NSA's Cryptographic Message Syntax (CMS) Key Management Attributes
RFC 7906
| Document | Type |
RFC - Informational
(June 2016; Errata)
Was draft-turner-km-attributes (individual)
|
|
|---|---|---|---|
| Authors | Paul Timmel , Russ Housley , Sean Turner | ||
| Last updated | 2019-08-30 | ||
| Stream | ISE | ||
| Formats | plain text html pdf htmlized bibtex | ||
| IETF conflict review | conflict-review-turner-km-attributes | ||
| Stream | ISE state | Published RFC | |
| Consensus Boilerplate | Unknown | ||
| Document shepherd | Adrian Farrel | ||
| Shepherd write-up | Show (last changed 2016-03-30) | ||
| IESG | IESG state | RFC 7906 (Informational) | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | "Nevil Brownlee" <rfc-ise@rfc-editor.org> | ||
| IANA | IANA review state | IANA OK - No Actions Needed | |
| IANA action state | No IANA Actions | ||
Independent Submission P. Timmel
Request for Comments: 7906 National Security Agency
Category: Informational R. Housley
ISSN: 2070-1721 Vigil Security
S. Turner
IECA
June 2016
NSA's Cryptographic Message Syntax (CMS) Key Management Attributes
Abstract
This document defines key management attributes used by the National
Security Agency (NSA). The attributes can appear in asymmetric
and/or symmetric key packages as well as the Cryptographic Message
Syntax (CMS) content types that subsequently envelope the key
packages. Key packages described in RFCs 5958 and 6031 are examples
of where these attributes can be used.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This is a contribution to the RFC Series, independently of any other
RFC stream. The RFC Editor has chosen to publish this document at
its discretion and makes no statement about its value for
implementation or deployment. Documents approved for publication by
the RFC Editor are not a candidate for any level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7906.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
Timmel, et al. Informational [Page 1]
RFC 7906 NSA's CMS Key Management Attributes June 2016
Table of Contents
1. Introduction ....................................................3
1.1. Attribute Locations ........................................3
1.2. ASN.1 Notation .............................................4
1.3. Terminology ................................................5
2. CMS-Defined Attributes ..........................................6
3. Community Identifiers ...........................................7
4. Key Province Attribute ..........................................8
5. Binary Signing Time .............................................8
6. Manifest ........................................................9
7. Key Algorithm ...................................................9
8. User Certificate ...............................................11
9. Key Package Receivers ..........................................11
10. TSEC Nomenclature .............................................13
11. Key Purpose ...................................................16
12. Key Use .......................................................17
13. Transport Key .................................................20
14. Key Distribution Period .......................................20
15. Key Validity Period ...........................................22
16. Key Duration ..................................................23
17. Classification ................................................24
17.1. Security Label ...........................................25
18. Split Key Identifier ..........................................29
19. Key Package Type ..............................................30
20. Signature Usage ...............................................30
21. Other Certificate Format ......................................33
22. PKI Path ......................................................34
23. Useful Certificates ...........................................35
24. Key Wrap Algorithm ............................................35
25. Content Decryption Key Identifier .............................36
25.1. Content Decryption Key Identifier: Symmetric Key
and Symmetric ............................................36
25.2. Content Decryption Key Identifier: Unprotected ...........37
26. Certificate Pointers ..........................................37
27. CRL Pointers ..................................................38
28. Key Package Identifier and Receipt Request ....................38
29. Additional Error Codes ........................................39
30. Processing Key Package Attribute Values and CMS
Content Constraints ...........................................39
Show full document text