📄 draft-ietf-pkix-sim-00.txt
字号:
INTERNET-DRAFT Oct 2002 3. Definition3.1 identityData This section gives the syntax for identityData including the real name of a subject and a set of attributes. The 'othername' component of the subjectAltName extension field will contain this object. id-on-identityData OBJECT IDENTIFIER ::= { id-on ? } IdentityData ::= SEQUENCE { realName UTF8String, userInfo SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL } - realName field is the real name of the subject and SHOULD be encoded in UTF8String. - Additional information for subject identification MAY be stored in userInfo field. If any, the VID SHOULD be included right here. 3.2 Virtual ID This section gives the syntax for Virtual ID. The Virtual ID is composed of two parts, the hash algorithm identifier and hashed value fields. id-on-identityData-vid OBJECT IDENTIFIER ::= {id-on-identityData 2} VirtualID ::= SEQUENCE { hashAlg HashAlgorithm, vid [0] OCTET STRING } HashAlgorithm ::= AlgorithmIdentifier HashContent ::= SEQUENCE { identifier PrintableString, randomNum BIT STRING } - hashAlg field represents the hash algorithm and its parameter is used for calculating the VID. - vid field contains a computed value in accordance with the method described in section 2.4, and is computed by hashing DER-encoded HashContent value once more. - identifier field contains the subject's identifier. It SHOULD be expressed as PrintableString. - randomNum field contains a 160-bit random string.Park, et. al. [Page 7]INTERNET-DRAFT Oct 20023.3 Encrypted Virtual ID This section gives the syntax for Encrypted Virtual ID. The Encrypted Virtual ID is divided into five fields. id-on-identityData-evid OBJECT IDENTIFIER ::= {id-on-identityData 2} EncryptedVID ::= SEQUENCE { version [0] INTEGER DEFAULT v1(0), vidHashAlg [1] VIDHashAlgorithm OPTIONAL, vidEncAlg [2] VIDEncryptionAlgorithm, certID [3] IssuerAndSerialNumber, encryptedVID [4] OCTET STRING } VIDHashAlgorithm ::= AlgorithmIdentifier VIDEncryptionAlgorithm ::= AlgorithmIdentifier IssuerAndSerialNumber ::= SEQUENCE { issuer Name, serialNumber CertificateSerialNumber } EncryptContent ::= SEQUENCE { vid VID, randomNum BIT STRING } - version field describes version information of the EVID. If this spec is applied, v1(0) value will be used. - vidHashAlg field is the hash algorithm and parameters are used to generate the VID. - vidEncAlg field is the asymmetric encryption algorithm and parameters are used to compute the VID. - certID field identifies CA's certificate which is used to encrypt the VID. It consists of the issuer and the serial number of CA's certificate. - encryptedVID field is the output of encrypting DER-encoded EncryptContent value with the CA's public key. Park, et. al. [Page 8]INTERNET-DRAFT Oct 2002 4. Example Usage of VID The VID in a certificate MAY be used to go through different verification procedures depending on the various situations. If a relying party doesn't have any information of a user's identifier, the user SHOULD send his/her ID and R simultaneously. Step ---- 1. The user sends the ID and R to a relying party securely. 2. The certificate including the VID transferred in step 1 is sent to the relying party also. 3. The Relying party extracts the VID from the received certificate. 4. Both the ID and the R transferred in step 1 are used to compute VID'. 5. The VID and VID' calculated in step 3 and 4 separately and compared with each other to see if they are identical. The order in which data are sent in step 1 and 2 doesn't matter, but the ID and R MUST be transferred securely so as not to be leaked to a third party. In case of the relying party already knows the user ID, then user only have to submit R. Upon receiving the R and the certificate, the relying party can derive the VID' by putting the user's ID already obtained in advance and the R. At last relying party can tell whether two VIDs are equal or not. In case of the user wants to protect his ID from the relying party, the user sends only the output of a hashed value of the ID and the R along with his certificate to the relying party. With h(ID,R) and the certificate, the relying party can draw the VID' by applying one more hash function. Like the other cases, the replying party is able to verify if a user's identity is correct. 5. References [X.509] ITU-T Recommendation X.509: The Directory - Public-Key and Attribute Certificate Frameworks. 2000. [RFC2510] Adams, C. and S. Farrell, "Internet X.509 Public Key Infrastructure, Certificate Management Protocols", RFC 2510, March 1999. [RFC2511] Myers, M., Adams, C., Solo, D. and D. Kemp, "Internet X.509 Certificate Request Message Format", RFC 2511, March 1999. Park, et. al. [Page 9]INTERNET-DRAFT Oct 2002 [RFC3280] Housley, R., Polk, T, Ford, W. and Solo, D., "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 3280, April 2002. [PKCS#5] RSA Laboratories, "PKCS #5: Password-Based Cryptography Standard Version 2.0", March, 1999. [PKCS#8] RSA Laboratories, "PKCS #8: Private Key Information Syntax Standard Version 1.2", November 1993. [PKCS#10] RSA Laboratories, "PKCS #10: Certification Request Syntax Version 1.7", November 2001. [PKCS#11] RSA Laboratories, "PKCS #11: Cryptographic Token Interface Standard Version 2.10", November, 1999. 6. Security Considerations The security of a VID delivery is entirely upon the security level of procedures for communicating with CAs. Therefore, EVID, the output of encryption of a VID, SHOULD be included in [PKCS#10] or [RFC2511]. 7. Full Copyright Statement Copyright (C) The Internet Society (2001). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.Park, et. al. [Page 10]INTERNET-DRAFT Oct 2002 8. Authors' Addresses Jong-Wook, Park Korea Information Security Agency 78, Garak-Dong, Songpa-Gu, Seoul, 138-803 REPUBLIC OF KOREA EMail: khopri@kisa.or.kr Jae-Ho, Yoon Korea Information Security Agency 78, Garak-Dong, Songpa-Gu, Seoul, 138-803 REPUBLIC OF KOREA EMail: jhyoon@kisa.or.kr Seungjoo, Kim Korea Information Security Agency 78, Garak-Dong, Songpa-Gu, Seoul, 138-803 REPUBLIC OF KOREA EMail: skim@kisa.or.kr Sangjoon, Park BCQRE 467-12, Dogok-Dong, Kangnam-Gu, Seoul, 135-270 REPUBLIC OF KOREA EMail: sangjoon@bcqre.com Jae-Il, Lee Korea Information Security Agency 78, Garak-Dong, Songpa-Gu, Seoul, 138-803 REPUBLIC OF KOREA EMail: jllee@kisa.or.kr Hong-Sub, Lee Internet Security Technology Forum 78, Garak-Dong, Songpa-Gu, Seoul, 138-803 REPUBLIC OF KOREA EMail: hslee@kisa.or.kr Appendix A. ASN.1 Structures and OIDs IMPORTS AlgorithmIdentifier, Name, CertificateSerialNumber, Attribute, AttributeTypeAndValue FROM PKIX1Explicit88 {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-pkix1-explicit-88(1)}; -- Arc for other name forms id-on OBJECT IDENTIFIER ::= { id-pkix 8 } Park, et. al. [Page 11]INTERNET-DRAFT Oct 2002 -- Arcs for randomNum, VID and EVID. id-on-identityData OBJECT IDENTIFIER ::= { id-on ? } id-on-identityData-randomNum OBJECT IDENTIFIER ::= { id-on-identityData 1 } id-on-identityData-vid OBJECT IDENTIFIER ::= { id-on-identityData 2 } id-on-identityData-evid OBJECT IDENTIFIER ::= { id-on-identityData 3 } -- IdentityData IdentityData ::= SEQUENCE { realName UTF8String, userInfo SEQUENCE SIZE (1..MAX) OF AttributeTypeAndValue OPTIONAL } -- Virtual ID virtualID ::= SEQUENCE { hashAlg HashAlgorithm, virtualID [0] OCTET STRING } HashAlgorithm ::= AlgorithmIdentifier HashContent ::= SEQUENCE { identifier PrintableString, randomNum BIT STRING } -- Encrypted VID EncryptedVID ::= SEQUENCE { version [0] INTEGER DEFAULT 0, vidHashAlg [1] VIDHashAlgorithm OPTIONAL, vidEncAlg [2] VIDEncryptionAlgorithm, certID [3] IssuerAndSerialNumber, encryptedVID [4] OCTET STRING } VIDHashAlgorithm ::= AlgorithmIdentifier VIDEncryptionAlgorithm ::= AlgorithmIdentifier IssuerAndSerialNumber ::= SEQUENCE { issuer Name, serialNumber CertificateSerialNumber } EncryptContent ::= SEQUENCE { vid VID, randomNum BIT STRING } END Park, et. al. [Page 12]⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -