From: Ray Sidney <ray@RSA.COM> To: "'e-payment@bellcore.com'" <e-payment@bellcore.com>, "'firewalls@greatcircle.com'" <firewalls@greatcircle.com>, "'ietf-otp@bellcore.com'" <ietf-otp@bellcore.com>, "'ietf-pkix@tandem.com'" <ietf-pkix@tandem.com>, "'ipsec@ans.net'" <ipsec@ans.net>, "'www-security@ns2.rutgers.edu'" <www-security@ns2.rutgers.edu> To: "'rsa-licensees@rsa.com'" <rsa-licensees@RSA.COM>, "'swan-dev@rsa.com'" <swan-dev@RSA.COM>, "'smime-dev@rsa.com'" <smime-dev@RSA.COM> Subject: RSA Laboratories seeks contributions for the "next generation" of PKCS Date: Fri, 13 Dec 1996 10:07:47 -0800 Comments and suggestions are invited for the next generation of the Public-Key Cryptography Standards, the intervendor specifications developed starting in 1991 by RSA Laboratories in conjunction with industry and universities. The Public-Key Cryptography Standards were established to provide a catalyst for interoperable security based on public-key cryptographic techniques, and they have become the basis for many formal standards and are implemented widely. With several years' experience and review, and with many new developments in cryptography since 1991, it is now time to update PKCS. Suggestions are invited in the following areas: * improvements to the current suite of standards * contributions for new standards, including standards for transport and local storage of personal information such as private keys and certificates, and standards for platform-independent cryptographic programming interfaces PKCS documents are low-level standards stating precisely how one may accomplish specific cryptographic or cryptography-related tasks. Most are concerned with specifying byte-level recipes (often in ASN.1) for formatting various types of data (such as a block which is to be RSA-encrypted), rather than making general security-related recommendations ("An RSA modulus should be at least XXX bits long."). RSA Laboratories is actively soliciting suggestions and contributions for the "next generation" of PKCS from now until the end of April 1997. If you have written up a document detailing extensions you've made to an existing PKCS, and you feel that others could benefit from the use of your extensions, then we'd like to see your document. If you have an idea for a new PKCS, we'd like to hear that, too. And if you have something somewhere in between, send it along; of course, detailed, well-developed contributions are generally preferred. Suggestions should be sent either to the pkcs-tng@rsa.com mailing list (you can subscribe to this list by sending email with "subscribe pkcs-tng" in the message body to majordomo@rsa.com; unsubscribe with "unsubscribe pkcs-tng") or to pkcs-editor@rsa.com, whichever is deemed more appropriate. Current PKCS documents are: PKCS #1: RSA Encryption Standard. PKCS #3: Diffie-Hellman Key-Agreement Standard. PKCS #5: Password-Based Encryption Standard. PKCS #6: Extended-Certificate Syntax Standard. PKCS #7: Cryptographics Message Syntax Standard. PKCS #8: Private-Key Information Syntax Standard. PKCS #9: Selected Attribute Types. PKCS #10: Certificate Request Syntax Standard. PKCS #11: Cryptographic Token Interface Standard (CRYPOKI). The above documents are available from RSADSI's web site, and links to them may be found at http://www.rsa.com/rsalabs/pubs/PKCS/. All contributions received shall be examined, and, if appropriate, a workshop (or several workshops) shall be held to further determine the content of the "next generation" of PKCS.