1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
|
Internet Engineering Task Force (IETF) R. Housley
Request for Comments: 7036 Vigil Security
Category: Informational October 2013
ISSN: 2070-1721
Object Identifier Registry for the
Long-Term Archive and Notary Services (LTANS) Working Group
Abstract
When the Long-Term Archive and Notary Services (LTANS) working group
was chartered, an object identifier arc was set aside for use by that
working group. This document describes the object identifiers that
were assigned, and it establishes IANA allocation policies for any
future assignments within that arc.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7036.
Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Housley Informational [Page 1]
^L
RFC 7036 LTANS OID Registry October 2013
Table of Contents
1. Introduction ....................................................2
2. Subordinate Object Identifier Arcs ..............................2
3. Module Identifiers ..............................................3
4. CMS Content Types ...............................................4
5. ERS Encryption Methods ..........................................4
6. Security Considerations .........................................4
7. IANA Considerations .............................................4
7.1. SMI Security for Mechanism Codes Registry ..................5
7.2. SMI Security for LTANS Registry ............................5
7.3. SMI Security for LTANS Module Identifier Registry ..........5
7.4. SMI Security for LTANS CMS Content Type Registry ...........6
7.5. SMI Security for LTANS ERS Encryption Method Registry ......6
8. References ......................................................6
8.1. Normative References .......................................6
8.2. Informative References .....................................7
9. Acknowledgements ................................................7
1. Introduction
When the Long-Term Archive and Notary Services (LTANS) working group
was chartered, an object identifier arc was set aside for use by that
working group. These object identifiers are primarily used with
Abstract Syntax Notation One (ASN.1) [ASN1-88] [ASN1-97].
The LTANS object identifier arc is:
id-ltans OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
dod(6) internet(1) security(5)
mechanisms(5) ltans(11) }
This document describes the object identifiers that were assigned,
and it establishes IANA allocation policies for any future
assignments within that arc.
2. Subordinate Object Identifier Arcs
Three subordinate object identifier arcs were used. The first arc,
id-mod, was used to assign ASN.1 module identifiers. The second arc,
id-ct, was used to assign Cryptographic Message Syntax (CMS) content
types. The third arc, id-em, was set aside for Evidence Record
Syntax (ERS) encryption methods.
id-mod OBJECT IDENTIFIER ::= { id-ltans 0 }
id-ct OBJECT IDENTIFIER ::= { id-ltans 1 }
id-em OBJECT IDENTIFIER ::= { id-ltans 2 }
Housley Informational [Page 2]
^L
RFC 7036 LTANS OID Registry October 2013
3. Module Identifiers
The Evidence Record Syntax (ERS) [RFC4998] includes two ASN.1
modules. Both modules define the same syntax, but one module uses
the 1997 ASN.1 syntax, and the other module uses the 1988 ASN.1
syntax. These module identifiers are:
id-mod-ers OBJECT IDENTIFIER ::= { id-mod 1 }
id-mod-ers-v1 OBJECT IDENTIFIER ::= { id-mod 1 1 }
id-mod-ers88 OBJECT IDENTIFIER ::= { id-mod 2 }
id-mod-ers88-v1 OBJECT IDENTIFIER ::= { id-mod 2 1 }
The Long-term Archive Protocol (LTAP) [LTAP] includes two ASN.1
modules. While this protocol was never published as an RFC, the
module identifiers were assigned to facilitate implementation. Both
modules define the same syntax, but one module uses the 1997 ASN.1
syntax, and the other module uses the 1988 ASN.1 syntax. These
module identifiers are:
id-mod-ltap88 OBJECT IDENTIFIER ::= { id-mod 3 }
id-mod-ltap88-v0 OBJECT IDENTIFIER ::= { id-mod 3 0 }
id-mod-ltap88-v1 OBJECT IDENTIFIER ::= { id-mod 3 1 }
id-mod-ltap OBJECT IDENTIFIER ::= { id-mod 4 }
id-mod-ltap-v0 OBJECT IDENTIFIER ::= { id-mod 4 0 }
id-mod-ltap-v1 OBJECT IDENTIFIER ::= { id-mod 4 1 }
The document that describes the conventions for using the Server-
Based Certificate Validation Protocol (SCVP) to convey Long-Term
Evidence Records [RFC5276] includes one ASN.1 module. The module
identifier is:
id-mod-ers-scvp OBJECT IDENTIFIER ::= { id-mod 5 }
id-mod-ers-scvp-v1 OBJECT IDENTIFIER ::= { id-mod 5 1 }
The Data Structure for the Security Suitability of Cryptographic
Algorithms (DSSC) [RFC5698] includes two ASN.1 modules. Both modules
define the same syntax, but one module uses the 1997 ASN.1 syntax,
and the other module uses the 1988 ASN.1 syntax. These module
identifiers are:
id-mod-dssc88 OBJECT IDENTIFIER ::= { id-mod 6 }
id-mod-dssc88-v1 OBJECT IDENTIFIER ::= { id-mod 6 1 }
id-mod-dssc OBJECT IDENTIFIER ::= { id-mod 7 }
id-mod-dssc-v1 OBJECT IDENTIFIER ::= { id-mod 7 1 }
Housley Informational [Page 3]
^L
RFC 7036 LTANS OID Registry October 2013
4. CMS Content Types
A CMS content type for an Evidence Record was reserved, but no
specification points to this value. It remains reserved.
id-ct-evidence-record OBJECT IDENTIFIER ::= { id-ct 1 }
The Data Structure for the Security Suitability of Cryptographic
Algorithms (DSSC) [RFC5698] specifies three CMS content types. These
CMS content types are:
id-ct-dssc-asn1 OBJECT IDENTIFIER ::= { id-ct 2 }
id-ct-dssc-xml OBJECT IDENTIFIER ::= { id-ct 3 }
id-ct-dssc-tbsPolicy OBJECT IDENTIFIER ::= { id-ct 6 }
The Long-term Archive Protocol (LTAP) [LTAP] defines two CMS content
types. While this protocol was never published as an RFC, the CMS
content types were assigned to facilitate implementation. These CMS
content types are:
id-ct-LTAPRequest OBJECT IDENTIFIER ::= { id-ct 4 }
id-ct-LTAPResponse OBJECT IDENTIFIER ::= { id-ct 5 }
5. ERS Encryption Methods
An arc was set up for Evidence Record Syntax (ERS) encryption
methods, and one object identifier was assigned. However, that
object identifier is obsolete, and it should not be used.
id-em-enveloped-data OBJECT IDENTIFIER ::= { id-em 1 } -- obsolete
6. Security Considerations
This document populates an IANA registry, and it raises no new
security considerations. The protocols that specify these values
include the security considerations associated with their usage.
7. IANA Considerations
IANA has updated one registry table and created four additional
tables.
Updates to the four new tables require Expert Review, as defined in
[RFC5226]. The Designated Expert is expected to ensure that any new
values are strongly related to the work that was done by the LTANS
WG. Object identifiers for other purposes should not be assigned in
this arc.
Housley Informational [Page 4]
^L
RFC 7036 LTANS OID Registry October 2013
7.1. SMI Security for Mechanism Codes Registry
The reference in the Long-Term Archive and Notary Services entry
(decimal value 11) has been updated so that it points to this
document.
7.2. SMI Security for LTANS Registry
Within the SMI Security Codes registry, IANA has added an "SMI
Security for LTANS (1.3.6.1.5.5.11)" table with three columns:
Decimal Description References
------- ---------------------- ----------
0 module-identifiers [RFC7036]
1 cms-content-types [RFC7036]
2 ers-encryption-methods [RFC7036]
Future updates to this table require Expert Review, as defined in
[RFC5226].
7.3. SMI Security for LTANS Module Identifier Registry
Within the SMI Security Codes registry, IANA has added an "SMI
Security for LTANS Module Identifier (1.3.6.1.5.5.11.0)" table with
three columns:
OID Value Description References
-------------------- ------------------- ----------
1.3.6.1.5.5.11.0.1 id-mod-ers [RFC4998]
1.3.6.1.5.5.11.0.1.1 id-mod-ers-v1 [RFC4998]
1.3.6.1.5.5.11.0.2 id-mod-ers88 [RFC4998]
1.3.6.1.5.5.11.0.2.1 id-mod-ers88-v1 [RFC4998]
1.3.6.1.5.5.11.0.3 id-mod-ltap88 Reserved
1.3.6.1.5.5.11.0.3.0 id-mod-ltap88-v0 Reserved
1.3.6.1.5.5.11.0.3.1 id-mod-ltap88-v1 Reserved
1.3.6.1.5.5.11.0.4 id-mod-ltap Reserved
1.3.6.1.5.5.11.0.4.0 id-mod-ltap-v0 Reserved
1.3.6.1.5.5.11.0.4.1 id-mod-ltap-v1 Reserved
1.3.6.1.5.5.11.0.5 id-mod-ers-scvp [RFC5276]
1.3.6.1.5.5.11.0.5.1 id-mod-ers-scvp-v1 [RFC5276]
1.3.6.1.5.5.11.0.6 id-mod-dssc88 [RFC5698]
1.3.6.1.5.5.11.0.6.1 id-mod-dssc88-v1 [RFC5698]
1.3.6.1.5.5.11.0.7 id-mod-dssc [RFC5698]
1.3.6.1.5.5.11.0.7.1 id-mod-dssc-v1 [RFC5698]
Future updates to this table require Expert Review, as defined in
[RFC5226].
Housley Informational [Page 5]
^L
RFC 7036 LTANS OID Registry October 2013
7.4. SMI Security for LTANS CMS Content Type Registry
Within the SMI Security Codes registry, IANA has added an "SMI
Security for LTANS CMS Content Type (1.3.6.1.5.5.11.1)" table with
three columns:
Decimal Description References
------- --------------------- ----------
1 id-ct-evidence-record Reserved
2 id-ct-dssc-asn1 [RFC5698]
3 id-ct-dssc-xml [RFC5698]
4 id-ct-LTAPRequest Reserved
5 id-ct-LTAPResponse Reserved
6 id-ct-dssc-tbsPolicy [RFC5698]
Future updates to this table require Expert Review, as defined in
[RFC5226].
7.5. SMI Security for LTANS ERS Encryption Method Registry
Within the SMI Security Codes registry, add an "SMI Security for
LTANS ERS Encryption Method (1.3.6.1.5.5.11.2)" table with three
columns:
Decimal Description References
------- --------------------- ---------------------
1 id-em-enveloped-data Reserved and Obsolete
Future updates to this table require Expert Review, as defined in
[RFC5226].
8. References
8.1. Normative References
[ASN1-88] International Telephone and Telegraph Consultative
Committee, "Specification of Abstract Syntax Notation One
(ASN.1)", CCITT Recommendation X.208, 1988.
[ASN1-97] International Telecommunications Union, "Abstract Syntax
Notation One (ASN.1): Specification of basic notation",
ITU-T Recommendation X.680, 1997.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", BCP 26, RFC 5226,
May 2008.
Housley Informational [Page 6]
^L
RFC 7036 LTANS OID Registry October 2013
8.2. Informative References
[LTAP] Jerman Blazic, A., Sylvester, P., and C. Wallace, "Long-
term Archive Protocol (LTAP)", Work in Progress, July
2009.
[RFC4998] Gondrom, T., Brandner, R., and U. Pordesch, "Evidence
Record Syntax (ERS)", RFC 4998, August 2007.
[RFC5276] Wallace, C., "Using the Server-Based Certificate
Validation Protocol (SCVP) to Convey Long-Term Evidence
Records", RFC 5276, August 2008.
[RFC5698] Kunz, T., Okunick, S., and U. Pordesch, "Data Structure
for the Security Suitability of Cryptographic Algorithms
(DSSC)", RFC 5698, November 2009.
9. Acknowledgements
Thanks to Carl Wallace, Sean Turner, Paul Hoffman, and Carsten
Bormann for their review and comments.
Author's Address
Russ Housley
Vigil Security, LLC
918 Spring Knoll Drive
Herndon, VA 20170
USA
EMail: housley@vigilsec.com
Housley Informational [Page 7]
^L
|