Technical Summary
This is a profile of RFC 5272-5274 (Certificate Management over CMS)
that is specific to the United States National Security Agency's Suite
B Cryptography specification. In essence, it profiles RFC 5272-5274 to
meet the Suite B requirements.
Working Group Summary
The document was announced on the PKIX WG mailing list, and some
off-list comments were sent to the document authors. There was also a
short presentation on the document at IETF 77. It was not appropriate
to discuss it in the WG itself.
Document Quality
It is expected that this document will be widely adopted by vendors
for the organization that wrote this profile. Most if not all of the
algorithms specified in this profile are already in at least one
popular open-source package.
Personnel
Sean Turner is the Document Shepherd; Tim Polk is the
Responsible Area Director.
RFC Editor Note
(1) In section 5.1., paragraph 1 sentence 1
s/if they are not, the CA MUST reject those/if they are not, the RA MUST reject those/
In section 6.1., paragraph 3
OLD
When processing end-entity generated SignedData objects, RAs MUST NOT
NEW
When processing end-entity generated SignedData objects, CAs MUST NOT