ietf-smime
[Top] [All Lists]

[smime] Fwd: RFC 6211 on Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute

2011-04-05 19:52:37
Begin forwarded message:

From: rfc-editor(_at_)rfc-editor(_dot_)org
Date: April 5, 2011 5:34:21 PM PDT
To: ietf-announce(_at_)ietf(_dot_)org, rfc-dist(_at_)rfc-editor(_dot_)org
Cc: rfc-editor(_at_)rfc-editor(_dot_)org
Subject: RFC 6211 on Cryptographic Message Syntax (CMS) Algorithm Identifier 
Protection Attribute


A new Request for Comments is now available in online RFC libraries.


       RFC 6211

       Title:      Cryptographic Message Syntax (CMS) Algorithm 
                   Identifier Protection Attribute 
       Author:     J. Schaad
       Status:     Standards Track
       Stream:     IETF
       Date:       April 2011
       Mailbox:    ietf(_at_)augustcellars(_dot_)com
       Pages:      11
       Characters: 22646
       Updates/Obsoletes/SeeAlso:   None

       I-D Tag:    draft-schaad-smime-algorithm-attribute-05.txt

       URL:        http://www.rfc-editor.org/rfc/rfc6211.txt

The Cryptographic Message Syntax (CMS), unlike X.509/PKIX
certificates, is vulnerable to algorithm substitution attacks.  In an
algorithm substitution attack, the attacker changes either the
algorithm being used or the parameters of the algorithm in order to
change the result of a signature verification process.  In X.509
certificates, the signature algorithm is protected because it is
duplicated in the TBSCertificate.signature field with the proviso
that the validator is to compare both fields as part of the signature
validation process.  This document defines a new attribute that
contains a copy of the relevant algorithm identifiers so that they
are protected by the signature or authentication process.
[STANDARDS-TRACK]

This is now a Proposed Standard Protocol.

STANDARDS TRACK: This document specifies an Internet standards track
protocol for the Internet community,and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Internet
Official Protocol Standards (STD 1) for the standardization state and
status of this protocol.  Distribution of this memo is unlimited.

_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime

<Prev in Thread] Current Thread [Next in Thread>
  • [smime] Fwd: RFC 6211 on Cryptographic Message Syntax (CMS) Algorithm Identifier Protection Attribute, Paul Hoffman <=