LAMPS Working Group

Internet Engineering Task Force (IETF)                     M. Richardson
Internet-Draft
Request for Comments: 8951                      Sandelman Software Works
Updates: 7030 (if approved)                                                  T. Werner
Intended status:
Category: Standards Track                                        Siemens
Expires: February 12, 2021
ISSN: 2070-1721                                                   W. Pan
                                                     Huawei Technologies
                                                         August 11,
                                                           November 2020

   Clarification of Enrollment over Secure Transport (EST): transfer
                          encodings Transfer
                          Encodings and ASN.1
                 draft-ietf-lamps-rfc7030est-clarify-10

Abstract

   This document updates RFC7030: RFC 7030: Enrollment over Secure Transport (EST) to
   resolve some errata that were reported, reported and which that have proven to cause
   interoperability issues when RFC7030 RFC 7030 was extended.

   This document deprecates the specification of "Content-Transfer-
   Encoding" headers for EST Enrollment over Secure Transport (EST)
   endpoints.  This document fixes some syntactical errors in ASN.1 that
   were present.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list  It represents the consensus of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid the IETF community.  It has
   received public review and has been approved for a maximum publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 7841.

   Information about the current status of six months this document, any errata,
   and how to provide feedback on it may be updated, replaced, or obsoleted by other documents obtained at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on February 12, 2021.
   https://www.rfc-editor.org/info/rfc8951.

Copyright Notice

   Copyright (c) 2020 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (https://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  Terminology . . . . . . . . . . . . . . . . . . . . . . . . .   3
   3.  Changes to EST endpoint processing  . . . . . . . . . . . . .   3 Endpoint Processing
     3.1.  Whitespace processing . . . . . . . . . . . . . . . . . .   4  White Space Processing
     3.2.  Changes sections to Section 4 of RFC7030 . . . . . . . . . . . . . .   4 RFC 7030
       3.2.1.  Section 4.1.3 . . . . . . . . . . . . . . . . . . . .   4
       3.2.2.  Section 4.3.1 . . . . . . . . . . . . . . . . . . . .   4
       3.2.3.  Section 4.3.2 . . . . . . . . . . . . . . . . . . . .   5
       3.2.4.  Section 4.4.2 . . . . . . . . . . . . . . . . . . . .   5
       3.2.5.  Section 4.5.2 . . . . . . . . . . . . . . . . . . . .   5
   4.  Clarification of ASN.1 for Certificate Attribute set. . . . .   6 Set
   5.  Clarification of error messages Error Messages for certificate enrollment
       operations  . . . . . . . . . . . . . . . . . . . . . . . . .   8 Certificate Enrollment
           Operations
     5.1.  Updating section Section 4.2.3: Simple Enroll and Re-enroll
           Response  . . . . . . . . . . . . . . . . . . . . . . . .   8
     5.2.  Updating section Section 4.4.2: Server-Side Key Generation Response  . . . . . . . . . . . . . . . . . . . . . . . .   8
   6.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .   8
   7.  Security Considerations . . . . . . . . . . . . . . . . . . .   9
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   9
   9.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   9
   10.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   9
     10.1.
     9.1.  Normative References . . . . . . . . . . . . . . . . . .   9
     10.2.
     9.2.  Informative References . . . . . . . . . . . . . . . . .  11
   Appendix A.  ASN.1 Module . . . . . . . . . . . . . . . . . . . .  12
   Acknowledgements
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  14

1.  Introduction

   Enrollment over Secure Transport (EST) is defined in [RFC7030].  The
   EST specification defines a number of HTTP end points endpoints for certificate
   enrollment and management.  The details of the transaction were
   defined in terms of MIME headers headers, as defined in [RFC2045], rather
   than in terms of the HTTP protocol protocol, as defined in [RFC7230] and
   [RFC7231].

   [RFC2616] and later [RFC7231] Appendix A.5 has of [RFC7231] have text specifically
   deprecating Content-Transfer-Encoding.  However, [RFC7030]
   incorrectly uses this header.

   Any updates to [RFC7030] to bring it inline in line with HTTP processing
   risk changing the on-wire protocol in a way that is not backwards
   compatible.  However, reports from implementers suggest that many
   implementations do not send the Content-Transfer-Encoding, and many
   of them ignore it.  The consequence is that simply deprecating the
   header would remain compatible with current implementations.

   [I-D.ietf-anima-bootstrapping-keyinfra]

   [BRSKI] extends [RFC7030], adding new
   functionality, and interop functionality.  Interop testing
   of the protocol has revealed that unusual processing called out in
   [RFC7030] causes confusion.

   EST is currently specified as part of [IEC62351], [IEC62351] and is widely used
   in Government, Utilities government, utilities, and Financial financial markets today.

   This document therefore document, therefore, revises [RFC7030] to reflect the field
   reality, deprecating the extraneous field.

   This document deals with errata numbers [errata4384], [errata5107],
   [errata5108], and [errata5904].

   This document deals with [errata5107] and [errata5904] in Section 3.
   [errata5108] is dealt with in Section 5.  [errata4384] is closed by
   correcting the ASN.1 Module in Section 4.

2.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
   "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

3.  Changes to EST endpoint processing

   The [RFC7030] sections Endpoint Processing

   Sections 4.1.3 (CA Certificates Response, /cacerts),
   4.3.1/4.3.2 4.3.1 and 4.3.2
   (Full CMC, /fullcmc), 4.4.2 (Server-Side Key Generation,
   /serverkeygen), and 4.5.2 (CSR Attributes, /csrattrs) of [RFC7030]
   specify the use of base64 encoding with a Content-Transfer-Encoding
   for requests and
   response. responses.

   This document updates [RFC7030] to require the POST request and
   payload response of all endpoints use Base64 encoding using base64 encoding, as specified
   in Section 4 of [RFC4648].  In both cases, the Distinguished Encoding
   Rules (DER) [X.690] are used to produce the input for the Base64 base64
   encoding routine.  This format is to be used regardless of any
   Content-Transfer-Encoding header, and any value in such a header MUST
   be ignored.

3.1.  Whitespace processing  White Space Processing

   Note that "base64" as used in the HTTP [RFC2616] does not permit
   CRLF, while the "base64" used in MIME [RFC2045] does.  This
   specification clarifies that despite [RFC2616], that what [RFC2616] says, white space
   including CR, LF, spaces (ASCII 32) and, 32), and tabs (ASCII 9) SHOULD be
   tolerated by receivers.  Senders are not required to insert any kind
   of white space.

3.2.  Changes sections to Section 4 of RFC7030 RFC 7030

3.2.1.  Section 4.1.3

   Replace:

   |  A successful response MUST be a certs-only CMC Simple PKI
   |  Response, as defined in [RFC5272], containing the certificates
   |  described in the following paragraph.  The HTTP content-type of
   |  "application/pkcs7-mime" is used.  The Simple PKI Response is sent
   |  with a Content-Transfer-Encoding of "base64" [RFC2045].

   with: (RFCEDITOR: maybe artwork is the wrong choice here)

   |  A successful response MUST be a certs-only CMC Simple PKI
   |  Response, as defined in [RFC5272], containing the certificates
   |  described in the following paragraph.  The HTTP content-type of
   |  "application/pkcs7-mime" is used.  The CMC Simple PKI Response is
   |  encoded in base64 [RFC4648].

3.2.2.  Section 4.3.1

   Replace:

   |  If the HTTP POST to /fullcmc is not a valid Full PKI Request, the
   |  server MUST reject the message.  The HTTP content-type used is
   |  "application/pkcs7-mime" with an smime-type parameter "CMC-request", "CMC-
   |  request", as specified in [RFC5273].  The body of the message is
   |  the binary value of the encoding of the PKI Request with a
   |  Content-Transfer-Encoding of "base64" [RFC2045].

   with:

   |  If the HTTP POST to /fullcmc is not a valid Full PKI Request, the
   |  server MUST reject the message.  The HTTP content-type used is
   |  "application/pkcs7-mime" with an smime-type parameter "CMC-request", "CMC-
   |  request", as specified in [RFC5273].  The body of the message is
   |  encoded in base64 [RFC4648].

3.2.3.  Section 4.3.2

   Replace:

   |  The body of the message is the binary value of the encoding of the
   |  PKI Response with a Content-Transfer-Encoding of "base64"
   |  [RFC2045].

   with:

   |  The body of the message is the base64 [RFC4648] encoding of the
   |  PKI Response.

3.2.4.  Section 4.4.2

   Replace:

   |  An "application/pkcs8" part consists of the base64-encoded DER-encoded DER-
   |  encoded [X.690] PrivateKeyInfo with a Content-Transfer-Encoding of
   |  "base64"
   [RFC4648]. [RFC2045].

   with:

   |  An "application/pkcs8" part consists of the base64-encoded
   DER-encoded base64-encoded, DER-
   |  encoded [X.690] PrivateKeyInfo.

   Replace:

   |  In all three additional encryption cases, the EnvelopedData is
   |  returned in the response as an "application/pkcs7-mime" part with
   |  an smime-type parameter of "server-generated-key" and a Content-
   |  Transfer-Encoding of "base64".

   with:

   |  In all three additional encryption cases, the EnvelopedData is
   |  returned in the response as an "application/pkcs7-mime" part with
   |  an smime-type parameter of "server-generated-key".  It is base64
   |  encoded [RFC4648].

3.2.5.  Section 4.5.2

   This section is updated in its entirety in Section 4.

4.  Clarification of ASN.1 for Certificate Attribute set. Set

   Section 4.5.2 of [RFC7030] is to be replaced with the following text:

   |  4.5.2 CSR Attributes Response
   |
   |  If locally configured policy for an authenticated EST client
   |  indicates a CSR Attributes Response is to be provided, the server
   |  response MUST include an HTTP 200 response code.  An HTTP response
   |  code of 204 or 404 indicates that a CSR Attributes Response is not
   |  available.  Regardless of the response code, the EST server and CA
   |  MAY reject any subsequent enrollment requests for any reason,
   |  e.g., incomplete CSR attributes in the request.
   |
   |  Responses to attribute request messages MUST be encoded as the
   |  content-type of "application/csrattrs", "application/csrattrs" and are to be "base64"
   |  [RFC4648] encoded.  The syntax for application/csrattrs body is as
   |  follows:
   |
   |     CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOID
   |
   |     AttrOrOID ::= CHOICE {
   |       oid        OBJECT IDENTIFIER,
   |       attribute  Attribute {{AttrSet}} }
   |
   |     AttrSet ATTRIBUTE ::= { ... }
   |
   |  An EST server includes zero or more OIDs or attributes [RFC2986]
   |  that it requests the client to use in the certification request.
   |  The client MUST ignore any OID or attribute it does not recognize.
   |  When the server encodes CSR Attributes attributes as an empty SEQUENCE, it
   |  means that the server has no specific additional information it
   |  desires in a client certification request (this is functionally
   |  equivalent to an HTTP response code of 204 or 404).
   |
   |  If the CA requires a particular cryptographic algorithm or use of
   |  a particular signature scheme (e.g., certification of a public key
   |  based on a certain elliptic curve, curve or signing using a certain hash
   algorithm)
   |  algorithm), it MUST provide that information in the CSR Attribute
   |  Response.  If an EST server requires the linking of identity and
   |  POP information (see Section 3.5), it MUST include the
   |  challengePassword OID in the CSR Attributes Response.
   |
   |  The structure of the CSR Attributes Response SHOULD, to the
   |  greatest extent possible, reflect the structure of the CSR it is
   |  requesting.  Requests to use a particular signature scheme (e.g. (e.g.,
   |  using a particular hash function) are represented as an OID to be
   |  reflected in the SignatureAlgorithm of the CSR.  Requests to use a
   |  particular cryptographic algorithm (e.g., certification of a
   |  public key based on a certain elliptic curve) are represented as
   |  an attribute, to be reflected as the AlgorithmIdentifier of the
   |  SubjectPublicKeyInfo, with a type indicating the algorithm and the
   |  values indicating the particular parameters specific to the
   |  algorithm.  Requests for descriptive information from the client
   |  are made by an attribute, to be represented as Attributes of the
   |  CSR, with a type indicating the [RFC2985] extensionRequest and the
   |  values indicating the particular attributes desired to be included
   |  in the resulting certificate's extensions.
   |
   |  The sequence is Distinguished Encoding Rules (DER) encoded [X.690]
   |  and then base64 encoded (Section 4 of [RFC4648]).  The resulting
   |  text forms the application/csrattr body, without headers.
   |
   |  For example, if a CA requests that a client to a) submit a
   |  certification request containing the challengePassword (indicating
   |  that linking of identity and POP information is requested; see
   |  Section 3.5), b) submit an extensionRequest with the Media Access
   |  Control (MAC) address
   ([RFC2307]) [RFC2307] of the client, and to c) use the
   |  secp384r1 elliptic curve
   and to sign with using the SHA384 hash function.  Then, function,
   |  then it takes the following:
   |
   |         OID:        challengePassword (1.2.840.113549.1.9.7)
   |
   |         Attribute:  type = extensionRequest (1.2.840.113549.1.9.14)
   |                     value = macAddress (1.3.6.1.1.1.1.22)
   |
   |         Attribute:  type = id-ecPublicKey (1.2.840.10045.2.1)
   |                     value = secp384r1 (1.3.132.0.34)
   |
   |         OID:        ecdsaWithSHA384 (1.2.840.10045.4.3.3)
   |
   |  and encodes them into an ASN.1 SEQUENCE to produce:
   |
   |   30 41 06 09 2a 86 48 86 f7 0d 01 09 07 30 12 06 07 2a 86 48 ce 3d
   |   02 01 31 07 06 05 2b 81 04 00 22 30 16 06 09 2a 86 48 86 f7 0d 01
   |   09 0e 31 09 06 07 2b 06 01 01 01 01 16 06 08 2a 86 48 ce 3d 04 03
   |   03
   |
   |  and then base64 encodes the resulting ASN.1 SEQUENCE to produce:
   |
   |    MEEGCSqGSIb3DQEJBzASBgcqhkjOPQIBMQcGBSuBBAAiMBYGCSqGSIb3DQEJDjEJ
   |    BgcrBgEBAQEWBggqhkjOPQQDAw==

5.  Clarification of error messages Error Messages for certificate enrollment
    operations Certificate Enrollment
    Operations

   [errata5108] clarifies what format the error messages are to be in.
   Previously
   Previously, a client might be confused into believing that an error
   returned with type text/plain was not intended to be an error.

5.1.  Updating section Section 4.2.3: Simple Enroll and Re-enroll Response

   Replace:

   |  If the content-type is not set, the response data MUST be a
   |  plaintext human-readable error message containing explanatory
   |  information describing why the request was rejected (for example,
   |  indicating that CSR attributes are incomplete).

   with:

   |  If the content-type is not set, the response data MUST be a
   |  plaintext human-readable error message containing explanatory
   |  information describing why the request was rejected (for example,
   |  indicating that CSR attributes are incomplete).  Servers MAY use
   |  the "text/plain" content-type [RFC2046] for human-readable errors.

5.2.  Updating section Section 4.4.2: Server-Side Key Generation Response

   Replace:

   |  If the content-type is not set, the response data MUST be a
   |  plaintext human-readable error message.

   with:

   |  If the content-type is not set, the response data MUST be a
   |  plaintext human-readable error message.  Servers MAY use the
   |  "text/plain" content-type [RFC2046] for human-readable errors.

6.  Privacy Considerations

   This document does not disclose any additional identities to that either
   an active or passive observer would see with [RFC7030].

7.  Security Considerations

   This document clarifies an existing security mechanism.  It does not
   create any new protocol mechanism. mechanisms.

   All security considerations from [RFC7030] also apply for to the
   clarifications described in this document.

8.  IANA Considerations

   The ASN.1 module in Appendix A of this document makes use of object
   identifiers (OIDs).  This document requests that

   IANA register has registered an OID for id-mod-est-2019 (1.3.6.1.5.5.7.0.98)
   in the SMI "SMI Security for PKIX Arc in the Module identifiers subarc
   (1.3.6.1.5.5.7.0) Identifier" registry for the
   ASN.1 module.

   The OID for the Asymmetric Decryption Key Identifier
   (1.2.840.113549.1.9.16.2.54) was previously defined in [RFC7030].
   IANA is requested to update has updated the "Reference" Reference column for the Asymmetric Decryption
   Key Identifier attribute to also include a reference to this
   document.

9.  Acknowledgements

   This work was supported by Huawei Technologies.

   The ASN.1 Module was assembled by Russ Housley and formatted by Sean
   Turner.  Russ Housley provided editorial review.

10.  References

10.1.

9.1.  Normative References

   [errata4384]
              "EST errata 4384: ASN.1 encoding error", n.d.,
              RFC Errata, Erratum ID 4384, RFC 7030,
              <https://www.rfc-editor.org/errata/eid4384>.

   [errata5107]
              "EST errata 5107: use Content-Transfer-Encoding", n.d.,
              RFC Errata, Erratum ID 5107, RFC 7030,
              <https://www.rfc-editor.org/errata/eid5107>.

   [errata5108]
              "EST errata 5108: use of Content-Type for error message",
              n.d.,
              RFC Errata, Erratum ID 5108, RFC 7030,
              <https://www.rfc-editor.org/errata/eid5108>.

   [errata5904]
              "EST errata 5904: use Content-Transfer-Encoding", n.d.,
              RFC Errata, Erratum ID 5904, RFC 7030,
              <https://www.rfc-editor.org/errata/eid5904>.

   [IEC62351] International Electrotechnical Commission, "Power systems
              management and associated information exchange - Data and
              communications security - Part 9: Cyber security key
              management for power system equipment", ISO/
              IEC 62351-9:2017, May 2017.

   [RFC2045]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part One: Format of Internet Message
              Bodies", RFC 2045, DOI 10.17487/RFC2045, November 1996,
              <https://www.rfc-editor.org/info/rfc2045>.

   [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part Two: Media Types", RFC 2046,
              DOI 10.17487/RFC2046, November 1996,
              <https://www.rfc-editor.org/info/rfc2046>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/info/rfc2119>.

   [RFC2986]  Nystrom, M. and B. Kaliski, "PKCS #10: Certification
              Request Syntax Specification Version 1.7", RFC 2986,
              DOI 10.17487/RFC2986, November 2000,
              <https://www.rfc-editor.org/info/rfc2986>.

   [RFC4648]  Josefsson, S., "The Base16, Base32, and Base64 Data
              Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006,
              <https://www.rfc-editor.org/info/rfc4648>.

   [RFC5272]  Schaad, J. and M. Myers, "Certificate Management over CMS
              (CMC)", RFC 5272, DOI 10.17487/RFC5272, June 2008,
              <https://www.rfc-editor.org/info/rfc5272>.

   [RFC5273]  Schaad, J. and M. Myers, "Certificate Management over CMS
              (CMC): Transport Protocols", RFC 5273,
              DOI 10.17487/RFC5273, June 2008,
              <https://www.rfc-editor.org/info/rfc5273>.

   [RFC5912]  Hoffman, P. and J. Schaad, "New ASN.1 Modules for the
              Public Key Infrastructure Using X.509 (PKIX)", RFC 5912,
              DOI 10.17487/RFC5912, June 2010,
              <https://www.rfc-editor.org/info/rfc5912>.

   [RFC6268]  Schaad, J. and S. Turner, "Additional New ASN.1 Modules
              for the Cryptographic Message Syntax (CMS) and the Public
              Key Infrastructure Using X.509 (PKIX)", RFC 6268,
              DOI 10.17487/RFC6268, July 2011,
              <https://www.rfc-editor.org/info/rfc6268>.

   [RFC7030]  Pritikin, M., Ed., Yee, P., Ed., and D. Harkins, Ed.,
              "Enrollment over Secure Transport", RFC 7030,
              DOI 10.17487/RFC7030, October 2013,
              <https://www.rfc-editor.org/info/rfc7030>.

   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/info/rfc8174>.

   [X.680]    ITU-T, "Information technology - -- Abstract Syntax Notation
              One.",
              One (ASN.1): Specification of basic notation", ITU-T
              Recommendation X.680, ISO/IEC 8824-1:2002, 2002. 8824-1:2015, August 2015,
              <https://www.itu.int/rec/T-REC-X.680-201508-I/en>.

   [X.681]    ITU-T, "Information technology Technology - Abstract Syntax Notation
              One:
              One (ASN.1): Information Object Specification.", ISO/
              IEC 8824-2:2002, 2002. object specification", ITU-T
              Recommendation X.681, ISO/IEC 8824-2:2015, August 2015,
              <https://www.itu.int/rec/T-REC-X.681>.

   [X.682]    ITU-T, "Information technology Technology - Abstract Syntax Notation
              One:
              One (ASN.1): Constraint Specification.", specification", ITU-T
              Recommendation X.682, ISO/IEC 8824-2:2002,
              2002. 8824-3:2015, August 2015,
              <https://www.itu.int/rec/T-REC-X.682>.

   [X.683]    ITU-T, "Information technology Technology - Abstract Syntax Notation
              One:
              One (ASN.1): Parameterization of ASN.1 Specifications.", ISO/
              IEC 8824-2:2002, 2002. specifications",
              ITU-T Recommendation X.683, ISO/IEC 8824-4:2015, August
              2015, <https://www.itu.int/rec/T-REC-X.683>.

   [X.690]    ITU-T, "Information technology Technology - ASN.1 encoding Rules: rules:
              Specification of Basic Encoding Rules (BER), Canonical
              Encoding Rules (CER) and Distinguished Encoding Rules
              (DER).",
              (DER)", ITU-T Recommendation X.690, ISO/IEC 8825-1:2002, 2002.

10.2. 8825-1:2015,
              August 2015, <https://www.itu.int/rec/T-REC-X.690>.

9.2.  Informative References

   [I-D.ietf-anima-bootstrapping-keyinfra]

   [BRSKI]    Pritikin, M., Richardson, M., M. C., Eckert, T., Behringer, M., M.
              H., and K. Watsen, "Bootstrapping Remote Secure Key
              Infrastructures (BRSKI)", draft-ietf-anima-bootstrapping-
              keyinfra-43 (work Work in progress), August 2020. Progress, Internet-
              Draft, draft-ietf-anima-bootstrapping-keyinfra-45, 11
              November 2020, <https://tools.ietf.org/html/draft-ietf-
              anima-bootstrapping-keyinfra-45>.

   [RFC2307]  Howard, L., "An Approach for Using LDAP as a Network
              Information Service", RFC 2307, DOI 10.17487/RFC2307,
              March 1998, <https://www.rfc-editor.org/info/rfc2307>.

   [RFC2616]  Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
              Masinter, L., Leach, P., and T. Berners-Lee, "Hypertext
              Transfer Protocol -- HTTP/1.1", RFC 2616,
              DOI 10.17487/RFC2616, June 1999,
              <https://www.rfc-editor.org/info/rfc2616>.

   [RFC2985]  Nystrom, M. and B. Kaliski, "PKCS #9: Selected Object
              Classes and Attribute Types Version 2.0", RFC 2985,
              DOI 10.17487/RFC2985, November 2000,
              <https://www.rfc-editor.org/info/rfc2985>.

   [RFC7230]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
              Protocol (HTTP/1.1): Message Syntax and Routing",
              RFC 7230, DOI 10.17487/RFC7230, June 2014,
              <https://www.rfc-editor.org/info/rfc7230>.

   [RFC7231]  Fielding, R., Ed. and J. Reschke, Ed., "Hypertext Transfer
              Protocol (HTTP/1.1): Semantics and Content", RFC 7231,
              DOI 10.17487/RFC7231, June 2014,
              <https://www.rfc-editor.org/info/rfc7231>.

Appendix A.  ASN.1 Module

   This annex provides the normative ASN.1 definitions for the
   structures described in this specification using ASN.1 as defined in
   [X.680], [X.681], [X.682] [X.682], and [X.683].

   The ASN.1 modules makes imports from the ASN.1 modules in [RFC5912]
   and [RFC6268].

   There is no ASN.1 Module in RFC 7030. [RFC7030].  This module has been created
   by combining the lines that are contained in the document body.

   PKIXEST-2019
        { iso(1) identified-organization(3) dod(6)
          internet(1) security(5) mechanisms(5) pkix(7)
          id-mod(0)
         id-mod-est-2019(TBD) id-mod-est-2019(98) }

   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   -- EXPORTS ALL --

   IMPORTS

   Attribute
   FROM CryptographicMessageSyntax-2010  -- [RFC6268]
         { iso(1) member-body(2) us(840) rsadsi(113549)
           pkcs(1) pkcs-9(9) smime(16) modules(0)
            id-mod-cms-2009(58) }

   ATTRIBUTE
   FROM PKIX-CommonTypes-2009 -- [RFC5912]
       { iso(1) identified-organization(3) dod(6) internet(1)
         security(5) mechanisms(5) pkix(7) id-mod(0)
         id-mod-pkixCommon-02(57) } ;

   -- CSR Attributes

   CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOID

   AttrOrOID ::= CHOICE {
      oid        OBJECT IDENTIFIER,
      attribute  Attribute {{AttrSet}} }

   AttrSet ATTRIBUTE ::= { ... }

   -- Asymmetric Decrypt Key Identifier Attribute

   aa-asymmDecryptKeyID ATTRIBUTE ::=
       { TYPE AsymmetricDecryptKeyIdentifier
         IDENTIFIED BY id-aa-asymmDecryptKeyID }

   id-aa-asymmDecryptKeyID OBJECT IDENTIFIER ::= { iso(1)
       member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
       smime(16) aa(2) 54 }

   AsymmetricDecryptKeyIdentifier ::= OCTET STRING

   END

Acknowledgements

   Huawei Technologies supported the efforts of Wei Pan and Michael
   Richardson.

   The ASN.1 Module was assembled by Russ Housley and formatted by Sean
   Turner.  Russ Housley provided editorial review.

Authors' Addresses

   Michael Richardson
   Sandelman Software Works

   Email: mcr+ietf@sandelman.ca

   Thomas Werner
   Siemens

   Email: thomas-werner@siemens.com

   Wei Pan
   Huawei Technologies

   Email: william.panwei@huawei.com