IETF har publicerat några nya RFC:er som berör krypto och IT-säkerhet. Notera att dessa är klassade som PROPOSED STANDARD.

RFC 5081: Using OpenPGP Keys for Transport Layer Security (TLS) Authentication

The IETF has two sets of standards for public key certificates, one set for use of X.509 certificates [PKIX] and one for OpenPGP certificates [OpenPGP]. At the time of writing, TLS [TLS] standards are defined to use only X.509 certificates. This document specifies a way to negotiate use of OpenPGP certificates for a TLS session, and specifies how to transport OpenPGP certificates via TLS. The proposed extensions are backward compatible with the current TLS specification, so that existing client and server implementations that make use of X.509 certificates are not affected.

RFC 5083: Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type

This document describes an additional content type for the Cryptographic Message Syntax (CMS). The authenticated-enveloped-data content type is intended for use with authenticated encryption modes. All of the various key management techniques that are supported in the CMS enveloped-data content type are also supported by the CMS authenticated-enveloped-data content type.

RFC 5084: Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS)

This document specifies the conventions for using Advanced Encryption Standard-Counter with Cipher Block Chaining-Message Authentication Code (AES-CCM) and AES-Galois/Counter Mode (GCM) authenticated encryption algorithms as the content-authenticated-encryption algorithm with the Cryptographic Message Syntax [CMS] authenticated-enveloped-data content type [AuthEnv].

No related posts.

Related posts brought to you by Yet Another Related Posts Plugin.

• Previous Entry: Google TechTalk om krypto
• Next Entry: Ny biometriprocessor från FPC