Use of JCP site is subject to the
JCP Terms of Use and the
Oracle Privacy Policy
|
JSRs: Java Specification Requests
JSR 74: Public Key Cryptography Standards (PKCS) 1.0
This JSR has been Withdrawn
Due to the change in Specification Lead, the following changes have been made to the original
specification:
Specification Lead: Anthony Nadalin and Seema Malkani E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com Telephone Number: Anthony Nadalin - +1 512 838 3823 Fax Number: Anthony Nadalin - +1 512 838 3823 2.6 Is there a proposed package name for the API Specification? (i.e., javapi.something, org. something, etc.)javax.security.pkcs.pkcs1 Original Java Specification Request (JSR)
Identification |
Request |
Contributions |
Section 1. Identification
Submitting Member: Anthony Nadalin Name of Contact Person: Anthony Nadalin or Maxine Erlund E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com Telephone Number: Anthony Nadalin - (512)838-3823 Fax Number: Anthony Nadalin - (512)838-3823 Specification Lead: Anthony Nadalin and Ram Marti E-Mail Address: Anthony Nadalin - drsecure@us.ibm.com Telephone Number: Anthony Nadalin - (512)838-3823 Fax Number: Anthony Nadalin - (512)838-3823
(NOTE that this information has been updated since the original
submission.
Initial Expert Group Membership:
IBM _ Anthony Nadalin
Sun - Ram Marti
Critical Path - Hemma Prafullchandra
Section 2: Request
This JSR is to define a standard set of APIs for a subset of the Public Key Cryptography Standards (PKCS#1,
#5, #7, #8, #9, #10 & #12) and to provide a reference implementation of these. JDK 2 SDK, Standard Edition, V 1.4 and above The PKCS family of standards addresses the following need: an agreed-upon standard format for transferred data based
on public-key cryptography. PKCS covers several aspects of public-key cryptography, including: RSA encryption,
password-based encryption, cryptographic message syntax, private-key information syntax, selected attribute types,
certification request syntax, and personal information exchange syntax. JDK 2 SDK, Standard Edition does not provide a standard set of APIs for a subset of the Public Key Cryptography
Standards (PKCS#1, #5, #7, #8, #9, #10 & #12). The Public Key Cryptography Standards is a set of de-facto standards that is in wide use in the industry to
day. They
cover RSA encryption, Diffie-Hellman key agreement, password-based encryption, cryptographic message syntax,
private-key information syntax, attribute types, and certification request syntax, as well as selected attributes
and personal information format.. Some of these standards have been published as informational RFCs within IET
F,
e.g. RFC2315.
The editors of the PKCSs have traditionally been RSA Data Security Inc. However, for pkcs#7 the change control
has
been handed over to the IETF and the revisions are seen in RFC2630.
Encryption (PKCS #1) describes a method for encrypting data using the RSA public-key cryptosystem. Its intended use
is in the construction of digital signatures and digital envelopes, as described in PKCS #7.
Password-based encryption (PKCS #5) describes a method for encrypting an octet string with a secret key derived from
a password. The result of the method is an octet string. Although password-based encryption can be used to encrypt
arbitrary octet strings, its intended primary application to public-key cryptography is for encrypting private
keys
when transferring them from one computer system to another.
Cryptographic message (PKCS # 7) describes a general syntax for data that may have cryptography applied to it,
such
as digital signatures and digital envelopes. The syntax admits recursion, so that, for example, one envelope can be
nested inside another, or one party can sign some previously enveloped digital data. It also allows arbitrary
attributes, such as signing time, to be authenticated along with the content of a message, and provides for other
attributes such as countersignatures to be associated with a signature. A degenerate case of the syntax provides a
means for disseminating certificates and certificate-revocation lists.
Private-key information (PKCS #8) describes a syntax for private-key information. Private-key information includes a
private key for some public-key algorithm and a set of attributes. Private-key information syntax also describes a
syntax for encrypted private keys. A password-based encryption algorithm (e.g., one of those described in PKCS
#5)
could be used to encrypt the private-key information.
Attribute types (PKCS #9) defines selected attribute types for PKCS #7 digitally signed messages, and PKCS #8
private-key information.
Certification request (PKCS #10) describes a syntax for certification requests. A certification request consists of
a distinguished name, a public key, and optionally a set of attributes, collectively signed by the entity requesting
certification. Certification requests are sent to a certification authority, who transforms the request to an X.509
public-key certificate. (In what form the certification authority returns the newly signed certificate is outside
the scope of PKCS #10. A PKCS #7 message is one possibility.)
Personal information exchange (PKCS #12) describes a transfer syntax for personal identity information, including
private keys, certificates, miscellaneous secrets, and extensions. Machines, applications, browsers, Internet
kiosks, and so on, that support this standard will allow a user to import, export, and exercise a single set of
personal identity information java.security.pkcs1
NO NO NO No
Section 3: Contributions
Documents describing PKCS can be found at http://www.rsa.com/rsalabs/pubs/pkcs These documents describe the PKCS technology standards. |