IETF RFC 5756 PDF

Introduction

RFC 4055 specifies conventions for using the RSA Encryption Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP) key transport algorithm in the Internet X.509 Public Key Infrastructure (PKI). It provides algorithm identifiers and parameters for RSAES-OAEP.

This document updates the conventions for RSAES-OAEP parameters in the subjectPublicKeyInfo field of an X.509 certificate. The PKIX WG Elliptic Curve Cryptography (ECC) design team recommended that Key Derivation Functions (KDFs) should not be constrained within a certificate; rather, KDF constraints should be negotiated in protocols that need to employ certificates.

Only two paragraphs in [RFC4055] discuss RSAES-OAEP parameters in X.509 certificates: the second paragraph of Section 4 and the first paragraph of Section 4.1. This document only updates these two paragraphs. Section 3 updates the second paragraph in Section 4 of [RFC4055], while Section 4 updates the second paragraph in Section 4.1 of [RFC4055]. "Old:" prefaces the text to be replaced and "New:" prefaces the replacement text.

This document also replaces incorrect references to the publicKeyAlgorithms field in Section 3 with references to the parameters field in the subjectPublicKeyInfo algorithm field. Section 3 also rewords the second and third paragraphs for clarity.