diff --git a/draft-ietf-lamps-rfc5274bis.md b/draft-ietf-lamps-rfc5274bis.md index 90be0c3..1aa8556 100644 --- a/draft-ietf-lamps-rfc5274bis.md +++ b/draft-ietf-lamps-rfc5274bis.md @@ -197,9 +197,13 @@ Note: For now, this section will be list of the changes introduced by each version. After WGLC, this section will be finalized. -TODO for -02 WG version: +TODO for -03 WG version: -* Update cryptographic algorithm requirements +* Add cryptographic algorithm requirements + +-01 WG version changes: + +* Reformat cryptographic algorithm section -01 WG version changes: @@ -250,69 +254,78 @@ in {{CMC-TRANS}}. Other transport mechanisms MAY be implemented. ## Cryptographic Algorithm Requirements -All entities MUST verify DSA-SHA1 and RSA-SHA1 signatures in -SignedData (see {{CMS-ALG}}). Entities MAY verify other signature -algorithms. It is strongly suggested that RSA-PSS with SHA-1 be -verified (see {{CMS-RSA-PSS}}). It is strongly suggested that SHA-256 -using RSA and RSA-PSS be verified (see {{RSA-256}}). - -All entities MUST generate either DSA-SHA1 or RSA-SHA1 signatures for -SignedData (see {{CMS-ALG}}). Other signatures algorithms MAY be used -for generation. - -All entities MUST support Advanced Encryption Standard (AES) as the -content encryption algorithm for EnvelopedData (see {{CMS-AES}}). -Other content encryption algorithms MAY be implemented. - -All entities MUST support RSA as a key transport algorithm for -EnvelopedData (see {{CMS-ALG}}). All entities SHOULD support RSA-OAEP -(see {{CMS-RSA-OAEP}}) as a key transport algorithm. Other key -transport algorithms MAY be implemented. - -If an entity supports key agreement for EnvelopedData, it MUST -support Diffie-Hellman (see {{CMS-DH}}). - -If an entity supports PasswordRecipientInfo for EnvelopedData or -AuthenticatedData, it MUST support PBKDF2 {{PBKDF2}} for key derivation -algorithms. It MUST support AES key wrap (see {{AES-WRAP}} as the key -encryption algorithm. - -If AuthenticatedData is supported, PasswordRecipientInfo MUST be -supported. - -Algorithm requirements for the Identity Proof Version 2 control -{{Section 6.2.1 of CMC-STRUCT}} are: SHA-1 MUST be implemented for -hashAlgId. SHA-256 SHOULD be implemented for hashAlgId. HMAC-SHA1 -MUST be implemented for macAlgId. HMAC-SHA256 SHOULD be implemented -for macAlgId. - -Algorithm requirements for the Pop Link Witness Version 2 control -{{Section 6.3.1 of CMC-STRUCT}} are: SHA-1 MUST be implemented for -keyGenAlgorithm. SHA-256 SHOULD be implemented for keyGenAlgorithm. -PBKDF2 {{PBKDF2}} MAY be implemented for keyGenAlgorithm. HMAC-SHA1 -MUST be implemented for macAlgorithm. HMAC-SHA256 SHOULD be -implemented for macAlgorithm. - -Algorithm requirements for the Encrypted POP and Decrypted POP -controls {{Section 6.7 of CMC-STRUCT}} are: SHA-1 MUST be implemented -for witnessAlgID. SHA-256 SHOULD be implemented for witnessAlgID. -HMAC-SHA1 MUST be implemented for thePOPAlgID. HMAC-SHA256 SHOULD be -implemented for thePOPAlgID. - -Algorithm requirements for Publish Trust Anchors control {{Section -6.15 of CMC-STRUCT}} are: SHA-1 MUST be implemented for -hashAlgorithm. SHA-256 SHOULD be implemented for hashAlgorithm. - -If an EE generates DH keys for certification, it MUST support {{Section -4 of DH-POP}}. EEs MAY support {{Section 3 of DH-POP}}. CAs and RAs -that do POP verification MUST support {{Section 4 of DH-POP}} and -SHOULD support {{Section 3 of DH-POP}}. - -EEs that need to use a signature algorithm for keys that cannot -produce a signature MUST support Appendix C of {{CMC-STRUCT}} and MUST -support the Encrypted/Decrypted POP controls. CAs and RAs that do -POP verification MUST support this signature algorithm and MUST -support the Encrypted/Decrypted POP controls. +The following table shows the algorithm requirements that must be used for SignedData and AuthenticatedData. + +Description of the columns in the table: + +Use: Description of the key usage +Mandatory: Algorithms that MUST be supported by conforming implementations +Recommend: Algorithms that SHOULD be supported +Optional: Algorithms that MAY be supported + +| Use | Mandatory | Recommend | Optional | +|:-----------------------|:-----------|:-------------| +| Verify signature in SignedData | TBD | TBD | other algorithms | +| Generate signature for SignedData | TBD | TBD | other algorithms | +| Content encryption for EnvelopedData | TBD | TBD | other algorithms | +| Key transport for EnvelopedData | TBD | TBD | other algorithms | +|:-----------------------|:-----------|:-------------|:-------------| +{: #AlgReq-SD-and-AD title="Algorithm Requirements for SignedData and AuthenticatedData"} + +The following table shows the algorithm requirements for EnvelopedData and AuthenticatedData if supported by the entity. + +Description of the columns in the table: + +Use: Description of key usage +Mandatory: Algorithms that MUST be supported by conforming implementations +Recommend: Algorithms that SHOULD be supported +Optional: Algorithms that MAY be supported + +| Use | Mandatory | Recommend | Optional | +|:-----------------------|:-----------|:-------------| +| key agreement for EnvelopedData | TBD | TBD | TBD | +| PasswordRecipientInfo for EnvelopedData or AuthenticatedData | TBD | TBD | TBD | +| AuthenticatedData | PasswordRecipientInfo | TBD | TBD | +|:-----------------------|:-----------|:-------------|:-------------| +{: #AlgReq-ED-and-AD title="Algorithm Requirements for EnvelopedData and AuthenticatedData"} + +The following table shows the algorithm requirements for Controls. + +Description of the columns in the table: + +Control: Control carried as part of Full PKI Requests and Responses +AlgId: Notes the algorithm identifier which is used +Mandatory: Algorithms that MUST be supported by conforming implementations +Recommend: Algorithms that SHOULD be supported +Optional: Algorithms that MAY be supported + +| Control | AlgId | Mandatory | Recommend | Optional | +|:-----------------------|:-----------|:-------------|:-------------|:-------------| +| Identity Proof Version 2 control | hashAlgId | TBD | TBD | TBD | +| Identity Proof Version 2 control | macAlgId | TBD | TBD | TBD | +| Pop Link Witness Version 2 control | keyGenAlgorithm | TBD | TBD | TBD | +| Pop Link Witness Version 2 control | macAlgorithm | TBD | TBD | TBD | +| Encrypted POP and Decrypted POP controls | witnessAlgID | TBD | TBD | TBD | +| Encrypted POP and Decrypted POP controls | thePOPAlgID | TBD | TBD | TBD | +| Publish Trust Anchors control | hashAlgorithm | TBD | TBD | TBD | +|:-----------------------|:-----------|:-------------| :-------------|:-------------| +{: #AlgReq-Controls title="Algorithm Requirements for Controls"} + +The following table shows the algorithm requirements for Proof of Possession (POP) of DH Certification Requests and the No-Signature mechanism. + +Description of the columns in the table: + +Use: Request type from Appendix C of {{CMC-STRUCT}} +Mandatory: Algorithms that MUST be supported by conforming implementations +Recommend: Algorithms that SHOULD be supported +Optional: Algorithms that MAY be supported + +|Use | Mandatory | Recommend | Optional | +|:-----------------------|:-----------------------|:-----------|:-------------| +| EE generates DH keys for certification | EE and CA/RA {{Section 4 of DH-POP}} | {TBD} | EE and CA/RA {{Section 3 of DH-POP}} | +| No-Signature Signature Mechanism | Appendix C of {{CMC-STRUCT}} | {TBD} | {TBD} | +|:-----------------------|:-----------|:-------------| :-------------| +{: #AlgReq-DH-and-NS title="Algorithm Requirements for DH Certification Requests and the No-Signature mechanism"} ## Controls