RFC 5934
Trust Anchor Management Protocol (TAMP)
Appendix A. ASN.1 Modules
Appendix A.1 provides the normative ASN.1 definitions for the structures described in this specification using ASN.1 as defined in [X.680]. Appendix A.2 provides a module using ASN.1 as defined in [X.208]. The module in Appendix A.2 removes usage of newer ASN.1 features that provide support for limiting the types of elements that may appear in certain SEQUENCE and SET constructions. Otherwise, the modules are compatible in terms of encoded representation, i.e., the modules are bits-on-the-wire compatible aside from the limitations on SEQUENCE and SET constituents. Extension markers are not used due to lack of support in [X.208]. Appendix A.2 is included as a courtesy to developers using ASN.1 compilers that do not support current ASN.1. Appendix A.1 includes definitions imported from [RFC5280], [RFC5912], and [RFC5914].A.1. ASN.1 Module Using 1993 Syntax
TAMP-Protocol-v2 { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) dod(2) infosec(1) modules(0) 30 } DEFINITIONS IMPLICIT TAGS ::= BEGIN IMPORTS TrustAnchorChoice, TrustAnchorTitle, CertPathControls FROM TrustAnchorInfoModule { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) dod(2) infosec(1) modules(0) 33 } AlgorithmIdentifier{}, SIGNATURE-ALGORITHM, KEY-WRAP FROM AlgorithmInformation-2009 {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-algorithmInformation-02(58)} Certificate, Name, TBSCertificate, CertificateSerialNumber, Validity, SubjectPublicKeyInfo FROM PKIX1Explicit-2009 -- from [RFC5912] {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-explicit-02(51)} KeyIdentifier, OTHER-NAME FROM PKIX1Implicit-2009 -- from [RFC5912] {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-implicit-02(59)} EXTENSION, Extensions {}, ATTRIBUTE, SingleAttribute{}
FROM PKIX-CommonTypes-2009 -- from [RFC5912] { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkixCommon-02(57) } ; -- Object Identifier Arc for TAMP Message Content Types id-tamp OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16) us(840) organization(1) gov(101) dod(2) infosec(1) formats(2) 77 } SupportedSigAlgorithms SIGNATURE-ALGORITHM ::= { -- add any locally defined algorithms here ... } SupportedWrapAlgorithms KEY-WRAP ::= { -- add any locally defined algorithms here ... } -- CMS Content Types CONTENT-TYPE ::= TYPE-IDENTIFIER TAMPContentTypes CONTENT-TYPE ::= { tamp-status-query | tamp-status-response | tamp-update | tamp-update-confirm | tamp-apex-update | tamp-apex-update-confirm | tamp-community-update | tamp-community-update-confirm | tamp-sequence-number-adjust | tamp-sequence-number-adjust-confirm | tamp-error, ... -- Expect additional content types -- } -- TAMP Status Query Message tamp-status-query CONTENT-TYPE ::= { TAMPStatusQuery IDENTIFIED BY id-ct-TAMP-statusQuery } id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }
TAMPStatusQuery ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
query TAMPMsgRef }
TAMPVersion ::= INTEGER { v1(1), v2(2) }
TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }
SeqNumber ::= INTEGER (0..9223372036854775807)
TAMPMsgRef ::= SEQUENCE {
target TargetIdentifier,
seqNum SeqNumber }
TargetIdentifier ::= CHOICE {
hwModules [1] HardwareModuleIdentifierList,
communities [2] CommunityIdentifierList,
allModules [3] NULL,
uri [4] IA5String,
otherName [5] INSTANCE OF OTHER-NAME }
HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
HardwareModules
HardwareModules ::= SEQUENCE {
hwType OBJECT IDENTIFIER,
hwSerialEntries SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }
HardwareSerialEntry ::= CHOICE {
all NULL,
single OCTET STRING,
block SEQUENCE {
low OCTET STRING,
high OCTET STRING } }
CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community
Community ::= OBJECT IDENTIFIER
-- TAMP Status Response Message
tamp-status-response CONTENT-TYPE ::=
{ TAMPStatusResponse IDENTIFIED BY id-ct-TAMP-statusResponse }
id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }
TAMPStatusResponse ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
query TAMPMsgRef,
response StatusResponse,
usesApex BOOLEAN DEFAULT TRUE }
StatusResponse ::= CHOICE {
terseResponse [0] TerseStatusResponse,
verboseResponse [1] VerboseStatusResponse }
TerseStatusResponse ::= SEQUENCE {
taKeyIds KeyIdentifiers,
communities CommunityIdentifierList OPTIONAL }
KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier
VerboseStatusResponse ::= SEQUENCE {
taInfo TrustAnchorChoiceList,
continPubKeyDecryptAlg [0] AlgorithmIdentifier
{KEY-WRAP, {SupportedWrapAlgorithms}} OPTIONAL,
communities [1] CommunityIdentifierList OPTIONAL,
tampSeqNumbers [2] TAMPSequenceNumbers OPTIONAL }
TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
TrustAnchorChoice
TAMPSequenceNumber ::= SEQUENCE {
keyId KeyIdentifier,
seqNumber SeqNumber }
TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF TAMPSequenceNumber
-- Trust Anchor Update Message
tamp-update CONTENT-TYPE ::=
{ TAMPUpdate IDENTIFIED BY id-ct-TAMP-update }
id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }
TAMPUpdate ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
msgRef TAMPMsgRef,
updates SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }
TrustAnchorUpdate ::= CHOICE {
add [1] TrustAnchorChoice,
remove [2] SubjectPublicKeyInfo,
change [3] EXPLICIT TrustAnchorChangeInfoChoice }
TrustAnchorChangeInfoChoice ::= CHOICE {
tbsCertChange [0] TBSCertificateChangeInfo,
taChange [1] TrustAnchorChangeInfo }
TBSCertificateChangeInfo ::= SEQUENCE {
serialNumber CertificateSerialNumber OPTIONAL,
signature [0] AlgorithmIdentifier
{SIGNATURE-ALGORITHM, {SupportedSigAlgorithms}} OPTIONAL,
issuer [1] Name OPTIONAL,
validity [2] Validity OPTIONAL,
subject [3] Name OPTIONAL,
subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
exts [5] EXPLICIT Extensions{{...}} OPTIONAL }
TrustAnchorChangeInfo ::= SEQUENCE {
pubKey SubjectPublicKeyInfo,
keyId KeyIdentifier OPTIONAL,
taTitle TrustAnchorTitle OPTIONAL,
certPath CertPathControls OPTIONAL,
exts [1] Extensions{{...}} OPTIONAL }
-- Trust Anchor Update Confirm Message
tamp-update-confirm CONTENT-TYPE ::=
{ TAMPUpdateConfirm IDENTIFIED BY id-ct-TAMP-updateConfirm }
id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }
TAMPUpdateConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
update TAMPMsgRef,
confirm UpdateConfirm }
UpdateConfirm ::= CHOICE {
terseConfirm [0] TerseUpdateConfirm,
verboseConfirm [1] VerboseUpdateConfirm }
TerseUpdateConfirm ::= StatusCodeList
StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode
VerboseUpdateConfirm ::= SEQUENCE {
status StatusCodeList,
taInfo TrustAnchorChoiceList,
tampSeqNumbers TAMPSequenceNumbers OPTIONAL,
usesApex BOOLEAN DEFAULT TRUE }
-- Apex Trust Anchor Update Message
tamp-apex-update CONTENT-TYPE ::=
{ TAMPApexUpdate IDENTIFIED BY id-ct-TAMP-apexUpdate }
id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }
TAMPApexUpdate ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
msgRef TAMPMsgRef,
clearTrustAnchors BOOLEAN,
clearCommunities BOOLEAN,
seqNumber SeqNumber OPTIONAL,
apexTA TrustAnchorChoice }
-- Apex Trust Anchor Update Confirm Message
tamp-apex-update-confirm CONTENT-TYPE ::=
{ TAMPApexUpdateConfirm IDENTIFIED BY
id-ct-TAMP-apexUpdateConfirm }
id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }
TAMPApexUpdateConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
apexReplace TAMPMsgRef,
apexConfirm ApexUpdateConfirm }
ApexUpdateConfirm ::= CHOICE {
terseApexConfirm [0] TerseApexUpdateConfirm,
verboseApexConfirm [1] VerboseApexUpdateConfirm }
TerseApexUpdateConfirm ::= StatusCode
VerboseApexUpdateConfirm ::= SEQUENCE {
status StatusCode,
taInfo TrustAnchorChoiceList,
communities [0] CommunityIdentifierList OPTIONAL,
tampSeqNumbers [1] TAMPSequenceNumbers OPTIONAL }
-- Community Update Message
tamp-community-update CONTENT-TYPE ::=
{ TAMPCommunityUpdate IDENTIFIED BY id-ct-TAMP-communityUpdate }
id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }
TAMPCommunityUpdate ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
msgRef TAMPMsgRef,
updates CommunityUpdates }
CommunityUpdates ::= SEQUENCE {
remove [1] CommunityIdentifierList OPTIONAL,
add [2] CommunityIdentifierList OPTIONAL }
-- At least one must be present
-- Community Update Confirm Message
tamp-community-update-confirm CONTENT-TYPE ::=
{ TAMPCommunityUpdateConfirm IDENTIFIED BY
id-ct-TAMP-communityUpdateConfirm }
id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::=
{ id-tamp 8 }
TAMPCommunityUpdateConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
update TAMPMsgRef,
commConfirm CommunityConfirm }
CommunityConfirm ::= CHOICE {
terseCommConfirm [0] TerseCommunityConfirm,
verboseCommConfirm [1] VerboseCommunityConfirm }
TerseCommunityConfirm ::= StatusCode
VerboseCommunityConfirm ::= SEQUENCE {
status StatusCode,
communities CommunityIdentifierList OPTIONAL }
-- Sequence Number Adjust Message
tamp-sequence-number-adjust CONTENT-TYPE ::=
{ SequenceNumberAdjust IDENTIFIED BY id-ct-TAMP-seqNumAdjust }
id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }
SequenceNumberAdjust ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
msgRef TAMPMsgRef }
-- Sequence Number Adjust Confirm Message
tamp-sequence-number-adjust-confirm CONTENT-TYPE ::=
{ SequenceNumberAdjustConfirm IDENTIFIED BY
id-ct-TAMP-seqNumAdjustConfirm }
id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::= { id-tamp 11 }
SequenceNumberAdjustConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
adjust TAMPMsgRef,
status StatusCode }
-- TAMP Error Message
tamp-error CONTENT-TYPE ::=
{ TAMPError IDENTIFIED BY id-ct-TAMP-error }
id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }
TAMPError ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
msgType OBJECT IDENTIFIER,
status StatusCode,
msgRef TAMPMsgRef OPTIONAL }
-- Status Codes
StatusCode ::= ENUMERATED {
success (0),
decodeFailure (1),
badContentInfo (2),
badSignedData (3),
badEncapContent (4),
badCertificate (5),
badSignerInfo (6),
badSignedAttrs (7),
badUnsignedAttrs (8),
missingContent (9),
noTrustAnchor (10),
notAuthorized (11),
badDigestAlgorithm (12),
badSignatureAlgorithm (13),
unsupportedKeySize (14),
unsupportedParameters (15),
signatureFailure (16),
insufficientMemory (17),
unsupportedTAMPMsgType (18),
apexTAMPAnchor (19),
improperTAAddition (20),
seqNumFailure (21),
contingencyPublicKeyDecrypt (22),
incorrectTarget (23),
communityUpdateFailed (24),
trustAnchorNotFound (25),
unsupportedTAAlgorithm (26),
unsupportedTAKeySize (27),
unsupportedContinPubKeyDecryptAlg (28),
missingSignature (29),
resourcesBusy (30),
versionNumberMismatch (31),
missingPolicySet (32),
revokedCertificate (33),
unsupportedTrustAnchorFormat (34),
improperTAChange (35),
malformed (36),
cmsError (37),
unsupportedTargetIdentifier (38),
other (127) }
-- Object Identifier Arc for Attributes
id-attributes OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
us(840) organization(1) gov(101) dod(2) infosec(1) 5 }
-- TAMP Unsigned Attributes
-- These attributes are unsigned attributes and go into the
-- UnsignedAttributes set in [RFC5652]
TAMPUnsignedAttributes ATTRIBUTE ::= {
contingency-public-key-decrypt-key,
... -- Expect additional attributes --
}
-- contingency-public-key-decrypt-key unsigned attribute
contingency-public-key-decrypt-key ATTRIBUTE ::= {
TYPE PlaintextSymmetricKey IDENTIFIED BY
id-aa-TAMP-contingencyPublicKeyDecryptKey }
id-aa-TAMP-contingencyPublicKeyDecryptKey OBJECT IDENTIFIER ::= {
id-attributes 63 }
PlaintextSymmetricKey ::= OCTET STRING
-- id-pe-wrappedApexContinKey extension
wrappedApexContinKey EXTENSION ::= {
SYNTAX ApexContingencyKey
IDENTIFIED BY id-pe-wrappedApexContinKey }
id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) pe(1) 20 }
ApexContingencyKey ::= SEQUENCE {
wrapAlgorithm
AlgorithmIdentifier{KEY-WRAP, {SupportedWrapAlgorithms}},
wrappedContinPubKey OCTET STRING }
END
A.2. ASN.1 Module Using 1988 Syntax
TAMP-Protocol-v2-88
{ joint-iso-ccitt(2) country(16) us(840) organization(1)
gov(101) dod(2) infosec(1) modules(0) 31 }
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
TrustAnchorChoice, TrustAnchorTitle, CertPathControls
FROM TrustAnchorInfoModule-88 -- from [RFC5914]
{ joint-iso-ccitt(2) country(16) us(840) organization(1)
gov(101) dod(2) infosec(1) modules(0) 37 }
AlgorithmIdentifier, Certificate, Name, Attribute, TBSCertificate,
SubjectPublicKeyInfo, CertificateSerialNumber, Validity, Extensions
FROM PKIX1Explicit88 -- from [RFC5280]
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0)
id-pkix1-explicit(18) }
KeyIdentifier, AnotherName
FROM PKIX1Implicit88 -- from [RFC5280]
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0)
id-pkix1-implicit(19) } ;
-- Object Identifier Arc for TAMP Message Content Types
id-tamp OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
us(840) organization(1) gov(101) dod(2) infosec(1) formats(2) 77 }
-- CMS Content Types
-- TAMP Status Query Message
id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }
TAMPStatusQuery ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
query TAMPMsgRef }
TAMPVersion ::= INTEGER { v1(1), v2(2) }
TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }
SeqNumber ::= INTEGER (0..9223372036854775807)
TAMPMsgRef ::= SEQUENCE {
target TargetIdentifier,
seqNum SeqNumber }
TargetIdentifier ::= CHOICE {
hwModules [1] HardwareModuleIdentifierList,
communities [2] CommunityIdentifierList,
allModules [3] NULL,
uri [4] IA5String,
otherName [5] AnotherName }
HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
HardwareModules
HardwareModules ::= SEQUENCE {
hwType OBJECT IDENTIFIER,
hwSerialEntries SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }
HardwareSerialEntry ::= CHOICE {
all NULL,
single OCTET STRING,
block SEQUENCE {
low OCTET STRING,
high OCTET STRING } }
CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community
Community ::= OBJECT IDENTIFIER
-- TAMP Status Response Message
id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }
TAMPStatusResponse ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
query TAMPMsgRef,
response StatusResponse,
usesApex BOOLEAN DEFAULT TRUE }
StatusResponse ::= CHOICE {
terseResponse [0] TerseStatusResponse,
verboseResponse [1] VerboseStatusResponse }
TerseStatusResponse ::= SEQUENCE {
taKeyIds KeyIdentifiers,
communities CommunityIdentifierList OPTIONAL }
KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier
VerboseStatusResponse ::= SEQUENCE {
taInfo TrustAnchorChoiceList,
continPubKeyDecryptAlg [0] AlgorithmIdentifier OPTIONAL,
communities [1] CommunityIdentifierList OPTIONAL,
tampSeqNumbers [2] TAMPSequenceNumbers OPTIONAL }
TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
TrustAnchorChoice
TAMPSequenceNumber ::= SEQUENCE {
keyId KeyIdentifier,
seqNumber SeqNumber }
TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF
TAMPSequenceNumber
-- Trust Anchor Update Message
id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }
TAMPUpdate ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
msgRef TAMPMsgRef,
updates SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }
TrustAnchorUpdate ::= CHOICE {
add [1] TrustAnchorChoice,
remove [2] SubjectPublicKeyInfo,
change [3] EXPLICIT TrustAnchorChangeInfoChoice }
TrustAnchorChangeInfoChoice ::= CHOICE {
tbsCertChange [0] TBSCertificateChangeInfo,
taChange [1] TrustAnchorChangeInfo }
TBSCertificateChangeInfo ::= SEQUENCE {
serialNumber CertificateSerialNumber OPTIONAL,
signature [0] AlgorithmIdentifier OPTIONAL,
issuer [1] Name OPTIONAL,
validity [2] Validity OPTIONAL,
subject [3] Name OPTIONAL,
subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
exts [5] EXPLICIT Extensions OPTIONAL }
TrustAnchorChangeInfo ::= SEQUENCE {
pubKey SubjectPublicKeyInfo,
keyId KeyIdentifier OPTIONAL,
taTitle TrustAnchorTitle OPTIONAL,
certPath CertPathControls OPTIONAL,
exts [1] Extensions OPTIONAL }
-- Trust Anchor Update Confirm Message
id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }
TAMPUpdateConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
update TAMPMsgRef,
confirm UpdateConfirm }
UpdateConfirm ::= CHOICE {
terseConfirm [0] TerseUpdateConfirm,
verboseConfirm [1] VerboseUpdateConfirm }
TerseUpdateConfirm ::= StatusCodeList
StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode
VerboseUpdateConfirm ::= SEQUENCE {
status StatusCodeList,
taInfo TrustAnchorChoiceList,
tampSeqNumbers TAMPSequenceNumbers OPTIONAL,
usesApex BOOLEAN DEFAULT TRUE }
-- Apex Trust Anchor Update Message
id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }
TAMPApexUpdate ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
msgRef TAMPMsgRef,
clearTrustAnchors BOOLEAN,
clearCommunities BOOLEAN,
seqNumber SeqNumber OPTIONAL,
apexTA TrustAnchorChoice }
-- Apex Trust Anchor Update Confirm Message
id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }
TAMPApexUpdateConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
apexReplace TAMPMsgRef,
apexConfirm ApexUpdateConfirm }
ApexUpdateConfirm ::= CHOICE {
terseApexConfirm [0] TerseApexUpdateConfirm,
verboseApexConfirm [1] VerboseApexUpdateConfirm }
TerseApexUpdateConfirm ::= StatusCode
VerboseApexUpdateConfirm ::= SEQUENCE {
status StatusCode,
taInfo TrustAnchorChoiceList,
communities [0] CommunityIdentifierList OPTIONAL,
tampSeqNumbers [1] TAMPSequenceNumbers OPTIONAL }
-- Community Update Message
id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }
TAMPCommunityUpdate ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
terse [1] TerseOrVerbose DEFAULT verbose,
msgRef TAMPMsgRef,
updates CommunityUpdates }
CommunityUpdates ::= SEQUENCE {
remove [1] CommunityIdentifierList OPTIONAL,
add [2] CommunityIdentifierList OPTIONAL }
-- At least one must be present
-- Community Update Confirm Message
id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 8 }
TAMPCommunityUpdateConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
update TAMPMsgRef,
commConfirm CommunityConfirm }
CommunityConfirm ::= CHOICE {
terseCommConfirm [0] TerseCommunityConfirm,
verboseCommConfirm [1] VerboseCommunityConfirm }
TerseCommunityConfirm ::= StatusCode
VerboseCommunityConfirm ::= SEQUENCE {
status StatusCode,
communities CommunityIdentifierList OPTIONAL }
-- Sequence Number Adjust Message
id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }
SequenceNumberAdjust ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
msgRef TAMPMsgRef }
-- Sequence Number Adjust Confirm Message
id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::= { id-tamp 11 }
SequenceNumberAdjustConfirm ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
adjust TAMPMsgRef,
status StatusCode }
-- TAMP Error Message
id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }
TAMPError ::= SEQUENCE {
version [0] TAMPVersion DEFAULT v2,
msgType OBJECT IDENTIFIER,
status StatusCode,
msgRef TAMPMsgRef OPTIONAL }
-- Status Codes
StatusCode ::= ENUMERATED {
success (0),
decodeFailure (1),
badContentInfo (2),
badSignedData (3),
badEncapContent (4),
badCertificate (5),
badSignerInfo (6),
badSignedAttrs (7),
badUnsignedAttrs (8),
missingContent (9),
noTrustAnchor (10),
notAuthorized (11),
badDigestAlgorithm (12),
badSignatureAlgorithm (13),
unsupportedKeySize (14),
unsupportedParameters (15),
signatureFailure (16),
insufficientMemory (17),
unsupportedTAMPMsgType (18),
apexTAMPAnchor (19),
improperTAAddition (20),
seqNumFailure (21),
contingencyPublicKeyDecrypt (22),
incorrectTarget (23),
communityUpdateFailed (24),
trustAnchorNotFound (25),
unsupportedTAAlgorithm (26),
unsupportedTAKeySize (27),
unsupportedContinPubKeyDecryptAlg (28),
missingSignature (29),
resourcesBusy (30),
versionNumberMismatch (31),
missingPolicySet (32),
revokedCertificate (33),
unsupportedTrustAnchorFormat (34),
improperTAChange (35),
malformed (36),
cmsError (37),
unsupportedTargetIdentifier (38),
other (127) }
-- Object Identifier Arc for Attributes
id-attributes OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
us(840) organization(1) gov(101) dod(2) infosec(1) 5 }
-- id-aa-TAMP-contingencyPublicKeyDecryptKey uses
-- PlaintextSymmetricKey syntax
id-aa-TAMP-contingencyPublicKeyDecryptKey OBJECT IDENTIFIER ::= {
id-attributes 63 }
PlaintextSymmetricKey ::= OCTET STRING
-- id-pe-wrappedApexContinKey extension
id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) pe(1) 20 }
ApexContingencyKey ::= SEQUENCE {
wrapAlgorithm AlgorithmIdentifier,
wrappedContinPubKey OCTET STRING }
END
Appendix B. Media Type Registrations
Eleven media type registrations are provided in this appendix, one
for each content type defined in this specification. As noted in
Section 2, in all cases TAMP messages are encapsulated within
ContentInfo structures. Signed messages are additionally
encapsulated within a SignedData structure.
B.1. application/tamp-status-query
Media type name: application
Subtype name: tamp-status-query
Required parameters: None
Optional parameters: None
Encoding considerations: binary Security considerations: Carries a signed request for status information. Integrity protection is discussed in Section 4.1. Replay detection is discussed in Section 6. Interoperability considerations: None Published specification: RFC 5934 Applications that use this media type: TAMP clients responding to requests for status information. Additional information: Magic number(s): None File extension(s): .tsq Macintosh File Type Code(s): Person & email address to contact for further information: Sam Ashmore - srashmo@radium.ncsc.mil Intended usage: LIMITED USE Restrictions on usage: None Author: Sam Ashmore - srashmo@radium.ncsc.mil Change controller: IESGB.2. application/tamp-status-response
Media type name: application Subtype name: tamp-status-response Required parameters: None Optional parameters: None Encoding considerations: binary Security considerations: Carries optionally signed status information. Integrity protection is discussed in Section 4.2.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests for status information.
Additional information:
Magic number(s): None
File extension(s): .tsr
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.3. application/tamp-update
Media type name: application
Subtype name: tamp-update
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries a signed trust anchor update
message. Integrity protection is discussed in Section 4.3. Replay
detection is discussed in Section 6.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update trust anchor information.
Additional information:
Magic number(s): None
File extension(s): .tur
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.4. application/tamp-update-confirm
Media type name: application
Subtype name: tamp-update-confirm
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries an optionally signed TAMP update
response. Integrity protection is discussed in Section 4.4.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update trust anchor information.
Additional information:
Magic number(s): None
File extension(s): .tuc
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.5. application/tamp-apex-update
Media type name: application
Subtype name: tamp-apex-update
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries a signed request to update an apex
trust anchor information. Integrity protection is discussed in
Section 4.5. Replay detection is discussed in Section 6.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update an apex trust anchor.
Additional information:
Magic number(s): None
File extension(s): .tau
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.6. application/tamp-apex-update-confirm
Media type name: application
Subtype name: tamp-apex-update-confirm
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries an optionally signed response to an
apex update request. Integrity protection is discussed in
Section 4.6.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update an apex trust anchor.
Additional information:
Magic number(s): None
File extension(s): .auc
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.7. application/tamp-community-update
Media type name: application
Subtype name: tamp-community-update
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries a signed request to update community
membership information. Integrity protection is discussed in
Section 4.7. Replay detection is discussed in Section 6.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update community membership.
Additional information:
Magic number(s): None
File extension(s): .tcu
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.8. application/tamp-community-update-confirm
Media type name: application
Subtype name: tamp-community-update-confirm
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries an optionally signed response to a
community update request. Integrity protection is discussed in
Section 4.8.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update community membership.
Additional information:
Magic number(s): None
File extension(s): .cuc
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.9. application/tamp-sequence-adjust
Media type name: application
Subtype name: tamp-sequence-adjust
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries a signed request to update sequence
number information. Integrity protection is discussed in
Section 4.9. Replay detection is discussed in Section 6.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update sequence number information.
Additional information:
Magic number(s): None
File extension(s): .tsa
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.10. application/tamp-sequence-adjust-confirm
Media type name: application
Subtype name: tamp-sequence-adjust-confirm
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries an optionally signed sequence number
adjust confirmation message. Integrity protection is discussed in
Section 4.10.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients responding to
requests to update sequence number information.
Additional information:
Magic number(s): None
File extension(s): .sac
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
B.11. application/tamp-error
Media type name: application
Subtype name: tamp-error
Required parameters: None
Optional parameters: None
Encoding considerations: binary
Security considerations: Carries optionally signed error information
collecting during TAMP processing. Integrity protection is discussed
in Section 4.11.
Interoperability considerations: None
Published specification: RFC 5934
Applications that use this media type: TAMP clients processing TAMP
messages.
Additional information:
Magic number(s): None
File extension(s): .ter
Macintosh File Type Code(s):
Person & email address to contact for further information:
Sam Ashmore - srashmo@radium.ncsc.mil
Intended usage: LIMITED USE
Restrictions on usage: None
Author: Sam Ashmore - srashmo@radium.ncsc.mil
Change controller: IESG
Appendix C. TAMP over HTTP
This appendix describes the formatting and transportation conventions
for the TAMP messages when carried by HTTP [RFC2616]. Each TAMP
message type is covered by a subsection below. Each TAMP request
message sent via HTTP is responded to either with an HTTP response
containing a TAMP response or error or, if failure occurs prior to
invoking TAMP, an HTTP error. TAMP response, confirmation, and error
messages are not suitable for caching. In order for TAMP clients and
servers using HTTP to interoperate, the following rules apply.
o Clients MUST use the POST method to submit their requests.
o Servers MUST use the 200 response code for successful responses.
o Clients MAY attempt to send HTTPS requests using Transport Layer
Security (TLS) 1.0 or later, although servers are not required to
support TLS.
o Servers MUST NOT assume client support for any type of HTTP
authentication such as cookies, Basic authentication, or Digest
authentication.
o Clients and servers are expected to follow the other rules and
restrictions in [RFC2616]. Note that some of those rules are for
HTTP methods other than POST; clearly, only the rules that apply
to POST are relevant for this specification.
C.1. TAMP Status Query Message
A TAMP Status Query Message using the POST method is constructed as follows: The Content-Type header MUST have the value "application/ tamp-status-query". The body of the message is the binary value of the DER encoding of the TAMPStatusQuery, wrapped in a CMS body as described in Section 2.C.2. TAMP Status Response Message
An HTTP-based TAMP Status Response message is composed of the appropriate HTTP headers, followed by the binary value of the DER encoding of the TAMPStatusResponse, wrapped in a CMS body as described in Section 2. The Content-Type header MUST have the value "application/ tamp-status-response."C.3. Trust Anchor Update Message
A Trust Anchor Update Message using the POST method is constructed as follows: The Content-Type header MUST have the value "application/ tamp-update". The body of the message is the binary value of the DER encoding of the TAMPUpdate, wrapped in a CMS body as described in Section 2.C.4. Trust Anchor Update Confirm Message
An HTTP-based Trust Anchor Update Confirm message is composed of the appropriate HTTP headers, followed by the binary value of the DER encoding of the TAMPUpdateConfirm, wrapped in a CMS body as described in Section 2. The Content-Type header MUST have the value "application/ tamp-update-confirm".C.5. Apex Trust Anchor Update Message
An Apex Trust Anchor Update Message using the POST method is constructed as follows: The Content-Type header MUST have the value "application/tamp-apex-update". The body of the message is the binary value of the DER encoding of the TAMPApexUpdate, wrapped in a CMS body as described in Section 2.
C.6. Apex Trust Anchor Update Confirm Message
An HTTP-based Apex Trust Anchor Update Confirm message is composed of the appropriate HTTP headers, followed by the binary value of the DER encoding of the TAMPApexUpdateConfirm, wrapped in a CMS body as described in Section 2. The Content-Type header MUST have the value "application/ tamp-apex-update-confirm".C.7. Community Update Message
A Community Update Message using the POST method is constructed as follows: The Content-Type header MUST have the value "application/ tamp-community-update". The body of the message is the binary value of the DER encoding of the TAMPCommunityUpdate, wrapped in a CMS body as described in Section 2.C.8. Community Update Confirm Message
An HTTP-based Community Update Confirm message is composed of the appropriate HTTP headers, followed by the binary value of the DER encoding of the TAMPCommunityUpdateConfirm, wrapped in a CMS body as described in Section 2. The Content-Type header MUST have the value "application/ tamp-community-update-confirm".C.9. Sequence Number Adjust Message
A Sequence Number Adjust Message using the POST method is constructed as follows: The Content-Type header MUST have the value "application/ tamp-sequence-adjust". The body of the message is the binary value of the DER encoding of the SequenceNumberAdjust, wrapped in a CMS body as described in Section 2.C.10. Sequence Number Adjust Confirm Message
An HTTP-based Sequence Number Adjust Confirm message is composed of the appropriate HTTP headers, followed by the binary value of the DER encoding of the SequenceNumberAdjustConfirm, wrapped in a CMS body as described in Section 2.
The Content-Type header MUST have the value "application/ tamp-sequence-adjust-confirm".C.11. TAMP Error Message
An HTTP-based TAMP Error message is composed of the appropriate HTTP headers, followed by the binary value of the DER encoding of the TAMPError, wrapped in a CMS body as described in Section 2. The Content-Type header MUST have the value "application/tamp-error".Authors' Addresses
Russ Housley Vigil Security, LLC 918 Spring Knoll Drive Herndon, VA 20170 USA EMail: housley@vigilsec.com Sam Ashmore National Security Agency Suite 6751 9800 Savage Road Fort Meade, MD 20755 USA EMail: srashmo@radium.ncsc.mil Carl Wallace Cygnacom Solutions Suite 5400 7925 Jones Branch Drive McLean, VA 22102 USA EMail: cwallace@cygnacom.com