| rfc9216.original | rfc9216.txt | |||
|---|---|---|---|---|
| lamps D.K. Gillmor, Ed. | Internet Engineering Task Force (IETF) D. K. Gillmor, Ed. | |||
| Internet-Draft ACLU | Request for Comments: 9216 ACLU | |||
| Intended status: Informational 2 February 2022 | Category: Informational April 2022 | |||
| Expires: 6 August 2022 | ISSN: 2070-1721 | |||
| S/MIME Example Keys and Certificates | S/MIME Example Keys and Certificates | |||
| draft-ietf-lamps-samples-08 | ||||
| Abstract | Abstract | |||
| The S/MIME development community benefits from sharing samples of | The S/MIME development community benefits from sharing samples of | |||
| signed or encrypted data. This document facilitates such | signed or encrypted data. This document facilitates such | |||
| collaboration by defining a small set of X.509v3 certificates and | collaboration by defining a small set of X.509v3 certificates and | |||
| keys for use when generating such samples. | keys for use when generating such samples. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This document is not an Internet Standards Track specification; it is | |||
| provisions of BCP 78 and BCP 79. | published for informational purposes. | |||
| Internet-Drafts are working documents of the Internet Engineering | ||||
| Task Force (IETF). Note that other groups may also distribute | ||||
| working documents as Internet-Drafts. The list of current Internet- | ||||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | This document is a product of the Internet Engineering Task Force | |||
| and may be updated, replaced, or obsoleted by other documents at any | (IETF). It represents the consensus of the IETF community. It has | |||
| time. It is inappropriate to use Internet-Drafts as reference | received public review and has been approved for publication by the | |||
| material or to cite them other than as "work in progress." | Internet Engineering Steering Group (IESG). Not all documents | |||
| approved by the IESG are candidates for any level of Internet | ||||
| Standard; see Section 2 of RFC 7841. | ||||
| This Internet-Draft will expire on 6 August 2022. | Information about the current status of this document, any errata, | |||
| and how to provide feedback on it may be obtained at | ||||
| https://www.rfc-editor.org/info/rfc9216. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
| license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
| and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
| extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
| described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
| provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
| in the Revised BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction | |||
| 1.1. Requirements Language . . . . . . . . . . . . . . . . . . 4 | 1.1. Terminology | |||
| 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . 4 | 1.2. Prior Work | |||
| 1.3. Prior Work . . . . . . . . . . . . . . . . . . . . . . . 4 | 2. Background | |||
| 2. Background . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2.1. Certificate Usage | |||
| 2.1. Certificate Usage . . . . . . . . . . . . . . . . . . . . 5 | 2.2. Certificate Expiration | |||
| 2.2. Certificate Expiration . . . . . . . . . . . . . . . . . 5 | 2.3. Certificate Revocation | |||
| 2.3. Certificate Revocation . . . . . . . . . . . . . . . . . 5 | 2.4. Using the CA in Test Suites | |||
| 2.4. Using the CA in Test Suites . . . . . . . . . . . . . . . 6 | 2.5. Certificate Chains | |||
| 2.5. Certificate Chains . . . . . . . . . . . . . . . . . . . 6 | 2.6. Passwords | |||
| 2.6. Passwords . . . . . . . . . . . . . . . . . . . . . . . . 7 | 2.7. Secret Key Origins | |||
| 2.7. Secret key origins . . . . . . . . . . . . . . . . . . . 7 | 3. Example RSA Certification Authority | |||
| 3. Example RSA Certification Authority . . . . . . . . . . . . . 7 | 3.1. RSA Certification Authority Root Certificate | |||
| 3.1. RSA Certification Authority Root Certificate . . . . . . 7 | 3.2. RSA Certification Authority Secret Key | |||
| 3.2. RSA Certification Authority Secret Key . . . . . . . . . 8 | 3.3. RSA Certification Authority Cross-Signed Certificate | |||
| 3.3. RSA Certification Authority Cross-signed Certificate . . 9 | 4. Alice's Sample Certificates | |||
| 4. Alice's Sample Certificates . . . . . . . . . . . . . . . . . 10 | 4.1. Alice's Signature Verification End-Entity Certificate | |||
| 4.1. Alice's Signature Verification End-Entity Certificate . . 10 | 4.2. Alice's Signing Private Key Material | |||
| 4.2. Alice's Signing Private Key Material . . . . . . . . . . 11 | 4.3. Alice's Encryption End-Entity Certificate | |||
| 4.3. Alice's Encryption End-Entity Certificate . . . . . . . . 12 | 4.4. Alice's Decryption Private Key Material | |||
| 4.4. Alice's Decryption Private Key Material . . . . . . . . . 13 | 4.5. PKCS #12 Object for Alice | |||
| 4.5. PKCS12 Object for Alice . . . . . . . . . . . . . . . . . 14 | 5. Bob's Sample | |||
| 5. Bob's Sample . . . . . . . . . . . . . . . . . . . . . . . . 17 | 5.1. Bob's Signature Verification End-Entity Certificate | |||
| 5.1. Bob's Signature Verification End-Entity Certificate . . . 17 | 5.2. Bob's Signing Private Key Material | |||
| 5.2. Bob's Signing Private Key Material . . . . . . . . . . . 18 | 5.3. Bob's Encryption End-Entity Certificate | |||
| 5.3. Bob's Encryption End-Entity Certificate . . . . . . . . . 19 | 5.4. Bob's Decryption Private Key Material | |||
| 5.4. Bob's Decryption Private Key Material . . . . . . . . . . 20 | 5.5. PKCS #12 Object for Bob | |||
| 5.5. PKCS12 Object for Bob . . . . . . . . . . . . . . . . . . 21 | 6. Example Ed25519 Certification Authority | |||
| 6. Example Ed25519 Certification Authority . . . . . . . . . . . 24 | 6.1. Ed25519 Certification Authority Root Certificate | |||
| 6.1. Ed25519 Certification Authority Root Certificate . . . . 24 | 6.2. Ed25519 Certification Authority Secret Key | |||
| 6.2. Ed25519 Certification Authority Secret Key . . . . . . . 25 | 6.3. Ed25519 Certification Authority Cross-Signed Certificate | |||
| 6.3. Ed25519 Certification Authority Cross-signed | 7. Carlos's Sample Certificates | |||
| Certificate . . . . . . . . . . . . . . . . . . . . . . . 25 | 7.1. Carlos's Signature Verification End-Entity Certificate | |||
| 7. Carlos's Sample Certificates . . . . . . . . . . . . . . . . 26 | 7.2. Carlos's Signing Private Key Material | |||
| 7.1. Carlos's Signature Verification End-Entity Certificate . 26 | 7.3. Carlos's Encryption End-Entity Certificate | |||
| 7.2. Carlos's Signing Private Key Material . . . . . . . . . . 27 | 7.4. Carlos's Decryption Private Key Material | |||
| 7.3. Carlos's Encryption End-Entity Certificate . . . . . . . 27 | 7.5. PKCS #12 Object for Carlos | |||
| 7.4. Carlos's Decryption Private Key Material . . . . . . . . 27 | 8. Dana's Sample Certificates | |||
| 7.5. PKCS12 Object for Carlos . . . . . . . . . . . . . . . . 28 | 8.1. Dana's Signature Verification End-Entity Certificate | |||
| 8. Dana's Sample Certificates . . . . . . . . . . . . . . . . . 29 | 8.2. Dana's Signing Private Key Material | |||
| 8.1. Dana's Signature Verification End-Entity Certificate . . 29 | 8.3. Dana's Encryption End-Entity Certificate | |||
| 8.2. Dana's Signing Private Key Material . . . . . . . . . . . 30 | 8.4. Dana's Decryption Private Key Material | |||
| 8.3. Dana's Encryption End-Entity Certificate . . . . . . . . 30 | 8.5. PKCS #12 Object for Dana | |||
| 8.4. Dana's Decryption Private Key Material . . . . . . . . . 30 | 9. Security Considerations | |||
| 8.5. PKCS12 Object for Dana . . . . . . . . . . . . . . . . . 31 | 10. IANA Considerations | |||
| 9. Security Considerations . . . . . . . . . . . . . . . . . . . 32 | 11. References | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 32 | 11.1. Normative References | |||
| 11. Document Considerations . . . . . . . . . . . . . . . . . . . 32 | 11.2. Informative References | |||
| 11.1. Document History . . . . . . . . . . . . . . . . . . . . 32 | Acknowledgements | |||
| 11.1.1. Substantive Changes from draft-ietf-*-07 to | Author's Address | |||
| draft-ietf-*-08 . . . . . . . . . . . . . . . . . . . 32 | ||||
| 11.1.2. Substantive Changes from draft-ietf-*-06 to | ||||
| draft-ietf-*-07 . . . . . . . . . . . . . . . . . . . 33 | ||||
| 11.1.3. Substantive Changes from draft-ietf-*-05 to | ||||
| draft-ietf-*-06 . . . . . . . . . . . . . . . . . . . 33 | ||||
| 11.1.4. Substantive Changes from draft-ietf-*-04 to | ||||
| draft-ietf-*-05 . . . . . . . . . . . . . . . . . . . 33 | ||||
| 11.1.5. Substantive Changes from draft-ietf-*-03 to | ||||
| draft-ietf-*-04 . . . . . . . . . . . . . . . . . . . 33 | ||||
| 11.1.6. Substantive Changes from draft-ietf-*-02 to | ||||
| draft-ietf-*-03 . . . . . . . . . . . . . . . . . . . 33 | ||||
| 11.1.7. Substantive Changes from draft-ietf-*-01 to | ||||
| draft-ietf-*-02 . . . . . . . . . . . . . . . . . . . 33 | ||||
| 11.1.8. Substantive Changes from draft-ietf-*-00 to | ||||
| draft-ietf-*-01 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 11.1.9. Substantive Changes from draft-dkg-*-05 to | ||||
| draft-ietf-*-00 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 11.1.10. Substantive Changes from draft-dkg-*-04 to | ||||
| draft-dkg-*-05 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 11.1.11. Substantive Changes from draft-dkg-*-03 to | ||||
| draft-dkg-*-04 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 11.1.12. Substantive Changes from draft-dkg-*-02 to | ||||
| draft-dkg-*-03 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 11.1.13. Substantive Changes from draft-dkg-*-01 to | ||||
| draft-dkg-*-02 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 11.1.14. Substantive Changes from draft-dkg-*-00 to | ||||
| draft-dkg-*-01 . . . . . . . . . . . . . . . . . . . 34 | ||||
| 12. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 34 | ||||
| 13. References . . . . . . . . . . . . . . . . . . . . . . . . . 35 | ||||
| 13.1. Normative References . . . . . . . . . . . . . . . . . . 35 | ||||
| 13.2. Informative References . . . . . . . . . . . . . . . . . 36 | ||||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 37 | ||||
| 1. Introduction | 1. Introduction | |||
| The S/MIME ([RFC8551]) development community, in particular the | The S/MIME ([RFC8551]) development community, in particular the email | |||
| e-mail development community, benefits from sharing samples of signed | development community, benefits from sharing samples of signed and/or | |||
| and/or encrypted data. Often the exact key material used does not | encrypted data. Often, the exact key material used does not matter | |||
| matter because the properties being tested pertain to implementation | because the properties being tested pertain to implementation | |||
| correctness, completeness or interoperability of the overall system. | correctness, completeness, or interoperability of the overall system. | |||
| However, without access to the relevant secret key material, a sample | However, without access to the relevant secret key material, a sample | |||
| is useless. | is useless. | |||
| This document defines a small set of X.509v3 certificates ([RFC5280]) | This document defines a small set of X.509v3 certificates ([RFC5280]) | |||
| and secret keys for use when generating or operating on such samples. | and secret keys for use when generating or operating on such samples. | |||
| An example RSA certification authority is supplied, and sample RSA | An example RSA Certification Authority is supplied, and sample RSA | |||
| certificates are provided for two "personas", Alice and Bob. | certificates are provided for two "personas", Alice and Bob. | |||
| Additionally, an Ed25519 ([RFC8032]) certification authority is | Additionally, an Ed25519 ([RFC8032]) Certification Authority is | |||
| supplied, along with sample Ed25519 certificates for two more | supplied, along with sample Ed25519 certificates for two more | |||
| "personas", Carlos and Dana. | "personas", Carlos and Dana. | |||
| This document focuses narrowly on functional, well-formed identity | This document focuses narrowly on functional, well-formed identity | |||
| and key material. It is a starting point that other documents can | and key material. It is a starting point that other documents can | |||
| use to develop sample signed or encrypted messages, test vectors, or | use to develop sample signed or encrypted messages, test vectors, or | |||
| other artifacts for improved interoperability. | other artifacts for improved interoperability. | |||
| 1.1. Requirements Language | 1.1. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | ||||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | ||||
| "OPTIONAL" in this document are to be interpreted as described in BCP | ||||
| 14 [RFC2119] [RFC8174] when, and only when, they appear in all | ||||
| capitals, as shown here. | ||||
| 1.2. Terminology | ||||
| * "Certification Authority" (or "CA") is a party capable of issuing | "Certification Authority" (or "CA"): a party capable of issuing | |||
| X.509 certificates | X.509 certificates | |||
| * "End-Entity" is a party that is capable of using X.509 | "End Entity" (or "EE"): a party that is capable of using X.509 | |||
| certificates (and their corresponding secret key material) | certificates (and their corresponding secret key material) | |||
| * "Mail User Agent" (or "MUA") is a program that generates or | "Mail User Agent" (or "MUA"): a program that generates or handles | |||
| handles [RFC5322] e-mail messages. | email messages ([RFC5322]) | |||
| 1.3. Prior Work | 1.2. Prior Work | |||
| [RFC4134] contains some sample certificates, as well as messages of | [RFC4134] contains some sample certificates as well as messages of | |||
| various S/MIME formats. That older work has unacceptably old | various S/MIME formats. That older work has unacceptably old | |||
| algorithm choices that may introduce failures when testing modern | algorithm choices that may introduce failures when testing modern | |||
| systems: in 2019, some tools explicitly mark 1024-bit RSA and | systems: in 2019, some tools explicitly marked 1024-bit RSA and | |||
| 1024-bit DSS as weak. | 1024-bit DSS as weak. | |||
| This earlier document also does not use the now widely-accepted PEM | This earlier document also does not use the now widely accepted | |||
| encoding (see [RFC7468]) for the objects, and instead embeds runnable | Privacy-Enhanced Mail (PEM) encoding (see [RFC7468]) for the objects | |||
| Perl code to extract them from the document. | and instead embeds runnable Perl code to extract them from the | |||
| document. | ||||
| It also includes examples of messages and other structures which are | It also includes examples of messages and other structures that are | |||
| greater in ambition than this document intends to be. | greater in ambition than this document intends to be. | |||
| [RFC8410] includes an example X25519 certificate that is certified | [RFC8410] includes an example X25519 certificate that is certified | |||
| with Ed25519, but it appears to be self-issued, and it is not | with Ed25519, but it appears to be self issued, and it is not | |||
| directly useful in testing an S/MIME-capable MUA. | directly useful in testing an S/MIME-capable MUA. | |||
| 2. Background | 2. Background | |||
| 2.1. Certificate Usage | 2.1. Certificate Usage | |||
| These X.509 certificates ([RFC5280]) are designed for use with S/MIME | These X.509 certificates ([RFC5280]) are designed for use with S/MIME | |||
| protections ([RFC8551]) for e-mail ([RFC5322]). | protections ([RFC8551]) for email ([RFC5322]). | |||
| In particular, they should be usable with signed and encrypted | In particular, they should be usable with signed and encrypted | |||
| messages, as part of test suites and interoperability frameworks. | messages as part of test suites and interoperability frameworks. | |||
| All end-entity and intermediate CA certificates are marked with | All end-entity and intermediate CA certificates are marked with | |||
| Certificate Policies from [TEST-POLICY] indicating that they are | Certificate Policies from [TEST-POLICY] indicating that they are | |||
| intended only for use in testing environments. End-entity | intended only for use in testing environments. End-entity | |||
| certificates are marked with policy 2.16.840.1.101.3.2.1.48.1 and | certificates are marked with policy 2.16.840.1.101.3.2.1.48.1 and | |||
| intermediate CAs are marked with policy 2.16.840.1.101.3.2.1.48.2. | intermediate CAs are marked with policy 2.16.840.1.101.3.2.1.48.2. | |||
| 2.2. Certificate Expiration | 2.2. Certificate Expiration | |||
| The certificates included in this draft expire in 2052. This should | The certificates included in this document expire in 2052. This | |||
| be sufficiently far in the future that they will be useful for a few | should be sufficiently far in the future that they will be useful for | |||
| decades. However, when testing tools in the far future (or when | a few decades. However, when testing tools in the far future (or | |||
| playing with clock skew scenarios), care should be taken to consider | when playing with clock-skew scenarios), care should be taken to | |||
| the certificate validity window. | consider the certificate validity window. | |||
| Due to this lengthy expiration window, these certificates will not be | Due to this lengthy expiration window, these certificates will not be | |||
| particularly useful to test or evaluate the interaction between | particularly useful to test or evaluate the interaction between | |||
| certificate expiration and protected messages. | certificate expiration and protected messages. | |||
| 2.3. Certificate Revocation | 2.3. Certificate Revocation | |||
| Because these are expected to be used in test suites or examples, and | Because these are expected to be used in test suites or examples, and | |||
| we do not expect there to be online network services in these use | we do not expect there to be online network services in these use | |||
| cases, we do not expect these certificates to produce any revocation | cases, we do not expect these certificates to produce any revocation | |||
| artifacts. | artifacts. | |||
| As a result, none of the certificates include either an OCSP | As a result, none of the certificates include either an Online | |||
| indicator (see id-ad-ocsp as defined in the Authority Information | Certificate Status Protocol (OCSP) indicator (see id-ad-ocsp as | |||
| Access X.509 extension in S.4.2.2.1 of [RFC5280]) or a CRL indicator | defined in the Authority Information Access X.509 extension in | |||
| (see the CRL Distribution Points X.509 extension as defined in | Section 4.2.2.1 of [RFC5280]) or a Certificate Revocation List (CRL) | |||
| S.4.2.1.13 of [RFC5280]). | indicator (see the CRL Distribution Points X.509 extension as defined | |||
| in Section 4.2.1.13 of [RFC5280]). | ||||
| 2.4. Using the CA in Test Suites | 2.4. Using the CA in Test Suites | |||
| To use these end-entity certificates in a piece of software (for | To use these end-entity certificates in a piece of software (for | |||
| example, in a test suite or an interoperability matrix), most tools | example, in a test suite or an interoperability matrix), most tools | |||
| will need to accept either the Example RSA CA (Section 3) or the | will need to accept either the example RSA CA (Section 3) or the | |||
| Example Ed25519 CA (Section 6) as a legitimate root authority. | example Ed25519 CA (Section 6) as a legitimate root authority. | |||
| Note that some tooling behaves differently for certificates validated | Note that some tooling behaves differently for certificates validated | |||
| by "locally-installed root CAs" than for pre-installed "system-level" | by "locally installed root CAs" than for pre-installed "system-level" | |||
| root CAs). For example, many common implementations of HPKP | root CAs). For example, many common implementations of HTTP Public | |||
| ([RFC7469]) only applied the designed protections when dealing with a | Key Pinning (HPKP) ([RFC7469]) only applied the designed protections | |||
| certificate issued by a pre-installed "system-level" root CA, and | when dealing with a certificate issued by a pre-installed "system- | |||
| were disabled when dealing with a certificate issued by a "locally- | level" root CA and were disabled when dealing with a certificate | |||
| installed root CA". | issued by a "locally installed root CA". | |||
| To test some tooling specifically, it may be necessary to install the | To test some tooling specifically, it may be necessary to install the | |||
| root CA as a "system-level" root CA. | root CA as a "system-level" root CA. | |||
| 2.5. Certificate Chains | 2.5. Certificate Chains | |||
| In most real-world examples, X.509 certificates are deployed with a | In most real-world examples, X.509 certificates are deployed with a | |||
| chain of more than one X.509 certificate. In particular, there is | chain of more than one X.509 certificate. In particular, there is | |||
| typically a long-lived root CA that users' software knows about upon | typically a long-lived root CA that users' software knows about upon | |||
| installation, and the end-entity certificate is issued by an | installation, and the end-entity certificate is issued by an | |||
| intermediate CA, which is in turn issued by the root CA. | intermediate CA, which is in turn issued by the root CA. | |||
| The example end-entity certificates in this document can be used with | The example end-entity certificates in this document can be used | |||
| either a simple two-link certificate chain (they are directly | either with a simple two-link certificate chain (they are directly | |||
| certified by their corresponding root CA), or in a three-link chain. | certified by their corresponding root CA) or in a three-link chain. | |||
| For example, Alice's encryption certificate (Section 4.3, | For example, Alice's encryption certificate (alice.encrypt.crt; see | |||
| alice.encrypt.crt) can be validated by a peer that directly trusts | Section 4.3) can be validated by a peer that directly trusts the | |||
| the Example RSA CA's root cert (Section 3.1, ca.rsa.crt): | example RSA CA's root cert (ca.rsa.crt; see Section 3.1): | |||
| ââââââââââââââ âââââââââââââââââââââ | +==============+ +-------------------+ | |||
| â ca.rsa.crt ââââ alice.encrypt.crt â | || ca.rsa.crt ||-->| alice.encrypt.crt | | |||
| ââââââââââââââ âââââââââââââââââââââ | +==============+ +-------------------+ | |||
| And it can also be validated by a peer that only directly trusts the | And it can also be validated by a peer that only directly trusts the | |||
| Example Ed25519 CA's root cert (Section 6.1, ca.25519.crt), via an | example Ed25519 CA's root cert (ca.25519.crt; see Section 6.1) via an | |||
| intermediate cross-signed CA cert (Section 3.3, ca.rsa.cross.crt): | intermediate cross-signed CA cert (ca.rsa.cross.crt; see | |||
| Section 3.3): | ||||
| +================+ +------------------+ +-------------------+ | ||||
| || ca.25519.crt ||-->| ca.rsa.cross.crt |-->| alice.encrypt.crt | | ||||
| +================+ +------------------+ +-------------------+ | ||||
| ââââââââââââââââ ââââââââââââââââââââ âââââââââââââââââââââ | ||||
| â ca.25519.crt ââââ ca.rsa.cross.crt ââââ alice.encrypt.crt â | ||||
| ââââââââââââââââ ââââââââââââââââââââ âââââââââââââââââââââ | ||||
| By omitting the cross-signed CA certs, it should be possible to test | By omitting the cross-signed CA certs, it should be possible to test | |||
| a "transvalid" certificate (an end-entity certificate that is | a "transvalid" certificate (an end-entity certificate that is | |||
| supplied without its intermediate certificate) in some | supplied without its intermediate certificate) in some | |||
| configurations. | configurations. | |||
| 2.6. Passwords | 2.6. Passwords | |||
| Each secret key presented in this draft is represented as a PEM- | Each secret key presented in this document is represented as a PEM- | |||
| encoded PKCS#8 [RFC5958] object in cleartext form (it has no | encoded PKCS #8 ([RFC5958]) object in cleartext form (it has no | |||
| password). | password). | |||
| As such, the secret key objects are not suitable for verifying | As such, the secret key objects are not suitable for verifying | |||
| interoperable password protection schemes. | interoperable password protection schemes. | |||
| However, the PKCS#12 [RFC7292] objects do have simple textual | However, the PKCS #12 ([RFC7292]) objects do have simple textual | |||
| passwords, because tooling for dealing with passwordless PKCS#12 | passwords, because tooling for dealing with passwordless PKCS #12 | |||
| objects is underdeveloped at the time of this draft. | objects is underdeveloped at the time of this document. | |||
| 2.7. Secret key origins | 2.7. Secret Key Origins | |||
| The secret RSA keys in this document are all deterministically | The secret RSA keys in this document are all deterministically | |||
| derived using provable prime generation as found in [FIPS186-4], | derived using provable prime generation as found in [FIPS186-4] based | |||
| based on known seeds derived via [SHA256] from simple strings. The | on known seeds derived via SHA-256 ([SHA]) from simple strings. The | |||
| validation parameters for these derivations are stored in the objects | validation parameters for these derivations are stored in the objects | |||
| themselves as specified in [RFC8479]. | themselves as specified in [RFC8479]. | |||
| The secret Ed25519 and X25519 keys in this document are all derived | The secret Ed25519 and X25519 keys in this document are all derived | |||
| by hashing a simple string. The seeds and their derivation are | by hashing a simple string. The seeds and their derivation are | |||
| included in the document for informational purposes, and to allow re- | included in the document for informational purposes and to allow | |||
| creation of the objects from appropriate tooling. | recreation of the objects from appropriate tooling. | |||
| All RSA seeds used are 224 bits long (the first 224 bits of the | All RSA seeds used are 224 bits long (the first 224 bits of the | |||
| SHA-256 digest of the origin string), and are represented in | SHA-256 digest of the origin string) and are represented in | |||
| hexadecimal. | hexadecimal. | |||
| 3. Example RSA Certification Authority | 3. Example RSA Certification Authority | |||
| The example RSA Certification Authority has the following | The example RSA Certification Authority has the following | |||
| information: | information: | |||
| * Name: Sample LAMPS RSA Certification Authority | Name: Sample LAMPS RSA Certification Authority | |||
| 3.1. RSA Certification Authority Root Certificate | 3.1. RSA Certification Authority Root Certificate | |||
| This certificate is used to verify certificates issued by the example | This certificate is used to verify certificates issued by the example | |||
| RSA Certification Authority. | RSA Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDezCCAmOgAwIBAgITcBn0xb/zdaeCQlqp6yZUAGZUCDANBgkqhkiG9w0BAQ0F | MIIDezCCAmOgAwIBAgITcBn0xb/zdaeCQlqp6yZUAGZUCDANBgkqhkiG9w0BAQ0F | |||
| ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | |||
| U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | |||
| skipping to change at page 9, line 38 ¶ | skipping to change at line 352 ¶ | |||
| PTk8cGYVO1BCHGlX8p3XYfw0xQaHxtuVCV8eYgCvAoGBAIZeiVhc0YTJOjUadz+0 | PTk8cGYVO1BCHGlX8p3XYfw0xQaHxtuVCV8eYgCvAoGBAIZeiVhc0YTJOjUadz+0 | |||
| vSOzA1arg5k2YCPCGf7z+ijM5rbMk7jrYixD6WMjTOkVLHDsVxMBpbA7GhL7TKy5 | vSOzA1arg5k2YCPCGf7z+ijM5rbMk7jrYixD6WMjTOkVLHDsVxMBpbA7GhL7TKy5 | |||
| cepBH1PVwxEIl8dqN+UoeJeBpnHo/cjJ0iCR9/aMJzI+qiUo3OMDR+UH99NIddKN | cepBH1PVwxEIl8dqN+UoeJeBpnHo/cjJ0iCR9/aMJzI+qiUo3OMDR+UH99NIddKN | |||
| i75GRVLAeW0Izgt09EMEiD9joDswOQYKKwYBBAGSCBIIATErMCkGCWCGSAFlAwQC | i75GRVLAeW0Izgt09EMEiD9joDswOQYKKwYBBAGSCBIIATErMCkGCWCGSAFlAwQC | |||
| AgQcpcG3hHYU7WYaawUiNRQotLfwnYzMotmTAt1i6Q== | AgQcpcG3hHYU7WYaawUiNRQotLfwnYzMotmTAt1i6Q== | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key was generated using provable prime generation found | This secret key was generated using provable prime generation found | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| a5c1b7847614ed661a6b0522351428b4b7f09d8ccca2d99302dd62e9. This seed | a5c1b7847614ed661a6b0522351428b4b7f09d8ccca2d99302dd62e9. This seed | |||
| is the first 224 bits of the [SHA256] digest of the string draft- | is the first 224 bits of the SHA-256 ([SHA]) digest of the string | |||
| lamps-sample-certs-keygen.ca.rsa.seed. | draft-lamps-sample-certs-keygen.ca.rsa.seed. | |||
| 3.3. RSA Certification Authority Cross-signed Certificate | 3.3. RSA Certification Authority Cross-Signed Certificate | |||
| If an e-mail client only trusts the Ed25519 Certification Authority | If an email client only trusts the Ed25519 Certification Authority | |||
| Root Certificate found in Section 6.1, they can use this intermediate | Root Certificate found in Section 6.1, they can use this intermediate | |||
| CA certificate to verify any end entity certificate issued by the | CA certificate to verify any end-entity certificate issued by the | |||
| example RSA Certification Authority. | example RSA Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIC5zCCApmgAwIBAgITcTQnnf8DUsvAdvkX7mUemYos7DAFBgMrZXAwWTENMAsG | MIIC5zCCApmgAwIBAgITcTQnnf8DUsvAdvkX7mUemYos7DAFBgMrZXAwWTENMAsG | |||
| A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | |||
| QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | |||
| MzU0NFoYDzIwNTIwOTI3MDY1NDE4WjBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | MzU0NFoYDzIwNTIwOTI3MDY1NDE4WjBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | |||
| EwhMQU1QUyBXRzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0 | EwhMQU1QUyBXRzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0 | |||
| aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALYY | aW9uIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALYY | |||
| Y9MQVU12LQuyJDv0DQzPYb4tEmVtfa82jxJOJsCfJD1XMWsYkeNSFFf86as4/esM | Y9MQVU12LQuyJDv0DQzPYb4tEmVtfa82jxJOJsCfJD1XMWsYkeNSFFf86as4/esM | |||
| skipping to change at page 10, line 28 ¶ | skipping to change at line 385 ¶ | |||
| EDAOMAwGCmCGSAFlAwIBMAIwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSRMI58 | EDAOMAwGCmCGSAFlAwIBMAIwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBSRMI58 | |||
| BxcMp/EJKGU2GmccaHb0WTAfBgNVHSMEGDAWgBRropV9uhSb5C0E0Qek0YLkLmuM | BxcMp/EJKGU2GmccaHb0WTAfBgNVHSMEGDAWgBRropV9uhSb5C0E0Qek0YLkLmuM | |||
| tTAFBgMrZXADQQBnQ+0eFP/BBKz8bVELVEPw9WFXwIGnyH7rrmLQJSE5GJmm7cYX | tTAFBgMrZXADQQBnQ+0eFP/BBKz8bVELVEPw9WFXwIGnyH7rrmLQJSE5GJmm7cYX | |||
| FFJBGyc3NWzlxxyfJLsh0yYh04dxdM8R5hcD | FFJBGyc3NWzlxxyfJLsh0yYh04dxdM8R5hcD | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 4. Alice's Sample Certificates | 4. Alice's Sample Certificates | |||
| Alice has the following information: | Alice has the following information: | |||
| * Name: Alice Lovelace | Name: Alice Lovelace | |||
| * E-mail Address: alice@smime.example | Email Address: alice@smime.example | |||
| 4.1. Alice's Signature Verification End-Entity Certificate | 4.1. Alice's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by | This certificate is used for verification of signatures made by | |||
| Alice. | Alice. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDzzCCAregAwIBAgITN0EFee11f0Kpolw69Phqzpqp1zANBgkqhkiG9w0BAQ0F | MIIDzzCCAregAwIBAgITN0EFee11f0Kpolw69Phqzpqp1zANBgkqhkiG9w0BAQ0F | |||
| ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | |||
| U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | |||
| skipping to change at page 12, line 38 ¶ | skipping to change at line 455 ¶ | |||
| YSiayNhAK4yrf+WN66C8VPknbA7us0L1TEbAOAECgYEAtwRiiQwk3BlqENFypyc8 | YSiayNhAK4yrf+WN66C8VPknbA7us0L1TEbAOAECgYEAtwRiiQwk3BlqENFypyc8 | |||
| 0Q1pxp3U7ciHi8mni0kNcTqe57Y/2o8nY9ISnt1GffMs79YQfRXTRdEm2St6oChI | 0Q1pxp3U7ciHi8mni0kNcTqe57Y/2o8nY9ISnt1GffMs79YQfRXTRdEm2St6oChI | |||
| 9Cv5j74LHZXkgEVFfO2Nq/uwSzTZkePk+HoPJo4WtAdokZgRAyyHl0gEae8Rl89e | 9Cv5j74LHZXkgEVFfO2Nq/uwSzTZkePk+HoPJo4WtAdokZgRAyyHl0gEae8Rl89e | |||
| yBX7dutONALjRZFTrg18CuegOzA5BgorBgEEAZIIEggBMSswKQYJYIZIAWUDBAIC | yBX7dutONALjRZFTrg18CuegOzA5BgorBgEEAZIIEggBMSswKQYJYIZIAWUDBAIC | |||
| BBySyJ1DMNPY4x1P3pudD+bp/BQhQd1lpF5bQ28F | BBySyJ1DMNPY4x1P3pudD+bp/BQhQd1lpF5bQ28F | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key was generated using provable prime generation found | This secret key was generated using provable prime generation found | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| 92c89d4330d3d8e31d4fde9b9d0fe6e9fc142141dd65a45e5b436f05. This seed | 92c89d4330d3d8e31d4fde9b9d0fe6e9fc142141dd65a45e5b436f05. This seed | |||
| is the first 224 bits of the [SHA256] digest of the string draft- | is the first 224 bits of the SHA-256 ([SHA]) digest of the string | |||
| lamps-sample-certs-keygen.alice.sign.seed. | draft-lamps-sample-certs-keygen.alice.sign.seed. | |||
| 4.3. Alice's Encryption End-Entity Certificate | 4.3. Alice's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Alice. | This certificate is used to encrypt messages to Alice. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDzzCCAregAwIBAgITDy0lvRE5l0rOQlSHoe49NAaKtDANBgkqhkiG9w0BAQ0F | MIIDzzCCAregAwIBAgITDy0lvRE5l0rOQlSHoe49NAaKtDANBgkqhkiG9w0BAQ0F | |||
| ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | |||
| U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | |||
| MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzENMAsGA1UEChMESUVURjERMA8G | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowOzENMAsGA1UEChMESUVURjERMA8G | |||
| skipping to change at page 14, line 38 ¶ | skipping to change at line 523 ¶ | |||
| Ya+ecV26BzR1Vfuzs4jBnCuS4DaHgxcuWW2N6pZRAoGAWTovk3xdtE0TZvDerxUY | Ya+ecV26BzR1Vfuzs4jBnCuS4DaHgxcuWW2N6pZRAoGAWTovk3xdtE0TZvDerxUY | |||
| l8hX+vwJGy7uZjegi4cFecSkOR4iekVxrEvEGhpNdEB2GqdLgp6Q6GPdalCG2wc4 | l8hX+vwJGy7uZjegi4cFecSkOR4iekVxrEvEGhpNdEB2GqdLgp6Q6GPdalCG2wc4 | |||
| 7pojp/0inc4RtRRf3nZHaTy00bnSe/0y+t0OUbkRMtXhnViVhCcOt6BUcsHupbu2 | 7pojp/0inc4RtRRf3nZHaTy00bnSe/0y+t0OUbkRMtXhnViVhCcOt6BUcsHupbu2 | |||
| Adub72KLk+gvASDduuatGjqgOzA5BgorBgEEAZIIEggBMSswKQYJYIZIAWUDBAIC | Adub72KLk+gvASDduuatGjqgOzA5BgorBgEEAZIIEggBMSswKQYJYIZIAWUDBAIC | |||
| BBwc90hJ90RfRmxCciUfX5a3f6Bpiz6Ys/Hugge/ | BBwc90hJ90RfRmxCciUfX5a3f6Bpiz6Ys/Hugge/ | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key was generated using provable prime generation found | This secret key was generated using provable prime generation found | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| 1cf74849f7445f466c4272251f5f96b77fa0698b3e98b3f1ee8207bf. This seed | 1cf74849f7445f466c4272251f5f96b77fa0698b3e98b3f1ee8207bf. This seed | |||
| is the first 224 bits of the [SHA256] digest of the string draft- | is the first 224 bits of the SHA-256 ([SHA]) digest of the string | |||
| lamps-sample-certs-keygen.alice.encrypt.seed. | draft-lamps-sample-certs-keygen.alice.encrypt.seed. | |||
| 4.5. PKCS12 Object for Alice | 4.5. PKCS #12 Object for Alice | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS #12 ([RFC7292]) object contains the same information as | |||
| presented in Section 4.1, Section 4.2, Section 4.3, Section 4.4, and | presented in Sections 3.3, 4.1, 4.2, 4.3, and 4.4. | |||
| Section 3.3. | ||||
| It is locked with the simple five-letter password alice. | It is locked with the simple five-letter password alice. | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIIX+AIBAzCCF8AGCSqGSIb3DQEHAaCCF7EEghetMIIXqTCCBI8GCSqGSIb3DQEH | MIIX+AIBAzCCF8AGCSqGSIb3DQEHAaCCF7EEghetMIIXqTCCBI8GCSqGSIb3DQEH | |||
| BqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIWQKs | BqCCBIAwggR8AgEAMIIEdQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIWQKs | |||
| PyUaB9YCAhTCgIIESCsrTOUTY394FyrjkeCBSV1dw7I3o9oZN7N6Ux2KyIamsWiJ | PyUaB9YCAhTCgIIESCsrTOUTY394FyrjkeCBSV1dw7I3o9oZN7N6Ux2KyIamsWiJ | |||
| 77t7RL1/VSxSBLjVV8Sn5+/o3mFjr5NkyQbWuky33ySVy3HZUdZc2RTooyFEdRi8 | 77t7RL1/VSxSBLjVV8Sn5+/o3mFjr5NkyQbWuky33ySVy3HZUdZc2RTooyFEdRi8 | |||
| x82dzEaVmab7pW4zpoG/IVR6OTizcWJOooGoE0ORim6y2G+iRZ3ePBUq0+8eSNYW | x82dzEaVmab7pW4zpoG/IVR6OTizcWJOooGoE0ORim6y2G+iRZ3ePBUq0+8eSNYW | |||
| +jIWov9abdFqj9j1bQKj/Hrdje2TCdl6a9sSlTFYvIxBWUdPlZDwvCQqwiCWmXeI | +jIWov9abdFqj9j1bQKj/Hrdje2TCdl6a9sSlTFYvIxBWUdPlZDwvCQqwiCWmXeI | |||
| skipping to change at page 17, line 43 ¶ | skipping to change at line 668 ¶ | |||
| coTqPkm/XGNMmOZ81KX/ReVdP+dC93sov2DuDZbYGPmHlD47bOOiA68GD64DEuNt | coTqPkm/XGNMmOZ81KX/ReVdP+dC93sov2DuDZbYGPmHlD47bOOiA68GD64DEuNt | |||
| Q8MhWk8VRR1FqcuwB0T0bc+SIKEINkvYmDFAMBkGCSqGSIb3DQEJFDEMHgoAYQBs | Q8MhWk8VRR1FqcuwB0T0bc+SIKEINkvYmDFAMBkGCSqGSIb3DQEJFDEMHgoAYQBs | |||
| AGkAYwBlMCMGCSqGSIb3DQEJFTEWBBS79syyLR0GEhyXrilqkBDTIGZmczAvMB8w | AGkAYwBlMCMGCSqGSIb3DQEJFTEWBBS79syyLR0GEhyXrilqkBDTIGZmczAvMB8w | |||
| BwYFKw4DAhoEFO/nnMx9hi1oZ0S+JkJAu+H3/jPzBAj1OQCGvaJQwQICKAA= | BwYFKw4DAhoEFO/nnMx9hi1oZ0S+JkJAu+H3/jPzBAj1OQCGvaJQwQICKAA= | |||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 5. Bob's Sample | 5. Bob's Sample | |||
| Bob has the following information: | Bob has the following information: | |||
| * Name: Bob Babbage | Name: Bob Babbage | |||
| * E-mail Address: bob@smime.example | Email Address: bob@smime.example | |||
| 5.1. Bob's Signature Verification End-Entity Certificate | 5.1. Bob's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by Bob. | This certificate is used for verification of signatures made by Bob. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDyjCCArKgAwIBAgITaqOkD33fBy/kGaVsmPv8LghbwzANBgkqhkiG9w0BAQ0F | MIIDyjCCArKgAwIBAgITaqOkD33fBy/kGaVsmPv8LghbwzANBgkqhkiG9w0BAQ0F | |||
| ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | |||
| U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | |||
| MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODENMAsGA1UEChMESUVURjERMA8G | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODENMAsGA1UEChMESUVURjERMA8G | |||
| skipping to change at page 19, line 38 ¶ | skipping to change at line 737 ¶ | |||
| iQKfXiZaquZ23T2tKvsoZz8nqg9x7U8hG3uYLV26HQKBgCOJ/C21yW25NwZ5FUdh | iQKfXiZaquZ23T2tKvsoZz8nqg9x7U8hG3uYLV26HQKBgCOJ/C21yW25NwZ5FUdh | |||
| PsQmVH7+YydJaLzHS/c7PrOgQFRMdejvAku/eYJbKbUv7qsJFIG4i/IG0CfVmu/B | PsQmVH7+YydJaLzHS/c7PrOgQFRMdejvAku/eYJbKbUv7qsJFIG4i/IG0CfVmu/B | |||
| ax5fbfYZtoB/0zxWaLkIEStVWaKrSKRdTrNzTAOreeJKsY4RNp6rvmpgojbmIGA1 | ax5fbfYZtoB/0zxWaLkIEStVWaKrSKRdTrNzTAOreeJKsY4RNp6rvmpgojbmIGA1 | |||
| Tg8Mup0xQ8F4d28rtUeynHxzoDswOQYKKwYBBAGSCBIIATErMCkGCWCGSAFlAwQC | Tg8Mup0xQ8F4d28rtUeynHxzoDswOQYKKwYBBAGSCBIIATErMCkGCWCGSAFlAwQC | |||
| AgQc9K+qy7VHPzYOBqwy4AGI/kFzrhXJm88EOouPbg== | AgQc9K+qy7VHPzYOBqwy4AGI/kFzrhXJm88EOouPbg== | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key was generated using provable prime generation found | This secret key was generated using provable prime generation found | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| f4afaacbb5473f360e06ac32e00188fe4173ae15c99bcf043a8b8f6e. This seed | f4afaacbb5473f360e06ac32e00188fe4173ae15c99bcf043a8b8f6e. This seed | |||
| is the first 224 bits of the [SHA256] digest of the string draft- | is the first 224 bits of the SHA-256 ([SHA]) digest of the string | |||
| lamps-sample-certs-keygen.bob.sign.seed. | draft-lamps-sample-certs-keygen.bob.sign.seed. | |||
| 5.3. Bob's Encryption End-Entity Certificate | 5.3. Bob's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Bob. | This certificate is used to encrypt messages to Bob. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIDyjCCArKgAwIBAgITMHxHQA+GJjocYtLrgy+WwNeGlDANBgkqhkiG9w0BAQ0F | MIIDyjCCArKgAwIBAgITMHxHQA+GJjocYtLrgy+WwNeGlDANBgkqhkiG9w0BAQ0F | |||
| ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | |||
| U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0xOTEx | |||
| MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODENMAsGA1UEChMESUVURjERMA8G | MjAwNjU0MThaGA8yMDUyMDkyNzA2NTQxOFowODENMAsGA1UEChMESUVURjERMA8G | |||
| skipping to change at page 21, line 38 ¶ | skipping to change at line 805 ¶ | |||
| PtFK67WQ6yMFdWzC1gEy5YjzRjbTe/rukbP5weH1uQKBgQC+WfachEmQ3NcxSjbR | PtFK67WQ6yMFdWzC1gEy5YjzRjbTe/rukbP5weH1uQKBgQC+WfachEmQ3NcxSjbR | |||
| kUxCcida8REewWh4AldU8U0gFcFxF6YwQI8I7ujtnCK2RKTECG9HCyaDXgMwfArV | kUxCcida8REewWh4AldU8U0gFcFxF6YwQI8I7ujtnCK2RKTECG9HCyaDXgMwfArV | |||
| zf17a9xDJL2LQKrJ9ATeSo34o9zIkpbJL0NCHHocOqYdHU+VO2ZE4Gu8DKk3siVH | zf17a9xDJL2LQKrJ9ATeSo34o9zIkpbJL0NCHHocOqYdHU+VO2ZE4Gu8DKk3siVH | |||
| XAaJ/RJSEqAIMOgwfGuHOhhto6A7MDkGCisGAQQBkggSCAExKzApBglghkgBZQME | XAaJ/RJSEqAIMOgwfGuHOhhto6A7MDkGCisGAQQBkggSCAExKzApBglghkgBZQME | |||
| AgIEHJjImYZSlYkp6InjQZ87/Q7f4KyhXaMGDe34oeg= | AgIEHJjImYZSlYkp6InjQZ87/Q7f4KyhXaMGDe34oeg= | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key was generated using provable prime generation found | This secret key was generated using provable prime generation found | |||
| in [FIPS186-4] using the seed | in [FIPS186-4] using the seed | |||
| 98c8998652958929e889e3419f3bfd0edfe0aca15da3060dedf8a1e8. This seed | 98c8998652958929e889e3419f3bfd0edfe0aca15da3060dedf8a1e8. This seed | |||
| is the first 224 bits of the [SHA256] digest of the string draft- | is the first 224 bits of the SHA-256 ([SHA]) digest of the string | |||
| lamps-sample-certs-keygen.bob.encrypt.seed. | draft-lamps-sample-certs-keygen.bob.encrypt.seed. | |||
| 5.5. PKCS12 Object for Bob | 5.5. PKCS #12 Object for Bob | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS #12 ([RFC7292]) object contains the same information as | |||
| presented in Section 5.1, Section 5.2, Section 5.3, Section 5.4, and | presented in Sections 3.3, 5.1, 5.2, 5.3, and 5.4. | |||
| Section 3.3. | ||||
| It is locked with the simple three-letter password bob. | It is locked with the simple three-letter password bob. | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIIX6AIBAzCCF7AGCSqGSIb3DQEHAaCCF6EEghedMIIXmTCCBIcGCSqGSIb3DQEH | MIIX6AIBAzCCF7AGCSqGSIb3DQEHAaCCF6EEghedMIIXmTCCBIcGCSqGSIb3DQEH | |||
| BqCCBHgwggR0AgEAMIIEbQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIe/d6 | BqCCBHgwggR0AgEAMIIEbQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIe/d6 | |||
| qDQ/28QCAhQGgIIEQJKA5kzRVm9d6rEwC/0RyBSgpPuSROUQTjspt6EhBZlgHc3u | qDQ/28QCAhQGgIIEQJKA5kzRVm9d6rEwC/0RyBSgpPuSROUQTjspt6EhBZlgHc3u | |||
| FTCPaO5P/vpeWaCnBRarGFn3DmqA3JT+59bmRpGdiP3Zrlk2EbHi0yrd2P3UFDnX | FTCPaO5P/vpeWaCnBRarGFn3DmqA3JT+59bmRpGdiP3Zrlk2EbHi0yrd2P3UFDnX | |||
| qRkkI+7pf6eOHWJRntJA+KJS8v3tZ/hpiEKAEav/Mq0IFNFyEiZpCkbKCX5auDb1 | qRkkI+7pf6eOHWJRntJA+KJS8v3tZ/hpiEKAEav/Mq0IFNFyEiZpCkbKCX5auDb1 | |||
| p5c3J2MNg/WNBfpGJUHKVIzuIF3H+8LfFgayRsDsppoUMffR+GmdL8nxLiqhraHD | p5c3J2MNg/WNBfpGJUHKVIzuIF3H+8LfFgayRsDsppoUMffR+GmdL8nxLiqhraHD | |||
| skipping to change at page 24, line 44 ¶ | skipping to change at line 951 ¶ | |||
| gogzwwSaGwx9n/o6czE8MBUGCSqGSIb3DQEJFDEIHgYAYgBvAGIwIwYJKoZIhvcN | gogzwwSaGwx9n/o6czE8MBUGCSqGSIb3DQEJFDEIHgYAYgBvAGIwIwYJKoZIhvcN | |||
| AQkVMRYEFBfFhHvQp+92kDi4s28IvJK1niuUMC8wHzAHBgUrDgMCGgQUgwafFeGU | AQkVMRYEFBfFhHvQp+92kDi4s28IvJK1niuUMC8wHzAHBgUrDgMCGgQUgwafFeGU | |||
| n9Q1rAOUCgw+KWxk+8EECJ1vqXe6ro0FAgIoAA== | n9Q1rAOUCgw+KWxk+8EECJ1vqXe6ro0FAgIoAA== | |||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 6. Example Ed25519 Certification Authority | 6. Example Ed25519 Certification Authority | |||
| The example Ed25519 Certification Authority has the following | The example Ed25519 Certification Authority has the following | |||
| information: | information: | |||
| * Name: Sample LAMPS Ed25519 Certification Authority | Name: Sample LAMPS Ed25519 Certification Authority | |||
| 6.1. Ed25519 Certification Authority Root Certificate | 6.1. Ed25519 Certification Authority Root Certificate | |||
| This certificate is used to verify certificates issued by the example | This certificate is used to verify certificates issued by the example | |||
| Ed25519 Certification Authority. | Ed25519 Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIBtzCCAWmgAwIBAgITH59R65FuWGNFHoyc0N3iWesrXzAFBgMrZXAwWTENMAsG | MIIBtzCCAWmgAwIBAgITH59R65FuWGNFHoyc0N3iWesrXzAFBgMrZXAwWTENMAsG | |||
| A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | |||
| QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | |||
| skipping to change at page 25, line 27 ¶ | skipping to change at line 980 ¶ | |||
| 6.2. Ed25519 Certification Authority Secret Key | 6.2. Ed25519 Certification Authority Secret Key | |||
| This secret key material is used by the example Ed25519 Certification | This secret key material is used by the example Ed25519 Certification | |||
| Authority to issue new certificates. | Authority to issue new certificates. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VwBCIEIAt889xRDvxNT8ak53T7tzKuSn6CQDe8fIdjrCiSFRcp | MC4CAQAwBQYDK2VwBCIEIAt889xRDvxNT8ak53T7tzKuSn6CQDe8fIdjrCiSFRcp | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key is the [SHA256] digest of the ASCII string draft- | This secret key is the SHA-256 ([SHA]) digest of the ASCII string | |||
| lamps-sample-certs-keygen.ca.25519.seed. | draft-lamps-sample-certs-keygen.ca.25519.seed. | |||
| 6.3. Ed25519 Certification Authority Cross-signed Certificate | 6.3. Ed25519 Certification Authority Cross-Signed Certificate | |||
| If an e-mail client only trusts the RSA Certification Authority Root | If an email client only trusts the RSA Certification Authority Root | |||
| Certificate found in Section 3.1, they can use this intermediate CA | Certificate found in Section 3.1, they can use this intermediate CA | |||
| certificate to verify any end entity certificate issued by the | certificate to verify any end-entity certificate issued by the | |||
| example Ed25519 Certification Authority. | example Ed25519 Certification Authority. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICvzCCAaegAwIBAgITR49T5oAgYhF5+eBYQ3ZBZIMuujANBgkqhkiG9w0BAQsF | MIICvzCCAaegAwIBAgITR49T5oAgYhF5+eBYQ3ZBZIMuujANBgkqhkiG9w0BAQsF | |||
| ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | ADBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBXRzExMC8GA1UEAxMo | |||
| U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0yMDEy | U2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhvcml0eTAgFw0yMDEy | |||
| MTUyMTM1NDRaGA8yMDUyMDkyNzA2NTQxOFowWTENMAsGA1UEChMESUVURjERMA8G | MTUyMTM1NDRaGA8yMDUyMDkyNzA2NTQxOFowWTENMAsGA1UEChMESUVURjERMA8G | |||
| A1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBMQU1QUyBFZDI1NTE5IENl | A1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBMQU1QUyBFZDI1NTE5IENl | |||
| cnRpZmljYXRpb24gQXV0aG9yaXR5MCowBQYDK2VwAyEAhIFGfciP65F//Ng4oas1 | cnRpZmljYXRpb24gQXV0aG9yaXR5MCowBQYDK2VwAyEAhIFGfciP65F//Ng4oas1 | |||
| SGUGfkShN1Ecqfnjdk8SQwSjfDB6MA8GA1UdEwEB/wQFMAMBAf8wFwYDVR0gBBAw | SGUGfkShN1Ecqfnjdk8SQwSjfDB6MA8GA1UdEwEB/wQFMAMBAf8wFwYDVR0gBBAw | |||
| skipping to change at page 26, line 27 ¶ | skipping to change at line 1012 ¶ | |||
| f/v99LEcsZTcuIbnJqz35danQkp4/upG4hPkfx+nbc1bsVylrITwIGOpnGhz7z3m | f/v99LEcsZTcuIbnJqz35danQkp4/upG4hPkfx+nbc1bsVylrITwIGOpnGhz7z3m | |||
| VCk03DFE3Qt4w9mlv9yuMse33nmsBGXog/XZvM2JRY0iKt0xksQqQD9uYm7MoMeH | VCk03DFE3Qt4w9mlv9yuMse33nmsBGXog/XZvM2JRY0iKt0xksQqQD9uYm7MoMeH | |||
| qQs3Ot7EaoPj54xyWvy42run6TLUye64D94SNjB/q/wjL96bsVIKGrRn10T1ybCh | qQs3Ot7EaoPj54xyWvy42run6TLUye64D94SNjB/q/wjL96bsVIKGrRn10T1ybCh | |||
| 4F5HD00hQZgP15Dlb1rg+vskN8MSk5nuD+6z1VsugioW0+k= | 4F5HD00hQZgP15Dlb1rg+vskN8MSk5nuD+6z1VsugioW0+k= | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 7. Carlos's Sample Certificates | 7. Carlos's Sample Certificates | |||
| Carlos has the following information: | Carlos has the following information: | |||
| * Name: Carlos Turing | Name: Carlos Turing | |||
| * E-mail Address: carlos@smime.example | Email Address: carlos@smime.example | |||
| 7.1. Carlos's Signature Verification End-Entity Certificate | 7.1. Carlos's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by | This certificate is used for verification of signatures made by | |||
| Carlos. | Carlos. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICBzCCAbmgAwIBAgITP14fVCTRtAFDeA9zwYoXhR52ljAFBgMrZXAwWTENMAsG | MIICBzCCAbmgAwIBAgITP14fVCTRtAFDeA9zwYoXhR52ljAFBgMrZXAwWTENMAsG | |||
| A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | |||
| QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | |||
| skipping to change at page 27, line 13 ¶ | skipping to change at line 1043 ¶ | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 7.2. Carlos's Signing Private Key Material | 7.2. Carlos's Signing Private Key Material | |||
| This private key material is used by Carlos to create signatures. | This private key material is used by Carlos to create signatures. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VwBCIEILvvxL741LfX+Ep3Iyye3Cjr4JmONIVYhZPM4M9N1IHY | MC4CAQAwBQYDK2VwBCIEILvvxL741LfX+Ep3Iyye3Cjr4JmONIVYhZPM4M9N1IHY | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key is the [SHA256] digest of the ASCII string draft- | This secret key is the SHA-256 ([SHA]) digest of the ASCII string | |||
| lamps-sample-certs-keygen.carlos.sign.25519.seed. | draft-lamps-sample-certs-keygen.carlos.sign.25519.seed. | |||
| 7.3. Carlos's Encryption End-Entity Certificate | 7.3. Carlos's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Carlos. It contains | This certificate is used to encrypt messages to Carlos. It contains | |||
| an SMIMECapabilities extension to indicate that Carlos's MUA expects | an SMIMECapabilities extension to indicate that Carlos's MUA expects | |||
| ECDH with HKDF using SHA-256; uses AES-128 key wrap, as indicated in | Elliptic Curve Diffie-Hellman (ECDH) with the HMAC-based Key | |||
| [RFC8418]. | Derivation Function (HKDF) using SHA-256, and that it uses the | |||
| AES-128 key wrap algorithm, as indicated in [RFC8418]. | ||||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICNDCCAeagAwIBAgITfz0Bv+b1OMAT79aCh3arViNvhDAFBgMrZXAwWTENMAsG | MIICNDCCAeagAwIBAgITfz0Bv+b1OMAT79aCh3arViNvhDAFBgMrZXAwWTENMAsG | |||
| A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | |||
| QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | |||
| MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA6MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | |||
| EwhMQU1QUyBXRzEWMBQGA1UEAxMNQ2FybG9zIFR1cmluZzAqMAUGAytlbgMhAC5o | EwhMQU1QUyBXRzEWMBQGA1UEAxMNQ2FybG9zIFR1cmluZzAqMAUGAytlbgMhAC5o | |||
| MczTIMiddTUYTc/WymEqXw8hZm1QbIz2xX2gFDx0o4HdMIHaMCsGCSqGSIb3DQEJ | MczTIMiddTUYTc/WymEqXw8hZm1QbIz2xX2gFDx0o4HdMIHaMCsGCSqGSIb3DQEJ | |||
| DwQeMBwwGgYLKoZIhvcNAQkQAxMwCwYJYIZIAWUDBAEFMAwGA1UdEwEB/wQCMAAw | DwQeMBwwGgYLKoZIhvcNAQkQAxMwCwYJYIZIAWUDBAEFMAwGA1UdEwEB/wQCMAAw | |||
| FwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB8GA1UdEQQYMBaBFGNhcmxvc0BzbWlt | FwYDVR0gBBAwDjAMBgpghkgBZQMCATABMB8GA1UdEQQYMBaBFGNhcmxvc0BzbWlt | |||
| skipping to change at page 27, line 46 ¶ | skipping to change at line 1077 ¶ | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 7.4. Carlos's Decryption Private Key Material | 7.4. Carlos's Decryption Private Key Material | |||
| This private key material is used by Carlos to decrypt messages. | This private key material is used by Carlos to decrypt messages. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VuBCIEIIH5782H/otrhLy9Dtvzt79ffsvpcVXgdUczTdUvSQsK | MC4CAQAwBQYDK2VuBCIEIIH5782H/otrhLy9Dtvzt79ffsvpcVXgdUczTdUvSQsK | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key is the [SHA256] digest of the ASCII string draft- | This secret key is the SHA-256 ([SHA]) digest of the ASCII string | |||
| lamps-sample-certs-keygen.carlos.encrypt.25519.seed. | draft-lamps-sample-certs-keygen.carlos.encrypt.25519.seed. | |||
| 7.5. PKCS12 Object for Carlos | 7.5. PKCS #12 Object for Carlos | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS #12 ([RFC7292]) object contains the same information as | |||
| presented in Section 7.1, Section 7.2, Section 7.3, Section 7.4, and | presented in Sections 6.3, 7.1, 7.2, 7.3, and 7.4. | |||
| Section 6.3. | ||||
| It is locked with the simple five-letter password carlos. | It is locked with the simple five-letter password carlos. | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIIKzgIBAzCCCpYGCSqGSIb3DQEHAaCCCocEggqDMIIKfzCCAvcGCSqGSIb3DQEH | MIIKzgIBAzCCCpYGCSqGSIb3DQEHAaCCCocEggqDMIIKfzCCAvcGCSqGSIb3DQEH | |||
| BqCCAugwggLkAgEAMIIC3QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIwS3R | BqCCAugwggLkAgEAMIIC3QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIwS3R | |||
| pT1mkyMCAhS7gIICsGKkBm0nci9VHfqxOTWy/lkKyQeF5bwsF/9gZrqUym1KtHZF | pT1mkyMCAhS7gIICsGKkBm0nci9VHfqxOTWy/lkKyQeF5bwsF/9gZrqUym1KtHZF | |||
| a4rSJIPUctmzqVnhGmfW9m+LEi7Em9rRmUIQbDZt4kQDG5eDk7AdhyDnB3uZDG1W | a4rSJIPUctmzqVnhGmfW9m+LEi7Em9rRmUIQbDZt4kQDG5eDk7AdhyDnB3uZDG1W | |||
| 4cAeUVXJMzGfnwtzy5TzBZzEo5nnVX74Al+PDW9wdpbv2TIriL0m29fBT+7HVS9F | 4cAeUVXJMzGfnwtzy5TzBZzEo5nnVX74Al+PDW9wdpbv2TIriL0m29fBT+7HVS9F | |||
| Z/95XokSwbb6mmCYeGiPpNEaoeUeuU4zrh/k+JJqDuqNsU66I30wH0CFmk3aarBV | Z/95XokSwbb6mmCYeGiPpNEaoeUeuU4zrh/k+JJqDuqNsU66I30wH0CFmk3aarBV | |||
| skipping to change at page 29, line 29 ¶ | skipping to change at line 1152 ¶ | |||
| AhS1BDgZruEsSaBY+Cm9WKR8HhH3JXh+AoMSrwkDCKytWt+MNIXB0jY2QZHDbN3u | AhS1BDgZruEsSaBY+Cm9WKR8HhH3JXh+AoMSrwkDCKytWt+MNIXB0jY2QZHDbN3u | |||
| Fn7qHw06MDthnKniazFCMBsGCSqGSIb3DQEJFDEOHgwAYwBhAHIAbABvAHMwIwYJ | Fn7qHw06MDthnKniazFCMBsGCSqGSIb3DQEJFDEOHgwAYwBhAHIAbABvAHMwIwYJ | |||
| KoZIhvcNAQkVMRYEFGSF4zucHVrN5gu6Gn8IvsSczIQ/MC8wHzAHBgUrDgMCGgQU | KoZIhvcNAQkVMRYEFGSF4zucHVrN5gu6Gn8IvsSczIQ/MC8wHzAHBgUrDgMCGgQU | |||
| 8nOYIWrnJVXEur957K5cCV3jx5cECJDjaZkfy4FnAgIoAA== | 8nOYIWrnJVXEur957K5cCV3jx5cECJDjaZkfy4FnAgIoAA== | |||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 8. Dana's Sample Certificates | 8. Dana's Sample Certificates | |||
| Dana has the following information: | Dana has the following information: | |||
| * Name: Dana Hopper | Name: Dana Hopper | |||
| * E-mail Address: dna@smime.example | Email Address: dna@smime.example | |||
| 8.1. Dana's Signature Verification End-Entity Certificate | 8.1. Dana's Signature Verification End-Entity Certificate | |||
| This certificate is used for verification of signatures made by Dana. | This certificate is used for verification of signatures made by Dana. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICAzCCAbWgAwIBAgITaWZI+hVtn8pQZviAmPmBXzWfnjAFBgMrZXAwWTENMAsG | MIICAzCCAbWgAwIBAgITaWZI+hVtn8pQZviAmPmBXzWfnjAFBgMrZXAwWTENMAsG | |||
| A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | |||
| QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | |||
| MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | |||
| skipping to change at page 30, line 13 ¶ | skipping to change at line 1182 ¶ | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 8.2. Dana's Signing Private Key Material | 8.2. Dana's Signing Private Key Material | |||
| This private key material is used by Dana to create signatures. | This private key material is used by Dana to create signatures. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VwBCIEINZ8GPfmQh2AMp+uNIsZMbzvyTOltwvEt13usjnUaW4N | MC4CAQAwBQYDK2VwBCIEINZ8GPfmQh2AMp+uNIsZMbzvyTOltwvEt13usjnUaW4N | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This secret key is the [SHA256] digest of the ASCII string draft- | This secret key is the SHA-256 ([SHA]) digest of the ASCII string | |||
| lamps-sample-certs-keygen.dana.sign.25519.seed. | draft-lamps-sample-certs-keygen.dana.sign.25519.seed. | |||
| 8.3. Dana's Encryption End-Entity Certificate | 8.3. Dana's Encryption End-Entity Certificate | |||
| This certificate is used to encrypt messages to Dana. It contains an | This certificate is used to encrypt messages to Dana. It contains an | |||
| SMIMECapabilities extension to indicate that Dana's MUA expects ECDH | SMIMECapabilities extension to indicate that Dana's MUA expects ECDH | |||
| with HKDF using SHA-256; uses AES-128 key wrap, as indicated in | with HKDF using SHA-256, and that it uses the AES-128 key wrap | |||
| [RFC8418]. | algorithm, as indicated in [RFC8418]. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIICMDCCAeKgAwIBAgITDksKNqnvupyaO2gkjlIdwN7zpzAFBgMrZXAwWTENMAsG | MIICMDCCAeKgAwIBAgITDksKNqnvupyaO2gkjlIdwN7zpzAFBgMrZXAwWTENMAsG | |||
| A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | A1UEChMESUVURjERMA8GA1UECxMITEFNUFMgV0cxNTAzBgNVBAMTLFNhbXBsZSBM | |||
| QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | QU1QUyBFZDI1NTE5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MCAXDTIwMTIxNTIx | |||
| MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | MzU0NFoYDzIwNTIxMjE1MjEzNTQ0WjA4MQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQL | |||
| EwhMQU1QUyBXRzEUMBIGA1UEAxMLRGFuYSBIb3BwZXIwKjAFBgMrZW4DIQDgMaI2 | EwhMQU1QUyBXRzEUMBIGA1UEAxMLRGFuYSBIb3BwZXIwKjAFBgMrZW4DIQDgMaI2 | |||
| AWkU9LG8CvaRHgDSEY9d72Y8ENZeMwibPugkVKOB2zCB2DArBgkqhkiG9w0BCQ8E | AWkU9LG8CvaRHgDSEY9d72Y8ENZeMwibPugkVKOB2zCB2DArBgkqhkiG9w0BCQ8E | |||
| HjAcMBoGCyqGSIb3DQEJEAMTMAsGCWCGSAFlAwQBBTAMBgNVHRMBAf8EAjAAMBcG | HjAcMBoGCyqGSIb3DQEJEAMTMAsGCWCGSAFlAwQBBTAMBgNVHRMBAf8EAjAAMBcG | |||
| A1UdIAQQMA4wDAYKYIZIAWUDAgEwATAdBgNVHREEFjAUgRJkYW5hQHNtaW1lLmV4 | A1UdIAQQMA4wDAYKYIZIAWUDAgEwATAdBgNVHREEFjAUgRJkYW5hQHNtaW1lLmV4 | |||
| skipping to change at page 30, line 46 ¶ | skipping to change at line 1215 ¶ | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| 8.4. Dana's Decryption Private Key Material | 8.4. Dana's Decryption Private Key Material | |||
| This private key material is used by Dana to decrypt messages. | This private key material is used by Dana to decrypt messages. | |||
| -----BEGIN PRIVATE KEY----- | -----BEGIN PRIVATE KEY----- | |||
| MC4CAQAwBQYDK2VuBCIEIGxZt8L7lY48OEq4gs/smQ4weDhRNMlYHG21StivPfz3 | MC4CAQAwBQYDK2VuBCIEIGxZt8L7lY48OEq4gs/smQ4weDhRNMlYHG21StivPfz3 | |||
| -----END PRIVATE KEY----- | -----END PRIVATE KEY----- | |||
| This seed is the [SHA256] digest of the ASCII string draft-lamps- | This seed is the SHA-256 ([SHA]) digest of the ASCII string draft- | |||
| sample-certs-keygen.dana.encrypt.25519.seed. | lamps-sample-certs-keygen.dana.encrypt.25519.seed. | |||
| 8.5. PKCS12 Object for Dana | 8.5. PKCS #12 Object for Dana | |||
| This PKCS12 ([RFC7292]) object contains the same information as | This PKCS #12 ([RFC7292]) object contains the same information as | |||
| presented in Section 8.1, Section 8.2, Section 8.3, Section 8.4, and | presented in Sections 6.3, 8.1, 8.2, 8.3, and 8.4. | |||
| Section 6.3. | ||||
| It is locked with the simple four-letter password dana. | It is locked with the simple four-letter password dana. | |||
| -----BEGIN PKCS12----- | -----BEGIN PKCS12----- | |||
| MIIKtgIBAzCCCn4GCSqGSIb3DQEHAaCCCm8EggprMIIKZzCCAu8GCSqGSIb3DQEH | MIIKtgIBAzCCCn4GCSqGSIb3DQEHAaCCCm8EggprMIIKZzCCAu8GCSqGSIb3DQEH | |||
| BqCCAuAwggLcAgEAMIIC1QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIZNqH | BqCCAuAwggLcAgEAMIIC1QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQMwDgQIZNqH | |||
| TA2APx0CAhQXgIICqK+HFHF6dF5qwlWM6MRCXw11VKrcYBff65iLABPyGvWENnVM | TA2APx0CAhQXgIICqK+HFHF6dF5qwlWM6MRCXw11VKrcYBff65iLABPyGvWENnVM | |||
| TTPpDLqbGm6Yd2eLntPZvJoVe5Sf2+DW4q3BZ9aKuEdneBBk8mDJ6/Lq1+wFxY5k | TTPpDLqbGm6Yd2eLntPZvJoVe5Sf2+DW4q3BZ9aKuEdneBBk8mDJ6/Lq1+wFxY5k | |||
| WaBHTA6LNml/NkM3za/fr4abKFQnu6DZgZDGbZh2BsgCMmO9TeHgZyepsh3WP4ZO | WaBHTA6LNml/NkM3za/fr4abKFQnu6DZgZDGbZh2BsgCMmO9TeHgZyepsh3WP4ZO | |||
| aYDvSD0LiEzerDPlOBgjYahcNLjv/Dn/dFxtOO3or010TTUoQCqeHJOoq3hJtSI+ | aYDvSD0LiEzerDPlOBgjYahcNLjv/Dn/dFxtOO3or010TTUoQCqeHJOoq3hJtSI+ | |||
| skipping to change at page 32, line 31 ¶ | skipping to change at line 1292 ¶ | |||
| zAawM6xXMt2WMC8wHzAHBgUrDgMCGgQUzSoHpcIerV21CvCOjAe5ZVhs2M8ECC5D | zAawM6xXMt2WMC8wHzAHBgUrDgMCGgQUzSoHpcIerV21CvCOjAe5ZVhs2M8ECC5D | |||
| kkzl2MltAgIoAA== | kkzl2MltAgIoAA== | |||
| -----END PKCS12----- | -----END PKCS12----- | |||
| 9. Security Considerations | 9. Security Considerations | |||
| The keys presented in this document should be considered compromised | The keys presented in this document should be considered compromised | |||
| and insecure, because the secret key material is published and | and insecure, because the secret key material is published and | |||
| therefore not secret. | therefore not secret. | |||
| Any application which maintains a denylist of invalid key material | Any application that maintains a deny list of invalid key material | |||
| should include these keys in its list. | should include these keys in its list. | |||
| 10. IANA Considerations | 10. IANA Considerations | |||
| IANA has nothing to do for this document. | This document has no IANA actions. | |||
| 11. Document Considerations | ||||
| [ RFC Editor: please remove this section before publication ] | ||||
| This document is currently edited as markdown. Minor editorial | ||||
| changes can be suggested via merge requests at | ||||
| https://gitlab.com/dkg/lamps-samples or by e-mail to the author. | ||||
| Please direct all significant commentary to the public IETF LAMPS | ||||
| mailing list: spasm@ietf.org | ||||
| 11.1. Document History | ||||
| 11.1.1. Substantive Changes from draft-ietf-*-07 to draft-ietf-*-08 | ||||
| * Apply editorial cleanup suggested during review | ||||
| 11.1.2. Substantive Changes from draft-ietf-*-06 to draft-ietf-*-07 | ||||
| * Correct document history | ||||
| * Restore PKCS12 for dana and bob from -05 | ||||
| 11.1.3. Substantive Changes from draft-ietf-*-05 to draft-ietf-*-06 | ||||
| * Added outbound references for acronyms PEM, CRL, and OCSP, thanks | ||||
| Stewart Brant. | ||||
| * Accidentally modified PKCS12 for dana and bob | ||||
| 11.1.4. Substantive Changes from draft-ietf-*-04 to draft-ietf-*-05 | ||||
| * Switch from SHA512 to SHA1 as MAC checksum in PKCS#12 objects, for | ||||
| interop with Keychain Access on macOS. | ||||
| 11.1.5. Substantive Changes from draft-ietf-*-03 to draft-ietf-*-04 | ||||
| * Order subject/issuer DN components by scope. | ||||
| * Put cross-signed intermediate CA certificates into PKCS#12 instead | ||||
| of self-signed root CA certificates. | ||||
| 11.1.6. Substantive Changes from draft-ietf-*-02 to draft-ietf-*-03 | ||||
| * Correct encoding of S/MIME Capabilities extension. | ||||
| * Change "Certificate Authority" to "Certification Authority". | ||||
| * Add CertificatePolicies to all intermediate and end-entity | ||||
| certificates. | ||||
| * Add organization and organizational unit to all certificates. | ||||
| 11.1.7. Substantive Changes from draft-ietf-*-01 to draft-ietf-*-02 | ||||
| * Added cross-signed certificates for both CAs | ||||
| * Added S/MIME Capabilities extension for Carlos and Dana's | ||||
| encryption keys, indicating preferred ECDH parameters. | ||||
| * Ensure no serial numbers are negative. | ||||
| * Encode keyUsage extensions in minimum-length BIT STRINGs. | ||||
| 11.1.8. Substantive Changes from draft-ietf-*-00 to draft-ietf-*-01 | ||||
| * Added Curve25519 sample certificates (new CA, Carlos, and Dana) | ||||
| 11.1.9. Substantive Changes from draft-dkg-*-05 to draft-ietf-*-00 | ||||
| * WG adoption (dkg moves from Author to Editor) | ||||
| 11.1.10. Substantive Changes from draft-dkg-*-04 to draft-dkg-*-05 | ||||
| * PEM blobs are now sourcecode, not artwork | ||||
| 11.1.11. Substantive Changes from draft-dkg-*-03 to draft-dkg-*-04 | ||||
| * Describe deterministic key generation | ||||
| * label PEM blobs with filenames in XML | ||||
| 11.1.12. Substantive Changes from draft-dkg-*-02 to draft-dkg-*-03 | ||||
| * Alice and Bob now each have two distinct certificates: one for | ||||
| signing, one for encryption, and public keys to match. | ||||
| 11.1.13. Substantive Changes from draft-dkg-*-01 to draft-dkg-*-02 | ||||
| * PKCS#12 objects are deliberately locked with simple passphrases | ||||
| 11.1.14. Substantive Changes from draft-dkg-*-00 to draft-dkg-*-01 | ||||
| * changed all three keys to use RSA instead of RSA-PSS | ||||
| * set keyEncipherment keyUsage flag instead of dataEncipherment in | ||||
| EE certs | ||||
| 12. Acknowledgements | ||||
| This draft was inspired by similar work in the OpenPGP space by | ||||
| Bjarni Runar and juga at [I-D.bre-openpgp-samples]. | ||||
| Eric Rescorla helped spot issues with certificate formats. | ||||
| Sean Turner pointed to [RFC4134] as prior work. | ||||
| Deb Cooley suggested that Alice and Bob should have separate | ||||
| certificates for signing and encryption. | ||||
| Wolfgang Hommel helped to build reproducible encrypted PKCS#12 | ||||
| objects. | ||||
| Carsten Bormann got the XML sourcecode markup working for this draft. | ||||
| David A. Cooper identified problems with the certificates and | ||||
| suggested corrections. | ||||
| Lijun Liao helped get the terminology right. | ||||
| Stewart Brant and Roman Danyliw provided editorial suggestions. | ||||
| 13. References | ||||
| 13.1. Normative References | 11. References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | 11.1. Normative References | |||
| Requirement Levels", BCP 14, RFC 2119, | ||||
| DOI 10.17487/RFC2119, March 1997, | ||||
| <https://www.rfc-editor.org/info/rfc2119>. | ||||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | |||
| <https://www.rfc-editor.org/info/rfc5280>. | <https://www.rfc-editor.org/info/rfc5280>. | |||
| [RFC5958] Turner, S., "Asymmetric Key Packages", RFC 5958, | [RFC5958] Turner, S., "Asymmetric Key Packages", RFC 5958, | |||
| DOI 10.17487/RFC5958, August 2010, | DOI 10.17487/RFC5958, August 2010, | |||
| <https://www.rfc-editor.org/info/rfc5958>. | <https://www.rfc-editor.org/info/rfc5958>. | |||
| skipping to change at page 35, line 47 ¶ | skipping to change at line 1327 ¶ | |||
| [RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX, | [RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX, | |||
| PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468, | PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468, | |||
| April 2015, <https://www.rfc-editor.org/info/rfc7468>. | April 2015, <https://www.rfc-editor.org/info/rfc7468>. | |||
| [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | |||
| Signature Algorithm (EdDSA)", RFC 8032, | Signature Algorithm (EdDSA)", RFC 8032, | |||
| DOI 10.17487/RFC8032, January 2017, | DOI 10.17487/RFC8032, January 2017, | |||
| <https://www.rfc-editor.org/info/rfc8032>. | <https://www.rfc-editor.org/info/rfc8032>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | ||||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | ||||
| May 2017, <https://www.rfc-editor.org/info/rfc8174>. | ||||
| [RFC8479] Mavrogiannopoulos, N., "Storing Validation Parameters in | [RFC8479] Mavrogiannopoulos, N., "Storing Validation Parameters in | |||
| PKCS#8", RFC 8479, DOI 10.17487/RFC8479, September 2018, | PKCS#8", RFC 8479, DOI 10.17487/RFC8479, September 2018, | |||
| <https://www.rfc-editor.org/info/rfc8479>. | <https://www.rfc-editor.org/info/rfc8479>. | |||
| [RFC8551] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ | [RFC8551] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ | |||
| Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 | Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 | |||
| Message Specification", RFC 8551, DOI 10.17487/RFC8551, | Message Specification", RFC 8551, DOI 10.17487/RFC8551, | |||
| April 2019, <https://www.rfc-editor.org/info/rfc8551>. | April 2019, <https://www.rfc-editor.org/info/rfc8551>. | |||
| 13.2. Informative References | 11.2. Informative References | |||
| [FIPS186-4] | [FIPS186-4] | |||
| "Digital Signature Standard (DSS)", National Institute of | National Institute of Standards and Technology (NIST), | |||
| Standards and Technology report, | "Digital Signature Standard (DSS)", FIPS PUB 186-4, | |||
| DOI 10.6028/nist.fips.186-4, July 2013, | DOI 10.6028/NIST.FIPS.186-4, July 2013, | |||
| <https://doi.org/10.6028/nist.fips.186-4>. | <https://doi.org/10.6028/NIST.FIPS.186-4>. | |||
| [I-D.bre-openpgp-samples] | [OPENPGP-SAMPLES] | |||
| Einarsson, B. R., juga, and D. K. Gillmor, "OpenPGP | Einarsson, B. R., juga, and D. K. Gillmor, "OpenPGP | |||
| Example Keys and Certificates", Work in Progress, | Example Keys and Certificates", Work in Progress, | |||
| Internet-Draft, draft-bre-openpgp-samples-01, 20 December | Internet-Draft, draft-bre-openpgp-samples-01, 20 December | |||
| 2019, <https://www.ietf.org/archive/id/draft-bre-openpgp- | 2019, <https://datatracker.ietf.org/doc/html/draft-bre- | |||
| samples-01.txt>. | openpgp-samples-01>. | |||
| [RFC4134] Hoffman, P., Ed., "Examples of S/MIME Messages", RFC 4134, | [RFC4134] Hoffman, P., Ed., "Examples of S/MIME Messages", RFC 4134, | |||
| DOI 10.17487/RFC4134, July 2005, | DOI 10.17487/RFC4134, July 2005, | |||
| <https://www.rfc-editor.org/info/rfc4134>. | <https://www.rfc-editor.org/info/rfc4134>. | |||
| [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, | [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, | |||
| DOI 10.17487/RFC5322, October 2008, | DOI 10.17487/RFC5322, October 2008, | |||
| <https://www.rfc-editor.org/info/rfc5322>. | <https://www.rfc-editor.org/info/rfc5322>. | |||
| [RFC7469] Evans, C., Palmer, C., and R. Sleevi, "Public Key Pinning | [RFC7469] Evans, C., Palmer, C., and R. Sleevi, "Public Key Pinning | |||
| skipping to change at page 37, line 5 ¶ | skipping to change at line 1375 ¶ | |||
| X.509 Public Key Infrastructure", RFC 8410, | X.509 Public Key Infrastructure", RFC 8410, | |||
| DOI 10.17487/RFC8410, August 2018, | DOI 10.17487/RFC8410, August 2018, | |||
| <https://www.rfc-editor.org/info/rfc8410>. | <https://www.rfc-editor.org/info/rfc8410>. | |||
| [RFC8418] Housley, R., "Use of the Elliptic Curve Diffie-Hellman Key | [RFC8418] Housley, R., "Use of the Elliptic Curve Diffie-Hellman Key | |||
| Agreement Algorithm with X25519 and X448 in the | Agreement Algorithm with X25519 and X448 in the | |||
| Cryptographic Message Syntax (CMS)", RFC 8418, | Cryptographic Message Syntax (CMS)", RFC 8418, | |||
| DOI 10.17487/RFC8418, August 2018, | DOI 10.17487/RFC8418, August 2018, | |||
| <https://www.rfc-editor.org/info/rfc8418>. | <https://www.rfc-editor.org/info/rfc8418>. | |||
| [SHA256] Dang, Q., "Secure Hash Standard", National Institute of | [SHA] National Institute of Standards and Technology (NIST), | |||
| Standards and Technology report, | "Secure Hash Standard (SHS)", FIPS PUB 180-4, | |||
| DOI 10.6028/nist.fips.180-4, July 2015, | DOI 10.6028/NIST.FIPS.180-4, August 2015, | |||
| <https://doi.org/10.6028/nist.fips.180-4>. | <https://doi.org/10.6028/NIST.FIPS.180-4>. | |||
| [TEST-POLICY] | [TEST-POLICY] | |||
| NIST - Computer Security Divisiion (CSD), "Test | National Institute of Standards and Technology (NIST), | |||
| Certificate Policy to Support PKI Pilots and Testing", May | "Test Certificate Policy to Support PKI Pilots and | |||
| 2012, <https://csrc.nist.gov/CSRC/media/Projects/Computer- | Testing", Computer Security Resource Center, May 2012, | |||
| <https://csrc.nist.gov/CSRC/media/Projects/Computer- | ||||
| Security-Objects-Register/documents/test_policy.pdf>. | Security-Objects-Register/documents/test_policy.pdf>. | |||
| Acknowledgements | ||||
| This document was inspired by similar work in the OpenPGP space by | ||||
| Bjarni RĂșnar Einarsson and juga; see [OPENPGP-SAMPLES]. | ||||
| Eric Rescorla helped spot issues with certificate formats. | ||||
| Sean Turner pointed to [RFC4134] as prior work. | ||||
| Deb Cooley suggested that Alice and Bob should have separate | ||||
| certificates for signing and encryption. | ||||
| Wolfgang Hommel helped to build reproducible encrypted PKCS #12 | ||||
| objects. | ||||
| Carsten Bormann got the XML sourcecode markup working for this | ||||
| document. | ||||
| David A. Cooper identified problems with the certificates and | ||||
| suggested corrections. | ||||
| Lijun Liao helped get the terminology right. | ||||
| Stewart Bryant and Roman Danyliw provided editorial suggestions. | ||||
| Author's Address | Author's Address | |||
| Daniel Kahn Gillmor (editor) | Daniel Kahn Gillmor (editor) | |||
| American Civil Liberties Union | American Civil Liberties Union | |||
| 125 Broad St. | 125 Broad St. | |||
| New York, NY, 10004 | New York, NY 10004 | |||
| United States of America | United States of America | |||
| Email: dkg@fifthhorseman.net | Email: dkg@fifthhorseman.net | |||
| End of changes. 87 change blocks. | ||||
| 385 lines changed or deleted | 241 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||