Internet DRAFT - draft-housley-ltans-oids
draft-housley-ltans-oids
INTERNET-DRAFT R. Housley
Intended Status: Informational Vigil Security
Expires: 29 January 2014 29 July 2013
Object Identifier Registry for the
Long-Term Archive and Notary Services (LTANS) Working Group
<draft-housley-ltans-oids-01.txt>
Abstract
When the Long-Term Archive and Notary Services (LTANS) Working Group
was chartered, an object identifier arc was set aside for use by that
working group. This document describes the object identifiers that
were assigned, and it establishes IANA allocation policies for any
future assignments within that arc.
Status of this Memo
This Internet-Draft is submitted to IETF in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as
Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
Copyright and License Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Housley Expires 29 January 2014 [Page 1]
�
INTERNET-DRAFT LTANS OID Registry 29 July 2013
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Subordinate Object Identifier Arcs . . . . . . . . . . . . . . 2
3. Module Identifiers . . . . . . . . . . . . . . . . . . . . . . 3
4. CMS Content Types . . . . . . . . . . . . . . . . . . . . . . 4
5. ERS Encryption Methods . . . . . . . . . . . . . . . . . . . . 4
6. Security Considerations . . . . . . . . . . . . . . . . . . . 4
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
7.1. Update to SMI Security for Mechanism Codes Registry . . . 4
7.2. Add SMI Security for LTANS Registry . . . . . . . . . . . 4
7.3. Add SMI Security for LTANS Module Identifier Registry . . 5
7.4. Add SMI Security for LTANS CMS Content Type Registry . . . 5
7.5. Add SMI Security for LTANS CMS Content Type Registry . . . 6
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 6
8.1. Normative References . . . . . . . . . . . . . . . . . . . 6
8.2. Informative References . . . . . . . . . . . . . . . . . . 6
Author's Addresses . . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction
When the Long-Term Archive and Notary Services (LTANS) Working Group
was chartered, an object identifier arc was set aside for use by that
working group. These object identifiers are primarily used with
Abstract Syntax Notation One (ASN.1) [ASN1-88] [ASN1-97].
The LTANS object identifier arc is:
id-ltans OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5)
mechanisms(5) ltans(11) }
This document describes the object identifiers that were assigned,
and it establishes IANA allocation policies for any future
assignments within that arc.
2. Subordinate Object Identifier Arcs
Three subordinate object identifier arcs were used. The first arc,
id-mod, was used to assign ASN.1 module identifiers. The second arc,
id-ct, was used to assign Cryptographic Message Syntax (CMS) content
Housley Expires 29 January 2014 [Page 2]
�
INTERNET-DRAFT LTANS OID Registry 29 July 2013
types. The third arc, id-em, was set aside for Evidence Record
Syntax (ERS) encryption methods.
id-mod OBJECT IDENTIFIER ::= { id-ltans 0 }
id-ct OBJECT IDENTIFIER ::= { id-ltans 1 }
id-em OBJECT IDENTIFIER ::= { id-ltans 2 }
3. Module Identifiers
The Evidence Record Syntax (ERS) [RFC4998] includes two ASN.1
modules. Both modules define the same syntax, but one module uses
the 1997 ASN.1 syntax, and the other module uses the 1988 ASN.1
syntax. These module identifiers are:
id-mod-ers OBJECT IDENTIFIER ::= { id-mod 1 }
id-mod-ers-v1 OBJECT IDENTIFIER ::= { id-mod 1 1 }
id-mod-ers88 OBJECT IDENTIFIER ::= { id-mod 2 }
id-mod-ers88-v1 OBJECT IDENTIFIER ::= { id-mod 2 1 }
The Long-term Archive Protocol (LTAP) [LTAP] includes two ASN.1
modules. While this protocol was never published as an RFC, the
module identifiers were assigned to facilitate implementation. Both
modules define the same syntax, but one module uses the 1997 ASN.1
syntax, and the other module uses the 1988 ASN.1 syntax. These
module identifiers are:
id-mod-ltap88 OBJECT IDENTIFIER ::= { id-mod 3 }
id-mod-ltap88-v0 OBJECT IDENTIFIER ::= { id-mod 3 0 }
id-mod-ltap88-v1 OBJECT IDENTIFIER ::= { id-mod 3 1 }
id-mod-ltap OBJECT IDENTIFIER ::= { id-mod 4 }
id-mod-ltap-v0 OBJECT IDENTIFIER ::= { id-mod 4 0 }
id-mod-ltap-v1 OBJECT IDENTIFIER ::= { id-mod 4 1 }
The document that describes the conventions for using Simple
Certificate Validation Protocol (SCVP) to convey Long-term Evidence
Records [RFC5276] includes one ASN.1 module. The module identifier
is:
id-mod-ers-scvp OBJECT IDENTIFIER ::= { id-mod 5 }
id-mod-ers-scvp-v1 OBJECT IDENTIFIER ::= { id-mod 5 1 }
The Data Structure for the Security Suitability of Cryptographic
Algorithms (DSSC) [RFC5698] includes two ASN.1 modules. Both modules
define the same syntax, but one module uses the 1997 ASN.1 syntax,
and the other module uses the 1988 ASN.1 syntax. These module
Housley Expires 29 January 2014 [Page 3]
�
INTERNET-DRAFT LTANS OID Registry 29 July 2013
identifiers are:
id-mod-dssc88 OBJECT IDENTIFIER ::= { id-mod 6 }
id-mod-dssc88-v1 OBJECT IDENTIFIER ::= { id-mod 6 1 }
id-mod-dssc OBJECT IDENTIFIER ::= { id-mod 7 }
id-mod-dssc-v1 OBJECT IDENTIFIER ::= { id-mod 7 1 }
4. CMS Content Types
A CMS content type for an Evidence Record was reserved, but no
specification points to this value. It remains reserved.
id-ct-evidence-record OBJECT IDENTIFIER ::= { id-ct 1 }
The Data Structure for the Security Suitability of Cryptographic
Algorithms (DSSC) [RFC5698] specifies three CMS content types. These
CMS content types are:
id-ct-dssc-asn1 OBJECT IDENTIFIER ::= { id-ct 2 }
id-ct-dssc-xml OBJECT IDENTIFIER ::= { id-ct 3 }
id-ct-dssc-tbsPolicy OBJECT IDENTIFIER ::= { id-ct 6 }
The Long-term Archive Protocol (LTAP) [LTAP] defines two CMS content
types. While this protocol was never published as an RFC, the CMS
content types were assigned to facilitate implementation. These CMS
content types are:
id-ct-LTAPRequest OBJECT IDENTIFIER ::= { id-ct 4 }
id-ct-LTAPResponse OBJECT IDENTIFIER ::= { id-ct 5 }
5. ERS Encryption Methods
An arc was set up for Evidence Record Syntax (ERS) encryption
methods, and one object identifier was assigned. However, that
object identifier is obsolete, and it should not be used.
id-em-enveloped-data OBJECT IDENTIFIER ::= { id-em 1 } -- obsolete
6. Security Considerations
This document populates an IANA registry, and it raises no new
security considerations. The protocols that specify these values
include the security considerations associated with their usage.
7. IANA Considerations
IANA is asked to update one registry table and create four additional
tables.
Housley Expires 29 January 2014 [Page 4]
�
INTERNET-DRAFT LTANS OID Registry 29 July 2013
Updates to the four new tables require Expert Review as defined in
[RFC5226]. The expert is expected to ensure that any new values are
strongly related to the work that was done by the LTANS WG. Object
identifiers for other purposes should not be assigned in this arc.
7.1. Update to SMI Security for Mechanism Codes Registry
Please update the reference in the Long-Term Archive and Notary
Services entry (decimal value 11) so that it points to this document.
7.2. Add SMI Security for LTANS Registry
Within the SMI-numbers registry, add a "SMI Security for LTANS
(1.3.6.1.5.5.11)" table with three columns:
Decimal Description References
------- ---------------------- ----------
0 module-identifiers {This RFC}
1 cms-content-types {This RFC}
2 ers-encryption-methods {This RFC}
Future updates to this table require Expert Review as defined in
[RFC5226].
7.3. Add SMI Security for LTANS Module Identifier Registry
Within the SMI-numbers registry, add a "SMI Security for LTANS Module
Identifier (1.3.6.1.5.5.11.0)" table with three columns:
OID Value Description References
-------------------- ------------------- ----------
1.3.6.1.5.5.11.0.1 id-mod-ers [RFC4998]
1.3.6.1.5.5.11.0.1.1 id-mod-ers-v1 [RFC4998]
1.3.6.1.5.5.11.0.2 id-mod-ers88 [RFC4998]
1.3.6.1.5.5.11.0.2.1 id-mod-ers88-v1 [RFC4998]
1.3.6.1.5.5.11.0.3 id-mod-ltap88 Reserved
1.3.6.1.5.5.11.0.3.0 id-mod-ltap88-v0 Reserved
1.3.6.1.5.5.11.0.3.1 id-mod-ltap88-v1 Reserved
1.3.6.1.5.5.11.0.4 id-mod-ltap Reserved
1.3.6.1.5.5.11.0.4.0 id-mod-ltap-v0 Reserved
1.3.6.1.5.5.11.0.4.1 id-mod-ltap-v1 Reserved
1.3.6.1.5.5.11.0.5 id-mod-ers-scvp [RFC5276]
1.3.6.1.5.5.11.0.5.1 id-mod-ers-scvp-v1 [RFC5276]
1.3.6.1.5.5.11.0.6 id-mod-dssc88 [RFC5698]
1.3.6.1.5.5.11.0.6.1 id-mod-dssc88-v1 [RFC5698]
1.3.6.1.5.5.11.0.7 id-mod-dssc [RFC5698]
1.3.6.1.5.5.11.0.7.1 id-mod-dssc-v1 [RFC5698]
Housley Expires 29 January 2014 [Page 5]
�
INTERNET-DRAFT LTANS OID Registry 29 July 2013
Future updates to this table require Expert Review as defined in
[RFC5226].
7.4. Add SMI Security for LTANS CMS Content Type Registry
Within the SMI-numbers registry, add a "SMI Security for LTANS CMS
Content Type (1.3.6.1.5.5.11.1)" table with three columns:
Decimal Description References
------- --------------------- ----------
1 id-ct-evidence-record Reserved
2 id-ct-dssc-asn1 [RFC5698]
3 id-ct-dssc-xml [RFC5698]
4 id-ct-LTAPRequest Reserved
5 id-ct-LTAPResponse Reserved
6 id-ct-dssc-tbsPolicy [RFC5698]
Future updates to this table require Expert Review as defined in
[RFC5226].
7.5. Add SMI Security for LTANS CMS Content Type Registry
Within the SMI-numbers registry, add a "SMI Security for LTANS ERS
Encryption Method (1.3.6.1.5.5.11.2)" table with three columns:
Decimal Description References
------- --------------------- ---------------------
1 id-em-enveloped-data Reserved and Obsolete
Future updates to this table require Expert Review as defined in
[RFC5226].
8. References
8.1. Normative References
[ASN1-88] International Telephone and Telegraph Consultative
Committee, "Specification of Abstract Syntax Notation One
(ASN.1)", CCITT Recommendation X.208, 1988.
[ASN1-97] International Telecommunications Union, "Abstract Syntax
Notation One (ASN.1): Specification of basic notation",
ITU-T Recommendation X.680, 1997.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
Housley Expires 29 January 2014 [Page 6]
�
INTERNET-DRAFT LTANS OID Registry 29 July 2013
8.2. Informative References
[LTAP] Jerman Blazic, A., Sylvester, P., and C. Wallace, "Long-
term Archive Protocol (LTAP)", work-in-progress, July
2009.
[RFC4998] Gondrom, T., Brandner, R., and U. Pordesch, "Evidence
Record Syntax (ERS)", RFC 4998, August 2007.
[RFC5276] Wallace, C., "Using the Server-Based Certificate
Validation Protocol (SCVP) to Convey Long-Term Evidence
Records", RFC 5276, August 2008.
[RFC5698] Kunz, T., Okunick, S., and U. Pordesch, "Data Structure
for the Security Suitability of Cryptographic Algorithms
(DSSC)", RFC 5698, November 2009.
9. Acknowledgements
Thanks to Carl Wallace, Sean Turner, Paul Hoffman, and Carsten
Bormann for their review and comments.
Author's Addresses
Russ Housley
918 Spring Knoll Drive
Herndon, VA 20170
USA
EMail: housley@vigilsec.com
Housley Expires 29 January 2014 [Page 7]
