📄 draft-ietf-dnsext-ecc-key-07.txt
字号:
INTERNET-DRAFT ECC Keys in the DNSExpires: January 2006 July 2005 Elliptic Curve KEYs in the DNS -------- ----- ---- -- --- --- <draft-ietf-dnsext-ecc-key-07.txt> Richard C. Schroeppel Donald Eastlake 3rdStatus of This Document By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. This draft is intended to be become a Proposed Standard RFC. Distribution of this document is unlimited. Comments should be sent to the DNS mailing list <namedroppers@ops.ietf.org>. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than a "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/1id-abstracts.html The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.htmlAbstract The standard method for storing elliptic curve cryptographic keys and signatures in the Domain Name System is specified.Copyright Notice Copyright (C) The Internet Society (2005). All Rights Reserved.R. Schroeppel, et al [Page 1]
INTERNET-DRAFT ECC Keys in the DNSAcknowledgement The assistance of Hilarie K. Orman in the production of this document is greatfully acknowledged.Table of Contents Status of This Document....................................1 Abstract...................................................1 Copyright Notice...........................................1 Acknowledgement............................................2 Table of Contents..........................................2 1. Introduction............................................3 2. Elliptic Curve Data in Resource Records.................3 3. The Elliptic Curve Equation.............................9 4. How do I Compute Q, G, and Y?..........................10 5. Elliptic Curve SIG Resource Records....................11 6. Performance Considerations.............................13 7. Security Considerations................................13 8. IANA Considerations....................................13 Copyright and Disclaimer..................................14 Informational References..................................15 Normative Refrences.......................................15 Author's Addresses........................................16 Expiration and File Name..................................16R. Schroeppel, et al [Page 2]
INTERNET-DRAFT ECC Keys in the DNS1. Introduction The Domain Name System (DNS) is the global hierarchical replicated distributed database system for Internet addressing, mail proxy, and other information. The DNS has been extended to include digital signatures and cryptographic keys as described in [RFC 4033, 4034, 4035]. This document describes how to store elliptic curve cryptographic (ECC) keys and signatures in the DNS so they can be used for a variety of security purposes. Familiarity with ECC cryptography is assumed [Menezes]. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC 2119].2. Elliptic Curve Data in Resource Records Elliptic curve public keys are stored in the DNS within the RDATA portions of key RRs, such as RRKEY and KEY [RFC 4034] RRs, with the structure shown below. The research world continues to work on the issue of which is the best elliptic curve system, which finite field to use, and how to best represent elements in the field. So, representations are defined for every type of finite field, and every type of elliptic curve. The reader should be aware that there is a unique finite field with a particular number of elements, but many possible representations of that field and its elements. If two different representations of a field are given, they are interconvertible with a tedious but practical precomputation, followed by a fast computation for each field element to be converted. It is perfectly reasonable for an algorithm to work internally with one field representation, and convert to and from a different external representation.R. Schroeppel, et al [Page 3]
INTERNET-DRAFT ECC Keys in the DNS 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |S M -FMT- A B Z| +-+-+-+-+-+-+-+-+ | LP | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | P (length determined from LP) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LF | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | F (length determined from LF) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DEG | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DEGH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DEGI | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | DEGJ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | TRDV | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |S| LH | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | H (length determined from LH) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |S| LK | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | K (length determined from LK) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LQ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Q (length determined from LQ) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | A (length determined from LA) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ALTA | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LB | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | B (length determined from LB) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LC | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | C (length determined from LC) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LG |R. Schroeppel, et al [Page 4]
INTERNET-DRAFT ECC Keys in the DNS +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | G (length determined from LG) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | LY | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Y (length determined from LY) .../ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ SMFMTABZ is a flags octet as follows: S = 1 indicates that the remaining 7 bits of the octet selects one of 128 predefined choices of finite field, element representation, elliptic curve, and signature parameters. MFMTABZ are omitted, as are all parameters from LP through G. LY and Y are retained. If S = 0, the remaining parameters are as in the picture and described below. M determines the type of field underlying the elliptic curve. M = 0 if the field is a GF[2^N] field; M = 1 if the field is a (mod P) or GF[P^D] field with P>2. FMT is a three bit field describing the format of the field representation. FMT = 0 for a (mod P) field. > 0 for an extension field, either GF[2^D] or GF[P^D]. The degree D of the extension, and the field polynomial must be specified. The field polynomial is always monic (leading coefficient 1.) FMT = 1 The field polynomial is given explicitly; D is implied. If FMT >=2, the degree D is given explicitly. = 2 The field polynomial is implicit. = 3 The field polynomial is a binomial. P>2. = 4 The field polynomial is a trinomial. = 5 The field polynomial is the quotient of a trinomial by a short polynomial. P=2. = 6 The field polynomial is a pentanomial. P=2. Flags A and B apply to the elliptic curve parameters.R. Schroeppel, et al [Page 5]
INTERNET-DRAFT ECC Keys in the DNS A = 1 When P>=5, the curve parameter A is negated. If P=2, then A=1 indicates that the A parameter is special. See the ALTA parameter below, following A. The combination A=1, P=3 is forbidden. B = 1 When P>=5, the curve parameter B is negated. If P=2 or 3, then B=1 indicates an alternate elliptic curve equation is used. When P=2 and B=1, an additional curve parameter C is present. The Z bit SHOULD be set to zero on creation of an RR and MUST be ignored when processing an RR (when S=0). Most of the remaining parameters are present in some formats and absent in others. The presence or absence of a parameter is determined entirely by the flags. When a parameter occurs, it is in⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -