Independent Submission S. Turner
Request for Comments: 7093 IECA
Category: Informational S. Kent
ISSN: 2070-1721 BBN
J. Manger
Telstra
December 2013
Independent Submission S. Turner
Request for Comments: 7093 IECA
Category: Informational S. Kent
ISSN: 2070-1721 BBN
J. Manger
Telstra
December 2013
Additional Methods for Generating Key Identifiers Values
用于生成键标识符值的其他方法
Abstract
摘要
This document specifies additional example methods for generating Key Identifier values for use in the AKI (Authority Key Identifier) and SKI (Subject Key Identifier) certificate extensions.
本文档指定了用于生成密钥标识符值的其他示例方法,以便在AKI(授权密钥标识符)和SKI(主体密钥标识符)证书扩展中使用。
Status of This Memo
关于下段备忘
This document is not an Internet Standards Track specification; it is published for informational purposes.
本文件不是互联网标准跟踪规范;它是为了提供信息而发布的。
This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741.
这是对RFC系列的贡献,独立于任何其他RFC流。RFC编辑器已选择自行发布此文档,并且未声明其对实现或部署的价值。RFC编辑批准发布的文件不适用于任何级别的互联网标准;见RFC 5741第2节。
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7093.
有关本文件当前状态、任何勘误表以及如何提供反馈的信息,请访问http://www.rfc-editor.org/info/rfc7093.
Copyright Notice
版权公告
Copyright (c) 2013 IETF Trust and the persons identified as the document authors. All rights reserved.
版权所有(c)2013 IETF信托基金和确定为文件作者的人员。版权所有。
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document.
本文件受BCP 78和IETF信托有关IETF文件的法律规定的约束(http://trustee.ietf.org/license-info)自本文件出版之日起生效。请仔细阅读这些文件,因为它们描述了您对本文件的权利和限制。
[RFC5280] defines the AKI (Authority Key Identifier) and SKI (Subject Key Identifier) certificate extensions. [RFC5280] describes two example mechanisms for generating AKI and SKI values: a 160-bit SHA-1 (Secure Hash Algorithm) hash of the public key and a four-bit type field with the value 0100 followed by the least significant 60 bits of the SHA-1 hash. Both of these mechanisms were designed to not be critical to security. This document defines three additional mechanisms for generating Key Identifier values using SHA-256, SHA-384, and SHA-512 [SHS] that are similar to those examples defined in [RFC5280] as well as one based on hashing the certificate's Subject Public Key Info field.
[RFC5280]定义AKI(授权密钥标识符)和SKI(使用者密钥标识符)证书扩展。[RFC5280]描述了生成AKI和SKI值的两种示例机制:公钥的160位SHA-1(安全哈希算法)散列和四位类型字段,其值0100后跟SHA-1散列的最低有效60位。这两种机制的设计目的都不是为了确保安全。本文档定义了使用SHA-256、SHA-384和SHA-512[SHS]生成密钥标识符值的三种附加机制,这些机制类似于[RFC5280]中定义的示例,以及一种基于散列证书的主题公钥信息字段的机制。
[RFC5280] specifies two examples for generating key identifiers from public keys. Four additional mechanisms are as follows:
[RFC5280]指定了从公钥生成密钥标识符的两个示例。另外四个机制如下:
1) The keyIdentifier is composed of the leftmost 160-bits of the SHA-256 hash of the value of the BIT STRING subjectPublicKey (excluding the tag, length, and number of unused bits).
1) keyIdentifier由位字符串subjectPublicKey值的SHA-256散列中最左边的160位组成(不包括标记、长度和未使用位的数量)。
2) The keyIdentifier is composed of the leftmost 160-bits of the SHA-384 hash of the value of the BIT STRING subjectPublicKey (excluding the tag, length, and number of unused bits).
2) keyIdentifier由位字符串subjectPublicKey值的SHA-384散列中最左边的160位组成(不包括标记、长度和未使用位的数量)。
3) The keyIdentifier is composed of the leftmost 160-bits of the SHA-512 hash of the value of the BIT STRING subjectPublicKey (excluding the tag, length, and number of unused bits).
3) keyIdentifier由位字符串subjectPublicKey值的SHA-512散列中最左边的160位组成(不包括标记、长度和未使用位的数量)。
4) The keyIdentifier is composed of the hash of the DER encoding of the SubjectPublicKeyInfo value.
4) keyIdentifier由SubjectPublicKeyInfo值的DER编码哈希组成。
This section provides some examples. The keys and SKIs are presented in hexadecimal (two hex digits per byte).
本节提供了一些示例。钥匙和滑雪板以十六进制表示(每个字节两个十六进制数字)。
Given the following DER-encoded SubjectPublicKeyInfo value holding an P-256 ECDSA (Elliptic Curve Digital Signature Algorithm) key:
给定以下持有P-256 ECDSA(椭圆曲线数字签名算法)密钥的DER编码SubjectPublicKeyInfo值:
30 59
30 13
06 07 2A8648CE3D0201 -- id-ecPublicKey
06 08 2A8648CE3D030107 -- secp256r1
03 42 00
04 7F7F35A79794C950060B8029FC8F363A
28F11159692D9D34E6AC948190434735
F833B1A66652DC514337AFF7F5C9C75D
670C019D95A5D639B72744C64A9128BB
30 59
30 13
06 07 2A8648CE3D0201 -- id-ecPublicKey
06 08 2A8648CE3D030107 -- secp256r1
03 42 00
04 7F7F35A79794C950060B8029FC8F363A
28F11159692D9D34E6AC948190434735
F833B1A66652DC514337AFF7F5C9C75D
670C019D95A5D639B72744C64A9128BB
The SHA-256 hash of the 65 bytes 047F7F...BB is:
BF37B3E5808FD46D54B28E846311BCCE1CAD2E1A62AA9092EF3EFB3F11451F44
The SHA-256 hash of the 65 bytes 047F7F...BB is:
BF37B3E5808FD46D54B28E846311BCCE1CAD2E1A62AA9092EF3EFB3F11451F44
The SHA-1 hash of these 65 bytes is:
6FEF9162C0A3F2E7608956D41C37DA0C8E87F0AE
The SHA-1 hash of these 65 bytes is:
6FEF9162C0A3F2E7608956D41C37DA0C8E87F0AE
The SHA-256 hash of the 91 bytes 305930...BB is:
6D20896AB8BD833B6B66554BD59B20225D8A75A296088148399D7BF763D57405
The SHA-256 hash of the 91 bytes 305930...BB is:
6D20896AB8BD833B6B66554BD59B20225D8A75A296088148399D7BF763D57405
Using method 1 from Section 2, the subjectKeyIdentifier would be:
使用第2节中的方法1,subjectKeyIdentifier将是:
30 1D
06 03 551D0E -- id-ce-subjectKeyIdentifier
04 16
04 14 BF37B3E5808FD46D54B28E846311BCCE1CAD2E1A
30 1D
06 03 551D0E -- id-ce-subjectKeyIdentifier
04 16
04 14 BF37B3E5808FD46D54B28E846311BCCE1CAD2E1A
Using method 4 from Section 2 with SHA-256 and no truncation, the subjectKeyIdentifier extensions would be:
使用具有SHA-256且无截断的第2节方法4,subjectKeyIdentifier扩展将为:
30 29
06 03 551D0E -- id-ce-subjectKeyIdentifier
04 22
04 20 6D20896AB8BD833B6B66554BD59B2022
5D8A75A296088148399D7BF763D57405
30 29
06 03 551D0E -- id-ce-subjectKeyIdentifier
04 22
04 20 6D20896AB8BD833B6B66554BD59B2022
5D8A75A296088148399D7BF763D57405
The security considerations of [RFC5280] apply to certificates. The security considerations of [RFC5758] apply to the hash algorithms.
[RFC5280]的安全注意事项适用于证书。[RFC5758]的安全注意事项适用于哈希算法。
While hash algorithms provide preimage resistance, second-preimage resistance, and collision resistance, none of these properties are needed for key identifiers.
虽然哈希算法提供了前映像抵抗、第二个前映像抵抗和冲突抵抗,但密钥标识符不需要这些属性。
The authors wish to thank Santosh Chokhani, Stephen Farrell, Tom Gindin, Peter Gutmann, Henry Holtz, David Kemp, Timothy Miller, Michael StJohns, Stefan Santesson, Jim Schaad, Rene Struik, Koichi Sugimoto, and Carl Wallace for taking the time to participate in the discussions about this document. The discussions resulted in numerous editorial and technical changes to the document.
作者谨感谢桑托什·乔哈尼、斯蒂芬·法雷尔、汤姆·金丁、彼得·古特曼、亨利·霍尔茨、大卫·肯普、蒂莫西·米勒、迈克尔·斯特约翰斯、斯特凡·桑特森、吉姆·沙阿德、雷内·斯特鲁克、杉本浩一和卡尔·华莱士抽出时间参与本文件的讨论。讨论结果对该文件进行了许多编辑和技术修改。
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, May 2008.
[RFC5280]Cooper,D.,Santesson,S.,Farrell,S.,Boeyen,S.,Housley,R.,和W.Polk,“Internet X.509公钥基础设施证书和证书撤销列表(CRL)配置文件”,RFC 52802008年5月。
[RFC5758] Dang, Q., Santesson, S., Moriarty, K., Brown, D., and T. Polk, "Internet X.509 Public Key Infrastructure: Additional Algorithms and Identifiers for DSA and ECDSA", RFC 5758, January 2010.
[RFC5758]Dang,Q.,Santesson,S.,Moriarty,K.,Brown,D.,和T.Polk,“互联网X.509公钥基础设施:DSA和ECDSA的附加算法和标识符”,RFC 5758,2010年1月。
[SHS] National Institute of Standards and Technology (NIST), FIPS Publication 180-3: Secure Hash Standard, October 2008.
[SHS]国家标准与技术研究所(NIST),FIPS出版物180-3:安全哈希标准,2008年10月。
Authors' Addresses
作者地址
Sean Turner IECA, Inc. 3057 Nutley Street, Suite 106 Fairfax, VA 22031 USA
Sean Turner IECA,Inc.美国弗吉尼亚州费尔法克斯市努特利街3057号106室,邮编22031
EMail: turners@ieca.com
EMail: turners@ieca.com
Stephen Kent BBN Technologies 10 Moulton St. Cambridge, MA 02138 USA
Stephen Kent BBN Technologies美国马萨诸塞州剑桥莫尔顿街10号,邮编02138
EMail: kent@bbn.com
EMail: kent@bbn.com
James Manger Telstra 6 / 150 Lonsdale Street Melbourne, Victoria 3000 Australia
澳大利亚维多利亚州墨尔本朗斯代尔街6/150号詹姆斯·曼格电信公司3000
EMail: james.h.manger@team.telstra.com
EMail: james.h.manger@team.telstra.com