Internet Engineering Task Force (IETF)                      S. Santesson
Request for Comments: 5816                                  3xA Security
Updates: 3161                                                    N. Pope
Category: Standards Track                                         Thales
ISSN: 2070-1721                                               March 2010
        
Internet Engineering Task Force (IETF)                      S. Santesson
Request for Comments: 5816                                  3xA Security
Updates: 3161                                                    N. Pope
Category: Standards Track                                         Thales
ISSN: 2070-1721                                               March 2010
        

ESSCertIDv2 Update for RFC 3161

RFC 3161的ESSCertIDv2更新

Abstract

摘要

This document updates RFC 3161. It allows the use of ESSCertIDv2, as defined in RFC 5035, to specify the hash of a signer certificate when the hash is calculated with a function other than the Secure Hash Algorithm (SHA-1).

本文档更新了RFC 3161。当使用安全哈希算法(SHA-1)以外的函数计算签名者证书的哈希时,它允许使用RFC 5035中定义的ESSCertIDv2来指定签名者证书的哈希。

Status of This Memo

关于下段备忘

This is an Internet Standards Track document.

这是一份互联网标准跟踪文件。

This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 5741.

本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。有关互联网标准的更多信息,请参见RFC 5741第2节。

Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc5816.

有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc5816.

Copyright Notice

版权公告

Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.

版权所有(c)2010 IETF信托基金和确定为文件作者的人员。版权所有。

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。

This document may contain material from IETF Documents or IETF Contributions published or made publicly available before November 10, 2008. The person(s) controlling the copyright in some of this

本文件可能包含2008年11月10日之前发布或公开的IETF文件或IETF贡献中的材料。本协议某些部分的版权控制人

material may not have granted the IETF Trust the right to allow modifications of such material outside the IETF Standards Process. Without obtaining an adequate license from the person(s) controlling the copyright in such materials, this document may not be modified outside the IETF Standards Process, and derivative works of it may not be created outside the IETF Standards Process, except to format it for publication as an RFC or to translate it into languages other than English.

材料可能未授予IETF信托允许在IETF标准过程之外修改此类材料的权利。在未从控制此类材料版权的人员处获得充分许可的情况下,不得在IETF标准流程之外修改本文件,也不得在IETF标准流程之外创建其衍生作品,除了将其格式化以RFC形式发布或将其翻译成英语以外的其他语言。

Table of Contents

目录

   1. Introduction ....................................................2
      1.1. Terminology ................................................2
   2. Updates to RFC 3161 .............................................3
      2.1. Changes to Section 2.4.1, Request Format ...................3
      2.2. Changes to Section 2.4.2, Response Format ..................3
           2.2.1. Signature of Time-Stamp Token .......................3
           2.2.2. Verifying the Time-Stamp Token ......................4
   3. Security Considerations .........................................4
   4. References ......................................................5
      4.1. Normative References .......................................5
      4.2. Informative References .....................................5
        
   1. Introduction ....................................................2
      1.1. Terminology ................................................2
   2. Updates to RFC 3161 .............................................3
      2.1. Changes to Section 2.4.1, Request Format ...................3
      2.2. Changes to Section 2.4.2, Response Format ..................3
           2.2.1. Signature of Time-Stamp Token .......................3
           2.2.2. Verifying the Time-Stamp Token ......................4
   3. Security Considerations .........................................4
   4. References ......................................................5
      4.1. Normative References .......................................5
      4.2. Informative References .....................................5
        
1. Introduction
1. 介绍

The time-stamping protocol defined in RFC 3161 [RFC3161] requires that the Cryptographic Message Syntax (CMS) SignedData [RFC5652], used to apply a digital signature on the time-stamp token, include a signed attribute that identifies the signer's certificate.

RFC 3161[RFC3161]中定义的时间戳协议要求用于在时间戳令牌上应用数字签名的加密消息语法(CMS)SignedData[RFC5652]包含标识签名者证书的签名属性。

This identifier only allows SHA-1 [SHA1] to be used as the hash algorithm to generate the identifier value.

此标识符仅允许将SHA-1[SHA1]用作生成标识符值的哈希算法。

The mechanism used in [RFC3161] employed ESSCertID from RFC 2634 [ESS]. RFC 5035 [ESSV2] updated ESSCertID with ESSCertIDv2 to allow the use of any hash algorithm.

[RFC3161]中使用的机制使用了RFC 2634[ESS]中的ESSCertID。RFC 5035[ESSV2]使用ESSCertIDv2更新了ESSCertID,以允许使用任何哈希算法。

The changes to RFC 3161 [RFC3161] defined in this document allow ESSCertIDv2 to be used to include an identifier of the signing certificate as defined in RFC 5035 [ESSV2].

本文件中定义的对RFC 3161[RFC3161]的更改允许使用ESSCertIV2包含RFC 5035[ESSV2]中定义的签名证书标识符。

1.1. Terminology
1.1. 术语

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [RFC2119].

本文件中的关键词“必须”、“不得”、“要求”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照RFC 2119[RFC2119]中所述进行解释。

2. Updates to RFC 3161
2. RFC3161的更新
2.1. Changes to Section 2.4.1, Request Format
2.1. 对第2.4.1节“请求格式”的更改

Last paragraph on Page 5.

第5页最后一段。

Old:

旧的:

If the certReq field is present and set to true, the TSA's public key certificate that is referenced by the ESSCertID identifier inside a SigningCertificate attribute in the response MUST be provided by the TSA in the certificates field from the SignedData structure in that response. That field may also contain other certificates.

如果certReq字段存在并设置为true,则TSA必须在该响应的SignedData结构的certificates字段中提供由响应中SigningCertificate属性内的ESSCertID标识符引用的TSA公钥证书。该字段还可能包含其他证书。

New:

新的:

If the certReq field is present and set to true, the TSA's public key certificate that is referenced by the ESSCertID [ESS] field inside a SigningCertificate attribute or by the ESSCertIDv2 [ESSV2] field inside a SigningCertificateV2 attribute in the response MUST be provided by the TSA in the certificates field from the SignedData structure in that response. That field may also contain other certificates.

如果certReq字段存在并设置为true,则TSA的公钥证书由SigningCertificate属性内的ESSCertID[ESS]字段或ESSCertIDv2[ESSV2]引用响应中SigningCertificateV2属性内的字段必须由该响应中SignedData结构的证书字段中的TSA提供。该字段还可能包含其他证书。

2.2. Changes to Section 2.4.2, Response Format
2.2. 对第2.4.2节响应格式的更改
2.2.1. Signature of Time-Stamp Token
2.2.1. 时间戳令牌的签名

Fifth paragraph on Page 8, just before the definition of TSTInfo.

第8页第五段,就在TSTInfo定义之前。

Old:

旧的:

The time-stamp token MUST NOT contain any signatures other than the signature of the TSA. The certificate identifier (ESSCertID) of the TSA certificate MUST be included as a signerInfo attribute inside a SigningCertificate attribute.

时间戳令牌不得包含TSA签名以外的任何签名。TSA证书的证书标识符(ESSCertID)必须作为SigningCertificate属性中的SignerinInfo属性包含。

New:

新的:

The time-stamp token MUST NOT contain any signatures other than the signature of the TSA. The certificate identifier (either ESSCertID [ESS] or ESSCertIDv2 [ESSV2]) of the TSA certificate MUST be included as a signerInfo attribute inside a SigningCertificate attribute.

时间戳令牌不得包含TSA签名以外的任何签名。TSA证书的证书标识符(ESSCertID[ESS]或ESSCertIDv2[ESSV2])必须作为SigningCertificate属性中的SignerinInfo属性包含。

Note: As mentioned in RFC 5035 [ESSV2], the SigningCertificateV2 attribute MUST be used if any algorithm other than SHA-1 is used and SHOULD NOT be used for SHA-1.

注:如RFC 5035[ESSV2]中所述,如果使用SHA-1以外的任何算法,则必须使用SigningCertificateV2属性,并且不应将其用于SHA-1。

Note: For backwards compatibility, in line with RFC 5035, both ESSCertID and ESSCertIDv2 MAY be present. Systems MAY ignore ESSCertIDv2 if RFC 5035 has not been implemented.

注:为了向后兼容,根据RFC 5035,ESSCertID和ESSCertIDv2都可能存在。如果未实施RFC 5035,系统可能会忽略ESSCertIDv2。

2.2.2. Verifying the Time-Stamp Token
2.2.2. 验证时间戳令牌

Third paragraph on Page 11.

第11页第三段。

Old:

旧的:

The purpose of the tsa field is to give a hint in identifying the name of the TSA. If present, it MUST correspond to one of the subject names included in the certificate that is to be used to verify the token. However, the actual identification of the entity that signed the response will always occur through the use of the certificate identifier (ESSCertID Attribute) inside a SigningCertificate attribute which is part of the signerInfo (See Section 5 of [ESS]).

tsa字段的目的是给出识别tsa名称的提示。如果存在,则必须与证书中包含的用于验证令牌的主体名称之一相对应。但是,签名响应的实体的实际标识将始终通过在作为SignerinInfo一部分的SigningCertificate属性中使用证书标识符(ESSCertID属性)来实现(参见[ESS]第5节)。

New:

新的:

The purpose of the tsa field is to give a hint in identifying the name of the TSA. If present, it MUST correspond to one of the subject names included in the certificate that is to be used to verify the token. However, the actual identification of the entity that signed the response will always occur through the use of the certificate identifier (ESSCertID inside a SigningCertificate attribute or ESSCertIDv2 inside a SigningCertificateV2 attribute) that is part of the signerInfo (see Section 5 of [ESS] and Section 3 of [ESSV2]).

tsa字段的目的是给出识别tsa名称的提示。如果存在,则必须与证书中包含的用于验证令牌的主体名称之一相对应。但是,签署响应的实体的实际标识将始终通过使用作为SignerinInfo一部分的证书标识符(SigningCertificate属性内的ESSCertID或SigningCertificateV2属性内的ESSCertIDv2)来实现(参见[ESS]第5节和[ESSV2]第3节)。

3. Security Considerations
3. 安全考虑

This document incorporates the security considerations of RFC 5035 [ESSV2] with further explanations in this section.

本文件结合了RFC 5035[ESSV2]的安全注意事项,并在本节中作了进一步解释。

ESSCertID provides a means based on the SHA-1 hash algorithm for identifying the certificate used to verify the signature on a time stamp. The use of ESSCertIDv2 aims to enable implementers to comply with policies that require phasing out all uses of the SHA-1 algorithm.

ESSCertID提供了一种基于SHA-1哈希算法的方法,用于识别用于验证时间戳上签名的证书。ESSCertIDv2的使用旨在使实施者能够遵守要求逐步淘汰所有SHA-1算法使用的政策。

The update provided by this document is motivated by reasons of interoperability and migration to other hash algorithms rather than mitigating new security issues.

本文档提供的更新是出于互操作性和迁移到其他哈希算法的原因,而不是为了缓解新的安全问题。

4. References
4. 工具书类
4.1. Normative References
4.1. 规范性引用文件

[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.

[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。

[ESS] Hoffman, P., Ed., "Enhanced Security Services for S/MIME", RFC 2634, June 1999.

[ESS]Hoffman,P.,Ed.“S/MIME的增强安全服务”,RFC 2634,1999年6月。

[ESSV2] Schaad, J., "Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility", RFC 5035, August 2007.

[ESSV2]Schaad,J.,“增强安全服务(ESS)更新:添加CertID算法敏捷性”,RFC 5035,2007年8月。

[RFC3161] Adams, C., Cain, P., Pinkas, D., and R. Zuccherato, "Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)", RFC 3161, August 2001.

[RFC3161]Adams,C.,Cain,P.,Pinkas,D.,和R.Zuccherato,“互联网X.509公钥基础设施时间戳协议(TSP)”,RFC3161,2001年8月。

[RFC5652] Housley, R., "Cryptographic Message Syntax (CMS)", RFC 5652, September 2009.

[RFC5652]Housley,R.,“加密消息语法(CMS)”,RFC 56522009年9月。

4.2. Informative References
4.2. 资料性引用

[SHA1] Secure Hash Standard. FIPS Pub 180-1. National Institute of Standards and Technology. 17 April 1995.

[SHA1]安全哈希标准。FIPS Pub 180-1。国家标准与技术研究所。1995年4月17日。

Authors' Addresses

作者地址

Stefan Santesson 3xA Security AB Sweden

瑞典Stefan Santesson 3SA安全AB

   EMail: sts@aaa-sec.com
        
   EMail: sts@aaa-sec.com
        

Nick Pope Thales Information Systems Security Long Crendon, Aylesbury United Kingdom

Nick Pope Thales信息系统安全Long Crendon,英国艾尔斯伯里

   EMail: nick.pope@thales-esecurity.com
        
   EMail: nick.pope@thales-esecurity.com