-- $URL$ -- $Id$ -- -- Signed manifests for RPKI repositories. Relying parties use object -- (as opposed to channel) security for everything in this design -- repository, which is the right thing to do for various reasons but -- leaves us open to attacks which intercept the rsync connection and -- drop valid objects out of an SIA collection. At present this is -- not detectable, so we need a mechanism. -- -- Manifests as described here are modeled on CRLs, because the issues -- involved in detecting stale manifests, manifest replays, etc are -- similar to those for CRLs. So we want many of the fields that a -- CRL has. Syntax differs, though, since RPKI repositories can -- contain objects not covered by CRLs (eg, ROAs), and reuse CMS as -- the manifest signature format rather than inventing another one. -- -- See RFC 3280 section 5 for CRL layout and extensions. -- -- We're only trying to cover objects in the same SIA collection -- (directory) as the manifest. We will probably want to name the -- manifest itself with a name derived from the g(ski) of the cert of -- which this is the SIA collection. We'll need an EE cert to sign -- the manifest; the EE cert should probably just use RFC 3779 -- inheritance to cover all the resources that its issuer holds. If we -- use CMS, we might just want to include the EE cert in the CMS -- bag of certs. -- -- Lisp pseudo-code version of my original proposal for what goes -- inside the CMS wrapper: -- -- (manifest :version 1 -- :collection-uri "rsync://foo.example/wombat/" -- :this-update timestamp -- :next-update timestamp -- :manifest-serial 17 -- :hash-algorithm :sha256 -- (:name foo.cer :hash aabbccdd...) -- (:name bar.cer :hash bbccddee...) -- (:name foo.roa :hash ccddeeff...) -- (:name baz.crl :hash ddeeff00...) -- ...) -- -- Steve Kent came up with something very similar in ASN.1. At this -- point I think that Steve and I have converged, so here is Steve's -- ASN.1, which, absent new issues, I expect to implement with -- OpenSSL's ASN.1 engine. Manifest ::= SEQUENCE { version INTEGER DEFAULT 0, -- first version is 0 manifestNumber INTEGER, -- to identify unscheduled manifest issuance thisUpdate GeneralizedTime, -- this manifest issuance time nextUpdate GeneralizedTime, -- next scheduled manifest issuance time fileHashAlg OBJECT IDENTIFIER, -- algorithm used to generate file content hash values fileList SEQUENCE OF FileAndHash -- list of file name and content hash pairs } FileAndHash ::= SEQUENCE { file IA5String -- file name hash BIT STRING -- hash of file content } ca0f5455d90e6112f9c7d9ae18d4'>crypto/dh/dh4096.pem
blob: 390943a21dc4c9d5934a266e7bfafecf391095c7 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14

-----BEGIN DH PARAMETERS-----
MIICCAKCAgEA/urRnb6vkPYc/KEGXWnbCIOaKitq7ySIq9dTH7s+Ri59zs77zty7
vfVlSe6VFTBWgYjD2XKUFmtqq6CqXMhVX5ElUDoYDpAyTH85xqNFLzFC7nKrff/H
TFKNttp22cZE9V0IPpzedPfnQkE7aUdmF9JnDyv21Z/818O93u1B4r0szdnmEvEF
bKuIxEHX+bp0ZR7RqE1AeifXGJX3d6tsd2PMAObxwwsv55RGkn50vHO4QxtTARr1
rRUV5j3B3oPMgC7Offxx+98Xn45B1/G0Prp11anDsR1PGwtaCYipqsvMwQUSJtyE
EOQWk+yFkeMe4vWv367eEi0Sd/wnC+TSXBE3pYvpYerJ8n1MceI5GQTdarJ77OW9
bGTHmxRsLSCM1jpLdPja5jjb4siAa6EHc4qN9c/iFKS3PQPJEnX7pXKBRs5f7AF3
W3RIGt+G9IVNZfXaS7Z/iCpgzgvKCs0VeqN38QsJGtC1aIkwOeyjPNy2G6jJ4yqH
ovXYt/0mc00vCWeSNS1wren0pR2EiLxX0ypjjgsU1mk/Z3b/+zVf7fZSIB+nDLjb
NPtUlJCVGnAeBK1J1nG3TQicqowOXoM6ISkdaXj5GPJdXHab2+S7cqhKGv5qC7rR
jT6sx7RUr0CNTxzLI7muV2/a4tGmj0PSdXQdsZ7tw7gbXlaWT1+MM2MCAQI=
-----END DH PARAMETERS-----
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-05 15:02:49 +0000