Using Cryptographic Message Syntax to Protect Firmware Packages
RFC 4108, “Using Cryptographic Message Syntax to Protect Firmware Packages”, is a Proposed Standard document published in August 2005 by R. Housley. The canonical text is published by the RFC Editor.
Abstract
This document describes the use of the Cryptographic Message Syntax (CMS) to protect firmware packages, which provide object code for one or more hardware module components. CMS is specified in RFC 3852. A digital signature is used to protect the firmware package from undetected modification and to provide data origin authentication. Encryption is optionally used to protect the firmware package from disclosure, and compression is optionally used to reduce the size of the protected firmware package. A firmware package loading receipt can optionally be generated to acknowledge the successful loading of a firmware package. Similarly, a firmware package load error report can optionally be generated to convey the failure to load a firmware package. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 4108 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 4107 Guidelines for Cryptographic Key Management
- RFC 4109 Algorithms for Internet Key Exchange version 1
- RFC 4106 The Use of Galois/Counter Mode in IPsec Encapsulating Security Payload
- RFC 4110 A Framework for Layer 3 Provider-Provisioned Virtual Private Networks
- RFC 4105 Requirements for Inter-Area MPLS Traffic Engineering
- RFC 4111 Security Framework for Provider-Provisioned Virtual Private Networks
- RFC 4104 Policy Core Extension Lightweight Directory Access Protocol Schema
- RFC 4112 Electronic Commerce Modeling Language Version 2 Specification