A New Internet-Draft is available from the on-line Internet-Drafts directories.
Title : Cryptographic Messages Syntax (CMS) Algorithm Identifier Protection Attribute
Author(s) : J. Schaad
Filename : draft-schaad-smime-algorithm-attribute-05.txt
Pages : 15
Date : 2011-01-24
The Cryptographic Message Syntax (CMS) unlike X.509/PKIX
certificates, are venerable to algorithm substitution attacks. In an
algorithm substitution attack, the attacker changes either the
algorithm being used or parameters of the algorithm in order to
change the result of a signature verification process. In X.509
certificates, the signature algorithm is protected because it is
duplicated in the TBSCertificate.signature field with the proviso
that the validater is to compare both fields as part of the signature
validation process. This document defines a new attribute that
contains a copy of the relevant algorithm identifiers so that they
are protected by the signature or authentication process.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-schaad-smime-algorithm-attribute-05.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-schaad-smime-algorithm-attribute-05.txt>
-
_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt
