tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Gloss.     Arch.     IMS     UICC    |    Misc.    |    search     info

RFC 5934

 
 
 

Trust Anchor Management Protocol (TAMP)

Part 4 of 4, p. 61 to 91
Prev RFC Part

 


prevText      Top      Up      ToC       Page 61 
Appendix A.  ASN.1 Modules

   Appendix A.1 provides the normative ASN.1 definitions for the
   structures described in this specification using ASN.1 as defined in
   [X.680].  Appendix A.2 provides a module using ASN.1 as defined in
   [X.208].  The module in Appendix A.2 removes usage of newer ASN.1
   features that provide support for limiting the types of elements that
   may appear in certain SEQUENCE and SET constructions.  Otherwise, the
   modules are compatible in terms of encoded representation, i.e., the
   modules are bits-on-the-wire compatible aside from the limitations on
   SEQUENCE and SET constituents.  Extension markers are not used due to
   lack of support in [X.208].  Appendix A.2 is included as a courtesy
   to developers using ASN.1 compilers that do not support current
   ASN.1.  Appendix A.1 includes definitions imported from [RFC5280],
   [RFC5912], and [RFC5914].

A.1.  ASN.1 Module Using 1993 Syntax

   TAMP-Protocol-v2
   { joint-iso-ccitt(2) country(16) us(840) organization(1)
     gov(101) dod(2) infosec(1) modules(0) 30 }

   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   IMPORTS
   TrustAnchorChoice, TrustAnchorTitle, CertPathControls
   FROM TrustAnchorInfoModule
      { joint-iso-ccitt(2) country(16) us(840)
      organization(1) gov(101) dod(2) infosec(1)
      modules(0) 33 }
   AlgorithmIdentifier{}, SIGNATURE-ALGORITHM, KEY-WRAP
   FROM AlgorithmInformation-2009
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-algorithmInformation-02(58)}
   Certificate, Name, TBSCertificate,
   CertificateSerialNumber, Validity, SubjectPublicKeyInfo
   FROM PKIX1Explicit-2009 -- from [RFC5912]
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkix1-explicit-02(51)}
   KeyIdentifier, OTHER-NAME
   FROM PKIX1Implicit-2009 -- from [RFC5912]
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkix1-implicit-02(59)}
   EXTENSION, Extensions {}, ATTRIBUTE, SingleAttribute{}

Top      Up      ToC       Page 62 
   FROM PKIX-CommonTypes-2009 -- from [RFC5912]
      { iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkixCommon-02(57) }         ;

   -- Object Identifier Arc for TAMP Message Content Types

   id-tamp OBJECT IDENTIFIER ::= {
   joint-iso-ccitt(2) country(16) us(840) organization(1)
   gov(101) dod(2) infosec(1) formats(2) 77 }

   SupportedSigAlgorithms SIGNATURE-ALGORITHM ::= {
      -- add any locally defined algorithms here
      ...
   }

   SupportedWrapAlgorithms KEY-WRAP ::= {
      -- add any locally defined algorithms here
      ...
   }

   -- CMS Content Types

   CONTENT-TYPE  ::= TYPE-IDENTIFIER

   TAMPContentTypes CONTENT-TYPE  ::= {
     tamp-status-query |
     tamp-status-response |
     tamp-update |
     tamp-update-confirm |
     tamp-apex-update |
     tamp-apex-update-confirm |
     tamp-community-update |
     tamp-community-update-confirm |
     tamp-sequence-number-adjust |
     tamp-sequence-number-adjust-confirm |
     tamp-error,
     ... -- Expect additional content types --
     }

   -- TAMP Status Query Message
   tamp-status-query CONTENT-TYPE  ::=
     { TAMPStatusQuery IDENTIFIED BY id-ct-TAMP-statusQuery }

   id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }

Top      Up      ToC       Page 63 
   TAMPStatusQuery ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     query           TAMPMsgRef }

   TAMPVersion ::= INTEGER { v1(1), v2(2) }

   TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }

   SeqNumber ::= INTEGER (0..9223372036854775807)

   TAMPMsgRef ::= SEQUENCE {
     target          TargetIdentifier,
     seqNum          SeqNumber }

   TargetIdentifier ::= CHOICE {
     hwModules    [1] HardwareModuleIdentifierList,
     communities  [2] CommunityIdentifierList,
     allModules   [3] NULL,
     uri          [4] IA5String,
     otherName    [5] INSTANCE OF OTHER-NAME }

   HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
                                     HardwareModules

   HardwareModules ::= SEQUENCE {
     hwType          OBJECT IDENTIFIER,
     hwSerialEntries SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }

   HardwareSerialEntry ::= CHOICE {
     all             NULL,
     single          OCTET STRING,
     block           SEQUENCE {
       low             OCTET STRING,
       high            OCTET STRING } }

   CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community

   Community ::= OBJECT IDENTIFIER

   -- TAMP Status Response Message

   tamp-status-response CONTENT-TYPE  ::=
     { TAMPStatusResponse IDENTIFIED BY id-ct-TAMP-statusResponse }

   id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }

Top      Up      ToC       Page 64 
   TAMPStatusResponse ::= SEQUENCE {
     version   [0] TAMPVersion DEFAULT v2,
     query     TAMPMsgRef,
     response  StatusResponse,
     usesApex  BOOLEAN DEFAULT TRUE }

   StatusResponse ::= CHOICE {
     terseResponse         [0] TerseStatusResponse,
     verboseResponse       [1] VerboseStatusResponse }

   TerseStatusResponse ::= SEQUENCE {
     taKeyIds              KeyIdentifiers,
     communities           CommunityIdentifierList OPTIONAL }

   KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier

   VerboseStatusResponse ::= SEQUENCE {
     taInfo                 TrustAnchorChoiceList,
     continPubKeyDecryptAlg [0] AlgorithmIdentifier
                   {KEY-WRAP, {SupportedWrapAlgorithms}} OPTIONAL,
     communities            [1] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [2] TAMPSequenceNumbers OPTIONAL }

   TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
        TrustAnchorChoice

   TAMPSequenceNumber ::= SEQUENCE {
     keyId       KeyIdentifier,
     seqNumber   SeqNumber }

   TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF TAMPSequenceNumber

   -- Trust Anchor Update Message

   tamp-update CONTENT-TYPE  ::=
     { TAMPUpdate IDENTIFIED BY id-ct-TAMP-update }

   id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }

   TAMPUpdate ::= SEQUENCE {
     version  [0] TAMPVersion DEFAULT v2,
     terse    [1] TerseOrVerbose DEFAULT verbose,
     msgRef   TAMPMsgRef,
     updates  SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
     tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }

Top      Up      ToC       Page 65 
   TrustAnchorUpdate ::= CHOICE {
     add             [1] TrustAnchorChoice,
     remove          [2] SubjectPublicKeyInfo,
     change          [3] EXPLICIT TrustAnchorChangeInfoChoice }

   TrustAnchorChangeInfoChoice ::= CHOICE {
     tbsCertChange  [0] TBSCertificateChangeInfo,
     taChange       [1] TrustAnchorChangeInfo }

   TBSCertificateChangeInfo  ::=  SEQUENCE  {
     serialNumber         CertificateSerialNumber OPTIONAL,
     signature            [0] AlgorithmIdentifier
             {SIGNATURE-ALGORITHM, {SupportedSigAlgorithms}} OPTIONAL,
     issuer               [1] Name OPTIONAL,
     validity             [2] Validity OPTIONAL,
     subject              [3] Name OPTIONAL,
     subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
     exts                 [5] EXPLICIT Extensions{{...}} OPTIONAL }

   TrustAnchorChangeInfo ::= SEQUENCE {
     pubKey          SubjectPublicKeyInfo,
     keyId           KeyIdentifier OPTIONAL,
     taTitle         TrustAnchorTitle OPTIONAL,
     certPath        CertPathControls OPTIONAL,
     exts            [1] Extensions{{...}} OPTIONAL }

   -- Trust Anchor Update Confirm Message

   tamp-update-confirm CONTENT-TYPE  ::=
     { TAMPUpdateConfirm IDENTIFIED BY id-ct-TAMP-updateConfirm }

   id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }

   TAMPUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     update                TAMPMsgRef,
     confirm               UpdateConfirm }

   UpdateConfirm ::= CHOICE {
     terseConfirm          [0] TerseUpdateConfirm,
     verboseConfirm        [1] VerboseUpdateConfirm }

   TerseUpdateConfirm ::= StatusCodeList

   StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode

Top      Up      ToC       Page 66 
   VerboseUpdateConfirm ::= SEQUENCE {
     status          StatusCodeList,
     taInfo          TrustAnchorChoiceList,
     tampSeqNumbers  TAMPSequenceNumbers OPTIONAL,
     usesApex        BOOLEAN DEFAULT TRUE }

   -- Apex Trust Anchor Update Message

   tamp-apex-update CONTENT-TYPE  ::=
       { TAMPApexUpdate IDENTIFIED BY id-ct-TAMP-apexUpdate }

   id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }

   TAMPApexUpdate ::= SEQUENCE {
     version            [0] TAMPVersion DEFAULT v2,
     terse              [1] TerseOrVerbose DEFAULT verbose,
     msgRef             TAMPMsgRef,
     clearTrustAnchors  BOOLEAN,
     clearCommunities   BOOLEAN,
     seqNumber          SeqNumber OPTIONAL,
     apexTA             TrustAnchorChoice }

   -- Apex Trust Anchor Update Confirm Message

   tamp-apex-update-confirm CONTENT-TYPE  ::=
     { TAMPApexUpdateConfirm IDENTIFIED BY
         id-ct-TAMP-apexUpdateConfirm }

   id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }

   TAMPApexUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     apexReplace           TAMPMsgRef,
     apexConfirm           ApexUpdateConfirm }

   ApexUpdateConfirm ::= CHOICE {
     terseApexConfirm      [0] TerseApexUpdateConfirm,
     verboseApexConfirm    [1] VerboseApexUpdateConfirm }

   TerseApexUpdateConfirm ::= StatusCode

   VerboseApexUpdateConfirm ::= SEQUENCE {
     status                  StatusCode,
     taInfo                  TrustAnchorChoiceList,
     communities            [0] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [1] TAMPSequenceNumbers OPTIONAL }

Top      Up      ToC       Page 67 
   -- Community Update Message

   tamp-community-update CONTENT-TYPE  ::=
     { TAMPCommunityUpdate IDENTIFIED BY id-ct-TAMP-communityUpdate }

   id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }

   TAMPCommunityUpdate ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     msgRef          TAMPMsgRef,
     updates         CommunityUpdates }

   CommunityUpdates ::= SEQUENCE {
     remove       [1] CommunityIdentifierList OPTIONAL,
     add          [2] CommunityIdentifierList OPTIONAL }
     -- At least one must be present

   -- Community Update Confirm Message

   tamp-community-update-confirm CONTENT-TYPE  ::=
     { TAMPCommunityUpdateConfirm IDENTIFIED BY
       id-ct-TAMP-communityUpdateConfirm }

   id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::=
     { id-tamp 8 }

   TAMPCommunityUpdateConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     update          TAMPMsgRef,
     commConfirm     CommunityConfirm }

   CommunityConfirm ::= CHOICE {
     terseCommConfirm      [0] TerseCommunityConfirm,
     verboseCommConfirm    [1] VerboseCommunityConfirm }

   TerseCommunityConfirm ::= StatusCode

   VerboseCommunityConfirm ::= SEQUENCE {
     status          StatusCode,
     communities     CommunityIdentifierList OPTIONAL }

   -- Sequence Number Adjust Message

   tamp-sequence-number-adjust CONTENT-TYPE  ::=
     { SequenceNumberAdjust IDENTIFIED BY id-ct-TAMP-seqNumAdjust }

   id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }

Top      Up      ToC       Page 68 
   SequenceNumberAdjust ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,

     msgRef          TAMPMsgRef }

   -- Sequence Number Adjust Confirm Message

   tamp-sequence-number-adjust-confirm CONTENT-TYPE  ::=
     { SequenceNumberAdjustConfirm IDENTIFIED BY
       id-ct-TAMP-seqNumAdjustConfirm }

   id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::= { id-tamp 11 }

   SequenceNumberAdjustConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     adjust          TAMPMsgRef,
     status          StatusCode }

   -- TAMP Error Message

   tamp-error CONTENT-TYPE  ::=
     { TAMPError IDENTIFIED BY id-ct-TAMP-error }

   id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }

   TAMPError ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     msgType         OBJECT IDENTIFIER,
     status          StatusCode,
     msgRef          TAMPMsgRef OPTIONAL }

   -- Status Codes

   StatusCode ::= ENUMERATED {
     success                            (0),
     decodeFailure                      (1),
     badContentInfo                     (2),
     badSignedData                      (3),
     badEncapContent                    (4),
     badCertificate                     (5),
     badSignerInfo                      (6),
     badSignedAttrs                     (7),
     badUnsignedAttrs                   (8),
     missingContent                     (9),
     noTrustAnchor                     (10),
     notAuthorized                     (11),
     badDigestAlgorithm                (12),
     badSignatureAlgorithm             (13),

Top      Up      ToC       Page 69 
     unsupportedKeySize                (14),
     unsupportedParameters             (15),
     signatureFailure                  (16),
     insufficientMemory                (17),
     unsupportedTAMPMsgType            (18),
     apexTAMPAnchor                    (19),
     improperTAAddition                (20),
     seqNumFailure                     (21),
     contingencyPublicKeyDecrypt       (22),
     incorrectTarget                   (23),
     communityUpdateFailed             (24),
     trustAnchorNotFound               (25),
     unsupportedTAAlgorithm            (26),
     unsupportedTAKeySize              (27),
     unsupportedContinPubKeyDecryptAlg (28),
     missingSignature                  (29),
     resourcesBusy                     (30),
     versionNumberMismatch             (31),
     missingPolicySet                  (32),
     revokedCertificate                (33),
     unsupportedTrustAnchorFormat      (34),
     improperTAChange                  (35),
     malformed                         (36),
     cmsError                          (37),
     unsupportedTargetIdentifier       (38),
     other                            (127) }

   -- Object Identifier Arc for Attributes

   id-attributes OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
     us(840) organization(1) gov(101) dod(2) infosec(1) 5 }

   -- TAMP Unsigned Attributes
   -- These attributes are unsigned attributes and go into the
   --    UnsignedAttributes set in [RFC5652]

   TAMPUnsignedAttributes ATTRIBUTE ::= {
     contingency-public-key-decrypt-key,
     ... -- Expect additional attributes --
     }

   -- contingency-public-key-decrypt-key unsigned attribute

   contingency-public-key-decrypt-key ATTRIBUTE ::= {
     TYPE PlaintextSymmetricKey IDENTIFIED BY
     id-aa-TAMP-contingencyPublicKeyDecryptKey }

Top      Up      ToC       Page 70 
   id-aa-TAMP-contingencyPublicKeyDecryptKey OBJECT IDENTIFIER ::= {
     id-attributes 63 }

   PlaintextSymmetricKey ::= OCTET STRING

   -- id-pe-wrappedApexContinKey extension

   wrappedApexContinKey EXTENSION ::= {
        SYNTAX         ApexContingencyKey
        IDENTIFIED BY  id-pe-wrappedApexContinKey }

   id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) pe(1) 20 }

   ApexContingencyKey ::= SEQUENCE {
     wrapAlgorithm
         AlgorithmIdentifier{KEY-WRAP, {SupportedWrapAlgorithms}},
     wrappedContinPubKey  OCTET STRING }

   END

A.2.  ASN.1 Module Using 1988 Syntax

   TAMP-Protocol-v2-88
      { joint-iso-ccitt(2) country(16) us(840) organization(1)
        gov(101) dod(2) infosec(1) modules(0) 31 }

   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   IMPORTS
     TrustAnchorChoice, TrustAnchorTitle, CertPathControls
     FROM TrustAnchorInfoModule-88 -- from [RFC5914]
          { joint-iso-ccitt(2) country(16) us(840) organization(1)
            gov(101) dod(2) infosec(1) modules(0) 37 }
     AlgorithmIdentifier, Certificate, Name, Attribute, TBSCertificate,
     SubjectPublicKeyInfo, CertificateSerialNumber, Validity, Extensions
       FROM PKIX1Explicit88 -- from [RFC5280]
         { iso(1) identified-organization(3) dod(6) internet(1)
           security(5) mechanisms(5) pkix(7) id-mod(0)
           id-pkix1-explicit(18) }
     KeyIdentifier, AnotherName
       FROM PKIX1Implicit88 -- from [RFC5280]
         { iso(1) identified-organization(3) dod(6) internet(1)
           security(5) mechanisms(5) pkix(7) id-mod(0)
           id-pkix1-implicit(19) } ;

Top      Up      ToC       Page 71 
   -- Object Identifier Arc for TAMP Message Content Types

   id-tamp OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
   us(840) organization(1) gov(101) dod(2) infosec(1) formats(2) 77 }

   -- CMS Content Types

   -- TAMP Status Query Message

   id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }

   TAMPStatusQuery ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     query           TAMPMsgRef }

   TAMPVersion ::= INTEGER { v1(1), v2(2) }

   TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }

   SeqNumber ::= INTEGER (0..9223372036854775807)

   TAMPMsgRef ::= SEQUENCE {
     target          TargetIdentifier,
     seqNum          SeqNumber }

   TargetIdentifier ::= CHOICE {
     hwModules    [1] HardwareModuleIdentifierList,
     communities  [2] CommunityIdentifierList,
     allModules   [3] NULL,
     uri          [4] IA5String,
     otherName    [5] AnotherName }

   HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
                                     HardwareModules

   HardwareModules ::= SEQUENCE {
     hwType          OBJECT IDENTIFIER,
     hwSerialEntries SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }

   HardwareSerialEntry ::= CHOICE {
     all             NULL,
     single          OCTET STRING,
     block           SEQUENCE {
       low             OCTET STRING,
       high            OCTET STRING } }

Top      Up      ToC       Page 72 
   CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community

   Community ::= OBJECT IDENTIFIER

   -- TAMP Status Response Message

   id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }

   TAMPStatusResponse ::= SEQUENCE {
     version   [0] TAMPVersion DEFAULT v2,
     query     TAMPMsgRef,
     response  StatusResponse,
     usesApex  BOOLEAN DEFAULT TRUE }

   StatusResponse ::= CHOICE {
     terseResponse         [0] TerseStatusResponse,
     verboseResponse       [1] VerboseStatusResponse }

   TerseStatusResponse ::= SEQUENCE {
     taKeyIds              KeyIdentifiers,
     communities           CommunityIdentifierList OPTIONAL }

   KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier

   VerboseStatusResponse ::= SEQUENCE {
     taInfo                 TrustAnchorChoiceList,
     continPubKeyDecryptAlg [0] AlgorithmIdentifier OPTIONAL,
     communities            [1] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [2] TAMPSequenceNumbers OPTIONAL }

   TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
        TrustAnchorChoice

   TAMPSequenceNumber ::= SEQUENCE {
     keyId       KeyIdentifier,
     seqNumber   SeqNumber }

   TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF
        TAMPSequenceNumber

   -- Trust Anchor Update Message

   id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }

Top      Up      ToC       Page 73 
   TAMPUpdate ::= SEQUENCE {
     version  [0] TAMPVersion DEFAULT v2,
     terse    [1] TerseOrVerbose DEFAULT verbose,
     msgRef   TAMPMsgRef,
     updates  SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
     tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }

   TrustAnchorUpdate ::= CHOICE {
     add             [1] TrustAnchorChoice,
     remove          [2] SubjectPublicKeyInfo,
     change          [3] EXPLICIT TrustAnchorChangeInfoChoice }

   TrustAnchorChangeInfoChoice ::= CHOICE {
     tbsCertChange [0] TBSCertificateChangeInfo,
     taChange      [1] TrustAnchorChangeInfo }

   TBSCertificateChangeInfo  ::=  SEQUENCE  {
     serialNumber         CertificateSerialNumber OPTIONAL,
     signature            [0] AlgorithmIdentifier OPTIONAL,
     issuer               [1] Name OPTIONAL,
     validity             [2] Validity OPTIONAL,
     subject              [3] Name OPTIONAL,
     subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
     exts                 [5] EXPLICIT Extensions OPTIONAL }

   TrustAnchorChangeInfo ::= SEQUENCE {
     pubKey          SubjectPublicKeyInfo,
     keyId           KeyIdentifier OPTIONAL,
     taTitle         TrustAnchorTitle OPTIONAL,
     certPath        CertPathControls OPTIONAL,
     exts            [1] Extensions OPTIONAL }

   -- Trust Anchor Update Confirm Message

   id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }

   TAMPUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     update                TAMPMsgRef,
     confirm               UpdateConfirm }

   UpdateConfirm ::= CHOICE {
     terseConfirm          [0] TerseUpdateConfirm,
     verboseConfirm        [1] VerboseUpdateConfirm }

   TerseUpdateConfirm ::= StatusCodeList

   StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode

Top      Up      ToC       Page 74 
   VerboseUpdateConfirm ::= SEQUENCE {
     status          StatusCodeList,
     taInfo          TrustAnchorChoiceList,
     tampSeqNumbers  TAMPSequenceNumbers OPTIONAL,
     usesApex        BOOLEAN DEFAULT TRUE }

   -- Apex Trust Anchor Update Message

   id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }

   TAMPApexUpdate ::= SEQUENCE {
     version            [0] TAMPVersion DEFAULT v2,
     terse              [1] TerseOrVerbose DEFAULT verbose,
     msgRef             TAMPMsgRef,
     clearTrustAnchors  BOOLEAN,
     clearCommunities   BOOLEAN,
     seqNumber          SeqNumber OPTIONAL,
     apexTA             TrustAnchorChoice }

   -- Apex Trust Anchor Update Confirm Message

   id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }

   TAMPApexUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     apexReplace           TAMPMsgRef,
     apexConfirm           ApexUpdateConfirm }

   ApexUpdateConfirm ::= CHOICE {
     terseApexConfirm      [0] TerseApexUpdateConfirm,
     verboseApexConfirm    [1] VerboseApexUpdateConfirm }

   TerseApexUpdateConfirm ::= StatusCode

   VerboseApexUpdateConfirm ::= SEQUENCE {
     status                  StatusCode,
     taInfo                  TrustAnchorChoiceList,
     communities            [0] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [1] TAMPSequenceNumbers OPTIONAL }

   -- Community Update Message

   id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }

Top      Up      ToC       Page 75 
   TAMPCommunityUpdate ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     msgRef          TAMPMsgRef,
     updates         CommunityUpdates }

   CommunityUpdates ::= SEQUENCE {
     remove          [1] CommunityIdentifierList OPTIONAL,
     add             [2] CommunityIdentifierList OPTIONAL }
     -- At least one must be present

   -- Community Update Confirm Message

   id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 8 }

   TAMPCommunityUpdateConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     update          TAMPMsgRef,
     commConfirm     CommunityConfirm }

   CommunityConfirm ::= CHOICE {
     terseCommConfirm      [0] TerseCommunityConfirm,
     verboseCommConfirm    [1] VerboseCommunityConfirm }

   TerseCommunityConfirm ::= StatusCode

   VerboseCommunityConfirm ::= SEQUENCE {
     status          StatusCode,
     communities     CommunityIdentifierList OPTIONAL }

   -- Sequence Number Adjust Message

   id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }

   SequenceNumberAdjust ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     msgRef          TAMPMsgRef }

   -- Sequence Number Adjust Confirm Message

   id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::= { id-tamp 11 }

   SequenceNumberAdjustConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     adjust          TAMPMsgRef,
     status          StatusCode }

Top      Up      ToC       Page 76 
   -- TAMP Error Message

   id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }

   TAMPError ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     msgType         OBJECT IDENTIFIER,
     status          StatusCode,
     msgRef          TAMPMsgRef OPTIONAL }

   -- Status Codes

   StatusCode ::= ENUMERATED {
     success                            (0),
     decodeFailure                      (1),
     badContentInfo                     (2),
     badSignedData                      (3),
     badEncapContent                    (4),
     badCertificate                     (5),
     badSignerInfo                      (6),
     badSignedAttrs                     (7),
     badUnsignedAttrs                   (8),
     missingContent                     (9),
     noTrustAnchor                     (10),
     notAuthorized                     (11),
     badDigestAlgorithm                (12),
     badSignatureAlgorithm             (13),
     unsupportedKeySize                (14),
     unsupportedParameters             (15),
     signatureFailure                  (16),
     insufficientMemory                (17),
     unsupportedTAMPMsgType            (18),
     apexTAMPAnchor                    (19),
     improperTAAddition                (20),
     seqNumFailure                     (21),
     contingencyPublicKeyDecrypt       (22),
     incorrectTarget                   (23),
     communityUpdateFailed             (24),
     trustAnchorNotFound               (25),
     unsupportedTAAlgorithm            (26),
     unsupportedTAKeySize              (27),
     unsupportedContinPubKeyDecryptAlg (28),
     missingSignature                  (29),
     resourcesBusy                     (30),
     versionNumberMismatch             (31),
     missingPolicySet                  (32),
     revokedCertificate                (33),
     unsupportedTrustAnchorFormat      (34),

Top      Up      ToC       Page 77 
     improperTAChange                  (35),
     malformed                         (36),
     cmsError                          (37),
     unsupportedTargetIdentifier       (38),
     other                            (127) }

   -- Object Identifier Arc for Attributes

   id-attributes OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
       us(840) organization(1) gov(101) dod(2) infosec(1) 5 }

   -- id-aa-TAMP-contingencyPublicKeyDecryptKey uses
   -- PlaintextSymmetricKey syntax
   id-aa-TAMP-contingencyPublicKeyDecryptKey OBJECT IDENTIFIER ::= {
     id-attributes 63 }

   PlaintextSymmetricKey ::= OCTET STRING

   -- id-pe-wrappedApexContinKey extension

   id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) pe(1) 20 }

   ApexContingencyKey ::= SEQUENCE {
     wrapAlgorithm        AlgorithmIdentifier,
     wrappedContinPubKey  OCTET STRING }

   END

Appendix B.  Media Type Registrations

   Eleven media type registrations are provided in this appendix, one
   for each content type defined in this specification.  As noted in
   Section 2, in all cases TAMP messages are encapsulated within
   ContentInfo structures.  Signed messages are additionally
   encapsulated within a SignedData structure.

B.1.  application/tamp-status-query

   Media type name: application

   Subtype name: tamp-status-query

   Required parameters: None

   Optional parameters: None

Top      Up      ToC       Page 78 
   Encoding considerations: binary

   Security considerations: Carries a signed request for status
   information.  Integrity protection is discussed in Section 4.1.
   Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests for status information.

   Additional information:

      Magic number(s): None

      File extension(s): .tsq

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.2.  application/tamp-status-response

   Media type name: application

   Subtype name: tamp-status-response

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries optionally signed status
   information.  Integrity protection is discussed in Section 4.2.

Top      Up      ToC       Page 79 
   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests for status information.

   Additional information:

      Magic number(s): None

      File extension(s): .tsr

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.3.  application/tamp-update

   Media type name: application

   Subtype name: tamp-update

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed trust anchor update
   message.  Integrity protection is discussed in Section 4.3.  Replay
   detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

Top      Up      ToC       Page 80 
   Applications that use this media type: TAMP clients responding to
   requests to update trust anchor information.

   Additional information:

      Magic number(s): None

      File extension(s): .tur

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.4.  application/tamp-update-confirm

   Media type name: application

   Subtype name: tamp-update-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed TAMP update
   response.  Integrity protection is discussed in Section 4.4.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update trust anchor information.

Top      Up      ToC       Page 81 
   Additional information:

      Magic number(s): None

      File extension(s): .tuc

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.5.  application/tamp-apex-update

   Media type name: application

   Subtype name: tamp-apex-update

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed request to update an apex
   trust anchor information.  Integrity protection is discussed in
   Section 4.5.  Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update an apex trust anchor.

Top      Up      ToC       Page 82 
   Additional information:

      Magic number(s): None

      File extension(s): .tau

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.6.  application/tamp-apex-update-confirm

   Media type name: application

   Subtype name: tamp-apex-update-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed response to an
   apex update request.  Integrity protection is discussed in
   Section 4.6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update an apex trust anchor.

Top      Up      ToC       Page 83 
   Additional information:

      Magic number(s): None

      File extension(s): .auc

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.7.  application/tamp-community-update

   Media type name: application

   Subtype name: tamp-community-update

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed request to update community
   membership information.  Integrity protection is discussed in
   Section 4.7.  Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update community membership.

Top      Up      ToC       Page 84 
   Additional information:

      Magic number(s): None

      File extension(s): .tcu

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.8.  application/tamp-community-update-confirm

   Media type name: application

   Subtype name: tamp-community-update-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed response to a
   community update request.  Integrity protection is discussed in
   Section 4.8.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update community membership.

Top      Up      ToC       Page 85 
   Additional information:

      Magic number(s): None

      File extension(s): .cuc

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.9.  application/tamp-sequence-adjust

   Media type name: application

   Subtype name: tamp-sequence-adjust

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed request to update sequence
   number information.  Integrity protection is discussed in
   Section 4.9.  Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update sequence number information.

Top      Up      ToC       Page 86 
   Additional information:

      Magic number(s): None

      File extension(s): .tsa

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.10.  application/tamp-sequence-adjust-confirm

   Media type name: application

   Subtype name: tamp-sequence-adjust-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed sequence number
   adjust confirmation message.  Integrity protection is discussed in
   Section 4.10.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update sequence number information.

Top      Up      ToC       Page 87 
   Additional information:

      Magic number(s): None

      File extension(s): .sac

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.11.  application/tamp-error

   Media type name: application

   Subtype name: tamp-error

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries optionally signed error information
   collecting during TAMP processing.  Integrity protection is discussed
   in Section 4.11.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients processing TAMP
   messages.

Top      Up      ToC       Page 88 
   Additional information:

      Magic number(s): None

      File extension(s): .ter

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

Appendix C.  TAMP over HTTP

   This appendix describes the formatting and transportation conventions
   for the TAMP messages when carried by HTTP [RFC2616].  Each TAMP
   message type is covered by a subsection below.  Each TAMP request
   message sent via HTTP is responded to either with an HTTP response
   containing a TAMP response or error or, if failure occurs prior to
   invoking TAMP, an HTTP error.  TAMP response, confirmation, and error
   messages are not suitable for caching.  In order for TAMP clients and
   servers using HTTP to interoperate, the following rules apply.

   o  Clients MUST use the POST method to submit their requests.

   o  Servers MUST use the 200 response code for successful responses.

   o  Clients MAY attempt to send HTTPS requests using Transport Layer
      Security (TLS) 1.0 or later, although servers are not required to
      support TLS.

   o  Servers MUST NOT assume client support for any type of HTTP
      authentication such as cookies, Basic authentication, or Digest
      authentication.

   o  Clients and servers are expected to follow the other rules and
      restrictions in [RFC2616].  Note that some of those rules are for
      HTTP methods other than POST; clearly, only the rules that apply
      to POST are relevant for this specification.

Top      Up      ToC       Page 89 
C.1.  TAMP Status Query Message

   A TAMP Status Query Message using the POST method is constructed as
   follows: The Content-Type header MUST have the value "application/
   tamp-status-query".

   The body of the message is the binary value of the DER encoding of
   the TAMPStatusQuery, wrapped in a CMS body as described in Section 2.

C.2.  TAMP Status Response Message

   An HTTP-based TAMP Status Response message is composed of the
   appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPStatusResponse, wrapped in a CMS body as
   described in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-status-response."

C.3.  Trust Anchor Update Message

   A Trust Anchor Update Message using the POST method is constructed as
   follows: The Content-Type header MUST have the value "application/
   tamp-update".

   The body of the message is the binary value of the DER encoding of
   the TAMPUpdate, wrapped in a CMS body as described in Section 2.

C.4.  Trust Anchor Update Confirm Message

   An HTTP-based Trust Anchor Update Confirm message is composed of the
   appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPUpdateConfirm, wrapped in a CMS body as described
   in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-update-confirm".

C.5.  Apex Trust Anchor Update Message

   An Apex Trust Anchor Update Message using the POST method is
   constructed as follows: The Content-Type header MUST have the value
   "application/tamp-apex-update".

   The body of the message is the binary value of the DER encoding of
   the TAMPApexUpdate, wrapped in a CMS body as described in Section 2.

Top      Up      ToC       Page 90 
C.6.  Apex Trust Anchor Update Confirm Message

   An HTTP-based Apex Trust Anchor Update Confirm message is composed of
   the appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPApexUpdateConfirm, wrapped in a CMS body as
   described in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-apex-update-confirm".

C.7.  Community Update Message

   A Community Update Message using the POST method is constructed as
   follows: The Content-Type header MUST have the value "application/
   tamp-community-update".

   The body of the message is the binary value of the DER encoding of
   the TAMPCommunityUpdate, wrapped in a CMS body as described in
   Section 2.

C.8.  Community Update Confirm Message

   An HTTP-based Community Update Confirm message is composed of the
   appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPCommunityUpdateConfirm, wrapped in a CMS body as
   described in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-community-update-confirm".

C.9.  Sequence Number Adjust Message

   A Sequence Number Adjust Message using the POST method is constructed
   as follows: The Content-Type header MUST have the value "application/
   tamp-sequence-adjust".

   The body of the message is the binary value of the DER encoding of
   the SequenceNumberAdjust, wrapped in a CMS body as described in
   Section 2.

C.10.  Sequence Number Adjust Confirm Message

   An HTTP-based Sequence Number Adjust Confirm message is composed of
   the appropriate HTTP headers, followed by the binary value of the DER
   encoding of the SequenceNumberAdjustConfirm, wrapped in a CMS body as
   described in Section 2.

Top      Up      ToC       Page 91 
   The Content-Type header MUST have the value "application/
   tamp-sequence-adjust-confirm".

C.11.  TAMP Error Message

   An HTTP-based TAMP Error message is composed of the appropriate HTTP
   headers, followed by the binary value of the DER encoding of the
   TAMPError, wrapped in a CMS body as described in Section 2.

   The Content-Type header MUST have the value "application/tamp-error".

Authors' Addresses

   Russ Housley
   Vigil Security, LLC
   918 Spring Knoll Drive
   Herndon, VA  20170
   USA

   EMail: housley@vigilsec.com


   Sam Ashmore
   National Security Agency
   Suite 6751
   9800 Savage Road
   Fort Meade, MD  20755
   USA

   EMail: srashmo@radium.ncsc.mil


   Carl Wallace
   Cygnacom Solutions
   Suite 5400
   7925 Jones Branch Drive
   McLean, VA  22102
   USA

   EMail: cwallace@cygnacom.com