NSA's Cryptographic Message Syntax (CMS) Key Management Attributes
RFC 7906
Document | Type |
RFC - Informational
(June 2016; Errata)
Was draft-turner-km-attributes (individual)
|
|
---|---|---|---|
Last updated | 2019-08-30 | ||
Stream | ISE | ||
Formats | plain text html pdf htmlized with errata bibtex | ||
IETF conflict review | conflict-review-turner-km-attributes | ||
Stream | ISE state | Published RFC | |
Consensus Boilerplate | Unknown | ||
Document shepherd | Adrian Farrel | ||
Shepherd write-up | Show (last changed 2016-03-30) | ||
IESG | IESG state | RFC 7906 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | "Nevil Brownlee" <rfc-ise@rfc-editor.org> | ||
IANA | IANA review state | IANA OK - No Actions Needed | |
IANA action state | No IANA Actions |
Independent Submission P. Timmel Request for Comments: 7906 National Security Agency Category: Informational R. Housley ISSN: 2070-1721 Vigil Security S. Turner IECA June 2016 NSA's Cryptographic Message Syntax (CMS) Key Management Attributes Abstract This document defines key management attributes used by the National Security Agency (NSA). The attributes can appear in asymmetric and/or symmetric key packages as well as the Cryptographic Message Syntax (CMS) content types that subsequently envelope the key packages. Key packages described in RFCs 5958 and 6031 are examples of where these attributes can be used. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 7841. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7906. Copyright Notice Copyright (c) 2016 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Timmel, et al. Informational [Page 1] RFC 7906 NSA's CMS Key Management Attributes June 2016 Table of Contents 1. Introduction ....................................................3 1.1. Attribute Locations ........................................3 1.2. ASN.1 Notation .............................................4 1.3. Terminology ................................................5 2. CMS-Defined Attributes ..........................................6 3. Community Identifiers ...........................................7 4. Key Province Attribute ..........................................8 5. Binary Signing Time .............................................8 6. Manifest ........................................................9 7. Key Algorithm ...................................................9 8. User Certificate ...............................................11 9. Key Package Receivers ..........................................11 10. TSEC Nomenclature .............................................13 11. Key Purpose ...................................................16 12. Key Use .......................................................17 13. Transport Key .................................................20 14. Key Distribution Period .......................................20 15. Key Validity Period ...........................................22 16. Key Duration ..................................................23 17. Classification ................................................24 17.1. Security Label ...........................................25 18. Split Key Identifier ..........................................29 19. Key Package Type ..............................................30 20. Signature Usage ...............................................30 21. Other Certificate Format ......................................33 22. PKI Path ......................................................34 23. Useful Certificates ...........................................35 24. Key Wrap Algorithm ............................................35 25. Content Decryption Key Identifier .............................36 25.1. Content Decryption Key Identifier: Symmetric Key and Symmetric ............................................36 25.2. Content Decryption Key Identifier: Unprotected ...........37 26. Certificate Pointers ..........................................37 27. CRL Pointers ..................................................38 28. Key Package Identifier and Receipt Request ....................38 29. Additional Error Codes ........................................39 30. Processing Key Package Attribute Values and CMS Content Constraints ...........................................39Show full document text