《en-pkcs#9》由会员分享,可在线阅读,更多相关《en-pkcs#9(4页珍藏版)》请在金锄头文库上搜索。
1、PKCS #9 v2.0 Amendment 1 RSA Laboratories January 31, 2003 Table of Contents 1.SCOPE 2 2.BACKGROUND 2 3.CHANGES TO SECTION 5.3, “ATTRIBUTE TYPES FOR USE IN PKCS #7 DATA”.2 4.CHANGES TO APPENDIX A, “ASN.1 MODULE”3 5.CHANGES TO APPENDIX B.3, “ATTRIBUTE TYPES”3 A.INTELLECTUAL PROPERTY CONSIDERATIONS4 B
2、.REFERENCES. 4 C.ABOUT PKCS 4 1.Scope This amendment documents the changes to PKCS #9 v2.0 (3) needed to protect signers using tokens with presentation capabilities (such as Personal Trusted Devices 2) from certain attacks. It does so by defining a new authenticated attribute. 2.Background PKCS #11
3、v2.11 Amendment 1 4, introduced the concept of Personal Trusted Devices (PTDs) and a signature mechanism, CKM_CMS_SIG, aimed to allow users to benefit from such devices. A PTD that receives a message to sign through this mechanism may, depending on the messages content type 1, be able to securely pr
4、esent the message to the signer before asking for authorization. When the message to sign is not a MIME message (1) itself, the recipient will have to rely on the callers stated content type when determining the presentation mechanism. Since the stated content type is not included in the signature,
5、there is a possibility for an attack where the caller may take advantage of differences in presentation mechanisms for various content types in the PTD. By defining an (authenticated) attribute intended to carry the alleged content type, this amendment presents one method to protect against such att
6、acks. Note that for this method to succeed, a PTD must not allow the caller to assign the value of this attribute directly; the value must be the callers stated content type, which was used by the PTD to decide on a particular presentation mechanism. 3.Changes to Section 5.3, “Attribute types for us
7、e in PKCS #7 data” Add a new section 5.3.7 as follows: 5.3.7 Alleged content type The allegedContentType attribute type specifies the MIME Content-Type provided by the party requesting a signature on a message. It is intended for use in SignedData values, and must be an authenticated attribute. alle
8、gedContentType ATTRIBUTE := WITH SYNTAX AllegedContentType EQUALITY MATCHING RULE caseIgnoreMatch SINGLE VALUE TRUE ID pkcs-9-at-allegedContentType AllegedContentType := UTF8String As indicated, the attribute must have a single attribute value. 4.Changes to Appendix A, “ASN.1 module” Add the followi
9、ng ASN.1 value assignment right after the pkcs-9-at-pkcs7PDU value assignment: pkcs-9-at-allegedContentType OBJECT IDENTIFIER := pkcs-9-at 6 Add the following ASN.1 type definitions right after the counterSignature type definition: allegedContentType ATTRIBUTE := WITH SYNTAX AllegedContentType EQUAL
10、ITY MATCHING RULE caseIgnoreMatch SINGLE VALUE TRUE ID pkcs-9-at-allegedContentType AllegedContentType := UTF8String 5.Changes to Appendix B.3, “Attribute types” Add a new section B.3.19 as follows: B.3.19 allegedContentType In the (highly unlikely) event that this attribute is to be stored in a dir
11、ectory, it is to be stored and requested in binary form, as allegedContentType;binary. Attribute values shall be stored as binary (BER- or DER-encoded) data. ( 1.2.840.113549.1.9.25.6 NAME allegedContentType DESC PKCS #7 alleged content type SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 ) A. Intellectual pro
12、perty considerations RSA Security makes no patent claims on the general constructions described in this document, although specific underlying techniques may be covered. License to copy this document is granted provided that it is identified as “RSA Security Inc. Public-Key Cryptography Standards (P
13、KCS)” in all material mentioning or referencing this document. RSA Security makes no representations regarding intellectual property claims by other parties. Such determination is the responsibility of the user. B. References 1 Freed, N., and N. Borenstein, “Multipurpose Internet Mail Extensions (MI
14、ME) Part One: Format of Internet Message Bodies,” IETF RFC 2045, November 1996. URL: http:/ietf.org/rfc/rfc2045.txt. 2 “MeT PTD Definition,” Version 2.0, 15 October 2002. URL: http:/www.mobiletransaction.org. 3 RSA Laboratories. PKCS #9: Selected Object Classes and Attribute Types. Version 2.0, Febr
15、uary 2000. URL: ftp:/ 4 RSA Laboratories, PKCS #11 v2.11 Amendment 1, August 2002. URL: ftp:/ C. About PKCS The Public-Key Cryptography Standards are specifications produced by RSA Laboratories in cooperation with secure systems developers worldwide for the purpose of accelerating the deployment of
16、public-key cryptography. First published in 1991 as a result of meetings with a small group of early adopters of public-key technology, the PKCS documents have become widely referenced and implemented. Contributions from the PKCS series have become part of many formal and de facto standards, including ANSI X9 documents, PKIX, SET, S/MIME, and SSL. Further development of P
