2.2 Message Syntax

  • Article

The message syntax SHOULD<2> be as specified in [RFC4556] section 3.2.

PKCA MAY<3> support these variations based on an earlier draft of [RFC4556] for interoperability.

An earlier draft of [RFC4556] supported a different pre-authentication data identifier:

  • PA-PK-AS-REP_OLD 15

The algorithm identifier in Cryptographic Message Syntax (CMS) messages, as specified in [RFC2315] and [RFC3852], is md5WithRSAEncryption instead of md5 ([RFC3370] sections 3.2 and 2.2).<4> SHA-1WithRSAEncryption [RFC3370] SHOULD<5> be supported. ecdsa-with-Sha1, ecdsa-with-Sha256, ecdsa-with-Sha384, and ecdsa-with-Sha512 ([RFC5349] section 3) SHOULD<6> be supported.

The following ECC curves ([RFC5349] section 5) SHOULD<7> be supported:

  • ECPRGF256Random | groupP-256 | secp256r1

  • ECPRGF384Random | groupP-384 | secp384r1

  • ECPRGF521Random | groupP-521 | secp521r1