ietf-smime
[Top] [All Lists]

More 11/20/97 S/MIME V3 Msg Spec Comments

1997-12-03 14:13:46
Blake (and friends),

Here is another comment to the "20 Nov 97 S/MIME Version 3 Message
Specification".

1) Sec H: "Need OIDs for DH"  PKIX X.509 Certificate and CRL Profile, sec
7.3.2 defines the use of the dhpublicnumber OID for DH keys in X.509 Certs
as follows:

"7.3.2 Diffie-Hellman Key Exchange Key

   This diffie-hellman object identifier supported by this standard is
   defined by ANSI X9.42.

        dhpublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
                  us(840) ansi-x942(10046) number-type(2) 1 }

   The dhpublicnumber object identifier is intended to be used in the
   algorithm field of a value of type AlgorithmIdentifier. The
   parameters field of that type, which has the algorithm-specific
   syntax ANY DEFINED BY algorithm, would have ASN.1 type DHParameter
   for this algorithm.

        DHParameter ::= SEQUENCE {
          prime INTEGER, -- p
          base INTEGER, -- g }

   The fields of type DHParameter have the following meanings:

      prime is the prime p.

      base is the base g.

   The Diffie-Hellman public key (an INTEGER) is mapped to a
   subjectPublicKey (a BIT STRING) as follows: the most significant bit
   (MSB) of the INTEGER becomes the MSB of the BIT STRING; the least
   significant bit (LSB) of the INTEGER becomes the LSB of the BIT
   STRING.

   If the keyUsage extension is present in a certificate which conveys a
   DH public key, the following values may be present:

      keyAgreement;
      encipherOnly; and
      decipherOnly.

   At most one of encipherOnly and decipherOnly shall be asserted in
   keyUsage extension."




================================
John Pawling   
jsp(_at_)jgvandyke(_dot_)com                             
J.G. Van Dyke & Associates, Inc.           
================================







<Prev in Thread] Current Thread [Next in Thread>
  • More 11/20/97 S/MIME V3 Msg Spec Comments, John Pawling <=