| The source for this draft is being maintained in GitHub. Suggested | The source for this draft is being maintained in GitHub. Suggested | |||
| changes should be submitted as pull requests at <https://github.com/ | changes should be submitted as pull requests at <https://github.com/ | |||
| lamps-wg/smime>. Instructions are on that page as well. Editorial | lamps-wg/smime>. Instructions are on that page as well. Editorial | |||
| changes can be managed in GitHub, but any substantial issues need to | changes can be managed in GitHub, but any substantial issues need to | |||
| be discussed on the LAMPS mailing list. | be discussed on the LAMPS mailing list. | |||
| skipping to change at page 1, line 48 ¶ | skipping to change at page 1, line 48 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on March 16, 2018. | This Internet-Draft will expire on July 29, 2018. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2018 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | ||||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | ||||
| 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 | ||||
| 2.1. "SMI Security for Cryptographic Algorithms" Registry . . 3 | ||||
| 3. Security Considerations . . . . . . . . . . . . . . . . . . . 4 | ||||
| 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 | ||||
| 4.1. Normative References . . . . . . . . . . . . . . . . . . 4 | ||||
| 4.2. Informational References . . . . . . . . . . . . . . . . 4 | ||||
| Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 | ||||
| 1. Introduction | 1. Introduction | |||
| When the Curdle Security Working Group was chartered, a range of | When the Curdle Security Working Group was chartered, a range of | |||
| object identifiers was donated by Symantec Website Security for use | object identifiers was donated by DigiCert, Inc. for use by that | |||
| by that working group. The use of these object identifiers allowed | working group. The use of these object identifiers allowed for the | |||
| for the Edwards Ellitptic Curve key agreement [RFC7748] and signature | Edwards Ellitptic Curve key agreement [RFC7748] and signature | |||
| [RFC8032] algorithms to be defined with encodings that are smaller | [RFC8032] algorithms to be defined with encodings that are smaller | |||
| than similar ones would be if assigned from the existing S/MIME or | than similar ones would be if assigned from the existing S/MIME or | |||
| PKIX arcs. These initial registrations from this arc were done while | PKIX arcs. These initial registrations from this arc were done while | |||
| developing [I-D.ietf-curdle-pkix]. After those registrations were | developing [I-D.ietf-curdle-pkix]. After those registrations were | |||
| done, there were still some unused values that can be used for other | done, there were still some unused values that can be used for other | |||
| security groups, there were still some unused values. | security groups. | |||
| Object identifiers are primarily used with Abstract Syntax Notation | Object identifiers are primarily used with Abstract Syntax Notation | |||
| (ASN.1) [ASN.1]. The ASN.1 specifications continue to evolve, but | (ASN.1) [ASN.1]. The ASN.1 specifications continue to evolve, but | |||
| object identifiers can be used with any and all versions of ASN.1. | object identifiers can be used with any and all versions of ASN.1. | |||
| This document describes the object identifiers that were assigned in | This document describes the object identifiers that were assigned in | |||
| that donated range, transfers control of the range to IANA, and | that donated range, transfers control of the range to IANA, and | |||
| establishes IANA allocation policies for any future assignments. | establishes IANA allocation policies for any future assignments. | |||
| The donated range from Symantec Website Security is: | The donated range from DigiCert, Inc. is: | |||
| first: { iso (1) identified-organization (3) thawte (101) 100 } | first: { iso (1) identified-organization (3) thawte (101) 100 } | |||
| last: { iso (1) identified-organization (3) thawte (101) 127 } | last: { iso (1) identified-organization (3) thawte (101) 127 } | |||
| 2. IANA Considerations | 2. IANA Considerations | |||
| IANA is asked to create one new registry table. | IANA is asked to create one new registry table. | |||
| 2.1. "SMI Security for Cryptographic Algorithms" Registry | 2.1. "SMI Security for Cryptographic Algorithms" Registry | |||
| Within the SMI-numbers registry, add an "SMI Security for | Within the SMI-numbers registry, add an "SMI Security for | |||
| Cryptographic Algorithms" table with the three columns: | Cryptographic Algorithms" table with the three columns: | |||
| +---------+-----------------------------+---------------------------+ | +-----------+---------------------------+---------------------------+ | |||
| | Decimal | Description | References | | | Decimal | Description | References | | |||
| +---------+-----------------------------+---------------------------+ | +-----------+---------------------------+---------------------------+ | |||
| | 100 | Reserved for child reg | | | | 0 - 99 | Retained by Digicert | [I-D.ietf-curdle-pkix] | | |||
| | | | | | | | | | | |||
| | 110 | id-X25519 | [I-D.ietf-curdle-pkix] | | | 100 | Reserved for child reg | | | |||
| | | | | | | | | | | |||
| | 111 | id-X448 | [I-D.ietf-curdle-pkix] | | | 110 | id-X25519 | [I-D.ietf-curdle-pkix] | | |||
| | | | | | | | | | | |||
| | 112 | id-EdDSA25519 | [I-D.ietf-curdle-pkix] | | | 111 | id-X448 | [I-D.ietf-curdle-pkix] | | |||
| | | | | | | | | | | |||
| | 113 | id-EdDSA448 | [I-D.ietf-curdle-pkix] | | | 112 | id-EdDSA25519 | [I-D.ietf-curdle-pkix] | | |||
| | | | | | | | | | | |||
| | 114 | Reserved for id- | [I-D.ietf-curdle-pkix]-03 | | | 113 | id-EdDSA448 | [I-D.ietf-curdle-pkix] | | |||
| | | EdDSA25519-ph | | | | | | | | |||
| | | | | | | 114 | Reserved for id- | [I-D.ietf-curdle-pkix-03] | | |||
| | 115 | Reserved for id-EdDSA448-ph | [I-D.ietf-curdle-pkix]-03 | | | | EdDSA25519-ph | | | |||
| +---------+-----------------------------+---------------------------+ | | | | | | |||
| | 115 | Reserved for id- | [I-D.ietf-curdle-pkix-03] | | ||||
| | | EdDSA448-ph | | | ||||
| | | | | | ||||
| | 128 and | Retained by Digicert | [I-D.ietf-curdle-pkix] | | ||||
| | up | | | | ||||
| +-----------+---------------------------+---------------------------+ | ||||
| The column 'Decimal' is required to be a number between 100 and 127 | The column 'Decimal' is required to be a number between 100 and 127 | |||
| inclusive. | inclusive. | |||
| The value of 100 has been reserved so that a new arc below that point | The value of 100 has been reserved so that a new arc below that point | |||
| can be established in the future. (I.e. starting at 1.3.101.100.1) | can be established in the future. (I.e. starting at 1.3.101.100.1) | |||
| If the new child registry is established, a name for this value is to | If the new child registry is established, a name for this value is to | |||
| be assigned at that point. The experts can, at their discretion, | be assigned at that point. The experts can, at their discretion, | |||
| assign an algorithm OID instead. | assign an algorithm OID instead. | |||
| skipping to change at page 4, line 17 ¶ | skipping to change at page 4, line 29 ¶ | |||
| (ASN.1): Specification of basic notation. ITU-T | (ASN.1): Specification of basic notation. ITU-T | |||
| Recommendation X.680 (2008)", ITU-T X.680, ISO/ | Recommendation X.680 (2008)", ITU-T X.680, ISO/ | |||
| IEC 8824-1:2008, November 2008. | IEC 8824-1:2008, November 2008. | |||
| 4.2. Informational References | 4.2. Informational References | |||
| [I-D.ietf-curdle-pkix] | [I-D.ietf-curdle-pkix] | |||
| Josefsson, S. and J. Schaad, "Algorithm Identifiers for | Josefsson, S. and J. Schaad, "Algorithm Identifiers for | |||
| Ed25519, Ed448, X25519 and X448 for use in the Internet | Ed25519, Ed448, X25519 and X448 for use in the Internet | |||
| X.509 Public Key Infrastructure", draft-ietf-curdle- | X.509 Public Key Infrastructure", draft-ietf-curdle- | |||
| pkix-05 (work in progress), July 2017. | pkix-07 (work in progress), November 2017. | |||
| [I-D.ietf-curdle-pkix-03] | ||||
| Josefsson, S. and J. Schaad, "Algorithm Identifiers for | ||||
| Ed25519, Ed448, X25519 and X448 for use in the Internet | ||||
| X.509 Public Key Infrastructure", draft-ietf-curdle- | ||||
| pkix-07 (work in progress), November 2016. | ||||
| [RFC7748] Langley, A., Hamburg, M., and S. Turner, "Elliptic Curves | [RFC7748] Langley, A., Hamburg, M., and S. Turner, "Elliptic Curves | |||
| for Security", RFC 7748, DOI 10.17487/RFC7748, January | for Security", RFC 7748, DOI 10.17487/RFC7748, January | |||
| 2016, <https://www.rfc-editor.org/info/rfc7748>. | 2016, <https://www.rfc-editor.org/info/rfc7748>. | |||
| [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | |||
| Signature Algorithm (EdDSA)", RFC 8032, | Signature Algorithm (EdDSA)", RFC 8032, | |||
| DOI 10.17487/RFC8032, January 2017, | DOI 10.17487/RFC8032, January 2017, | |||
| <https://www.rfc-editor.org/info/rfc8032>. | <https://www.rfc-editor.org/info/rfc8032>. | |||
| [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for | |||
| Writing an IANA Considerations Section in RFCs", BCP 26, | Writing an IANA Considerations Section in RFCs", BCP 26, | |||
| RFC 8126, DOI 10.17487/RFC8126, June 2017, | RFC 8126, DOI 10.17487/RFC8126, June 2017, | |||
| <https://www.rfc-editor.org/info/rfc8126>. | <https://www.rfc-editor.org/info/rfc8126>. | |||
| Acknowledgments | Acknowledgments | |||
| Our thanks go out to Symantec for donating the range of OIDs covered | Our thanks go out to DigiCert for donating the range of OIDs covered | |||
| in this document. | in this document. At the time of the donation, the root of the range | |||
| was assigned to Symantec but has sense been transfered DigiCert. | ||||
| This document stole text heavily from a previous document doing | This document uses a lot of text from a similar document by Russ | |||
| similar thing by Russ Housely. Copying always makes things easier | Housley. Copying always makes things easier and less error prone. | |||
| and less error prone. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Jim Schaad | Jim Schaad | |||
| August Cellars | August Cellars | |||
| Email: ietf@augustcellars.com | Email: ietf@augustcellars.com | |||
| Rick Andrews | Rick Andrews | |||
| Symantec Website Security | DigiCert, Inc. | |||
| Email: Rick_Andrews@symantec.com | Email: rick.andrews@digicert.com | |||
| End of changes. 16 change blocks. | ||||
| 43 lines changed or deleted | 68 lines changed or added | |||
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||