Internet Engineering Task Force (IETF) R. Housley
Request for Comments: 7036 Vigil Security
Category: Informational October 2013
ISSN: 2070-1721
Internet Engineering Task Force (IETF) R. Housley
Request for Comments: 7036 Vigil Security
Category: Informational October 2013
ISSN: 2070-1721
Object Identifier Registry for the Long-Term Archive and Notary Services (LTANS) Working Group
长期档案和公证服务(LTANS)工作组的对象标识符注册表
Abstract
摘要
When the Long-Term Archive and Notary Services (LTANS) working group was chartered, an object identifier arc was set aside for use by that working group. This document describes the object identifiers that were assigned, and it establishes IANA allocation policies for any future assignments within that arc.
当长期档案和公证服务(LTANS)工作组获得特许时,一个对象标识符arc被预留供该工作组使用。本文档描述分配的对象标识符,并为该arc内的任何未来分配建立IANA分配策略。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for informational purposes.
本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Not all documents approved by the IESG are a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
本文件是互联网工程任务组(IETF)的产品。它代表了IETF社区的共识。它已经接受了公众审查,并已被互联网工程指导小组(IESG)批准出版。并非IESG批准的所有文件都适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7036.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7036.
Copyright Notice
版权公告
Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2013 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。从本文件中提取的代码组件必须包括信托法律条款第4.e节中所述的简化BSD许可证文本,并提供简化BSD许可证中所述的无担保。
Table of Contents
目录
1. Introduction ....................................................2
2. Subordinate Object Identifier Arcs ..............................2
3. Module Identifiers ..............................................3
4. CMS Content Types ...............................................4
5. ERS Encryption Methods ..........................................4
6. Security Considerations .........................................4
7. IANA Considerations .............................................4
7.1. SMI Security for Mechanism Codes Registry ..................5
7.2. SMI Security for LTANS Registry ............................5
7.3. SMI Security for LTANS Module Identifier Registry ..........5
7.4. SMI Security for LTANS CMS Content Type Registry ...........6
7.5. SMI Security for LTANS ERS Encryption Method Registry ......6
8. References ......................................................6
8.1. Normative References .......................................6
8.2. Informative References .....................................7
9. Acknowledgements ................................................7
1. Introduction ....................................................2
2. Subordinate Object Identifier Arcs ..............................2
3. Module Identifiers ..............................................3
4. CMS Content Types ...............................................4
5. ERS Encryption Methods ..........................................4
6. Security Considerations .........................................4
7. IANA Considerations .............................................4
7.1. SMI Security for Mechanism Codes Registry ..................5
7.2. SMI Security for LTANS Registry ............................5
7.3. SMI Security for LTANS Module Identifier Registry ..........5
7.4. SMI Security for LTANS CMS Content Type Registry ...........6
7.5. SMI Security for LTANS ERS Encryption Method Registry ......6
8. References ......................................................6
8.1. Normative References .......................................6
8.2. Informative References .....................................7
9. Acknowledgements ................................................7
When the Long-Term Archive and Notary Services (LTANS) working group was chartered, an object identifier arc was set aside for use by that working group. These object identifiers are primarily used with Abstract Syntax Notation One (ASN.1) [ASN1-88] [ASN1-97].
当长期档案和公证服务(LTANS)工作组获得特许时,一个对象标识符arc被预留供该工作组使用。这些对象标识符主要与抽象语法符号1(ASN.1)[ASN1-88][ASN1-97]一起使用。
The LTANS object identifier arc is:
LTANS对象标识符为:
id-ltans OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5)
mechanisms(5) ltans(11) }
id-ltans OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5)
mechanisms(5) ltans(11) }
This document describes the object identifiers that were assigned, and it establishes IANA allocation policies for any future assignments within that arc.
本文档描述分配的对象标识符,并为该arc内的任何未来分配建立IANA分配策略。
Three subordinate object identifier arcs were used. The first arc, id-mod, was used to assign ASN.1 module identifiers. The second arc, id-ct, was used to assign Cryptographic Message Syntax (CMS) content types. The third arc, id-em, was set aside for Evidence Record Syntax (ERS) encryption methods.
使用了三个从属对象标识符弧。第一个arc id mod用于分配ASN.1模块标识符。第二个arc id ct用于分配加密消息语法(CMS)内容类型。第三个arc id em用于证据记录语法(ERS)加密方法。
id-mod OBJECT IDENTIFIER ::= { id-ltans 0 }
id-ct OBJECT IDENTIFIER ::= { id-ltans 1 }
id-em OBJECT IDENTIFIER ::= { id-ltans 2 }
id-mod OBJECT IDENTIFIER ::= { id-ltans 0 }
id-ct OBJECT IDENTIFIER ::= { id-ltans 1 }
id-em OBJECT IDENTIFIER ::= { id-ltans 2 }
The Evidence Record Syntax (ERS) [RFC4998] includes two ASN.1 modules. Both modules define the same syntax, but one module uses the 1997 ASN.1 syntax, and the other module uses the 1988 ASN.1 syntax. These module identifiers are:
证据记录语法(ERS)[RFC4998]包括两个ASN.1模块。两个模块定义相同的语法,但一个模块使用1997年ASN.1语法,另一个模块使用1988年ASN.1语法。这些模块标识符是:
id-mod-ers OBJECT IDENTIFIER ::= { id-mod 1 }
id-mod-ers-v1 OBJECT IDENTIFIER ::= { id-mod 1 1 }
id-mod-ers88 OBJECT IDENTIFIER ::= { id-mod 2 }
id-mod-ers88-v1 OBJECT IDENTIFIER ::= { id-mod 2 1 }
id-mod-ers OBJECT IDENTIFIER ::= { id-mod 1 }
id-mod-ers-v1 OBJECT IDENTIFIER ::= { id-mod 1 1 }
id-mod-ers88 OBJECT IDENTIFIER ::= { id-mod 2 }
id-mod-ers88-v1 OBJECT IDENTIFIER ::= { id-mod 2 1 }
The Long-term Archive Protocol (LTAP) [LTAP] includes two ASN.1 modules. While this protocol was never published as an RFC, the module identifiers were assigned to facilitate implementation. Both modules define the same syntax, but one module uses the 1997 ASN.1 syntax, and the other module uses the 1988 ASN.1 syntax. These module identifiers are:
长期存档协议(LTAP)[LTAP]包括两个ASN.1模块。虽然该协议从未作为RFC发布,但分配了模块标识符以便于实现。两个模块定义相同的语法,但一个模块使用1997年ASN.1语法,另一个模块使用1988年ASN.1语法。这些模块标识符是:
id-mod-ltap88 OBJECT IDENTIFIER ::= { id-mod 3 }
id-mod-ltap88-v0 OBJECT IDENTIFIER ::= { id-mod 3 0 }
id-mod-ltap88-v1 OBJECT IDENTIFIER ::= { id-mod 3 1 }
id-mod-ltap OBJECT IDENTIFIER ::= { id-mod 4 }
id-mod-ltap-v0 OBJECT IDENTIFIER ::= { id-mod 4 0 }
id-mod-ltap-v1 OBJECT IDENTIFIER ::= { id-mod 4 1 }
id-mod-ltap88 OBJECT IDENTIFIER ::= { id-mod 3 }
id-mod-ltap88-v0 OBJECT IDENTIFIER ::= { id-mod 3 0 }
id-mod-ltap88-v1 OBJECT IDENTIFIER ::= { id-mod 3 1 }
id-mod-ltap OBJECT IDENTIFIER ::= { id-mod 4 }
id-mod-ltap-v0 OBJECT IDENTIFIER ::= { id-mod 4 0 }
id-mod-ltap-v1 OBJECT IDENTIFIER ::= { id-mod 4 1 }
The document that describes the conventions for using the Server-Based Certificate Validation Protocol (SCVP) to convey Long-Term Evidence Records [RFC5276] includes one ASN.1 module. The module identifier is:
描述使用基于服务器的证书验证协议(SCVP)传输长期证据记录的约定的文档[RFC5276]包括一个ASN.1模块。模块标识符为:
id-mod-ers-scvp OBJECT IDENTIFIER ::= { id-mod 5 }
id-mod-ers-scvp-v1 OBJECT IDENTIFIER ::= { id-mod 5 1 }
id-mod-ers-scvp OBJECT IDENTIFIER ::= { id-mod 5 }
id-mod-ers-scvp-v1 OBJECT IDENTIFIER ::= { id-mod 5 1 }
The Data Structure for the Security Suitability of Cryptographic Algorithms (DSSC) [RFC5698] includes two ASN.1 modules. Both modules define the same syntax, but one module uses the 1997 ASN.1 syntax, and the other module uses the 1988 ASN.1 syntax. These module identifiers are:
加密算法(DSSC)安全适用性的数据结构[RFC5698]包括两个ASN.1模块。两个模块定义相同的语法,但一个模块使用1997年ASN.1语法,另一个模块使用1988年ASN.1语法。这些模块标识符是:
id-mod-dssc88 OBJECT IDENTIFIER ::= { id-mod 6 }
id-mod-dssc88-v1 OBJECT IDENTIFIER ::= { id-mod 6 1 }
id-mod-dssc OBJECT IDENTIFIER ::= { id-mod 7 }
id-mod-dssc-v1 OBJECT IDENTIFIER ::= { id-mod 7 1 }
id-mod-dssc88 OBJECT IDENTIFIER ::= { id-mod 6 }
id-mod-dssc88-v1 OBJECT IDENTIFIER ::= { id-mod 6 1 }
id-mod-dssc OBJECT IDENTIFIER ::= { id-mod 7 }
id-mod-dssc-v1 OBJECT IDENTIFIER ::= { id-mod 7 1 }
A CMS content type for an Evidence Record was reserved, but no specification points to this value. It remains reserved.
保留了证据记录的CMS内容类型,但没有指向此值的规范。它仍然是保留的。
id-ct-evidence-record OBJECT IDENTIFIER ::= { id-ct 1 }
id-ct-evidence-record OBJECT IDENTIFIER ::= { id-ct 1 }
The Data Structure for the Security Suitability of Cryptographic Algorithms (DSSC) [RFC5698] specifies three CMS content types. These CMS content types are:
加密算法(DSSC)安全适用性的数据结构[RFC5698]指定了三种CMS内容类型。这些内容类型包括:
id-ct-dssc-asn1 OBJECT IDENTIFIER ::= { id-ct 2 }
id-ct-dssc-xml OBJECT IDENTIFIER ::= { id-ct 3 }
id-ct-dssc-tbsPolicy OBJECT IDENTIFIER ::= { id-ct 6 }
id-ct-dssc-asn1 OBJECT IDENTIFIER ::= { id-ct 2 }
id-ct-dssc-xml OBJECT IDENTIFIER ::= { id-ct 3 }
id-ct-dssc-tbsPolicy OBJECT IDENTIFIER ::= { id-ct 6 }
The Long-term Archive Protocol (LTAP) [LTAP] defines two CMS content types. While this protocol was never published as an RFC, the CMS content types were assigned to facilitate implementation. These CMS content types are:
长期存档协议(LTAP)[LTAP]定义了两种CMS内容类型。虽然该协议从未作为RFC发布,但分配CMS内容类型是为了便于实现。这些内容类型包括:
id-ct-LTAPRequest OBJECT IDENTIFIER ::= { id-ct 4 }
id-ct-LTAPResponse OBJECT IDENTIFIER ::= { id-ct 5 }
id-ct-LTAPRequest OBJECT IDENTIFIER ::= { id-ct 4 }
id-ct-LTAPResponse OBJECT IDENTIFIER ::= { id-ct 5 }
An arc was set up for Evidence Record Syntax (ERS) encryption methods, and one object identifier was assigned. However, that object identifier is obsolete, and it should not be used.
为证据记录语法(ERS)加密方法设置了arc,并分配了一个对象标识符。但是,该对象标识符已过时,不应使用。
id-em-enveloped-data OBJECT IDENTIFIER ::= { id-em 1 } -- obsolete
id-em-enveloped-data OBJECT IDENTIFIER ::= { id-em 1 } -- obsolete
This document populates an IANA registry, and it raises no new security considerations. The protocols that specify these values include the security considerations associated with their usage.
此文档填充IANA注册表,并且没有提出新的安全注意事项。指定这些值的协议包括与其使用相关的安全注意事项。
IANA has updated one registry table and created four additional tables.
IANA更新了一个注册表表,并创建了四个附加表。
Updates to the four new tables require Expert Review, as defined in [RFC5226]. The Designated Expert is expected to ensure that any new values are strongly related to the work that was done by the LTANS WG. Object identifiers for other purposes should not be assigned in this arc.
根据[RFC5226]中的定义,四个新表格的更新需要专家审查。指定专家应确保任何新值与LTANS工作组完成的工作密切相关。不应在此弧中分配用于其他目的的对象标识符。
The reference in the Long-Term Archive and Notary Services entry (decimal value 11) has been updated so that it points to this document.
长期档案和公证服务条目(十进制值11)中的参考已更新,以便指向本文件。
Within the SMI Security Codes registry, IANA has added an "SMI Security for LTANS (1.3.6.1.5.5.11)" table with three columns:
在SMI安全代码注册表中,IANA添加了一个“LTAN的SMI安全性(1.3.6.1.5.5.11)”表,表中有三列:
Decimal Description References
------- ---------------------- ----------
0 module-identifiers [RFC7036]
1 cms-content-types [RFC7036]
2 ers-encryption-methods [RFC7036]
Decimal Description References
------- ---------------------- ----------
0 module-identifiers [RFC7036]
1 cms-content-types [RFC7036]
2 ers-encryption-methods [RFC7036]
Future updates to this table require Expert Review, as defined in [RFC5226].
如[RFC5226]所述,此表的未来更新需要专家审查。
Within the SMI Security Codes registry, IANA has added an "SMI Security for LTANS Module Identifier (1.3.6.1.5.5.11.0)" table with three columns:
在SMI安全代码注册表中,IANA添加了一个“LTANS模块标识符的SMI安全性(1.3.6.1.5.5.11.0)”表,表中有三列:
OID Value Description References
-------------------- ------------------- ----------
1.3.6.1.5.5.11.0.1 id-mod-ers [RFC4998]
1.3.6.1.5.5.11.0.1.1 id-mod-ers-v1 [RFC4998]
1.3.6.1.5.5.11.0.2 id-mod-ers88 [RFC4998]
1.3.6.1.5.5.11.0.2.1 id-mod-ers88-v1 [RFC4998]
1.3.6.1.5.5.11.0.3 id-mod-ltap88 Reserved
1.3.6.1.5.5.11.0.3.0 id-mod-ltap88-v0 Reserved
1.3.6.1.5.5.11.0.3.1 id-mod-ltap88-v1 Reserved
1.3.6.1.5.5.11.0.4 id-mod-ltap Reserved
1.3.6.1.5.5.11.0.4.0 id-mod-ltap-v0 Reserved
1.3.6.1.5.5.11.0.4.1 id-mod-ltap-v1 Reserved
1.3.6.1.5.5.11.0.5 id-mod-ers-scvp [RFC5276]
1.3.6.1.5.5.11.0.5.1 id-mod-ers-scvp-v1 [RFC5276]
1.3.6.1.5.5.11.0.6 id-mod-dssc88 [RFC5698]
1.3.6.1.5.5.11.0.6.1 id-mod-dssc88-v1 [RFC5698]
1.3.6.1.5.5.11.0.7 id-mod-dssc [RFC5698]
1.3.6.1.5.5.11.0.7.1 id-mod-dssc-v1 [RFC5698]
OID Value Description References
-------------------- ------------------- ----------
1.3.6.1.5.5.11.0.1 id-mod-ers [RFC4998]
1.3.6.1.5.5.11.0.1.1 id-mod-ers-v1 [RFC4998]
1.3.6.1.5.5.11.0.2 id-mod-ers88 [RFC4998]
1.3.6.1.5.5.11.0.2.1 id-mod-ers88-v1 [RFC4998]
1.3.6.1.5.5.11.0.3 id-mod-ltap88 Reserved
1.3.6.1.5.5.11.0.3.0 id-mod-ltap88-v0 Reserved
1.3.6.1.5.5.11.0.3.1 id-mod-ltap88-v1 Reserved
1.3.6.1.5.5.11.0.4 id-mod-ltap Reserved
1.3.6.1.5.5.11.0.4.0 id-mod-ltap-v0 Reserved
1.3.6.1.5.5.11.0.4.1 id-mod-ltap-v1 Reserved
1.3.6.1.5.5.11.0.5 id-mod-ers-scvp [RFC5276]
1.3.6.1.5.5.11.0.5.1 id-mod-ers-scvp-v1 [RFC5276]
1.3.6.1.5.5.11.0.6 id-mod-dssc88 [RFC5698]
1.3.6.1.5.5.11.0.6.1 id-mod-dssc88-v1 [RFC5698]
1.3.6.1.5.5.11.0.7 id-mod-dssc [RFC5698]
1.3.6.1.5.5.11.0.7.1 id-mod-dssc-v1 [RFC5698]
Future updates to this table require Expert Review, as defined in [RFC5226].
如[RFC5226]所述,此表的未来更新需要专家审查。
Within the SMI Security Codes registry, IANA has added an "SMI Security for LTANS CMS Content Type (1.3.6.1.5.5.11.1)" table with three columns:
在SMI安全代码注册表中,IANA添加了一个“LTANS CMS内容类型的SMI安全性(1.3.6.1.5.5.11.1)”表,表中有三列:
Decimal Description References
------- --------------------- ----------
1 id-ct-evidence-record Reserved
2 id-ct-dssc-asn1 [RFC5698]
3 id-ct-dssc-xml [RFC5698]
4 id-ct-LTAPRequest Reserved
5 id-ct-LTAPResponse Reserved
6 id-ct-dssc-tbsPolicy [RFC5698]
Decimal Description References
------- --------------------- ----------
1 id-ct-evidence-record Reserved
2 id-ct-dssc-asn1 [RFC5698]
3 id-ct-dssc-xml [RFC5698]
4 id-ct-LTAPRequest Reserved
5 id-ct-LTAPResponse Reserved
6 id-ct-dssc-tbsPolicy [RFC5698]
Future updates to this table require Expert Review, as defined in [RFC5226].
如[RFC5226]所述,此表的未来更新需要专家审查。
Within the SMI Security Codes registry, add an "SMI Security for LTANS ERS Encryption Method (1.3.6.1.5.5.11.2)" table with three columns:
在SMI安全代码注册表中,添加一个“针对LTAN ERS加密方法的SMI安全性(1.3.6.1.5.5.11.2)”表,表中有三列:
Decimal Description References
------- --------------------- ---------------------
1 id-em-enveloped-data Reserved and Obsolete
Decimal Description References
------- --------------------- ---------------------
1 id-em-enveloped-data Reserved and Obsolete
Future updates to this table require Expert Review, as defined in [RFC5226].
如[RFC5226]所述,此表的未来更新需要专家审查。
[ASN1-88] International Telephone and Telegraph Consultative Committee, "Specification of Abstract Syntax Notation One (ASN.1)", CCITT Recommendation X.208, 1988.
[ASN1-88]国际电话电报咨询委员会,“抽象语法符号1规范(ASN.1)”,CCITT建议X.208,1988年。
[ASN1-97] International Telecommunications Union, "Abstract Syntax Notation One (ASN.1): Specification of basic notation", ITU-T Recommendation X.680, 1997.
[ASN1-97]国际电信联盟,“抽象语法符号1(ASN.1):基本符号规范”,ITU-T建议X.680,1997年。
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA Considerations Section in RFCs", BCP 26, RFC 5226, May 2008.
[RFC5226]Narten,T.和H.Alvestrand,“在RFCs中编写IANA注意事项部分的指南”,BCP 26,RFC 5226,2008年5月。
[LTAP] Jerman Blazic, A., Sylvester, P., and C. Wallace, "Long-term Archive Protocol (LTAP)", Work in Progress, July 2009.
[LTAP]Jerman Blazic,A.,Sylvester,P.,和C.Wallace,“长期存档协议(LTAP)”,正在进行的工作,2009年7月。
[RFC4998] Gondrom, T., Brandner, R., and U. Pordesch, "Evidence Record Syntax (ERS)", RFC 4998, August 2007.
[RFC4998]Gondrom,T.,Brandner,R.,和U.Pordesch,“证据记录语法(ERS)”,RFC 49982007年8月。
[RFC5276] Wallace, C., "Using the Server-Based Certificate Validation Protocol (SCVP) to Convey Long-Term Evidence Records", RFC 5276, August 2008.
[RFC5276]Wallace,C.,“使用基于服务器的证书验证协议(SCVP)传递长期证据记录”,RFC 5276,2008年8月。
[RFC5698] Kunz, T., Okunick, S., and U. Pordesch, "Data Structure for the Security Suitability of Cryptographic Algorithms (DSSC)", RFC 5698, November 2009.
[RFC5698]Kunz,T.,Okunick,S.,和U.Pordesch,“加密算法(DSSC)安全适用性的数据结构”,RFC 5698,2009年11月。
Thanks to Carl Wallace, Sean Turner, Paul Hoffman, and Carsten Bormann for their review and comments.
感谢卡尔·华莱士、肖恩·特纳、保罗·霍夫曼和卡斯滕·鲍曼的评论和评论。
Author's Address
作者地址
Russ Housley Vigil Security, LLC 918 Spring Knoll Drive Herndon, VA 20170 USA
Russ Housley Vigil Security,LLC 918 Spring Knoll Drive Herndon,弗吉尼亚州,邮编20170
EMail: housley@vigilsec.com
EMail: housley@vigilsec.com