draft-ietf-smime-cms-rsaes-oaep-06.txt   draft-ietf-smime-cms-rsaes-oaep-07.txt 
S/MIME Working Group R. Housley S/MIME Working Group R. Housley
Internet Draft RSA Laboratories Internet Draft RSA Laboratories
expires in six months August 2002 expires in six months December 2002
Use of the RSAES-OAEP Key Transport Algorithm in CMS Use of the RSAES-OAEP Key Transport Algorithm in CMS
<draft-ietf-smime-cms-rsaes-oaep-06.txt> <draft-ietf-smime-cms-rsaes-oaep-07.txt>
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. Internet-Drafts are working all provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at To view the entire list of current Internet-Drafts, please check the
http://www.ietf.org/1id-abstracts.html "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
The list of Internet-Draft Shadow Directories can be accessed at Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
http://www.ietf.org/shadow.html Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).
Copyright Notice Copyright Notice
Copyright (C) The Internet Society (2002). All Rights Reserved. Copyright (C) The Internet Society (2002). All Rights Reserved.
Abstract Abstract
This document describes the use of the RSAES-OAEP key transport This document describes the conventions for using the RSAES-OAEP key
method of key management within the Cryptographic Message Syntax transport algorithm with the Cryptographic Message Syntax (CMS). The
(CMS). CMS specifies the enveloped-data content type, which consists of an
encrypted content and encrypted content-encryption keys for one or
more recipients. The RSAES-OAEP key transport algorithm can be used
to encrypt content-encryption keys for intended recipients.
1. Introduction 1. Introduction
This draft is being discussed on the "ietf-smime" mailing list. To This draft is being discussed on the "ietf-smime" mailing list. To
join the list, send a message to <ietf-smime-request@imc.org> with join the list, send a message to <ietf-smime-request@imc.org> with
the single word "subscribe" in the body of the message. Also, there the single word "subscribe" in the body of the message. Also, there
is a Web site for the mailing list at <http://www.imc.org/ietf- is a Web site for the mailing list at <http://www.imc.org/ietf-
smime/>. smime/>.
PKCS #1 Version 1.5 [PKCS#1v1.5] specifies a widely deployed variant PKCS #1 Version 1.5 [PKCS#1v1.5] specifies a widely deployed variant
skipping to change at page 12, line 25 skipping to change at page 12, line 27
80 bits is needed, then a longer RSA public key and a secure one-way 80 bits is needed, then a longer RSA public key and a secure one-way
hash function with a longer hash value are needed. Again, SHA-256, hash function with a longer hash value are needed. Again, SHA-256,
SHA-384, and SHA-512 are likely candidates for such a one-way hash SHA-384, and SHA-512 are likely candidates for such a one-way hash
function. For this reason, the algorithm identifiers for these one- function. For this reason, the algorithm identifiers for these one-
way hash functions are included in the ASN.1 module in Appendix A. way hash functions are included in the ASN.1 module in Appendix A.
The same one-way hash function should be employed for the hashFunc The same one-way hash function should be employed for the hashFunc
and the maskGenFunc, but it is not required. Using the same one-way and the maskGenFunc, but it is not required. Using the same one-way
hash function reduces the potential for implementation errors. hash function reduces the potential for implementation errors.
8. Acknowledgments 8. IANA Considerations
Within the CMS, algorithms are identified by object identifiers
(OIDs). All of the OIDs used in this document were assigned in
Public-Key Cryptography Standards (PKCS) documents or by the National
Institute of Standards and Technology (NIST). No further action by
the IANA is necessary for this document or any anticipated updates.
9. Acknowledgments
This document is the result of contributions from many professionals. This document is the result of contributions from many professionals.
I appreciate the hard work of all members of the IETF S/MIME Working I appreciate the hard work of all members of the IETF S/MIME Working
Group. Further, I extend a special thanks to Burt Kaliski, Jakob Group. Further, I extend a special thanks to Burt Kaliski, Jakob
Jonsson, Francois Rousseau, and Jim Schaad. Jonsson, Francois Rousseau, and Jim Schaad.
9. Author Address 10. Author Address
Russell Housley Russell Housley
RSA Laboratories RSA Laboratories
918 Spring Knoll Drive 918 Spring Knoll Drive
Herndon, VA 20170 Herndon, VA 20170
USA USA
rhousley@rsasecurity.com rhousley@rsasecurity.com
Appendix A. ASN.1 Module Appendix A. ASN.1 Module
CMS-RSAES-OAEP CMS-RSAES-OAEP
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
pkcs-9(9) smime(16) modules(0) cms-rsaes-oaep(20) } pkcs-9(9) smime(16) modules(0) cms-rsaes-oaep(20) }
DEFINITIONS IMPLICIT TAGS ::= DEFINITIONS IMPLICIT TAGS ::=
BEGIN BEGIN
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/