RE: Algorithm Class Data
2007-08-03 14:26:45
Russ,
Here would be an example. (Please note - this is conceptual ASN.1 not real
ASN.1)
MY-ALG-CLASS ::= CLASS {
&id OBJECT IDENTIFIER,
&privKeyType OPTIONAL,
&pubKeyType,
&pubKeyParams DEFAULT NULL,
&sigStructure,
&sigParams)
alg-DSS MY-ALG-CLASS { id-dss, INTEGER, INTEGER, dss-params, DSS-SIG, NULL }
All of the data is not associated together in META-DATA - this does not
affect what goes out over the wires, however the information could
potentially be used in the encode/decoder with some re-writes of the data
such as
SIGNED(ToBeSigned) ::= {
toBeSigned ToBeSigned
algorithm SEQUENCE {
sigId MY-ALG-CLASS.&id({SigAlgs}),
params MY-ALG-CLASS.&sigParams ({SigAlgs}{(_at_)sigId}) OPTIONAL,
},
Signature BIT STRING (CONTAINING
MY-ALG-CLASS.&sigStructure({SigAlgs}{(_at_)algorithm(_dot_)sigID}))
}
This data structure COULD be encoded/decoded directly by the ASN.1 system.
Jim
-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org [mailto:owner-ietf-
smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Russ Housley
Sent: Monday, July 30, 2007 11:04 PM
To: Jim Schaad; ietf-smime(_at_)imc(_dot_)org
Subject: Re: Algorithm Class Data
Jim:
I do not see how these impact the things that go on the wire. Maybe
I have not thought about it enough, but an example would help me
understand your proposal better.
Russ
At 11:56 AM 7/30/2007, Jim Schaad wrote:
At the face-to-face meeting I presented the fact that Paul Hoffman and
I are
currently working on a 2002 freeware ASN.1 compiler. As part of this
work
we are requested to do re-writes of the core IETF ASN.1 modules to
update
them. This message is looking at one portion of the update that we
are
contemplating.
The current ITU definition of ALGORITHM contains just an OID and an
open
type. From my point of view this seems to be missing a lot of data
that
should be associated together. So the first question would be what
information exists that COULD be associated together. This meta data
is
generally collected somewhere, but is not associated in the current
ASN.1
file.
The following information what I think could be associated. I would
like to
start by seeing if this is a complete set of data that could be
associated.
Signature
OID, Parameters, Signature Value, Public Key, Private Key
Transport Encryption
OID, Parameters, EncryptedKey (contents of OCTET STRING ?),
Public Key,
Private Key
Key Agree Encryption
OID, Parameter, EncryptedKey (contents of OCTET STRING ?), Public
Key,
Private Key, OtherKeyAttributes Set
Symmetric Key Encryption
OID, Parameters, S/MIME Parameters
KEK Encryption
OID, Parameters, OtherKeyAttibutes Set
Key Derivation Algorithm
OID, Parameters, input format?
Digest Algorithm
OID, Parameters
MAC Algorithm
OID, Parameters
Jim
|
|