ietf-smime
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: Algorithm Class Data

2007-08-03 14:26:45
from [Jim Schaad] [Permanent Link] 

Russ,

Here would be an example.   (Please note - this is conceptual ASN.1 not real
ASN.1)

MY-ALG-CLASS ::= CLASS {
     &id             OBJECT IDENTIFIER,
     &privKeyType OPTIONAL,
     &pubKeyType,
     &pubKeyParams DEFAULT NULL,
     &sigStructure,
     &sigParams)

alg-DSS MY-ALG-CLASS { id-dss, INTEGER, INTEGER, dss-params, DSS-SIG, NULL }

All of the data is not associated together in META-DATA - this does not
affect what goes out over the wires, however the information could
potentially be used in the encode/decoder with some re-writes of the data
such as

SIGNED(ToBeSigned) ::= {
   toBeSigned    ToBeSigned
   algorithm    SEQUENCE {
       sigId   MY-ALG-CLASS.&id({SigAlgs}),
       params  MY-ALG-CLASS.&sigParams ({SigAlgs}{(_at_)sigId}) OPTIONAL,
   },
   Signature BIT STRING (CONTAINING
MY-ALG-CLASS.&sigStructure({SigAlgs}{(_at_)algorithm(_dot_)sigID}))
}

This data structure COULD be encoded/decoded directly by the ASN.1 system.

Jim

        


-----Original Message-----
From: owner-ietf-smime(_at_)mail(_dot_)imc(_dot_)org [mailto:owner-ietf-
smime(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of Russ Housley
Sent: Monday, July 30, 2007 11:04 PM
To: Jim Schaad; ietf-smime(_at_)imc(_dot_)org
Subject: Re: Algorithm Class Data


Jim:

I do not see how these impact the things that go on the wire.  Maybe
I have not thought about it enough, but an example would help me
understand your proposal better.

Russ


At 11:56 AM 7/30/2007, Jim Schaad wrote:


At the face-to-face meeting I presented the fact that Paul Hoffman and

I are

currently working on a 2002 freeware ASN.1 compiler.  As part of this

work

we are requested to do re-writes of the core IETF ASN.1 modules to

update

them.  This message is looking at one portion of the update that we

are

contemplating.


The current ITU definition of ALGORITHM contains just an OID and an

open

type.  From my point of view this seems to be missing a lot of data

that

should be associated together.  So the first question would be what
information exists that COULD be associated together.  This meta data

is

generally collected somewhere, but is not associated in the current

ASN.1

file.

The following information what I think could be associated.  I would

like to

start by seeing if this is a complete set of data that could be

associated.


Signature
    OID, Parameters, Signature Value, Public Key, Private Key

Transport Encryption
    OID, Parameters, EncryptedKey (contents of OCTET STRING ?),

Public Key,

Private Key

Key Agree Encryption
   OID, Parameter, EncryptedKey (contents of OCTET STRING ?), Public

Key,

Private Key, OtherKeyAttributes Set

Symmetric Key Encryption
   OID, Parameters, S/MIME Parameters

KEK Encryption
   OID, Parameters, OtherKeyAttibutes Set

Key Derivation Algorithm
   OID, Parameters, input format?

Digest Algorithm
   OID, Parameters

MAC Algorithm
   OID, Parameters




Jim
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: Algorithm Class Data, Jim Schaad
Next by Date:  {Blocked Content} I-D ACTION:draft-ietf-smime-cades-03.txt, Internet-Drafts
Previous by Thread:  RE: Algorithm Class Data, Jim Schaad
Next by Thread:  Re: Algorithm Class Data, Russ Housley
Indexes:  [Date] [Thread] [Top] [All Lists]