Technical Summary
The document defines the mechanism for including a cryptographic
signature for the key items in an RFC 5444 formatted packet. The
document also specifies how mutable fields in the packet should
be handled, such that the resulting signature can be correctly
verified by a recipient.
Working Group Summary
The document has been reviewed by the working group quite carefully.
The document reflects the consensus of the working group.
Document Quality
The document has received careful review. The shepherd does not
know of any existing implementations at this time.
Personnel
Stan Ratliff (sratliff@cisco.com) is the Document Shepherd
Adrian Farrel (adrian@olddog.co.uk) is the Responsible AD
RFC Editor Note
Section 1
OLD
o One common method for generating ICVs as a cryptographic function,
calculated over the hash value of the content to be signed.
NEW
o One common method for generating ICVs as a cryptographic function,
calculated over the hash value of the content.
END
---
Section 3
OLD
In Section 12, an example method
for calculating such ICVs is given, using a cryptographic function
over the hash value of the content to be signed.
NEW
In Section 12, an example method
for calculating such ICVs is given, using a cryptographic function
over the hash value of the content.
END
---
Section 12.1
OLD
<key-id> is a field specifying the key identifier of the key that
was used to sign the message, which allows unique identification
of different keys with the same originator.
NEW
<key-id> is a field specifying the key identifier of the key that
was used to calculate the ICV of the message, which allows unique
identification of different keys with the same originator.
END