Elliptic Curve Cryptography Subject Public Key Information
RFC 5480
Document | Type |
RFC - Proposed Standard
(March 2009; Errata)
Updates RFC 3279
|
|
---|---|---|---|
Last updated | 2015-10-14 | ||
Stream | IETF | ||
Formats | plain text pdf htmlized with errata bibtex | ||
Reviews | |||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 5480 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | Pasi Eronen | ||
Send notices to | (None) |
Network Working Group S. Turner Request for Comments: 5480 IECA Updates: 3279 D. Brown Category: Standards Track Certicom K. Yiu Microsoft R. Housley Vigil Security T. Polk NIST March 2009 Elliptic Curve Cryptography Subject Public Key Information Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Copyright Notice Copyright (c) 2009 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents in effect on the date of publication of this document (http://trustee.ietf.org/license-info). Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Abstract This document specifies the syntax and semantics for the Subject Public Key Information field in certificates that support Elliptic Curve Cryptography. This document updates Sections 2.3.5 and 5, and the ASN.1 module of "Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3279. Turner, et al. Standards Track [Page 1] RFC 5480 ECC SubjectPublicKeyInfo Format March 2009 Table of Contents 1. Introduction ....................................................2 1.1. Terminology ................................................3 2. Subject Public Key Information Fields ...........................3 2.1. Elliptic Curve Cryptography Public Key Algorithm Identifiers ................................................3 2.2. Subject Public Key .........................................7 3. Key Usage Bits ..................................................7 4. Security Considerations .........................................8 5. ASN.1 Considerations ...........................................10 6. IANA Considerations ............................................11 7. Acknowledgments ................................................11 8. References .....................................................11 8.1. Normative References ......................................11 8.2. Informative References ....................................12 Appendix A. ASN.1 Module ..........................................13 1. Introduction This document specifies the format of the subjectPublicKeyInfo field in X.509 certificates [PKI] that use Elliptic Curve Cryptography (ECC). It updates RFC 3279 [PKI-ALG]. This document specifies the encoding formats for public keys used with the following ECC algorithms: o Elliptic Curve Digital Signature Algorithm (ECDSA); o Elliptic Curve Diffie-Hellman (ECDH) family schemes; and o Elliptic Curve Menezes-Qu-Vanstone (ECMQV) family schemes. Two methods for specifying the algorithms that can be used with the subjectPublicKey are defined. One method allows the key to be used with any ECC algorithm, while the other method restricts the usage of the key to specific algorithms. To promote interoperability, this document indicates which is required to implement for Certification Authorities (CAs) that implement ECC algorithms and relying parties that claim to process ECC algorithms. The ASN.1 [X.680] module in this document includes ASN.1 for ECC algorithms. It also includes ASN.1 for non-ECC algorithms defined in [PKI-ALG] and [PKI-ADALG], even though the associated text is unaffected. By updating all of the ASN.1 from [PKI-ALG] in this document, implementers only need to use the module found in this document. Turner, et al. Standards Track [Page 2] RFC 5480 ECC SubjectPublicKeyInfo Format March 2009 1.1. Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in thisShow full document text