X-Git-Url: https://git.openssl.org/?p=openssl.git;a=blobdiff_plain;f=doc%2Fstandards.txt;h=691fafeddee8424cf68fd339d7f13fc1a43242ca;hp=596d9001e64f8b4c2dad736a466797db21af61b9;hb=63a3c45582670f1f2d8e0df3835e9bd81c34d137;hpb=1d833a9910165a4a1ef73eb1d4ec89d2135a74b9 diff --git a/doc/standards.txt b/doc/standards.txt index 596d9001e6..691fafedde 100644 --- a/doc/standards.txt +++ b/doc/standards.txt @@ -1,130 +1,168 @@ Standards related to OpenSSL ============================ -[Please, this is currently a draft. I made a first try at finding - documents that describe parts of what OpenSSL implements. There are - big gaps, and I've most certainly done something wrong. Please - correct whatever is... Also, this note should be removed when this - file is reaching a somewhat correct state. -- Richard Levitte] +This is a work in progress. These are documents that describe things that +are implemented (in whole or at least great parts) in OpenSSL. +To search for RFCs, you can start at https://www.ietf.org/rfc.html -All pointers in here will be either URL's or blobs of text borrowed -from miscellaneous indexes, like rfc-index.txt (index of RFCs), -1id-index.txt (index of Internet drafts) and the like. +To search for internet-drafts, you can start at https://www.ietf.org/id-info/ -To find the latest possible RFCs, it's recommended to either browse -ftp://ftp.isi.edu/in-notes/ or go to http://www.rfc-editor.org/ and -use the search mechanism found there. -To find the latest possible Internet drafts, it's recommended to -browse ftp://ftp.isi.edu/internet-drafts/. -To find the latest possible PKCS, it's recommended to browse -http://www.rsasecurity.com/rsalabs/pkcs/. +Many PKCS standards are now RFC's; PKCS#11 is now at Oasis and can be +found at https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=pkcs11 -Implemented: ------------- +Implemented +----------- -These are documents that describe things that are implemented (in -whole or at least great parts) in OpenSSL. +PKCS#8: Private-Key Information Syntax Standard -1319 The MD2 Message-Digest Algorithm. B. Kaliski. April 1992. - (Format: TXT=25661 bytes) (Status: INFORMATIONAL) +PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. -1320 The MD4 Message-Digest Algorithm. R. Rivest. April 1992. (Format: - TXT=32407 bytes) (Status: INFORMATIONAL) +1319 The MD2 Message-Digest Algorithm -1321 The MD5 Message-Digest Algorithm. R. Rivest. April 1992. (Format: - TXT=35222 bytes) (Status: INFORMATIONAL) +1320 The MD4 Message-Digest Algorithm -2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999. - (Format: TXT=170401 bytes) (Status: PROPOSED STANDARD) +1321 The MD5 Message-Digest Algorithm -2268 A Description of the RC2(r) Encryption Algorithm. R. Rivest. - January 1998. (Format: TXT=19048 bytes) (Status: INFORMATIONAL) +2246 The TLS Protocol Version 1 -2314 PKCS 10: Certification Request Syntax Version 1.5. B. Kaliski. - March 1998. (Format: TXT=15814 bytes) (Status: INFORMATIONAL) +2268 A Description of the RC2(r) Encryption Algorithm -2315 PKCS 7: Cryptographic Message Syntax Version 1.5. B. Kaliski. - March 1998. (Format: TXT=69679 bytes) (Status: INFORMATIONAL) +2315 PKCS 7: Cryptographic Message Syntax Version 1.5 -2437 PKCS #1: RSA Cryptography Specifications Version 2.0. B. Kaliski, - J. Staddon. October 1998. (Format: TXT=73529 bytes) (Obsoletes - RFC2313) (Status: INFORMATIONAL) +2560 X.509 Internet Public Key Infrastructure Online Certificate + Status Protocol - OCSP -2459 Internet X.509 Public Key Infrastructure Certificate and CRL - Profile. R. Housley, W. Ford, W. Polk, D. Solo. January 1999. - (Format: TXT=278438 bytes) (Status: PROPOSED STANDARD) +2712 Addition of Kerberos Cipher Suites to Transport Layer Security + (TLS) -PKCS#8: Private-Key Information Syntax Standard +2898 PKCS #5: Password-Based Cryptography Specification Version 2.0 -PKCS#12: Personal Information Exchange Syntax Standard, version 1.0. +2986 PKCS #10: Certification Request Syntax Specification Version 1.7 -2560 X.509 Internet Public Key Infrastructure Online Certificate - Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, - C. Adams. June 1999. (Format: TXT=43243 bytes) (Status: PROPOSED - STANDARD) +3161 Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP) + +3174 US Secure Hash Algorithm 1 (SHA1) + +3268 Advanced Encryption Standard (AES) Ciphersuites for Transport + Layer Security (TLS) + +3279 Algorithms and Identifiers for the Internet X.509 Public Key + Infrastructure Certificate and Certificate Revocation List (CRL) + Profile +3280 Internet X.509 Public Key Infrastructure Certificate and + Certificate Revocation List (CRL) Profile -Related: --------- +3447 Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography + Specifications Version 2.1 + +3713 A Description of the Camellia Encryption Algorithm + +3820 Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate + Profile + +4132 Addition of Camellia Cipher Suites to Transport Layer Security + (TLS) + +4162 Addition of SEED Cipher Suites to Transport Layer Security (TLS) + +4269 The SEED Encryption Algorithm + + +Related +------- These are documents that are close to OpenSSL, for example the STARTTLS documents. 1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message - Encryption and Authentication Procedures. J. Linn. February 1993. - (Format: TXT=103894 bytes) (Obsoletes RFC1113) (Status: PROPOSED - STANDARD) + Encryption and Authentication Procedures 1422 Privacy Enhancement for Internet Electronic Mail: Part II: - Certificate-Based Key Management. S. Kent. February 1993. (Format: - TXT=86085 bytes) (Obsoletes RFC1114) (Status: PROPOSED STANDARD) + Certificate-Based Key Management 1423 Privacy Enhancement for Internet Electronic Mail: Part III: - Algorithms, Modes, and Identifiers. D. Balenson. February 1993. - (Format: TXT=33277 bytes) (Obsoletes RFC1115) (Status: PROPOSED - STANDARD) + Algorithms, Modes, and Identifiers 1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key - Certification and Related Services. B. Kaliski. February 1993. - (Format: TXT=17537 bytes) (Status: PROPOSED STANDARD) + Certification and Related Services + +2025 The Simple Public-Key GSS-API Mechanism (SPKM) + +2510 Internet X.509 Public Key Infrastructure Certificate Management + Protocols + +2511 Internet X.509 Certificate Request Message Format -2256 A Summary of the X.500(96) User Schema for use with LDAPv3. M. - Wahl. December 1997. (Format: TXT=32377 bytes) (Status: PROPOSED - STANDARD) +2527 Internet X.509 Public Key Infrastructure Certificate Policy and + Certification Practices Framework -2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. - January 1999. (Format: TXT=15120 bytes) (Status: PROPOSED STANDARD) +2538 Storing Certificates in the Domain Name System (DNS) + +2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS) + +2559 Internet X.509 Public Key Infrastructure Operational Protocols - + LDAPv2 2585 Internet X.509 Public Key Infrastructure Operational Protocols: - FTP and HTTP. R. Housley, P. Hoffman. May 1999. (Format: TXT=14813 - bytes) (Status: PROPOSED STANDARD) + FTP and HTTP -2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. - (Format: TXT=32440 bytes) (Status: PROPOSED STANDARD) +2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema -2712 Addition of Kerberos Cipher Suites to Transport Layer Security - (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) - (Status: PROPOSED STANDARD) +2595 Using TLS with IMAP, POP3 and ACAP -2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May - 2000. (Format: TXT=27598 bytes) (Updates RFC2616) (Status: PROPOSED - STANDARD) +2631 Diffie-Hellman Key Agreement Method -2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) - (Status: INFORMATIONAL) +2632 S/MIME Version 3 Certificate Handling - "Securing FTP with TLS", 01/27/2000, - +2716 PPP EAP TLS Authentication Protocol -To be implemented: ------------------- +2797 Certificate Management Messages over CMS -These are documents that describe things that are planed to be -implemented in the hopefully short future. +2817 Upgrading to TLS Within HTTP/1.1 -2712 Addition of Kerberos Cipher Suites to Transport Layer Security - (TLS). A. Medvinsky, M. Hur. October 1999. (Format: TXT=13763 bytes) - (Status: PROPOSED STANDARD) +2818 HTTP Over TLS + +2984 Use of the CAST-128 Encryption Algorithm in CMS + +2985 PKCS #9: Selected Object Classes and Attribute Types Version 2.0 + +3029 Internet X.509 Public Key Infrastructure Data Validation and + Certification Server Protocols + +3039 Internet X.509 Public Key Infrastructure Qualified Certificates + Profile + +3058 Use of the IDEA Encryption Algorithm in CMS + +3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol + (TSP) + +3185 Reuse of CMS Content Encryption Keys + +3207 SMTP Service Extension for Secure SMTP over Transport Layer + Security + +3217 Triple-DES and RC2 Key Wrapping + +3274 Compressed Data Content Type for Cryptographic Message Syntax + (CMS) + +3278 Use of Elliptic Curve Cryptography (ECC) Algorithms in + Cryptographic Message Syntax (CMS) + +3281 An Internet Attribute Certificate Profile for Authorization + +3369 Cryptographic Message Syntax (CMS) + +3370 Cryptographic Message Syntax (CMS) Algorithms + +3394 Advanced Encryption Standard (AES) Key Wrap Algorithm + +3436 Transport Layer Security over Stream Control Transmission + Protocol +3657 Use of the Camellia Encryption Algorithm in Cryptographic + Message Syntax (CMS)