ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Algorithm agility for ESSCertID

2006-03-10 10:11:10
from [Denis Pinkas] [Permanent Link] 


ESSCertID mandates the use of SHA-1. An attribute with the same properties is 
needed 
to allow the use of alternative hash functions.

While being in the process to issue an update of RFC 3126 
(draft-ietf-smime-cades),
it appears that the currently defined signed attribute could be simplified. 

In RFC 3126, an object identifier identifies the other-signing-certificate 
attribute 
which is a correct, but is a rather complicated structure to specify another 
hash algorithm.


From discussions on the PKIX mailing list, it appears that the structure of 

otherSigCert could be simplified.

Since the other-signing-certificate attribute was defined for the provision of 
algorithm agility and since no one has mentioned that it has already been used, 
it is proposed to deprecate its use in the revised RFC and to recommend 
the use of a new attribute that would be called general-Signing-certificate.

Below is a proposal for its definition: 

====================================================================

The following object identifier identifies the general-signing-certificate
attribute:

id-aa-ets-generalSigCert OBJECT IDENTIFIER ::= { iso(1)
    member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
    smime(16) id-aa(2) ?? }

The general-signing-certificate attribute value has the ASN.1 syntax:

GeneralSigningCertificate ::=  SEQUENCE {
    certs        SEQUENCE OF GeneralCertID,
    policies     SEQUENCE OF PolicyInformation OPTIONAL
                 -- NOT USED IN THE PRESENT DOCUMENT
    }

GeneralCertID ::= SEQUENCE {
    certHash         OCTET STRING,
    issuerSerial     IssuerSerial,
    hashAlgorithm    AlgorithmIdentifier DEFAULT { sha-1 } }

====================================================================

For that purpose there would be the need to obtain an OID for that 
attribute.

Denis

====================================================================

For information the current structure is as follows:


id-aa-ets-otherSigCert OBJECT IDENTIFIER ::= { iso(1)
    member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
    smime(16) id-aa(2) 19 }

The other-signing-certificate attribute value has the ASN.1 syntax 
OtherSigningCertificate:

OtherSigningCertificate ::=  SEQUENCE {
    certs        SEQUENCE OF OtherCertID,
    policies     SEQUENCE OF PolicyInformation OPTIONAL
                 -- NOT USED IN THE PRESENT DOCUMENT }

OtherCertID ::= SEQUENCE {
    otherCertHash            OtherHash,
    issuerSerial             IssuerSerial OPTIONAL }

OtherHash ::= CHOICE {
    sha1Hash OtherHashValue,  -- This contains a SHA-1 hash
    otherHash OtherHashAlgAndValue}

OtherHashValue ::= OCTET STRING

OtherHashAlgAndValue ::= SEQUENCE {
    hashAlgorithm     AlgorithmIdentifier,
    hashValue         OtherHashValue }

======================================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Algorithm agility for ESSCertID, Denis Pinkas <=
Previous by Date:  Re: About countersignature in RFC 4134, Blake Ramsdell
Next by Date:  -02 of KEM draft on the IMC website, Blake Ramsdell
Previous by Thread:  Re: About countersignature in RFC 4134, Blake Ramsdell
Next by Thread:  -02 of KEM draft on the IMC website, Blake Ramsdell
Indexes:  [Date] [Thread] [Top] [All Lists]