《en-pkcs#9.docx》由会员分享,可在线阅读,更多相关《en-pkcs#9.docx(4页珍藏版)》请在三一办公上搜索。
1、RSA1.ABORATORIESePKCS#9v2.0Amendment1RS1.aboratoriesJanuary3i,2003TableofContents1. SCOPE22. BACKGROUND23. CHANGESTOSECTION5.3,SATTRlBIrTETYPKSFORUSEINPKCS#7DATA24. CHANGESTOAPPENDIX,*ASN.1MODU1.E-35. CHANGESTOAPPENDIXB-ATTRIBUTETYPES*3.Intellectuz1.propertyconsiderations4+“卜卜卜4*4MM*JM.MMMM*4M4M4C.B
2、0TPKCS41. ScopeThisamendmentdocumentsthechangestoPKCS#9v2.0(3)neededtoPnMCClsignersusingtokenswithpresentationcapabilities(suchasPersonalTrustedDevices(2)roncertainattacks.Itdocssobydefininganewauthenticatedattribute.2. BackgroundPKCS#11v2.11Amendment14.introducedtheconceptofPersonalTrustedDevices(I
3、xDs)andasignaturemechanism.CKM-CMSSIG.aimed(oallowuserstobenefitfromsuchdevices.APTD(hatreceivesaIneSSagetosignthrough(hismechanismmay.dependingonthemessagescontenttypeI,beablelosecurelypresentthemessageo(hesignerbeforeaskingtcrau(hrizadon.WhenthemessagetosignisnotaMIMEmessage(I)itself,therecipientw
4、illhavetorelyonthecallcr*sstatedcontenttypewhendeterminingthepresentationmechanism.Sincethestatedcontenttypeisnotincludedinthesignature,thereisapossibilityforanattackwherethecallermaytakeadvantageofdifterencesinpresentationmechanismsforvariouscontenttypesinthePTD.Bydefiningan(authenticated)allribu!c
5、intendedtocarryIheallegedcontenttype,Ihisamendmentpresentsonemcthoitoprotectagainstsuchattacks.Notethatforthismethodtosucceed,aIyDmustnotallowthecallertoassignthevalueofthisattributedirectly:thevaluemustbethecaller,sstatedconienttype,whichwasusedbytheIyrDtodecideonaparticularpresentationmechaiMsn.3.
6、 ChangestoSection5.3,AttributetypesforuseinPKCS#7data”dclanewsection5.3.7asfollows:53.7IIegeclcontenttypeTheallegedContentTypeattributetypespecificstheMIMEContent-Typeprovidedbythepartyrequestingasignatureonamessage.ItisintendedforuseinSigncdDatavalues,andmustbeanauthenticatedattribute.allegedConten
7、tTypeATTRIBUTE:=WITHSYNTAXABegedContGntTypGEQUA1.ITYMATCHINGRU1.ECaseIgnoreMatchSING1.EVA1.UETRUEIDpkcs-9-atalIegedContentType)AllegedContentType:=UTF8StringAsindicated,(heattributemusthaveasingleattributevalue.4. ChangestoAppendixA,ASN.lmoduleIAddtheJbllowiiigASN.Ixdueaxsignmelrightafterthepkcsatpk
8、cs7PDUvalueassignment:pkcs9atallegedContentTypeOBJECTIDENTIFIER:=pkcs-9-at6)IAddtheJbllowingASNJtypedefinitionsrightafterthecounterSignaturetypedefnilion:allgeiContentTypeATTRIBUTE:=WITHSYNTAXAIIegedContentTypeEQUA1.ITYMATCHINGRU1.ECaseIgnoreMatchSING1.EVA1.UETRUEIDpkcs-9-at-alIegedContentType)AIIeg
9、edContentType:=UTF8String5. ChangestoAppendixB.39“Attributetypes”IAddanewsectionBJJ9asfollows:/B3.19allegedContentTyp?Inthe(highlyunlikely)eventthatthisattributeistobestoredinadirectory,itistobestoredandrequestedinbinarjform,asallegedcontentype;binary,ttributevaluesshallbestoredasbinary(BER-orDERYnC
10、Oded)data.NAMEallegedContentTyperDESCPKCS#7allegedcontenttype,A. IntellectualpropertyconsiderationsRSASecuritymakesnopatentclaimsonthegeneralconstructionsdescribedinthisdocument,althoughspecificunderlyingtechniquesmaybecovered.1.icensetocopythisdocumentisgrantedprovidedthatitisidentifiedas*RSASecuri
11、tylw.Public-KeyCryptographyStandards(PKCSrinallmaterialmentioningorreferencingthisdocument.RSASecuriiymakesnorcpresentalionsregardingintellectualpropertyclaimsbyotherparties.Suchdeterminationistheresponsibilityoftheuser.B. ReferencesFreed.N.andN.Borcnstcin,MuttipuqwseInieniefMailExtensions(MIME)Part
12、One:FormatofInternetMessageBodiesIETFRFC2045.November1996.UR1.:ietf.orgrfcrfc2(M5.tx(.(2 -MeTPTDDefinitionVersion2.0,15October22.UR1.:.(3 RSAIxiboratories.PKCS#9,-SelectedObjectClassesandAitribuieTypes.Version2.0,Fcbniary2(X)().UR1.:.(4 RSA1.abOratoics.PKCS#11v2,l1Amendment1,August2002.UR1.:.C. Abou
13、tPKCSThePublic-KeyCryptographyStandardsarcspecificationsProdUCCdbyRSA1.aboratoriesincperationwithsecuresystemsdevelopersworldwideforthepurposeofacceleratinghedeploymentofpublic-keyCrypiography.FirSlublislwdin1991asaresultofmeetingswithasmallgroupofearlyadoptersofpublic-keytechnology,IhePKCSdocuments
14、havebecomewidelyreferencedandimple11cnled.ContributionsfromthePKCSserieshavebecomepartofmanyformalanddefactostandards,includingANSIX9documents.PKlX.SET.SMIME.andSS1.FurtherdevelopmentofPKCSoccursthroughmailinglistdiscussionsandoccasionalworkshops,andsuggestionsforimprovementarewelcome.Formoreinformation,contact:PKCSEditorRSA1.aboratories174MiddlesexurnpikeBedford,MA01730USA
