LTANS WG: ERS Status July 10, 2006 Tobias Gondrom

LTANS WG (ltans): ERS current Draft in version 07 changes from WG last call in June for version-06: put terminology in alphabetical order minor change to data structure based on discussion at last IETF and WG last call: moved (unused) spec of chapter 5 (handling of encrypted content) out to separate I-D. WG last call initiated in May: received several ASN issues on the mailing-list - seems stable now with the following discussion points => second approach for WG last call with version 08

LTANS WG (ltans): ERS request to modify structure: add EXPLICIT tag: From: reducedHashtree [0] SEQUENCE OF SEQUENCE OF OCTET STRING OPTIONAL, To: reducedHashtree [0] EXPLICIT SEQUENCE OF SEQUENCE OF OCTET STRING OPTIONAL,

LTANS WG (ltans): ERS before: added tag to: ArchiveTimeStamp ::= SEQUENCE { digestAlgorithm AlgorithmIdentifier OPTIONAL, reducedHashtree [0] EXPLICIT SEQUENCE OF SEQUENCE OF OCTET STRING OPTIONAL, timeStamp ContentInfo} added tag to: digestAlgorithm [0] AlgorithmIdentifier OPTIONAL, reducedHashtree [1] SEQUENCE OF SEQUENCE OF OCTET STRING OPTIONAL, timeStamp ContentInfo} (note: which in fact removes the need for the EXPLICIT tag)

LTANS WG (ltans): ERS introduce PartialHashtree ? ArchiveTimeStamp ::= SEQUENCE { digestAlgorithm [0] AlgorithmIdentifier OPTIONAL, reducedHashtree [1] SEQUENCE OF PartialHashtree OPTIONAL, timeStamp ContentInfo} PartialHashtree ::= SEQUENCE OF OCTET STRING

LTANS WG (ltans): ERS why is reducedHashtree OPTIONAL? ArchiveTimeStamp ::= SEQUENCE { digestAlgorithm [0] AlgorithmIdentifier OPTIONAL, reducedHashtree [1] SEQUENCE OF SEQUENCE OF OCTET STRING OPTIONAL, timeStamp ContentInfo}

LTANS WG (ltans): ERS Comments received on the mailing-list Peter: AlgorithmIdentifier should not come from an 88 version module, but rather from its original AuthenticationFramework proposal to change IMPORTS to definitions: new asn.1 from Peter:„I replaced the IMPORTS of the ERS module by the necessary definitions for simplicity.“

LTANS WG (ltans): ERS old: IMPORTS TimeStampToken FROM PKIXTSP -- [RFC3161] {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-tsp(13) } ContentInfo FROM CryptographicMessageSyntax2004 -- FROM [RFC3852] { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) modules(0) cms-2004(24) } -- Imports from RFC 3280 [RFC3280], Appendix A.1 AlgorithmIdentifier FROM PKIX1Explicit88 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) mod(0) pkix1-explicit(18) }

LTANS WG (ltans): ERS new: ContentInfo ::= SEQUENCE { content-type CMS-CONTENT-TYPE.&id({CMSContentTable}), pkcs7-content [0] CMS-CONTENT-TYPE.&Type({CMSContentTable}) } CMS-CONTENT-TYPE ::= TYPE-IDENTIFIER CMSContentTable CMS-CONTENT-TYPE ::= {...} ALGORITHM ::= TYPE-IDENTIFIER AlgorithmIdentifier ::= SEQUENCE { algorithm ALGORITHM.&id({SupportedAlgorithms}), parameters ALGORITHM.&Type({SupportedAlgorithms}{@algorithm}) OPTIONAL SupportedAlgorithms ALGORITHM ::=

LTANS WG (ltans): ERS Implementations: Fraunhofer finished product implementation Open Text finished product implementation further implementations have been announced by IBM, SER, – but current status is unknown – any information ? in parallel to ERS: progress with XML spec of ERS (Aleksej) – with stable ERS will publish I-D based on strcuture of ERS several large organization in Europe (as end users) need to use ERS: i.e. to be stable

LTANS WG (ltans): ERS Proposal: make changes: add tags WG Last Call again on version 08