RFC 4108
Using Cryptographic Message Syntax (CMS) to Protect Firmware Packages, August 2005
- File formats:
- Status:
- PROPOSED STANDARD
- Author:
- R. Housley
- Stream:
- IETF
- Source:
- NON WORKING GROUP
Cite this RFC: TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC4108
Discuss this RFC: Send questions or comments to the mailing list iesg@ietf.org
Other actions: View Errata | Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 4108
Abstract
This document describes the use of the Cryptographic Message Syntax (CMS) to protect firmware packages, which provide object code for one or more hardware module components. CMS is specified in RFC 3852. A digital signature is used to protect the firmware package from undetected modification and to provide data origin authentication. Encryption is optionally used to protect the firmware package from disclosure, and compression is optionally used to reduce the size of the protected firmware package. A firmware package loading receipt can optionally be generated to acknowledge the successful loading of a firmware package. Similarly, a firmware package load error report can optionally be generated to convey the failure to load a firmware package. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.