RFC 3279 (rfc3279) - Page 1 of 27


Algorithms and Identifiers for the Internet X



Alternative Format: Original Text Document



Network Working Group                                            W. Polk
Request for Comments: 3279                                          NIST
Obsoletes: 2528                                               R. Housley
Category: Standards Track                               RSA Laboratories
                                                              L. Bassham
                                                                    NIST
                                                              April 2002

                   Algorithms and Identifiers for the
                Internet X.509 Public Key Infrastructure
       Certificate and Certificate Revocation List (CRL) Profile

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2002).  All Rights Reserved.

Abstract

   This document specifies algorithm identifiers and ASN.1 encoding
   formats for digital signatures and subject public keys used in the
   Internet X.509 Public Key Infrastructure (PKI).  Digital signatures
   are used to sign certificates and certificate revocation list (CRLs).
   Certificates include the public key of the named subject.

Table of Contents

   1  Introduction  . . . . . . . . . . . . . . . . . . . . . .   2
   2  Algorithm Support . . . . . . . . . . . . . . . . . . . .   3
   2.1  One-Way Hash Functions  . . . . . . . . . . . . . . . .   3
   2.1.1  MD2 One-Way Hash Functions  . . . . . . . . . . . . .   3
   2.1.2  MD5 One-Way Hash Functions  . . . . . . . . . . . . .   4
   2.1.3  SHA-1 One-Way Hash Functions  . . . . . . . . . . . .   4
   2.2  Signature Algorithms  . . . . . . . . . . . . . . . . .   4
   2.2.1  RSA Signature Algorithm . . . . . . . . . . . . . . .   5
   2.2.2  DSA Signature Algorithm . . . . . . . . . . . . . . .   6
   2.2.3  Elliptic Curve Digital Signature Algorithm  . . . . .   7
   2.3  Subject Public Key Algorithms . . . . . . . . . . . . .   7
   2.3.1  RSA Keys  . . . . . . . . . . . . . . . . . . . . . .   8
   2.3.2  DSA Signature Keys  . . . . . . . . . . . . . . . . .   9
   2.3.3  Diffie-Hellman Key Exchange Keys  . . . . . . . . . .  10



Polk, et al.                Standards Track