ACVP IANA Registry
draft-vassilev-acvp-iana-00

Abstract

This document defines a set of IANA registries for supported cryptographic algorithm test specifications in the Automated Cryptographic Validation Protocol (ACVP) [acvp]. This document also shows how to extend the capabilities of ACVP with testing for new cryptographic algorithms.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

This Internet-Draft will expire on August 25, 2019.

Copyright Notice

Copyright (c) 2019 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

• 1. Introduction
• 2. IANA namespaces
• 3. Algorithm registry
• 4. Requirements Language
• 5. Acknowledgements
• 6. IANA Considerations
• 6.1. ACVP URN Sub-namespace
• 6.2. ACVP URN Parameters
• 7. Security Considerations
• 8. Normative References
• Author's Address

1. Introduction

The Automated Cryptographic Validation Protocol (ACVP) [acvp] defines a mechanism to automatically validate the cryptographic algorithm implementations of software or hardware cryptographic modules. The ACVP specification defines how a cryptographic module communicates with a validation authority server, including cryptographic capabilities negotiation, session management, authentication, test vector processing and more. The ACVP specification does not define algorithm-specific JSON constructs for performing the cryptographic validation. A series of ACVP-related sub-specifications define the constructs for testing individual cryptographic algorithms, see for example [sub-symmetric]. Each such sub-specification addresses a specific algorithm or a class of cryptographic algorithms. This document defines the IANA registry for the supported algorithm test specifications that work with ACVP. The registry defined here provides the binding between the protocol and the supported algorithm test extensions.

2. IANA namespaces

There are three namespaces envisioned for extensions to the ACVP:

• ACVP - the approved algorithms for testing with one or more validation authorities
• EXPERIMENTAL - candidate algorithms for approval.
• LOCAL - locally supported algorithms, not guaranteed for interoperability. Algorithms in this namespace cannot be registered with IANA.

TBD

3. Algorithm registry

Each entry in the algorithm registry must record the following fields:

• Name: a URN segment that conforms to the pattern {namespace}-{algorithm}. The keywords are defined as follows:
  • {namespace}: one of the options from Section 2.
  • {algorithm}: a required US-ASCII string that conforms to the URN syntax requirements (see [RFC8141]). This string must be unique within the corresponding namespace.
• Revision: the revision identifier for the test specification of a particular algorithm. A required US-ASCII string that conforms to the URN syntax requirements (see [RFC8141]).
• Reference: A static link to the specification and section where the definition of the parameter can be found.

4. Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted in RFC 2119.

5. Acknowledgements

Many thanks to David Waltermire for his helpful comments to get us started on the right path.

6. IANA Considerations

This memo includes several requests to IANA.

6.1. ACVP URN Sub-namespace

IANA should add an entry to the "IETF URN Sub-namespace for Registered Protocol Parameter Identifiers" registry located at https://www.iana.org/assignments/params/ as per [RFC3553].

The entry should be as follows:

• Registered Parameter Identifier: ACVP
• Specification: this document
• Repository: ACVP URN Parameters (see Section 6.2)

6.2. ACVP URN Parameters

A new top-level registry should be created, titled "Automated Cryptographic Validation Protocol (ACVP) URN Parameters".

Registration in the "ACVP URN Parameters" registry is via the Specification Required policy [RFC8126]. Registration requests must be sent to both the ACVP Working Group mailing list (acvp@ietf.org) and IANA. IANA will forward registration requests to the Designated Expert.

Each entry in this subregistry must record the following fields:

• Name: A required US-ASCII string that conforms to the URN syntax requirements (see [RFC8141]). This string MUST be constructed according to the specification in Section 3. Note: entries from the namespace "LOCAL" SHALL be forbidden from this table.
• Revision: A required US-ASCII string that conforms to the URN syntax requirements (see [RFC8141]). The combination {Name}-{Revision} for each entry MUST be unique for the entire subregistry.
• Reference: A static link to the specification and section where the definition of the parameter can be found.

This repository SHALL have as initial values the entries in Table 1.

7. Security Considerations

Security considerations are addressed by the ACVP specification.

8. Normative References

Author's Address