Internet DRAFT - draft-turner-application-firmware-media-types

draft-turner-application-firmware-media-types



 



Internet Engineering Task Force (IETF)                         S. Turner
Internet Draft                                                      IECA
Intended Status: Informational                                R. Housley
Expires: November 1, 2013                                 Vigil Security
                                                          April 30, 2013



      The application/firmware, application/firmware-receipt, and
                 application/firmware-error media types
          draft-turner-application-firmware-media-types-00.txt

Abstract

   This document registers the application/firmware,
   application/firmware-receipt and application/firmware-error media
   media types for use with the corresponding CMS (Cryptographic Message
   Syntax) content types defined in RFC 4108.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

Copyright Notice

   Copyright (c) 2013 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.
 


Turner and Housley      Expires November 1, 2013                [Page 1]

Internet-Draft     Media Types for Firmware Packages      April 30, 2013


1. Introduction

   [RFC4108] defined three CMS (Cryptographic Message Syntax) [RFC5652]
   content types for servers to distribute Firmware packages as well as
   clients to return receipts and errors.     Three media types are
   defined in this document to support the transfer of firmware
   packages, firmware package receipts, and firmware package errors.

   Firmware packages, firmware package receipts, and firmware package
   errors are always encapsulated within ContentInfo structures
   [RFC4108].  Firmware packages are additionally encapsulated within a
   SignedData structure [RFC4108].  Firmware package receipts and errors
   can be digitally signed and to indicate this option an optional
   parameters is defined: protection=signed.

1.1. Requirements Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

2. Media Type Registration Applications

2.1.  Firmware Package Receipt

   This section provides the media type registration application for the
   application/firmware-receipt media type (see [RFC6838], Section 5.6).

     Type name: application

     Subtype name: firmware

     Required parameters: None

     Optional parameters: None

     Encoding considerations: binary.

     Security considerations: See [RFC4108].

     Interoperability considerations: See [RFC4108].

     Published specification: RFC 4108 and this specification.

     Applications which use this media type:

       Applications that support Firmware Package Receipts [RFC4108].

 


Turner and Housley      Expires November 1, 2013                [Page 2]

Internet-Draft     Media Types for Firmware Packages      April 30, 2013


     Additional information:

       Magic number(s): None
       File extension(s): .fp
       Macintosh File Type Code(s):

     Person & email address to contact for further information:

       Sean Turner <turners@ieca.com>

     Restrictions on usage: none

     Author: Sean Turner <turners@ieca.com>

     Intended usage: COMMON

     Change controller: The IESG


2.2.  Firmware Package Receipt

     This section provides the media type registration application for
     the application/firmware-receipt media type (see [RFC6838], Section
     5.6).

     Type name: application

     Subtype name: firmware-receipt

     Required parameters: None

     Optional parameters: 

       Implementations can indicate whether the firmware package was
       signed with the following parameter: protection=signed.

     Encoding considerations: binary.

     Security considerations: See [RFC4108].

     Interoperability considerations: See [RFC4108].

     Published specification: RFC 4108 and this specification.

     Applications which use this media type:

       Applications that support Firmware Package Receipts [RFC4108].

 


Turner and Housley      Expires November 1, 2013                [Page 3]

Internet-Draft     Media Types for Firmware Packages      April 30, 2013


     Additional information:

       Magic number(s): None
       File extension(s): .fpr
       Macintosh File Type Code(s):

     Person & email address to contact for further information:

       Sean Turner <turners@ieca.com>

     Restrictions on usage: none

     Author: Sean Turner <turners@ieca.com>

     Intended usage: COMMON

     Change controller: The IESG

2.3.  Firmware Package Errors

   This section provides the media type registration application for
   this media type (see [RFC6838], Section 5.6).

     Type name: application

     Subtype name: firmware-error

     Required parameters: None


     Optional parameters: 

       Implementations can indicate whether the firmware package was
       signed with the following optional parameter: protection=signed.

     Encoding considerations: binary.

     Security considerations: See [RFC4108].

     Interoperability considerations: See [RFC4108].

     Published specification: RFC 4108 and this specification.

     Applications which use this media type:

       Applications that support Firmware Key Package Errors [RFC4108].

     Additional information:
 


Turner and Housley      Expires November 1, 2013                [Page 4]

Internet-Draft     Media Types for Firmware Packages      April 30, 2013


       Magic number(s): None
       File extension(s): .fpe
       Macintosh File Type Code(s):

     Person & email address to contact for further information:

       Sean Turner <turners@ieca.com>

     Restrictions on usage: none

     Author: Sean Turner <turners@ieca.com>

     Intended usage: COMMON

     Change controller: The IESG <iesg@ietf.org>

3.  IANA Considerations

   IANA is asked to register the media type application/firmware,
   application/firmware-receipt, and application/firmware-error in the
   Standards tree using the applications provided in Section 2.1-2.3 of
   this document.

4. Security Considerations

   No new security considerations are introduced in additional those
   specified in [RFC4108].

5. References

5.1. Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4108]  Housley, R., "Using Cryptographic Message Syntax (CMS) to
              Protect Firmware Packages", RFC 4108, August 2005.

   [RFC5652]  Housley, R., "Cryptographic Message Syntax (CMS)", STD 70,
              RFC 5652, September 2009.



5.2. Informative References

   None.

Authors' Addresses
 


Turner and Housley      Expires November 1, 2013                [Page 5]

Internet-Draft     Media Types for Firmware Packages      April 30, 2013


   Sean Turner
   IECA, Inc.
   3057 Nutley Street, Suite 106
   Fairfax, VA 22031
   USA

   EMail: turners@ieca.com
   Phone: +1.703.628.3180

   Russell Housley
   Vigil Security, LLC
   918 Spring Knoll Drive
   Herndon, VA 20170
   USA

   EMail: housley@vigilsec.com



































Turner and Housley      Expires November 1, 2013                [Page 6]