| Internet-Draft | CRMF Algorithm Requirements Update | October 2021 |
| Housley | Expires 10 April 2022 | [Page] |
RFC 7299 describes the object identifiers that were assigned by Public-Key Infrastructure using X.509 (PKIX) Working Group in an arc that was allocated by IANA (1.3.6.1.5.5.7). A small number of object identifiers that were assigned in RFC 4212 are omitted from RFC 7299, and this document updates RFC 7299 to correct that oversight.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 10 April 2022.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
When the Public-Key Infrastructure using X.509 (PKIX) Working Group was chartered, an object identifier arc was allocated by IANA for use by that working group. After the PKIX Working Group was closed, [RFC7299] was published to describe the object identifiers that were assigned in that arc. A small number of object identifiers that were assigned in RFC 4212 [RFC4212] are not included in RFC 7299, and this document corrects that oversight.¶
The PKIX Certificate Management Protocol (CMP) [RFC4210] allocated id-regCtrl-altCertTemplate (1.3.6.1.5.5.7.5.1.7), and then two object identifiers were assigned within that arc [RFC4212], which were intended to be used with either PKIX CMP [RFC4210] or PKIX Certificate Management over CMS (CMC) [RFC5272] [RFC5273] [RFC5274] [RFC6402].¶
This document describes the object identifiers that were assigned in that arc, established an IANA registry for that arc, and establishes IANA allocation policies for any future assignments within that arc.¶
IANA is asked to create one additional registry table.¶
Within the SMI-numbers registry, an "SMI Security for PKIX CRMF Registration Controls for Alternate Certificate Formats (1.3.6.1.5.5.7.5.1.7)" table with three columns has been added:¶
Decimal Description References
------- ------------------------------ ----------
1 id-acTemplate [RFC4212]
2 id-openPGPCertTemplateExt [RFC4212]
¶
Future updates to the registry table are to be made according to the Specification Required policy as defined in [RFC8126]. The expert is expected to ensure that any new values are strongly related to the work that was done by the PKIX Working Group. In particular, additional object identifiers should be needed for use with either the PKIX CMP or PKIX CMC to support alternative certificate formats. Object identifiers for other purposes should not be assigned in this arc.¶
This document populates an IANA registry, and it raises no new security considerations. The protocols that specify these values include the security considerations associated with their usage.¶