ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Naming keys in EncryptedData

2005-11-15 18:16:53
from [Russ Housley] [Permanent Link] 

X9.73 defines an additional CMS content type.  It is:

   NamedKeyEncryptedData ::= SEQUENCE {
      version Version,
      keyName KeyName OPTIONAL,
      encryptedContentInfo EncryptedContentInfo }

Does anyone see a reason to fold the keyName into EncryptedData?
The alternative is to assign an attribute that can be used to identify the key that is needed to decrypt the content. That alternative would look like this: 

   id-aa-contentDecryptKeyID OBJECT IDENTIFIER ::= { <TBD> }

   ContentDecryptKeyID::= OCTET STRING
I anticipate an update to RFC 3852 to address the ambiguity in handling of multiple SignerInfo, so it would not be difficult to add either the keyName to EncryptedData (with the appropriate version updates) or the ContentDecryptKeyID attribute. 

Russ
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  -examples change for SHA-256 also, Blake Ramsdell
Next by Date:  Re: Naming keys in EncryptedData, Peter Gutmann
Previous by Thread:  -examples change for SHA-256 also, Blake Ramsdell
Next by Thread:  Re: Naming keys in EncryptedData, Peter Gutmann
Indexes:  [Date] [Thread] [Top] [All Lists]