draft-schaad-curdle-oid-registry-03.txt   rfc8411.txt 
Curdle J. Schaad Internet Engineering Task Force (IETF) J. Schaad
Internet-Draft August Cellars Request for Comments: 8411 August Cellars
Intended status: Informational R. Andrews Category: Informational R. Andrews
Expires: July 29, 2018 DigiCert, Inc. ISSN: 2070-1721 DigiCert, Inc.
January 25, 2018 August 2018
IANA Registration for new Cryptographic Algorithm Object Identifier IANA Registration for
Range the Cryptographic Algorithm Object Identifier Range
draft-schaad-curdle-oid-registry-03
Abstract Abstract
When the Curdle Security Working Group was chartered, a range of When the Curdle Security Working Group was chartered, a range of
object identifiers was donated by DigiCert, Inc. for the purpose of object identifiers was donated by DigiCert, Inc. for the purpose of
registering the Edwards Elliptic Curve key agreement and signature registering the Edwards Elliptic Curve key agreement and signature
algorithms. This donated set of OIDs allowed for shorter values than algorithms. This donated set of OIDs allowed for shorter values than
would be possible using the existing S/MIME or PKIX arcs. This would be possible using the existing S/MIME or PKIX arcs. This
document describes the range of identifiers that were assigned in document describes the donated range and the identifiers that were
that donated range, transfers control of that range to IANA, and assigned from that range, transfers control of that range to IANA,
establishes IANA allocation policies for any future assignments and establishes IANA allocation policies for any future assignments
within that range. within that range.
Contributing to this document
The source for this draft is being maintained in GitHub. Suggested
changes should be submitted as pull requests at <https://github.com/
lamps-wg/smime>. Instructions are on that page as well. Editorial
changes can be managed in GitHub, but any substantial issues need to
be discussed on the LAMPS mailing list.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This document is not an Internet Standards Track specification; it is
provisions of BCP 78 and BCP 79. published for informational purposes.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are candidates for any level of Internet
Standard; see Section 2 of RFC 7841.
This Internet-Draft will expire on July 29, 2018. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc8411.
Copyright Notice Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3 2. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 3
2.1. "SMI Security for Cryptographic Algorithms" Registry . . 3 3. Security Considerations . . . . . . . . . . . . . . . . . . . 3
3. Security Considerations . . . . . . . . . . . . . . . . . . . 4
4. References . . . . . . . . . . . . . . . . . . . . . . . . . 4 4. References . . . . . . . . . . . . . . . . . . . . . . . . . 4
4.1. Normative References . . . . . . . . . . . . . . . . . . 4 4.1. Normative References . . . . . . . . . . . . . . . . . . 4
4.2. Informational References . . . . . . . . . . . . . . . . 4 4.2. Informative References . . . . . . . . . . . . . . . . . 4
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 4
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5
1. Introduction 1. Introduction
When the Curdle Security Working Group was chartered, a range of When the Curdle Security Working Group was chartered, a range of
object identifiers was donated by DigiCert, Inc. for use by that object identifiers was donated to the working group by DigiCert, Inc.
working group. The use of these object identifiers allowed for the The use of these object identifiers allowed for the Edwards Elliptic
Edwards Ellitptic Curve key agreement [RFC7748] and signature Curve key agreement [RFC7748] and signature [RFC8032] algorithms to
[RFC8032] algorithms to be defined with encodings that are smaller be defined with encodings that are smaller than similar ones would be
than similar ones would be if assigned from the existing S/MIME or if assigned from the existing S/MIME or PKIX arcs. The initial
PKIX arcs. These initial registrations from this arc were done while registrations from this arc were made while developing [RFC8410].
developing [I-D.ietf-curdle-pkix]. After those registrations were After those registrations were made, there were still some unused
done, there were still some unused values that can be used for other values that could be used by other security groups.
security groups.
Object identifiers are primarily used with Abstract Syntax Notation Object identifiers are primarily used with Abstract Syntax Notation
(ASN.1) [ASN.1]. The ASN.1 specifications continue to evolve, but (ASN.1) [ASN.1]. The ASN.1 specifications continue to evolve, but
object identifiers can be used with any and all versions of ASN.1. object identifiers can be used with any and all versions of ASN.1.
This document describes the object identifiers that were assigned in This document describes the object identifiers that were assigned in
that donated range, transfers control of the range to IANA, and that donated range, transfers control of the range to IANA, and
establishes IANA allocation policies for any future assignments. establishes IANA allocation policies for any future assignments.
The donated range from DigiCert, Inc. is: The donated range from DigiCert, Inc. is as follows:
first: { iso (1) identified-organization (3) thawte (101) 100 } first: { iso (1) identified-organization (3) thawte (101) 100 }
last: { iso (1) identified-organization (3) thawte (101) 127 } last: { iso (1) identified-organization (3) thawte (101) 127 }
2. IANA Considerations 2. IANA Considerations
IANA is asked to create one new registry table. IANA has created the "SMI Security for Cryptographic Algorithms"
registry within the SMI-numbers registry. The new registry has three
columns, as shown below.
2.1. "SMI Security for Cryptographic Algorithms" Registry +------------+-------------------------------+-----------------+
| Decimal | Description | References |
+------------+-------------------------------+-----------------+
| 0-99 | Retained by DigiCert | RFC 8411 |
| 100 | Reserved for child reg | RFC 8411 |
| 110 | id-X25519 | [RFC8410] |
| 111 | id-X448 | [RFC8410] |
| 112 | id-EdDSA25519 | [RFC8410] |
| 113 | id-EdDSA448 | [RFC8410] |
| 114 | Reserved for id-EdDSA25519-ph | [SAFE-X.509-03] |
| 115 | Reserved for id-EdDSA448-ph | [SAFE-X.509-03] |
| 128 and up | Retained by DigiCert | RFC 8411 |
+------------+-------------------------------+-----------------+
Within the SMI-numbers registry, add an "SMI Security for Table 1: SMI Security for Cryptographic Algorithms
Cryptographic Algorithms" table with the three columns:
+-----------+---------------------------+---------------------------+ The registration policy is "Specification Required" as defined in
| Decimal | Description | References | [RFC8126].
+-----------+---------------------------+---------------------------+
| 0 - 99 | Retained by Digicert | [I-D.ietf-curdle-pkix] |
| | | |
| 100 | Reserved for child reg | |
| | | |
| 110 | id-X25519 | [I-D.ietf-curdle-pkix] |
| | | |
| 111 | id-X448 | [I-D.ietf-curdle-pkix] |
| | | |
| 112 | id-EdDSA25519 | [I-D.ietf-curdle-pkix] |
| | | |
| 113 | id-EdDSA448 | [I-D.ietf-curdle-pkix] |
| | | |
| 114 | Reserved for id- | [I-D.ietf-curdle-pkix-03] |
| | EdDSA25519-ph | |
| | | |
| 115 | Reserved for id- | [I-D.ietf-curdle-pkix-03] |
| | EdDSA448-ph | |
| | | |
| 128 and | Retained by Digicert | [I-D.ietf-curdle-pkix] |
| up | | |
+-----------+---------------------------+---------------------------+
The column 'Decimal' is required to be a number between 100 and 127 The column 'Decimal' is required to be a number between 100 and 127
inclusive. inclusive.
The value of 100 has been reserved so that a new arc below that point The value of 100 has been reserved so that a new arc below that point
can be established in the future. (I.e. starting at 1.3.101.100.1) can be established in the future (i.e., starting at 1.3.101.100.1).
If the new child registry is established, a name for this value is to If the new child registry is established, a name for this value is to
be assigned at that point. The experts can, at their discretion, be assigned at that point. The experts can, at their discretion,
assign an algorithm OID instead. assign an algorithm OID instead.
The registry is to be created using the "Specification Required"
policy as defined in [RFC8126].
3. Security Considerations 3. Security Considerations
This document populates an IANA registry, and it raises no new This document populates an IANA registry, and it raises no new
security considerations. The protocols that specify these values security considerations. The protocols that specify these values
include the security considerations associated with their usage. include the security considerations associated with their usage.
4. References 4. References
4.1. Normative References 4.1. Normative References
[ASN.1] "Information Technology - Abstract Syntax Notation One [ASN.1] ITU-T, "Information Technology - Abstract Syntax Notation
(ASN.1): Specification of basic notation. ITU-T One (ASN.1): Specification of basic notation", ITU-T
Recommendation X.680 (2008)", ITU-T X.680, ISO/ Recommendation X.680, ISO/IEC 8824-1, August 2015.
IEC 8824-1:2008, November 2008.
4.2. Informational References
[I-D.ietf-curdle-pkix]
Josefsson, S. and J. Schaad, "Algorithm Identifiers for
Ed25519, Ed448, X25519 and X448 for use in the Internet
X.509 Public Key Infrastructure", draft-ietf-curdle-
pkix-07 (work in progress), November 2017.
[I-D.ietf-curdle-pkix-03] 4.2. Informative References
Josefsson, S. and J. Schaad, "Algorithm Identifiers for
Ed25519, Ed448, X25519 and X448 for use in the Internet
X.509 Public Key Infrastructure", draft-ietf-curdle-
pkix-07 (work in progress), November 2016.
[RFC7748] Langley, A., Hamburg, M., and S. Turner, "Elliptic Curves [RFC7748] Langley, A., Hamburg, M., and S. Turner, "Elliptic Curves
for Security", RFC 7748, DOI 10.17487/RFC7748, January for Security", RFC 7748, DOI 10.17487/RFC7748, January
2016, <https://www.rfc-editor.org/info/rfc7748>. 2016, <https://www.rfc-editor.org/info/rfc7748>.
[RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital
Signature Algorithm (EdDSA)", RFC 8032, Signature Algorithm (EdDSA)", RFC 8032,
DOI 10.17487/RFC8032, January 2017, DOI 10.17487/RFC8032, January 2017,
<https://www.rfc-editor.org/info/rfc8032>. <https://www.rfc-editor.org/info/rfc8032>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for [RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26, Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017, RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>. <https://www.rfc-editor.org/info/rfc8126>.
[RFC8410] Josefsson, S. and J. Schaad, "Algorithm Identifiers for
Ed25519, Ed448, X25519, and X448 for Use in the Internet
X.509 Public Key Infrastructure", RFC 8410,
DOI 10.17487/RFC8410, August 2018.
[SAFE-X.509-03]
Josefsson, S. and J. Schaad, "Algorithm Identifiers for
Ed25519, Ed448, X25519 and X448 for use in the Internet
X.509 Public Key Infrastructure", Work in Progress,
draft-ietf-curdle-pkix-03, November 2016.
Acknowledgments Acknowledgments
Our thanks go out to DigiCert for donating the range of OIDs covered Our thanks go out to DigiCert for donating the range of OIDs covered
in this document. At the time of the donation, the root of the range in this document. At the time of the donation, the root of the range
was assigned to Symantec but has sense been transfered DigiCert. was assigned to Symantec but has since been transferred to DigiCert.
This document uses a lot of text from a similar document by Russ This document uses a lot of text from a similar document by Russ
Housley. Copying always makes things easier and less error prone. Housley. Copying always makes things easier and less error prone.
Authors' Addresses Authors' Addresses
Jim Schaad Jim Schaad
August Cellars August Cellars
Email: ietf@augustcellars.com Email: ietf@augustcellars.com
 End of changes. 21 change blocks. 
95 lines changed or deleted 69 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/