en-pkcs#9.docx

RSA1.ABORATORIESePKCS#9v2.0Amendment1RS1.aboratoriesJanuary3i,2003TableofContents1. SCOPE22. BACKGROUND23. CHANGESTOSECTION5.3,SATTRlBIrTETYPKSFORUSEINPKCS#7DATA"24. CHANGESTOAPPENDIX,*ASN.1MODU1.E-35. CHANGESTOAPPENDIXB-ATTRIBUTETYPES*3.Intellectuz1.propertyconsiderations4+“卜卜卜4*4MM*««JM»«.MM«»«MM*4M4»«»«»«M4C.B0TPKCS41. ScopeThisamendmentdocumentsthechangestoPKCS#9v2.0(3)neededtoPnMCClsignersusingtokenswithpresentationcapabilities(suchasPersonalTrustedDevices(2)roncertainattacks.Itdocssobydefininganewauthenticatedattribute.2. BackgroundPKCS#11v2.11Amendment14.introducedtheconceptofPersonalTrustedDevices(IxDs)andasignaturemechanism.CKM-CMSSIG.aimed(oallowuserstobenefitfromsuchdevices.APTD(hatreceivesaIneSSagetosignthrough(hismechanismmay.dependingonthemessage'scontenttypeI,beablelosecurelypresentthemessageo(hesignerbeforeaskingtc>rau(h<>rizadon.WhenthemessagetosignisnotaMIMEmessage(I)itself,therecipientwillhavetorelyonthecallcr*sstatedcontenttypewhendeterminingthepresentationmechanism.Sincethestatedcontenttypeisnotincludedinthesignature,thereisapossibilityforanattackwherethecallermaytakeadvantageofdifterencesinpresentationmechanismsforvariouscontenttypesinthePTD.Bydefiningan(authenticated)allribu!cintendedtocarryIheallegedcontenttype,Ihisamendmentpresentsonemctho<itoprotectagainstsuchattacks.Notethatforthismethodtosucceed,aIyDmustnotallowthecallertoassignthevalueofthisattributedirectly:thevaluemustbethecaller,sstatedconienttype,whichwasusedbytheIyrDtodecideonaparticularpresentationmechaiMsn.3. ChangestoSection5.3,"AttributetypesforuseinPKCS#7data”dclanewsection5.3.7asfollows:53.7IIegeclcontenttypeTheallegedContentTypeattributetypespecificstheMIMEContent-Typeprovidedbythepartyrequestingasignatureonamessage.ItisintendedforuseinSigncdDatavalues,andmustbeanauthenticatedattribute.allegedContentTypeATTRIBUTE:=WITHSYNTAXABegedContGntTypGEQUA1.ITYMATCHINGRU1.ECaseIgnoreMatchSING1.EVA1.UETRUEIDpkcs-9-atalIegedContentType)AllegedContentType:=UTF8StringAsindicated,(heattributemusthaveasingleattributevalue.4. ChangestoAppendixA,"ASN.lmodule''IAddtheJbllowiiigASN.Ixdueaxsignmelrightafterthepkcsatpkcs7PDUvalueassignment:pkcs9atallegedContentTypeOBJECTIDENTIFIER:=pkcs-9-at6)IAddtheJbllowingASNJtypedefinitionsrightafterthecounterSignaturetypedefnilion:allge<iContentTypeATTRIBUTE:=WITHSYNTAXAIIegedContentTypeEQUA1.ITYMATCHINGRU1.ECaseIgnoreMatchSING1.EVA1.UETRUEIDpkcs-9-at-alIegedContentType)AIIegedContentType:=UTF8String5. ChangestoAppendixB.39“Attributetypes”IAddanewsectionBJJ9asfollows:/B3.19allegedContentTyp<?Inthe(highlyunlikely)eventthatthisattributeistobestoredinadirectory,itistobestoredandrequestedinbinarjform,asallegedcontentype;binary,ttributevaluesshallbestoredasbinary(BER-orDERYnCOded)data.NAME'allegedContentTyperDESC'PKCS#7allegedcontenttype,A. IntellectualpropertyconsiderationsRSASecuritymakesnopatentclaimsonthegeneralconstructionsdescribedinthisdocument,althoughspecificunderlyingtechniquesmaybecovered.1.icensetocopythisdocumentisgrantedprovidedthatitisidentifiedas*'RSASecuritylw.Public-KeyCryptographyStandards(PKCSrinallmaterialmentioningorreferencingthisdocument.RSASecuriiymakesnorcpresentalionsregardingintellectualpropertyclaimsbyotherparties.Suchdeterminationistheresponsibilityoftheuser.B. ReferencesFreed.N.andN.Borcnstcin,MuttipuqwseInieniefMailExtensions(MIME)PartOne:FormatofInternetMessageBodiesIETFRFC2045.November1996.UR1.:ietf.orgrfcrfc2(M5.tx(.(2 -MeTPTDDefinitionVersion2.0,15October22.UR1.:.(3 RSAIxiboratories.PKCS#9,-SelectedObjectClassesandAitribuieTypes.Version2.0,Fcbniary2(X)().UR1.:.(4 RSA1.abOratoics.PKCS#11v2,l1Amendment1,August2002.UR1.:.C. AboutPKCSThePublic-KeyCryptographyStandardsarcspecificationsProdUCCdbyRSA1.aboratoriesincperationwithsecuresystemsdevelopersworldwideforthepurposeofacceleratinghedeploymentofpublic-keyCrypiography.FirSlublislwdin1991asaresultofmeetingswithasmallgroupofearlyadoptersofpublic-keytechnology,IhePKCSdocumentshavebecomewidelyreferencedandimple11cnled.ContributionsfromthePKCSserieshavebecomepartofmanyformalanddefactostandards,includingANSIX9documents.PKlX.SET.SMIME.andSS1.FurtherdevelopmentofPKCSoccursthroughmailinglistdiscussionsandoccasionalworkshops,andsuggestionsforimprovementarewelcome.Formoreinformation,contact:PKCSEditorRSA1.aboratories174MiddlesexurnpikeBedford,MA01730USA