ARMWARE RFC Archive <- RFC Index (5901..6000)

RFC 5934


Internet Engineering Task Force (IETF)                        R. Housley
Request for Comments: 5934                           Vigil Security, LLC
Category: Standards Track                                     S. Ashmore
ISSN: 2070-1721                                 National Security Agency
                                                              C. Wallace
                                                      Cygnacom Solutions
                                                             August 2010

                Trust Anchor Management Protocol (TAMP)

Abstract

   This document describes a transport independent protocol for the
   management of trust anchors (TAs) and community identifiers stored in
   a trust anchor store.  The protocol makes use of the Cryptographic
   Message Syntax (CMS), and a digital signature is used to provide
   integrity protection and data origin authentication.  The protocol
   can be used to manage trust anchor stores containing trust anchors
   represented as Certificate, TBSCertificate, or TrustAnchorInfo
   objects.

Status of This Memo

   This is an Internet Standards Track document.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Further information on
   Internet Standards is available in Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc5934.

Housley, et al.              Standards Track                    [Page 1]



RFC 5934                          TAMP                       August 2010

Copyright Notice

   Copyright (c) 2010 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

   This document may contain material from IETF Documents or IETF
   Contributions published or made publicly available before November
   10, 2008.  The person(s) controlling the copyright in some of this
   material may not have granted the IETF Trust the right to allow
   modifications of such material outside the IETF Standards Process.
   Without obtaining an adequate license from the person(s) controlling
   the copyright in such materials, this document may not be modified
   outside the IETF Standards Process, and derivative works of it may
   not be created outside the IETF Standards Process, except to format
   it for publication as an RFC or to translate it into languages other
   than English.

Housley, et al.              Standards Track                    [Page 2]



RFC 5934                          TAMP                       August 2010

Table of Contents

   1. Introduction ....................................................4
      1.1. Terminology ................................................5
      1.2. Trust Anchors ..............................................5
           1.2.1. Apex Trust Anchors ..................................6
           1.2.2. Management Trust Anchors ............................7
           1.2.3. Identity Trust Anchors ..............................7
      1.3. Architectural Elements .....................................8
           1.3.1. Cryptographic Module ................................8
           1.3.2. Trust Anchor Store ..................................9
           1.3.3. TAMP Processing Dependencies ........................9
           1.3.4. Application-Specific Protocol Processing ...........10
      1.4. ASN.1 Encoding ............................................11
   2. Cryptographic Message Syntax Profile ...........................12
      2.1. ContentInfo ...............................................13
      2.2. SignedData Info ...........................................14
           2.2.1. SignerInfo .........................................15
           2.2.2. EncapsulatedContentInfo ............................16
           2.2.3. Signed Attributes ..................................16
           2.2.4. Unsigned Attributes ................................18
   3. Trust Anchor Formats ...........................................18
   4. Trust Anchor Management Protocol Messages ......................19
      4.1. TAMP Status Query .........................................21
      4.2. TAMP Status Query Response ................................24
      4.3. Trust Anchor Update .......................................27
           4.3.1. Trust Anchor List ..................................31
      4.4. Trust Anchor Update Confirm ...............................32
      4.5. Apex Trust Anchor Update ..................................34
      4.6. Apex Trust Anchor Update Confirm ..........................36
      4.7. Community Update ..........................................38
      4.8. Community Update Confirm ..................................40
      4.9. Sequence Number Adjust ....................................42
      4.10. Sequence Number Adjust Confirm ...........................43
      4.11. TAMP Error ...............................................44
   5. Status Codes ...................................................45
   6. Sequence Number Processing .....................................50
   7. Subordination Processing .......................................51
   8. Implementation Considerations ..................................54
   9. Wrapped Apex Contingency Key Certificate Extension .............54
   10. Security Considerations .......................................55
   11. IANA Considerations ...........................................58
   12. References ....................................................58
      12.1. Normative References .....................................58
      12.2. Informative References ...................................59

Housley, et al.              Standards Track                    [Page 3]



RFC 5934                          TAMP                       August 2010

   Appendix A.  ASN.1 Modules ........................................61
     A.1.  ASN.1 Module Using 1993 Syntax ............................61
     A.2.  ASN.1 Module Using 1988 Syntax ............................70
   Appendix B.  Media Type Registrations .............................77
     B.1.  application/tamp-status-query .............................77
     B.2.  application/tamp-status-response ..........................78
     B.3.  application/tamp-update ...................................79
     B.4.  application/tamp-update-confirm ...........................80
     B.5.  application/tamp-apex-update ..............................81
     B.6.  application/tamp-apex-update-confirm ......................82
     B.7.  application/tamp-community-update .........................83
     B.8.  application/tamp-community-update-confirm .................84
     B.9.  application/tamp-sequence-adjust ..........................85
     B.10. application/tamp-sequence-adjust-confirm ..................86
     B.11. application/tamp-error ....................................87
   Appendix C.  TAMP over HTTP .......................................88
     C.1.  TAMP Status Query Message .................................89
     C.2.  TAMP Status Response Message ..............................89
     C.3.  Trust Anchor Update Message ...............................89
     C.4.  Trust Anchor Update Confirm Message .......................89
     C.5.  Apex Trust Anchor Update Message ..........................89
     C.6.  Apex Trust Anchor Update Confirm Message ..................90
     C.7.  Community Update Message ..................................90
     C.8.  Community Update Confirm Message ..........................90
     C.9.  Sequence Number Adjust Message ............................90
     C.10. Sequence Number Adjust Confirm Message ....................90
     C.11. TAMP Error Message ........................................91

1.  Introduction

   This document describes the Trust Anchor Management Protocol (TAMP).
   TAMP may be used to manage the trust anchors and community
   identifiers in any device that uses digital signatures; however, this
   specification was written with the requirements of cryptographic
   modules in mind.  For example, TAMP can support signed firmware
   packages [RFC4108], where the trust anchor public key can be used to
   validate digital signatures on firmware packages or validate the
   X.509 certification path [RFC5280][X.509] of the firmware package
   signer.

   Most TAMP messages are digitally signed to provide integrity
   protection and data origin authentication.  Both signed and unsigned
   TAMP messages employ the Cryptographic Message Syntax (CMS)
   [RFC5652].  The CMS is a data protection encapsulation syntax that
   makes use of ASN.1 [X.680].

Housley, et al.              Standards Track                    [Page 4]



RFC 5934                          TAMP                       August 2010

   This specification does not provide for confidentiality of TAMP
   messages.  If confidentiality is required, then the communications
   environment that is used to transfer TAMP messages must provide it.
   This specification is intended to satisfy the protocol-related
   requirements expressed in "Trust Anchor Management Requirements"
   [TA-MGMT-REQS] and uses vocabulary from that document.

   TAMP messages may be exchanged in real time over a network, such as
   via HTTP as described in Appendix A, or may be stored and transferred
   using other means.  TAMP exchanges consist of a request message that
   includes instructions for a trust anchor store and, optionally, a
   corresponding response message that reports the result of carrying
   out the instructions in the request.  Response messages need not be
   propagated in all cases.  For example, a GPS receiver may be unable
   to transmit a response and may instead use an attached display to
   indicate the results of processing a TAMP request.

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

1.2.  Trust Anchors

   TAMP manages trust anchors.  A trust anchor contains a public key
   that is used to validate digital signatures.  TAMP recognizes three
   formats for representing trust anchor information: Certificate
   [RFC5280], TBSCertificate [RFC5280], and TrustAnchorInfo [RFC5914].

   All trust anchors are distinguished by the public key, and all trust
   anchors consist of the following components:

   o  A public key signature algorithm identifier and associated public
      key, which MAY include parameters

   o  A public key identifier

   Other information may appear in a trust anchor, including
   certification path processing controls and a human readable name.

   TAMP recognizes three types of trust anchors based on functionality:
   apex trust anchors, management trust anchors, and identity trust
   anchors.

   In addition to the information described above, apex trust anchors
   and management trust anchors that sign TAMP messages have an
   associated sequence number that is used for replay detection.

Housley, et al.              Standards Track                    [Page 5]



RFC 5934                          TAMP                       August 2010

   The public key is used to name a trust anchor, and the public key
   identifier is used to identify the trust anchor as a signer of a
   particular object, such as a SignedData object or a public key
   certificate.  This public key identifier can be stored with the trust
   anchor, or in most public key identifier assignment methods, it can
   be computed from the public key whenever needed.

   A trust anchor public key can be used in two different ways to
   support digital signature validation.  In the first approach, the
   trust anchor public key is used directly to validate the digital
   signature.  In the second approach, the trust anchor public key is
   used to validate an X.509 certification path, and then the subject
   public key in the final certificate in the certification path is used
   to validate the digital signature.  When the second approach is
   employed, the certified public key may be used for things other than
   digital signature validation; the other possible actions are
   constrained by the key usage certificate extension.

   TAMP implementations MUST support validation of TAMP messages that
   are directly validated using a trust anchor.  Support for TAMP
   messages validated using an X.509 certificate validated using a trust
   anchor, or using longer certification paths, is OPTIONAL.  The CMS
   provides a location to carry X.509 certificates, and this facility
   can be used to transfer certificates to aid in the construction of
   the certification path.

1.2.1.  Apex Trust Anchors

   Within the context of a single trust anchor store, one trust anchor
   is superior to all others.  This trust anchor is referred to as the
   apex trust anchor.  This trust anchor represents the ultimate
   authority over the trust anchor store.  Much of this authority can be
   delegated to other trust anchors.

   The apex trust anchor private key is expected to be controlled by an
   entity with information assurance responsibility for the trust anchor
   store.  The apex trust anchor is by definition unconstrained and
   therefore does not have explicit authorization information associated
   with it.

   Due to the special nature of the apex trust anchor, TAMP includes
   separate facilities to change it.  In particular, TAMP includes a
   facility to securely replace the apex trust anchor.  This action
   might be taken for one or more of the following reasons:

   o  The crypto period for the apex trust anchor public/private key
      pair has come to an end

Housley, et al.              Standards Track                    [Page 6]



RFC 5934                          TAMP                       August 2010

   o  The apex trust anchor private key is no longer available

   o  The apex trust anchor public/private key pair needs to be revoked

   o  The authority has decided to use a different digital signature
      algorithm or the same digital signature algorithm with different
      parameters, such as a different elliptic curve

   o  The authority has decided to use a different key size

   o  The authority has decided to transfer control to another authority

   To accommodate these requirements, the apex trust anchor MAY include
   two public keys.  Whenever the apex trust anchor is updated, both
   public keys will be replaced.  The first public key, called the
   operational public key, is used in the same manner as other trust
   anchors.  Any type of TAMP message, including an Apex Trust Anchor
   Update message, can be validated with the operational public key.
   The second public key, called the contingency public key, can only be
   used to update the apex trust anchor.  The contingency private key
   SHOULD be used at only one point in time; it is used only to sign an
   Apex Trust Anchor Update message that results in its own replacement
   (as well as the replacement of the operational public key).  The
   contingency public key is distributed in encrypted form.  When the
   contingency public key is used to validate an Apex Trust Anchor
   Update message, the symmetric key needed to decrypt the contingency
   public key is provided as part of the signed Apex Trust Anchor Update
   message that is to be verified with the contingency public key.

1.2.2.  Management Trust Anchors

   Management trust anchors are used in the management of cryptographic
   modules.  For example, the TAMP messages specified in this document
   are validated to a management trust anchor.  Likewise, a signed
   firmware package as specified in [RFC4108] is validated to a
   management trust anchor.

1.2.3.  Identity Trust Anchors

   Identity trust anchors are used to validate certification paths, and
   they represent the trust anchor for a public key infrastructure.
   They are most often used in the validation of certificates associated
   with non-management applications.

Housley, et al.              Standards Track                    [Page 7]



RFC 5934                          TAMP                       August 2010

1.3.  Architectural Elements

   TAMP does not assume any particular architecture.  However, TAMP
   REQUIRES the following architectural elements: a cryptographic
   module, a trust anchor store, TAMP protocol processing, and other
   application-specific protocol processing.

   A globally unique algorithm identifier MUST be assigned for each one-
   way hash function, digital signature generation/validation algorithm,
   and symmetric key unwrapping algorithm that is implemented.  To
   support CMS, an object identifier (OID) is assigned to name a one-way
   hash function, and another OID is assigned to name each combination
   of a one-way hash function when used with a digital signature
   algorithm.  Similarly, certificates associate OIDs assigned to public
   key algorithms with subject public keys, and certificates make use of
   an OID that names both the one-way hash function and the digital
   signature algorithm for the certificate issuer digital signature.
   [RFC3279], [RFC3370], [RFC5753], and [RFC5754] provide OIDs for a
   number of commonly used algorithms; however, OIDs may be defined in
   later or different specifications.

1.3.1.  Cryptographic Module

   The cryptographic module MUST include the following capabilities:

   o  The cryptographic module SHOULD support the secure storage of a
      digital signature private key to sign TAMP responses and either a
      certificate containing the associated public key or a certificate
      designator.  In the latter case, the certificate is stored
      elsewhere but is available to parties that need to validate
      cryptographic module digital signatures.  The designator is a
      public key identifier.

   o  The cryptographic module MUST support at least one one-way hash
      function, one digital signature validation algorithm, one digital
      signature generation algorithm, and, if contingency keys are
      supported, one symmetric key unwrapping algorithm.  If only one
      one-way hash function is present, it MUST be consistent with the
      digital signature validation and digital signature generation
      algorithms.  If only one digital signature validation algorithm is
      present, it MUST be consistent with the apex trust anchor
      operational public key.  If only one digital signature generation
      algorithm is present, it MUST be consistent with the cryptographic
      module digital signature private key.  These algorithms MUST be
      available for processing TAMP messages, including the content
      types defined in [RFC5652], and for validation of X.509

Housley, et al.              Standards Track                    [Page 8]



RFC 5934                          TAMP                       August 2010

      certification paths.  As with similar specifications, such as
      RFC 5280, this specification does not mandate support for any
      cryptographic algorithms.  However, algorithm requirements may be
      imposed by specifications that use trust anchors managed via TAMP.

1.3.2.  Trust Anchor Store

   The trust anchor store MUST include the following capabilities:

   o  Each trust anchor store MUST have a unique name.  For example, a
      cryptographic module containing a single trust anchor store may be
      identified by a unique serial number with respect to other modules
      within the same family where the family is represented as an ASN.1
      object identifier (OID) and the unique serial number is
      represented as a string of octets.  Other means of establishing a
      unique name are also possible.

   o  Each trust anchor store SHOULD have the capability to securely
      store one or more community identifiers.  The community identifier
      is an OID, and it identifies a collection of cryptographic modules
      that can be the target of a single TAMP message or the intended
      recipients for a particular management message.

   o  The trust anchor store SHOULD support the use of an apex trust
      anchor.  If apex support is provided, the trust anchor store MUST
      support the secure storage of exactly one apex trust anchor.  The
      trust anchor store SHOULD support the secure storage of at least
      one additional trust anchor.  Each trust anchor MUST contain a
      unique public key.  A public key MUST NOT appear more than once in
      a trust anchor store.

   o  The trust anchor store MUST have the capability to securely store
      a sequence number for each trust anchor authorized to generate
      TAMP messages and be able to report the sequence number along with
      the key identifier of the trust anchor.

1.3.3.  TAMP Processing Dependencies

   TAMP processing MUST include the following capabilities:

   o  TAMP processing MUST have a means of locating an appropriate trust
      anchor.  Two mechanisms are available.  The first mechanism is
      based on the public key identifier for digital signature
      verification, and the second mechanism is based on the trust
      anchor X.500 distinguished name and other X.509 certification path
      controls for certificate path discovery and validation.  The first
      mechanism MUST be supported, but the second mechanism MAY be
      supported.

Housley, et al.              Standards Track                    [Page 9]



RFC 5934                          TAMP                       August 2010

   o  TAMP processing MUST be able to invoke the digital signature
      validation algorithm using the public key held in secure storage
      for trust anchors.

   o  TAMP processing MUST have read and write access to secure storage
      for sequence numbers associated with each TAMP message signer as
      described in Section 6.

   o  TAMP processing MUST have read and write access to secure storage
      for trust anchors in order to update them.  Update operations
      include adding trust anchors, removing trust anchors, and
      modifying trust anchors.  Application-specific constraints MUST be
      securely stored with each management trust anchor as described in
      Section 1.3.4.

   o  TAMP processing MUST have read access to secure storage for the
      community membership list, if any, to determine whether a targeted
      message ought to be accepted.

   o  To implement the OPTIONAL community identifier update feature,
      TAMP processing MUST have read and write access to secure storage
      for the community membership list.

   o  To generate signed confirmation messages, TAMP processing MUST be
      able to invoke the digital signature generation algorithm using
      the cryptographic module digital signature private key, and it
      MUST have read access to the cryptographic module certificate or
      its designator.  TAMP uses X.509 certificates [RFC5280].

   o  The TAMP processing MUST have read access to the trust anchor
      store unique name.

1.3.4.  Application-Specific Protocol Processing

   The apex trust anchor and management trust anchors managed with TAMP
   can be used by the TAMP application.  Other management applications
   MAY make use of all three types of trust anchors, but non-management
   applications SHOULD only make use of identity trust anchors.
   Applications MUST ensure that usage of a trust anchor is consistent
   with any constraints associated with the trust anchor.  For example,
   if name constraints are associated with a trust anchor, certification
   paths that start with the trust anchor and contain certificates with
   names that violate the name constraints MUST be rejected.

   The application-specific protocol processing MUST be provided with
   the following services:

Housley, et al.              Standards Track                   [Page 10]



RFC 5934                          TAMP                       August 2010

   o  The application-specific protocol processing MUST have a means of
      locating an appropriate trust anchor.  Two mechanisms are
      available to applications.  The first mechanism is based on the
      public key identifier for digital signature verification, and the
      second mechanism is based on the trust anchor X.500 distinguished
      name and other X.509 certification path controls for certificate
      path discovery and validation.

   o  The application-specific protocol processing MUST be able to
      invoke the digital signature validation algorithm using the public
      key held in secure storage for trust anchors.

   o  The application-specific protocol processing MUST have read access
      to data associated with trust anchors to ensure that constraints
      can be enforced appropriately.  For example, an application MUST
      have read access to any name constraints associated with a TA to
      ensure that certification paths terminated by that TA do not
      include certificates issued to entities outside the TA manager-
      designated namespace.

   o  The application-specific protocol processing MUST have read access
      to secure storage for the community membership list, if any, to
      determine whether a targeted message ought to be accepted.

   o  If the application-specific protocol requires digital signatures
      on confirmation messages or receipts, then the application-
      specific protocol processing MUST be able to invoke the digital
      signature generation algorithm with the cryptographic module
      digital signature private key and its associated certificate or
      certificate designator.  Digital signature generation MUST be
      controlled in a manner that ensures that the content type of
      signed confirmation messages or receipts is appropriate for the
      application-specific protocol processing.

   o  The application-specific protocol processing MUST have read access
      to the trust anchor store unique name.

1.4.  ASN.1 Encoding

   The CMS uses Abstract Syntax Notation One (ASN.1) [X.680].  ASN.1 is
   a formal notation used for describing data protocols, regardless of
   the programming language used by the implementation.  Encoding rules
   describe how the values defined in ASN.1 will be represented for
   transmission.  The Basic Encoding Rules (BER) [X.690] are the most
   widely employed rule set, but they offer more than one way to
   represent data structures.  For example, definite-length encoding and
   indefinite-length encoding are supported.  This flexibility is not
   desirable when digital signatures are used.  As a result, the

Housley, et al.              Standards Track                   [Page 11]



RFC 5934                          TAMP                       August 2010

   Distinguished Encoding Rules (DER) [X.690] were invented.  DER is a
   subset of BER that ensures a single way to represent a given value.
   For example, DER always employs definite-length encoding.

   Digitally signed structures MUST be encoded with DER.  In other
   specifications, structures that are not digitally signed do not
   require DER, but in this specification, DER is REQUIRED for all
   structures.  By always using DER, the TAMP processor will have fewer
   options to implement.

   ASN.1 is used throughout the text of this document for illustrative
   purposes.  The authoritative source of ASN.1 for the structures
   defined in this document is Appendix A.

2.  Cryptographic Message Syntax Profile

   TAMP makes use of signed and unsigned messages.  The Cryptographic
   Message Syntax (CMS) is used in both cases.  A digital signature is
   used to protect the message from undetected modification and provide
   data origin authentication.  TAMP makes no general provision for
   encryption of content.

   CMS is used to construct a signed TAMP message.  The CMS ContentInfo
   content type MUST always be present.  For signed messages,
   ContentInfo MUST encapsulate the CMS SignedData content type; for
   unsigned messages, ContentInfo MUST encapsulate the TAMP message
   directly.  The CMS SignedData content type MUST encapsulate the TAMP
   message.  A unique content type identifier identifies the particular
   type of TAMP message.  The CMS encapsulation of a signed TAMP message
   is summarized by:

    ContentInfo {
      contentType id-signedData, -- (1.2.840.113549.1.7.2)
      content     SignedData
    }

    SignedData {
      version           CMSVersion, -- Always set to 3
      digestAlgorithms  DigestAlgorithmIdentifiers, -- Only one
      encapContentInfo  EncapsulatedContentInfo,
      certificates      CertificateSet, -- OPTIONAL signer certificates
      crls              CertificateRevocationLists, -- OPTIONAL
      signerInfos       SET OF SignerInfo -- Only one
    }

Housley, et al.              Standards Track                   [Page 12]



RFC 5934                          TAMP                       August 2010

    SignerInfo {
      version             CMSVersion, -- Always set to 3
      sid                 SignerIdentifier,
      digestAlgorithm     DigestAlgorithmIdentifier,
      signedAttrs         SignedAttributes,
                                          -- REQUIRED in TAMP messages
      signatureAlgorithm  SignatureAlgorithmIdentifier,
      signature           SignatureValue,
      unsignedAttrs       UnsignedAttributes -- OPTIONAL; may only be
    }                                        -- present in Apex Trust
                                             -- Anchor Update messages

    EncapsulatedContentInfo {
      eContentType  OBJECT IDENTIFIER, -- Names TAMP message type
      eContent      OCTET STRING       -- Contains TAMP message
    }

   When a TAMP message is used to update the apex trust anchor, this
   same structure is used; however, the digital signature will be
   validated with either the apex trust anchor operational public key or
   the contingency public key.  When the contingency public key is used,
   the symmetric key needed to decrypt the previously stored contingency
   public key is provided as a contingency-public-key-decrypt-key
   unsigned attribute.  Section 4.5 of this document describes the Apex
   Trust Anchor Update message.

   CMS is also used to construct an unsigned TAMP message.  The CMS
   ContentInfo structure MUST always be present, and it MUST be the
   outermost layer of encapsulation.  A unique content type identifier
   identifies the particular TAMP message.  The CMS encapsulation of an
   unsigned TAMP message is summarized by:

    ContentInfo {
      contentType  OBJECT IDENTIFIER, -- Names TAMP message type
      content      OCTET STRING       -- Contains TAMP message
    }

2.1.  ContentInfo

   CMS requires the outermost encapsulation to be ContentInfo [RFC5652].
   The fields of ContentInfo are used as follows:

   o  contentType indicates the type of the associated content, and for
      TAMP, the encapsulated type is either SignedData or the content
      type identifier associated with an unsigned TAMP message.  When
      the id-signedData (1.2.840.113549.1.7.2) object identifier is
      present in this field, then a signed TAMP message is in the
      content.  Otherwise, an unsigned TAMP message is in the content.

Housley, et al.              Standards Track                   [Page 13]



RFC 5934                          TAMP                       August 2010

   o  content holds the content, and for TAMP, the content is either a
      SignedData content or an unsigned TAMP message.

2.2.  SignedData Info

   The SignedData content type [RFC5652] contains the signed TAMP
   message and a digital signature value; the SignedData content type
   MAY also contain the certificates needed to validate the digital
   signature.  The fields of SignedData are used as follows:

   o  version is the syntax version number, and for TAMP, the version
      number MUST be set to 3.

   o  digestAlgorithms is a collection of one-way hash function
      identifiers, and for TAMP, it contains a single one-way hash
      function identifier.  The one-way hash function employed by the
      TAMP message originator in generating the digital signature MUST
      be present.

   o  encapContentInfo is the signed content, consisting of a content
      type identifier and the content itself.  The use of the
      EncapsulatedContentInfo type is discussed further in
      Section 2.2.2.

   o  certificates is an OPTIONAL collection of certificates.  It MAY be
      omitted, or it MAY include the X.509 certificates needed to
      construct the certification path of the TAMP message originator.
      For TAMP messages sent to a trust anchor store where an apex trust
      anchor or management trust anchor is used directly to validate the
      TAMP message digital signature, this field SHOULD be omitted.
      When an apex trust anchor or management trust anchor is used to
      validate an X.509 certification path [RFC5280], and the subject
      public key from the final certificate in the certification path is
      used to validate the TAMP message digital signature, the
      certificate of the TAMP message originator SHOULD be included, and
      additional certificates to support certification path construction
      MAY be included.  For TAMP messages sent by a trust anchor store,
      this field SHOULD include only the signer's certificate or should
      be omitted.  A TAMP message recipient MUST NOT reject a valid TAMP
      message that contains certificates that are not needed to validate
      the digital signature.  PKCS#6 extended certificates [PKCS#6] and
      attribute certificates (either version 1 or version 2) [RFC5755]
      MUST NOT be included in the set of certificates; these certificate
      formats are not used in TAMP.  Certification authority (CA)
      certificates and end entity certificates MUST conform to the
      profiles defined in [RFC5280].

Housley, et al.              Standards Track                   [Page 14]



RFC 5934                          TAMP                       August 2010

   o  crls is an OPTIONAL collection of certificate revocation lists
      (CRLs).

   o  signerInfos is a collection of per-signer information, and for
      TAMP, the collection MUST contain exactly one SignerInfo.  The use
      of the SignerInfo type is discussed further in Section 2.2.1.

2.2.1.  SignerInfo

   The TAMP message originator is represented in the SignerInfo type.
   The fields of SignerInfo are used as follows:

   o  version is the syntax version number.  With TAMP, the version MUST
      be set to 3.

   o  sid identifies the TAMP message originator's public key.  The
      subjectKeyIdentifier alternative is always used with TAMP, which
      identifies the public key directly.  When the public key is
      included in a TrustAnchorInfo object, this identifier is included
      in the keyId field.  When the public key is included in a
      Certificate or TBSCertificate, this identifier is included in the
      subjectKeyIdentifier certificate extension.

   o  digestAlgorithm identifies the one-way hash function, and any
      associated parameters, used by the TAMP message originator.  It
      MUST contain the one-way hash functions employed by the
      originator.  This message digest algorithm identifier MUST match
      the one carried in the digestAlgorithms field in SignedData.  The
      message digest algorithm identifier is carried in two places to
      facilitate stream processing by the receiver.

   o  signedAttrs is an OPTIONAL set of attributes that are signed along
      with the content.  The signedAttrs are OPTIONAL in the CMS, but
      signedAttrs is REQUIRED for all signed TAMP messages.  The SET OF
      Attribute MUST be encoded with the Distinguished Encoding Rules
      (DER) [X.690].  Section 2.2.3 of this document lists the signed
      attributes that MUST be included in the collection.  Other signed
      attributes MAY be included, but any unrecognized signed attributes
      MUST be ignored.

   o  signatureAlgorithm identifies the digital signature algorithm, and
      any associated parameters, used by the TAMP message originator to
      generate the digital signature.

   o  signature is the digital signature value generated by the TAMP
      message originator.

Housley, et al.              Standards Track                   [Page 15]



RFC 5934                          TAMP                       August 2010

   o  unsignedAttrs is an OPTIONAL set of attributes that are not
      signed.  For TAMP, this field is usually omitted.  It is present
      only in Apex Trust Anchor Update messages that are to be validated
      using the apex trust anchor contingency public key.  In this case,
      the SET OF Attribute MUST include the symmetric key needed to
      decrypt the contingency public key in the contingency-public-key-
      decrypt-key unsigned attribute.  Section 2.2.4 of this document
      describes this unsigned attribute.

2.2.2.  EncapsulatedContentInfo

   The EncapsulatedContentInfo structure contains the TAMP message.  The
   fields of EncapsulatedContentInfo are used as follows:

   o  eContentType is an object identifier that uniquely specifies the
      content type, and for TAMP, the value identifies the TAMP message.
      The list of TAMP message content types is provided in Section 4.

   o  eContent is the TAMP message, encoded as an octet string.  In
      general, the CMS does not require the eContent to be DER-encoded
      before constructing the octet string.  However, TAMP messages MUST
      be DER-encoded.

2.2.3.  Signed Attributes

   The TAMP message originator MUST digitally sign a collection of
   attributes along with the TAMP message.  Each attribute in the
   collection MUST be DER-encoded.  The syntax for attributes is defined
   in [RFC5912].

   Each of the attributes used with this CMS profile has a single
   attribute value.  Even though the syntax is defined as a SET OF
   AttributeValue, there MUST be exactly one instance of AttributeValue
   present.

   The SignedAttributes syntax within SignerInfo is defined as a SET OF
   Attribute.  The SignedAttributes MUST include only one instance of
   any particular attribute.  TAMP messages that violate this rule MUST
   be rejected as malformed.

   The TAMP message originator MUST include the content-type and
   message-digest attributes.  The TAMP message originator MAY also
   include the binary-signing-time attribute.

Housley, et al.              Standards Track                   [Page 16]



RFC 5934                          TAMP                       August 2010

   The TAMP message originator MAY include any other attribute that it
   deems appropriate.  The intent is to allow additional signed
   attributes to be included if a future need is identified.  This does
   not cause an interoperability concern because unrecognized signed
   attributes MUST be ignored.

   The following summarizes the signed attribute requirements for TAMP
   messages:

   o  content-type MUST be supported.

   o  message-digest MUST be supported.

   o  binary-signing-time MAY be supported.  When present, it is
      generally ignored by the recipient.

   o  other attributes MAY be supported.  Unrecognized attributes MUST
      be ignored by the recipient.

2.2.3.1.  Content-Type Attribute

   The TAMP message originator MUST include a content-type attribute; it
   is an object identifier that uniquely specifies the content type.
   Section 11.1 of [RFC5652] defines the content-type attribute.  For
   TAMP, the value identifies the TAMP message.  The list of TAMP
   message content types and their identifiers is provided in Section 4.

   A content-type attribute MUST contain the same object identifier as
   the content type contained in the EncapsulatedContentInfo.

2.2.3.2.  Message-Digest Attribute

   The TAMP message originator MUST include a message-digest attribute,
   having as its value the output of a one-way hash function computed on
   the TAMP message that is being signed.  Section 11.2 of [RFC5652]
   defines the message-digest attribute.

2.2.3.3.  Binary-Signing-Time Attribute

   The TAMP message originator MAY include a binary-signing-time
   attribute, specifying the time at which the digital signature was
   applied to the TAMP message.  The binary-signing-time attribute is
   defined in [RFC4049].

   No processing of the binary-signing-time attribute is REQUIRED of a
   TAMP message recipient; however, the binary-signing-time attribute
   MAY be included by the TAMP message originator as a form of message
   identifier.

Housley, et al.              Standards Track                   [Page 17]



RFC 5934                          TAMP                       August 2010

2.2.4.  Unsigned Attributes

   For TAMP, unsigned attributes are usually omitted.  An unsigned
   attribute is present only in Apex Trust Anchor Update messages that
   are to be validated by the apex trust anchor contingency public key.
   In this case, the symmetric key to decrypt the previous contingency
   public key is provided in the contingency-public-key-decrypt-key
   unsigned attribute.  This attribute MUST be supported, and it is
   described in Section 2.2.4.1.

   The TAMP message originator SHOULD NOT include other unsigned
   attributes, and any unrecognized unsigned attributes MUST be ignored.

   The UnsignedAttributes syntax within SignerInfo is defined as a SET
   OF Attribute.  The UnsignedAttributes MUST include only one instance
   of any particular attribute.  TAMP messages that violate this rule
   MUST be rejected as malformed.

2.2.4.1.  Contingency-Public-Key-Decrypt-Key Attribute

   The contingency-public-key-decrypt-key attribute provides the
   plaintext symmetric key needed to decrypt the previously distributed
   apex trust anchor contingency public key.  The symmetric key MUST be
   useable with the symmetric algorithm used to previously encrypt the
   contingency public key.

   The contingency-public-key-decrypt-key attribute has the following
   syntax:

    contingency-public-key-decrypt-key ATTRIBUTE ::= {
      WITH SYNTAX PlaintextSymmetricKey
      SINGLE VALUE TRUE
      ID id-aa-TAMP-contingencyPublicKeyDecryptKey }

    id-aa-TAMP-contingencyPublicKeyDecryptKey
      OBJECT IDENTIFIER ::= { id-attributes 63 }

    PlaintextSymmetricKey ::= OCTET STRING

3.  Trust Anchor Formats

   TAMP recognizes three formats for representing trust anchor
   information within the protocol itself: Certificate [RFC5280],
   TBSCertificate [RFC5280], and TrustAnchorInfo [RFC5914].  The
   TrustAnchorChoice structure, defined in [RFC5914], is used to select
   one of these options.

Housley, et al.              Standards Track                   [Page 18]



RFC 5934                          TAMP                       August 2010

    TrustAnchorChoice ::= CHOICE {
     certificate  Certificate,
     tbsCert      [1] EXPLICIT TBSCertificate,
     taInfo       [2] EXPLICIT TrustAnchorInfo }

   The Certificate structure is commonly used to represent trust
   anchors.  Certificates include a signature, which removes the ability
   for relying parties to customize the information within the structure
   itself.  TBSCertificate contains all of the information of the
   Certificate structure except for the signature, enabling tailoring of
   the information.  TrustAnchorInfo is intended to serve as a
   minimalist representation of trust anchor information for scenarios
   where storage or bandwidth is highly constrained.

   Implementations are not required to support all three options.  The
   unsupportedTrustAnchorFormat error code should be indicated when
   generating a TAMPError due to receipt of an unsupported trust anchor
   format.

4.  Trust Anchor Management Protocol Messages

   TAMP makes use of signed and unsigned messages.  The CMS is used in
   both cases.  An object identifier is assigned to each TAMP message
   type, and this object identifier is used as a content type in the
   CMS.

   TAMP specifies eleven message types.  The following provides the
   content type identifier for each TAMP message type, and it indicates
   whether a digital signature is required.  If the following indicates
   that the TAMP message MUST be signed, then implementations MUST
   reject a message of that type that is not signed.

   o  The TAMP Status Query message MUST be signed.  It uses the
      following object identifier: { id-tamp 1 }.

   o  The TAMP Status Response message SHOULD be signed.  It uses the
      following object identifier: { id-tamp 2 }.

   o  The Trust Anchor Update message MUST be signed.  It uses the
      following object identifier: { id-tamp 3 }.

   o  The Trust Anchor Update Confirm message SHOULD be signed.  It uses
      the following object identifier: { id-tamp 4 }.

   o  The Apex Trust Anchor Update message MUST be signed.  It uses the
      following object identifier: { id-tamp 5 }.

Housley, et al.              Standards Track                   [Page 19]



RFC 5934                          TAMP                       August 2010

   o  The Apex Trust Anchor Update Confirm message SHOULD be signed.  It
      uses the following object identifier: { id-tamp 6 }.

   o  The Community Update message MUST be signed.  It uses the
      following object identifier: { id-tamp 7 }.

   o  The Community Update Confirm message SHOULD be signed.  It uses
      the following object identifier: { id-tamp 8 }.

   o  The Sequence Number Adjust MUST be signed.  It uses the following
      object identifier: { id-tamp 10 }.

   o  The Sequence Number Adjust Confirm message SHOULD be signed.  It
      uses the following object identifier: { id-tamp 11 }.

   o  The TAMP Error message SHOULD be signed.  It uses the following
      object identifier: { id-tamp 9 }.

   Trust anchor managers generate TAMP Status Query, Trust Anchor
   Update, Apex Trust Anchor Update, Community Update, and Sequence
   Number Adjust messages.  Trust anchor stores generate TAMP Status
   Response, Trust Anchor Update Confirm, Apex Trust Anchor Update
   Confirm, Community Update Confirm, Sequence Number Adjust Confirm,
   and TAMP Error messages.

   Support for Trust Anchor Update messages is REQUIRED.  Support for
   all other message formats is RECOMMENDED.  Implementations that
   support the HTTP binding described in Appendix C MUST additionally
   support Trust Anchor Update Confirm and TAMP Error messages and MAY
   support 0 or more of the following pairs of messages: TAMP Status
   Query and TAMP Status Query Response; Apex Trust Anchor Update and
   Apex Trust Anchor Update Confirm; Community Update and Community
   Update Confirm; Sequence Number Adjust and Sequence Number Adjust
   Confirm.  Implementations that operate in a disconnected manner MUST
   NOT assume a response will be received from each consumer of a TAMP
   message.

   A typical interaction between a trust anchor manager and a trust
   anchor store will follow the message flow shown in Figure 1.  Figure
   1 does not illustrate a flow where an error occurs.

Housley, et al.              Standards Track                   [Page 20]



RFC 5934                          TAMP                       August 2010

      +---------+                                +----------+
      |         |  Trust Anchor Status Query     |          |
      |         |------------------------------->|          |
      |         |                                |          |
      |         |  Trust Anchor Status Response  |          |
      | Trust   |<-------------------------------| Trust    |
      | Anchor  |                                | Anchor   |
      | Manager |  Trust Anchor Update           | Store    |
      |         |------------------------------->|          |
      |         |                                |          |
      |         |  Trust Anchor Update Confirm   |          |
      |         |<-------------------------------|          |
      |         |                                |          |
      +---------+                                +----------+

                   Figure 1.  Typical TAMP Message Flow

   Each TAMP query and update message includes an indication of the type
   of response that is desired.  The response can either be terse or
   verbose.  All trust anchor stores MUST support both the terse and
   verbose responses and SHOULD generate a response of the type
   indicated in the corresponding request.  TAMP response processors
   MUST support processing of both terse and verbose responses.

   Trust anchor stores SHOULD be able to process and properly act upon
   the valid payload of the TAMP Status Query message, the Trust Anchor
   Update message, the Apex Trust Anchor Update message, and the
   Sequence Number Adjust message.  TAMP implementations MAY also
   process and act upon the valid payload of the Community Update
   message.

   TAMP implementations SHOULD support generation of the TAMP Status
   Response message, the Trust Anchor Update Confirm message, the Apex
   Trust Anchor Update Confirm message, the Sequence Number Adjust
   Confirm message, and the TAMP Error message.  If a TAMP
   implementation supports the Community Update message, then generation
   of Community Update Confirm messages SHOULD also be supported.

4.1.  TAMP Status Query

   The TAMP Status Query message is used to request information about
   the trust anchors that are currently installed in a trust anchor
   store, and for the list of communities to which the store belongs.
   The TAMP Status Query message MUST be signed.  For the query message
   to be valid, the trust anchor store MUST be an intended recipient of
   the query; the sequence number checking described in Section 6 MUST
   be successful when the TAMP message signer is a trust anchor; and the
   digital signature MUST be validated by the apex trust anchor

Housley, et al.              Standards Track                   [Page 21]



RFC 5934                          TAMP                       August 2010

   operational public key, an authorized management trust anchor, or via
   an authorized X.509 certification path originating with such a trust
   anchor.

   If the digital signature on the TAMP Status Query message is valid,
   sequence number checking is successful, the signer is authorized, and
   the trust anchor store is an intended recipient of the TAMP message,
   then a TAMP Status Response message SHOULD be returned.  If a TAMP
   Status Response message is not returned, then a TAMP Error message
   SHOULD be returned.

   The TAMP Status Query content type has the following syntax:

    CONTENT-TYPE  ::= TYPE-IDENTIFIER

    tamp-status-query CONTENT-TYPE  ::=
       { TAMPStatusQuery IDENTIFIED BY id-ct-TAMP-statusQuery }

    id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }

    TAMPStatusQuery ::= SEQUENCE {
      Version  [0] TAMPVersion DEFAULT v2,
      terse    [1] TerseOrVerbose DEFAULT verbose,
      query    TAMPMsgRef }

    TAMPVersion ::= INTEGER { v1(1), v2(2) }

    TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }

    TAMPMsgRef ::= SEQUENCE {
      target  TargetIdentifier,
      seqNum  SeqNumber }

    SeqNumber ::= INTEGER (0..9223372036854775807)

    TargetIdentifier ::= CHOICE {
      hwModules    [1] HardwareModuleIdentifierList,
      communities  [2] CommunityIdentifierList,
      allModules   [3] NULL,
      uri          [4] IA5String,
      otherName    [5] AnotherName }

    HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
                                     HardwareModules

    HardwareModules ::= SEQUENCE {
      hwType           OBJECT IDENTIFIER,
      hwSerialEntries  SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }

Housley, et al.              Standards Track                   [Page 22]



RFC 5934                          TAMP                       August 2010

    HardwareSerialEntry ::= CHOICE {
      all     NULL,
      single  OCTET STRING,
      block   SEQUENCE {
        low     OCTET STRING,
        high    OCTET STRING } }

    CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community

    Community ::= OBJECT IDENTIFIER

   The fields of TAMPStatusQuery are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  terse indicates the type of response that is desired.  A terse
      response is indicated by a value of 1, and a verbose response is
      indicated by a value of 2, which is omitted during encoding since
      it is the default value.

   o  query contains two items: the target and the seqNum.  target
      identifies the target(s) of the query message.  seqNum is a
      single-use value that will be used to match the TAMP Status Query
      message with the TAMP Status Response message.  The sequence
      number is also used to detect TAMP message replay.  The sequence
      number processing described in Section 6 MUST successfully
      complete before a response is returned.

   The fields of TAMPMsgRef are used as follows:

   o  target identifies the target(s) of the query.  Several
      alternatives for naming a target are provided.  To identify a
      cryptographic module, a combination of a cryptographic type and
      serial number are used.  The cryptographic type is represented as
      an ASN.1 object identifier, and the unique serial number is
      represented as a string of octets.  To facilitate compact
      representation of serial numbers, a contiguous block can be
      specified by the lowest included serial number and the highest
      included serial number.  When present, the high and low octet
      strings MUST have the same length.  The
      HardwareModuleIdentifierList sequence MUST NOT contain duplicate
      hwType values, so that each member of the sequence names all of
      the cryptographic modules of this type.  Object identifiers are
      also used to identify communities of trust anchor stores.  A
      sequence of these object identifiers is used if more than one
      community is the target of the message.  A trust anchor store is
      considered a target if it is a member of any of the listed

Housley, et al.              Standards Track                   [Page 23]



RFC 5934                          TAMP                       August 2010

      communities.  An explicit NULL value is used to identify all
      modules that consider the signer of the TAMP message to be an
      authorized source for that message type.  The uri field can be
      used to identify a target, i.e., a trust anchor store, using a
      Uniform Resource Identifier [RFC3986].  Additional name types are
      supported via the otherName field, which is of type AnotherName.
      AnotherName is defined in [RFC5280].  The format and semantics of
      the name are indicated through the OBJECT IDENTIFIER in the type-
      id field.  The name itself is conveyed as a value field in
      otherName.  Implementations MUST support the allModules option and
      SHOULD support all TargetIdentifier options.

   o  seqNum contains a single-use value that will be used to match the
      TAMP Status Query message with the successful TAMP Status Response
      message.  The sequence number processing described in Section 6
      MUST successfully complete before a response is returned.

   To determine whether a particular cryptographic module serial number
   is considered part of a specified block, all of the following
   conditions MUST be met.  First, the cryptographic module serial
   number MUST be the same length as both the high and low octet
   strings.  Second, the cryptographic module serial number MUST be
   greater than or equal to the low octet string.  Third, the
   cryptographic module serial number MUST be less than or equal to the
   high octet string.

   One octet string is equal to another if they are of the same length
   and are the same at each octet position.  An octet string, S1, is
   greater than another, S2, where S1 and S2 have the same length, if
   and only if S1 and S2 have different octets in one or more positions,
   and in the first such position, the octet in S1 is greater than that
   in S2, considering the octets as unsigned binary numbers.  Note that
   these octet string comparison definitions are consistent with those
   in clause 6 of [X.690].

4.2.  TAMP Status Query Response

   The TAMP Status Response message is a reply by a trust anchor store
   to a valid TAMP Status Query message.  The TAMP Status Response
   message provides information about the trust anchors that are
   currently installed in the trust anchor store and the list of
   communities to which the trust anchor store belongs, if any.  The
   TAMP Status Response message MAY be signed or unsigned.  A TAMP
   Status Response message MUST be signed if the implementation is
   capable of signing it.

Housley, et al.              Standards Track                   [Page 24]



RFC 5934                          TAMP                       August 2010

   The TAMP Status Response content type has the following syntax:

    tamp-status-response CONTENT-TYPE  ::=
       { TAMPStatusResponse IDENTIFIED BY id-ct-TAMP-statusResponse }

    id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }

    TAMPStatusResponse ::= SEQUENCE {
      version   [0] TAMPVersion DEFAULT v2,
      query     TAMPMsgRef,
      response  StatusResponse,
      usesApex  BOOLEAN DEFAULT TRUE }

    StatusResponse ::= CHOICE {
      terseResponse          [0] TerseStatusResponse,
      verboseResponse        [1] VerboseStatusResponse }

    TerseStatusResponse ::= SEQUENCE {
      taKeyIds               KeyIdentifiers,
      communities            CommunityIdentifierList OPTIONAL }

    KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier

    VerboseStatusResponse ::= SEQUENCE {
      taInfo                 TrustAnchorChoiceList,
      continPubKeyDecryptAlg [0] AlgorithmIdentifier OPTIONAL,
      communities            [1] CommunityIdentifierList OPTIONAL,
      tampSeqNumbers         [2] TAMPSequenceNumbers OPTIONAL }

    TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
        TrustAnchorChoice

    TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF TAMPSequenceNumber

    TAMPSequenceNumber ::= SEQUENCE {
      keyId       KeyIdentifier,
      seqNumber   SeqNumber }

   The fields of TAMPStatusResponse are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  query identifies the TAMPStatusQuery to which the trust anchor
      store is responding.  The query structure repeats the TAMPMsgRef
      from the TAMP Status Query message (see Section 4.1).  The
      sequence number processing described in Section 6 MUST
      successfully complete before any response is returned.

Housley, et al.              Standards Track                   [Page 25]



RFC 5934                          TAMP                       August 2010

   o  response contains either a terse response or a verbose response.
      The terse response is represented by TerseStatusResponse, and the
      verbose response is represented by VerboseStatusResponse.

   o  usesApex is a Boolean value that indicates whether the first item
      in the TerseStatusResponse.taKeyIds or
      VerboseStatusResponse.taInfo field identifies the apex TA.

   The fields of TerseStatusResponse are used as follows:

   o  taKeyIds contains a sequence of key identifiers.  Each trust
      anchor contained in the trust anchor store is represented by one
      key identifier.  When TAMPStatusResponse.usesApex is TRUE, the
      apex trust anchor is represented by the first key identifier in
      the sequence, which contains the key identifier of the operational
      public key.

   o  communities is OPTIONAL.  When present, it contains a sequence of
      object identifiers.  Each object identifier names one community to
      which this trust anchor store belongs.  When the trust anchor
      store belongs to no communities, this field is omitted.

   The fields of VerboseStatusResponse are used as follows:

   o  taInfo contains a sequence of TrustAnchorChoice structures.  One
      entry in the sequence is provided for each trust anchor contained
      in the trust anchor store.  When TAMPStatusResponse.usesApex is
      TRUE, the apex trust anchor is the first trust anchor in the
      sequence.

   o  continPubKeyDecryptAlg is OPTIONAL.  When present, it indicates
      the decryption algorithm needed to decrypt the currently installed
      apex trust anchor contingency public key, if a contingency key is
      associated with the apex trust anchor.  When present,
      TAMPStatusResponse.usesApex MUST be TRUE.

   o  communities is OPTIONAL.  When present, it contains a sequence of
      object identifiers.  Each object identifier names one community to
      which this trust anchor store belongs.  When the trust anchor
      store belongs to no communities, this field is omitted.

   o  tampSeqNumbers is OPTIONAL.  When present, it is used to indicate
      the currently held sequence number for each trust anchor
      authorized to sign TAMP messages.  The keyId field identifies the
      trust anchor, and the seqNumber field provides the current
      sequence number associated with the trust anchor.

Housley, et al.              Standards Track                   [Page 26]



RFC 5934                          TAMP                       August 2010

4.3.  Trust Anchor Update

   The Trust Anchor Update message is used to add, remove, and change
   management and identity trust anchors.  The Trust Anchor Update
   message cannot be used to update the apex trust anchor.  The Trust
   Anchor Update message MUST be signed.  For a Trust Anchor Update
   message to be valid, the trust anchor store MUST be an intended
   recipient of the update; the sequence number checking described in
   Section 6 MUST be successful when the TAMP message signer is a trust
   anchor; and the digital signature MUST be validated using the apex
   trust anchor operational public key, an authorized management trust
   anchor, or via an authorized X.509 certification path originating
   with such a trust anchor.

   If the digital signature on the Trust Anchor Update message is valid,
   sequence number checking is successful, the signer is authorized, and
   the trust anchor store is an intended recipient of the TAMP message,
   then the trust anchor store MUST perform the specified updates and
   return a Trust Anchor Update Confirm message.  If a Trust Anchor
   Update Confirm message is not returned, then a TAMP Error message
   SHOULD be returned.

   The Trust Anchor Update content type has the following syntax:

    tamp-update CONTENT-TYPE  ::=
       { TAMPUpdate IDENTIFIED BY id-ct-TAMP-update }

    id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }

    TAMPUpdate ::= SEQUENCE {
      version  [0] TAMPVersion DEFAULT v2,
      terse    [1] TerseOrVerbose DEFAULT verbose,
      msgRef   TAMPMsgRef,
      updates  SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
      tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }

    TrustAnchorUpdate ::= CHOICE {
      add     [1] TrustAnchorChoice,
      remove  [2] SubjectPublicKeyInfo,
      change  [3] EXPLICIT TrustAnchorChangeInfoChoice }

    TrustAnchorChangeInfoChoice ::= CHOICE {
      tbsCertChange  [0] TBSCertificateChangeInfo,
      taChange       [1] TrustAnchorChangeInfo }

Housley, et al.              Standards Track                   [Page 27]



RFC 5934                          TAMP                       August 2010

    TBSCertificateChangeInfo  ::=  SEQUENCE  {
      serialNumber         CertificateSerialNumber OPTIONAL,
      signature            [0] AlgorithmIdentifier OPTIONAL,
      issuer               [1] Name OPTIONAL,
      validity             [2] Validity OPTIONAL,
      subject              [3] Name OPTIONAL,
      subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
      exts                 [5] EXPLICIT Extensions OPTIONAL }

    TrustAnchorChangeInfo ::= SEQUENCE {
      pubKey          SubjectPublicKeyInfo,
      keyId           KeyIdentifier OPTIONAL,
      taTitle         TrustAnchorTitle OPTIONAL,
      certPath        CertPathControls OPTIONAL,
      exts            [1] Extensions OPTIONAL }

   The fields of TAMPUpdate are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  terse indicates the type of response that is desired.  A terse
      response is indicated by a value of 1, and a verbose response is
      indicated by a value of 2, which is omitted during encoding since
      it is the default value.

   o  msgRef contains two items: the target and the seqNum.  target
      identifies the target(s) of the update message.  The
      TargetIdentifier syntax is described in Section 4.1.  seqNum is a
      single-use value that will be used to match the Trust Anchor
      Update message with the Trust Anchor Update Confirm message.  The
      sequence number is also used to detect TAMP message replay.  The
      sequence number processing described in Section 6 MUST
      successfully complete before any of the updates are processed.

   o  updates contains a sequence of updates, which are used to add,
      remove, and change management or identity trust anchors.  Each
      entry in the sequence represents one of these actions, and is
      indicated by an instance of TrustAnchorUpdate.  The actions are a
      batch of updates that MUST be processed in the order that they
      appear, but each of the updates is processed independently.  Each
      of the updates MUST satisfy the subordination checks described in
      Section 7.  Even if one or more of the updates fail, then the
      remaining updates MUST be processed.  These updates MUST NOT make
      any changes to the apex trust anchor.

Housley, et al.              Standards Track                   [Page 28]



RFC 5934                          TAMP                       August 2010

   o  tampSeqNumbers MAY be included to provide the initial or new
      sequence numbers for trust anchors added or changed by the updates
      field.  Elements included in the tampSeqNumbers field that do not
      correspond to an element in the updates field are ignored.
      Elements included in the tampSeqNumbers field that do correspond
      to an element in the updates field and contain a sequence number
      less than or equal to the most recently stored sequence number for
      the trust anchor are ignored.  Elements included in the
      tampSeqNumbers field that do correspond to an element in the
      updates field and contain a sequence number greater than the most
      recently stored sequence number for the indicated trust anchor are
      processed by setting the stored sequence number for the trust
      anchor equal to the new value.

   The TrustAnchorUpdate is a choice of three structures, and each
   alternative represents one of the three possible actions: add,
   remove, and change.  A description of the syntax associated with each
   of these actions follows:

   o  add is used to insert a new management or identity trust anchor
      into the trust anchor store.  The TrustAnchorChoice structure is
      used to provide the trusted public key and all of the information
      associated with it.  However, the action MUST fail with the error
      code notAuthorized if the subordination checks described in
      Section 7 are not satisfied.  See Section 3 for a discussion of
      the TrustAnchorChoice structure.  The apex trust anchor cannot be
      introduced into a trust anchor store using this action; therefore,
      the id-pe-wrappedApexContinKey MUST NOT be present in the
      extensions field.  The constraints of the existing trust anchors
      are unchanged by this action.  An attempt to add a management or
      identity trust anchor that is already in place with the same
      values for every field in the TrustAnchorChoice structure MUST be
      treated as a successful addition.  An attempt to add a management
      or identity trust anchor that is already present with the same
      pubKey values, but with different values for any of the fields in
      the TrustAnchorChoice structure, MUST fail with the error code
      improperTAAddition.  This means a trust anchor may not be added
      twice using different TrustAnchorChoice options.  If a different
      format is desired, the existing trust anchor must be removed and
      the new format added.

   o  remove is used to delete an existing management or identity trust
      anchor from the trust anchor store, including the deletion of the
      management trust anchor associated with the TAMP message signer.
      However, the action MUST fail with the error code notAuthorized if
      the subordination checks described in Section 7 are not satisfied.
      The public key contained in SubjectPublicKeyInfo names the
      management or identity trust anchor to be deleted.  An attempt to

Housley, et al.              Standards Track                   [Page 29]



RFC 5934                          TAMP                       August 2010

      delete a trust anchor that is not present MUST be treated as a
      successful deletion.  The constraints of the deleted trust anchor
      are not distributed to other trust anchors in any manner.  The
      apex trust anchor cannot be removed using this action, which
      ensures that this action cannot place the trust anchor store in an
      unrecoverable configuration.

   o  change is used to update the information associated with an
      existing management or identity trust anchor in the trust anchor
      store.  Attempts to change a trust anchor added as a Certificate
      MUST fail with the error code improperTAChange.  The public key
      contained in the SubjectPublicKeyInfo field of
      TrustAnchorChangeInfo or in the subjectPublicKeyInfo field of a
      TBSCertificateChangeInfo names the to-be-updated trust anchor.
      However, the action MUST fail with the error code notAuthorized if
      the subordination checks described in Section 7 are not satisfied.
      An attempt to change a trust anchor that is not present MUST
      result in a failure with the trustAnchorNotFound status code.  The
      TrustAnchorChangeInfo structure or the TBSCertificateChangeInfo
      structure is used to provide the revised configuration of the
      management or identity trust anchor.  If the update fails for any
      reason, then the original trust anchor configuration MUST be
      preserved.  The apex trust anchor information cannot be changed
      using this action.  Attempts to change a trust anchor added as a
      TBSCertificate using a TrustAnchorChangeInfo MUST fail with an
      improperTAChange error.  Attempts to change a trust anchor added
      as a TrustAnchorInfo using a TBSCertificateChangeInfo MUST fail
      with an improperTAChange error.

   The fields of TrustAnchorChangeInfo are used as follows:

   o  pubKey contains the algorithm identifier and the public key of the
      management or identity trust anchor.  It is used to locate the
      to-be-updated trust anchor in the trust anchor store.

   o  keyId is OPTIONAL, and when present, it contains the public key
      identifier of the trust anchor public key, which is contained in
      the pubKey field.  If this field is not present, then the public
      key identifier remains unchanged.  If this field is present, the
      provided public key identifier replaces the previous one.

   o  taTitle is OPTIONAL, and when present, it provides a human
      readable name for the management or identity trust anchor.  When
      absent in a change trust anchor update, any title that was
      previously associated with the trust anchor is removed.
      Similarly, when present in a change trust anchor update, the title

Housley, et al.              Standards Track                   [Page 30]



RFC 5934                          TAMP                       August 2010

      in the message is associated with the trust anchor.  If a previous
      title was associated with the trust anchor, then the title is
      replaced.  If a title was not previously associated with the trust
      anchor, then the title from the update message is added.

   o  certPath is OPTIONAL, and when present, it provides the controls
      needed to construct and validate an X.509 certification path.
      When absent in a change trust anchor update, any controls that
      were previously associated with the management or identity trust
      anchor are removed, which means that delegation is no longer
      permitted.  Similarly, when present in a change trust anchor
      update, the controls in the message are associated with the
      management or identity trust anchor.  If previous controls,
      including the trust anchor distinguished name, were associated
      with the trust anchor, then the controls are replaced, which means
      that delegation continues to be supported, but that different
      certification paths will be valid.  If controls were not
      previously associated with the management or identity trust
      anchor, then the controls from the update message are added, which
      enables delegation.  The syntax and semantics of CertPathControls
      are discussed in [RFC5914].

   o  exts is OPTIONAL, and when present, it provides the extensions
      values that are associated with the trust anchor.  When absent in
      a change trust anchor update, any extensions that were previously
      associated with the trust anchor are removed.  Similarly, when
      present in a change trust anchor update, the extensions in the
      message are associated with the trust anchor.  Any extensions
      previously associated with the trust anchor are replaced or
      removed.

   The fields of TBSCertificateChangeInfo are used to alter the fields
   within a TBSCertificate structure.  TBSCertificate is described in
   [RFC5280].  For all fields except exts, if the field is absent in a
   change trust anchor update, then any previous value associated with a
   trust anchor is unchanged.  For the exts field, if the field is
   absent in a change trust anchor update, then any previous value
   associated with a trust anchor is removed.  For all fields, if the
   field is present in a change trust anchor update, then any previous
   value associated with a trust anchor is replaced with the value from
   the update message.

4.3.1.  Trust Anchor List

   [RFC5914] defines the TrustAnchorList structure to convey a list of
   trust anchors.  TAMP implementations MAY process TrustAnchorList
   objects (with eContentType (or contentType) using the id-ct-
   trustAnchorList OID defined in [RFC5914]) as equivalent to TAMPUpdate

Housley, et al.              Standards Track                   [Page 31]



RFC 5934                          TAMP                       August 2010

   objects with terse set to terse, msgRef set to allModules (with a
   suitable sequence number), and all elements within the list contained
   within the add field.  This alternative to TrustAnchorUpdate is
   provided for implementations that perform integrity and authorization
   checks out-of-band as a simple means of transferring trust anchors
   from one trust anchor store to another.  It does not provide a means
   of removing or changing trust anchors and has no HTTP binding.

4.4.  Trust Anchor Update Confirm

   The Trust Anchor Update Confirm message is a reply by a trust anchor
   store to a valid Trust Anchor Update message.  The Trust Anchor
   Update Confirm message provides success and failure information for
   each of the requested updates.  The Trust Anchor Update Confirm
   message MAY be signed or unsigned.  A Trust Anchor Update Confirm
   message MUST be signed if the implementation is capable of
   signing it.

   The Trust Anchor Update Confirm content type has the following
   syntax:

    tamp-update-confirm CONTENT-TYPE  ::=
       { TAMPUpdateConfirm IDENTIFIED BY id-ct-TAMP-updateConfirm }

    id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }

    TAMPUpdateConfirm ::= SEQUENCE {
      version  [0] TAMPVersion DEFAULT v2,
      update   TAMPMsgRef,
      confirm  UpdateConfirm }

    UpdateConfirm ::= CHOICE {
      terseConfirm    [0] TerseUpdateConfirm,
      verboseConfirm  [1] VerboseUpdateConfirm }

    TerseUpdateConfirm ::= StatusCodeList

    StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode

    VerboseUpdateConfirm ::= SEQUENCE {
      status          StatusCodeList,
      taInfo          TrustAnchorChoiceList,
      tampSeqNumbers  TAMPSequenceNumbers OPTIONAL,
      usesApex        BOOLEAN DEFAULT TRUE }

Housley, et al.              Standards Track                   [Page 32]



RFC 5934                          TAMP                       August 2010

   The fields of TAMPUpdateConfirm are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  update identifies the TAMPUpdate message to which the trust anchor
      store is responding.  The update structure repeats the TAMPMsgRef
      from the Trust Anchor Update message (see Section 4.3).  The
      sequence number processing described in Section 6 MUST
      successfully complete before any of the updates are processed.

   o  confirm contains either a terse update confirmation or a verbose
      update confirmation.  The terse update confirmation is represented
      by TerseUpdateConfirm, and the verbose response is represented by
      VerboseUpdateConfirm.

   The TerseUpdateConfirm contains a sequence of status codes, one for
   each TrustAnchorUpdate structure in the Trust Anchor Update message.
   The status codes MUST appear in the same order as the
   TrustAnchorUpdate structures to which they apply, and the number of
   elements in the status code list MUST be the same as the number of
   elements in the trust anchor update list.  Each of the status codes
   is discussed in Section 5.

   The fields of VerboseUpdateConfirm are used as follows:

   o  status contains a sequence of status codes, one for each
      TrustAnchorUpdate structure in the Trust Anchor Update message.
      The status codes appear in the same order as the TrustAnchorUpdate
      structures to which they apply, and the number of elements in the
      status code list MUST be the same as the number of elements in the
      trust anchor update list.  Each of the status codes is discussed
      in Section 5.

   o  taInfo contains a sequence of TrustAnchorChoice structures.  One
      entry in the sequence is provided for each trust anchor contained
      in the trust anchor store.  These represent the state of the trust
      anchors after the updates have been processed.  When usesApex is
      true, the apex trust anchor is the first trust anchor in the
      sequence.

   o  tampSeqNumbers is used to indicate the currently held sequence
      number for each trust anchor authorized to sign TAMP messages.
      The keyId field identifies the trust anchor, and the seqNumber
      field provides the current sequence number associated with the
      trust anchor.

Housley, et al.              Standards Track                   [Page 33]



RFC 5934                          TAMP                       August 2010

   o  usesApex is a Boolean value that indicates whether the first item
      in the taInfo field identifies the apex TA.

4.5.  Apex Trust Anchor Update

   The Apex Trust Anchor Update message replaces the operational public
   key and, optionally, the contingency public key associated with the
   apex trust anchor.  Each trust anchor store has exactly one apex
   trust anchor.  No constraints are associated with the apex trust
   anchor.  The public key identifier of the operational public key is
   used to identify the apex trust anchor in subsequent TAMP messages.
   The digital signature on the Apex Trust Anchor Update message is
   validated with either the current operational public key or the
   current contingency public key.  For the Apex Trust Anchor Update
   message that is validated with the operational public key to be
   valid, the trust anchor store MUST be a target of the update, the
   sequence number MUST be larger than the most recently stored sequence
   number for the operational public key, and the digital signature MUST
   be validated directly with the operational public key.  That is, no
   delegation via a certification path is permitted.  For the Apex Trust
   Anchor Update message that is validated with the contingency public
   key to be valid, the trust anchor store MUST be a target of the
   update, the provided decryption key MUST properly decrypt the
   contingency public key, and the digital signature MUST be validated
   directly with the decrypted contingency public key.  Again, no
   delegation via a certification path is permitted.

   If the Apex Trust Anchor Update message is validated using the
   operational public key, then sequence number processing is handled
   normally, as described in Section 6.  If the Apex Trust Anchor Update
   message is validated using the contingency public key, then the
   TAMPMsgRef sequence number MUST contain a zero value.  A sequence
   number for subsequent messages that will be validated with the new
   operational public key can optionally be provided.  If no value is
   provided, then the trust anchor store MUST be prepared to accept any
   sequence number in the next TAMP message validated with the newly
   installed apex trust anchor operational public key.  If the Apex
   Trust Anchor Update message is valid and the clearTrustAnchors flag
   is set to TRUE, then all of the management and identity trust anchors
   stored in the trust anchor store MUST be deleted.  That is, the new
   apex trust anchor MUST be the only trust anchor remaining in the
   trust anchor store.  If the Apex Trust Anchor Update message is valid
   and the clearCommunities flag is set to TRUE, then all community
   identifiers stored in the trust anchor store MUST be deleted.

   The SignedData structure includes a SignerInfo.sid value, and it
   identifies the apex trust anchor public key that will be used to
   validate the digital signature on this TAMP message.  The public key

Housley, et al.              Standards Track                   [Page 34]



RFC 5934                          TAMP                       August 2010

   identifier for the operational public key is known in advance, and it
   is stored as part of the apex trust anchor.  The public key
   identifier for the contingency public key is not known in advance;
   however, the presence of the unsigned attribute containing the
   symmetric key needed to decrypt the contingency public key
   unambiguously indicates that the TAMP message signer used the
   contingency private key to sign the Apex Trust Anchor Update message.

   If the digital signature on the Apex Trust Anchor Update message is
   valid using either the apex trust anchor operational public key or
   the apex trust anchor contingency public key, sequence number
   checking is successful, and the trust anchor store is an intended
   recipient of the TAMP message, then the trust anchor store MUST
   update the apex trust anchor and return an Apex Trust Anchor Update
   Confirm message.  If an Apex Trust Anchor Update Confirm message is
   not returned, then a TAMP Error message SHOULD be returned.  Note
   that the sequence number MUST be zero if the Apex Trust Anchor Update
   message is validated with the apex trust anchor contingency public
   key.

   The Apex Trust Anchor Update content type has the following syntax:

    tamp-apex-update CONTENT-TYPE  ::=
       { TAMPApexUpdate IDENTIFIED BY id-ct-TAMP-apexUpdate }

    id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }

    TAMPApexUpdate ::= SEQUENCE {
      version            [0] TAMPVersion DEFAULT v2,
      terse              [1] TerseOrVerbose DEFAULT verbose,
      msgRef             TAMPMsgRef,
      clearTrustAnchors  BOOLEAN,
      clearCommunities   BOOLEAN,
      seqNumber          SeqNumber OPTIONAL,
      apexTA             TrustAnchorChoice }

   The fields of TAMPApexUpdate are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  terse indicates the type of response that is desired.  A terse
      response is indicated by a value of 1, and a verbose response is
      indicated by a value of 2, which is omitted during encoding since
      it is the default value.

   o  msgRef contains two items: the target and the seqNum.  target
      identifies the target(s) of the Apex Trust Anchor Update message.

Housley, et al.              Standards Track                   [Page 35]



RFC 5934                          TAMP                       August 2010

      The TargetIdentifier syntax as described in Section 4.1 is used.
      seqNum is a single-use value that will be used to match the Apex
      Trust Anchor Update message with the Apex Trust Anchor Update
      Confirm message.  The sequence number is also used to detect TAMP
      message replay if the message is validated with the apex trust
      anchor operational public key.  The sequence number processing
      described in Section 6 MUST successfully complete before any
      action is taken.  However, seqNum MUST contain a zero value if the
      message is validated with the apex trust anchor contingency
      public key.

   o  clearTrustAnchors is a Boolean.  If the value is set to TRUE, then
      all of the management and identity trust anchors stored in the
      trust anchor store MUST be deleted, leaving the newly installed
      apex trust anchor as the only trust anchor in the trust anchor
      store.  If the value is set to FALSE, the other trust anchors MUST
      NOT be changed.

   o  clearCommunities is a Boolean.  If the value is set to TRUE, then
      all of the community identifiers stored in the trust anchor store
      MUST be deleted, leaving none.  If the value is set to FALSE, the
      list of community identifiers MUST NOT be changed.

   o  seqNumber is OPTIONAL, and when present, it provides the initial
      sequence number for the apex trust anchor.  If seqNumber is
      absent, the trust anchor store is prepared to accept any sequence
      number value for the apex trust anchor operational public key.

   o  apexTA provides the information for the replacement apex trust
      anchor.  The TrustAnchorChoice structure is used to provide the
      trusted public key and all of the information associated with it.
      The pubKey, keyId, taTitle, certPath, and exts fields apply to the
      operational public key of the apex trust anchor.  The
      ApexTrustAnchorInfo certificate extension MAY appear as an
      extension.  Section 9 describes the WrappedApexContingencyKey
      certificate extension.

4.6.  Apex Trust Anchor Update Confirm

   The Apex Trust Anchor Update Confirm message is a reply by a trust
   anchor store to a valid Apex Trust Anchor Update message.  The Apex
   Trust Anchor Update Confirm message provides success or failure
   information for the apex trust anchor update.  The Apex Trust Anchor
   Update Confirm message MAY be signed or unsigned.  An Apex Trust
   Anchor Update Confirm message MUST be signed if the trust anchor
   store is capable of signing it.

Housley, et al.              Standards Track                   [Page 36]



RFC 5934                          TAMP                       August 2010

   The Apex Trust Anchor Update Confirm content type has the following
   syntax:

    tamp-apex-update-confirm CONTENT-TYPE  ::=
       { TAMPApexUpdateConfirm IDENTIFIED BY
         id-ct-TAMP-apexUpdateConfirm }

    id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }

    TAMPApexUpdateConfirm ::= SEQUENCE {
      version      [0] TAMPVersion DEFAULT v2,
      apexReplace  TAMPMsgRef,
      apexConfirm  ApexUpdateConfirm }

    ApexUpdateConfirm ::= CHOICE {
      terseApexConfirm    [0] TerseApexUpdateConfirm,
      verboseApexConfirm  [1] VerboseApexUpdateConfirm }

    TerseApexUpdateConfirm ::= StatusCode

    VerboseApexUpdateConfirm ::= SEQUENCE {
      status                 StatusCode,
      taInfo                 TrustAnchorChoiceList,
      communities            [0] CommunityIdentifierList OPTIONAL,
      tampSeqNumbers         [1] TAMPSequenceNumbers OPTIONAL }

   The fields of TAMPApexUpdateConfirm are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  apexReplace identifies the Apex Trust Anchor Update message to
      which the trust anchor store is responding.  The apexReplace
      structure repeats the TAMPMsgRef from the beginning of the Apex
      Trust Anchor Update message (see Section 4.5).  When the Apex
      Trust Anchor Update message is validated with the operational
      public key, the sequence number processing described in Section 6
      MUST successfully complete before an Apex Trust Anchor Update
      Confirm message is generated.  When the Apex Trust Anchor Update
      message is validated with the contingency public key, normal
      sequence number processing is ignored, but the seqNum MUST be
      zero.

   o  apexConfirm contains either a terse update confirmation or a
      verbose update confirmation.  The terse update confirmation is
      represented by TerseApexUpdateConfirm, and the verbose response is
      represented by VerboseApexUpdateConfirm.

Housley, et al.              Standards Track                   [Page 37]



RFC 5934                          TAMP                       August 2010

   The TerseApexUpdateConfirm contains a single status code, indicating
   the success or failure of the apex trust anchor update.  If the apex
   trust anchor update failed, then the status code provides the reason
   for the failure.  Each of the status codes is discussed in Section 5.

   The fields of VerboseApexUpdateConfirm are used as follows:

   o  status contains a single status code, indicating the success or
      failure of the apex trust anchor update.  If the apex trust anchor
      update failed, then the status code provides the reason for the
      failure.  Each of the status codes is discussed in Section 5.

   o  taInfo contains a sequence of TrustAnchorChoice structures.  One
      entry in the sequence is provided for each trust anchor contained
      in the trust anchor store.  These represent the state of the trust
      anchors after the apex trust anchor update has been processed.
      See [RFC5914] for a description of the TrustAnchorInfo structure.
      The apex trust anchor is the first trust anchor in the sequence.

   o  communities is OPTIONAL.  When present, it contains a sequence of
      object identifiers.  Each object identifier names one community to
      which this trust anchor store belongs.  When the trust anchor
      store belongs to no communities, this field is omitted.

   o  tampSeqNumbers is used to indicate the currently held sequence
      number for each trust anchor authorized to sign TAMP messages.
      The keyId field identifies the trust anchor, and the seqNumber
      field provides the current sequence number associated with the
      trust anchor.

4.7.  Community Update

   The trust anchor store maintains a list of identifiers for the
   communities of which it is a member.  The Community Update message
   can be used to remove or add community identifiers from this list.
   The Community Update message MUST be signed.  For the Community
   Update message to be valid, the trust anchor store MUST be a target
   of the update; the sequence number checking described in Section 6
   MUST be successful when the TAMP message signer is a trust anchor;
   and the digital signature MUST be validated by the apex trust anchor
   operational public key, an authorized management trust anchor, or via
   an authorized X.509 certification path originating with such a trust
   anchor.

   If the trust anchor store supports the Community Update message, the
   digital signature on the Community Update message is valid, sequence
   number checking is successful, the signer is authorized, and the
   trust anchor store is an intended recipient of the TAMP message, then

Housley, et al.              Standards Track                   [Page 38]



RFC 5934                          TAMP                       August 2010

   the trust anchor store MUST make the specified updates and return a
   Community Update Confirm message.  If a Community Update Confirm
   message is not returned, then a TAMP Error message SHOULD be
   returned.

   The Community Update message contains a batch of updates, and all of
   the updates MUST be accepted for the trust anchor store to return a
   successful Community Update Confirm message.  The remove updates, if
   present, MUST be processed before the add updates.  Where remove is
   present with an empty list, all community identifiers MUST be
   removed.  This approach prevents community identifiers that are
   intended to be mutually exclusive from being installed by a
   successful addition and a failed removal.  Where add is present, at
   least one community identifier MUST appear in the list.

   The Community Update content type has the following syntax:

    tamp-community-update CONTENT-TYPE  ::=
       { TAMPCommunityUpdate IDENTIFIED BY id-ct-TAMP-communityUpdate }

    id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }

    TAMPCommunityUpdate ::= SEQUENCE {
      version  [0] TAMPVersion DEFAULT v2,
      terse    [1] TerseOrVerbose DEFAULT verbose,
      msgRef   TAMPMsgRef,
      updates  CommunityUpdates }

    CommunityUpdates ::= SEQUENCE {
      remove     [1] CommunityIdentifierList OPTIONAL,
      add        [2] CommunityIdentifierList OPTIONAL }
       -- At least one MUST be present

   The fields of TAMPCommunityUpdate are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  terse indicates the type of response that is desired.  A terse
      response is indicated by a value of 1, and a verbose response is
      indicated by a value of 2, which is omitted during encoding since
      it is the default value.

   o  msgRef contains two items: the target and the seqNum.  target
      identifies the target(s) of the update message.  The
      TargetIdentifier syntax as described in Section 4.1 is used.
      seqNum is a single-use value that will be used to match the
      Community Update message with the Community Update Confirm

Housley, et al.              Standards Track                   [Page 39]



RFC 5934                          TAMP                       August 2010

      message.  The sequence number is also used to detect TAMP message
      replay.  The sequence number processing described in Section 6
      MUST successfully complete before any of the updates are
      processed.

   o  updates contains a sequence of community identifiers to be removed
      and a sequence of community identifiers to be added.  These are
      represented by the CommunityUpdates structure.

   The CommunityUpdates is a sequence of two OPTIONAL sequences, but at
   least one of these sequences MUST be present.  The first sequence
   contains community identifiers to be removed, and if there are none,
   it is absent.  Where remove is present with an empty list, all
   community identifiers MUST be removed.  The second sequence contains
   community identifiers to be added, and if there are none, it is
   absent.  The remove updates, if present, MUST be processed before the
   add updates.  An error is generated if any of the requested removals
   or additions cannot be accomplished.  However, requests to remove
   community identifiers that are not present are treated as successful
   removals.  Likewise, requests to add community identifiers that are
   already present are treated as successful additions.  If an error is
   generated, the trust anchor store community list MUST NOT be changed.

   A description of the syntax associated with each of these actions
   follows:

   o  remove is used to remove one, multiple, or all community
      identifiers from the trust anchor store.

   o  add is used to insert one or more new community identifiers into
      the trust anchor store.

4.8.  Community Update Confirm

   The Community Update Confirm message is a reply by a trust anchor
   store to a valid Community Update message.  The Community Update
   Confirm message provides success or failure information for the
   requested updates.  Success is returned only if the whole batch of
   updates is successfully processed.  If any of the requested updates
   cannot be performed, then a failure is indicated, and the set of
   community identifiers stored in the trust anchor store is unchanged.
   The Community Update Confirm message MAY be signed or unsigned.  A
   Community Update Confirm message MUST be signed if the trust anchor
   store is capable of signing it.

Housley, et al.              Standards Track                   [Page 40]



RFC 5934                          TAMP                       August 2010

   The Community Update Confirm content type has the following syntax:

    tamp-community-update-confirm CONTENT-TYPE  ::=
       { TAMPCommunityUpdateConfirm IDENTIFIED BY
         id-ct-TAMP-communityUpdateConfirm }

    id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::=
       { id-tamp 8 }

    TAMPCommunityUpdateConfirm ::= SEQUENCE {
      version      [0] TAMPVersion DEFAULT v2,
      update       TAMPMsgRef,
      commConfirm  CommunityConfirm }

    CommunityConfirm ::= CHOICE {
      terseCommConfirm     [0] TerseCommunityConfirm,
      verboseCommConfirm   [1] VerboseCommunityConfirm }

    TerseCommunityConfirm ::= StatusCode

    VerboseCommunityConfirm ::= SEQUENCE {
      status       StatusCode,
      communities  CommunityIdentifierList OPTIONAL }

   The fields of TAMPCommunityUpdateConfirm are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  update identifies the Community Update message to which the trust
      anchor store is responding.  The update structure repeats the
      TAMPMsgRef from the Community Update message (see Section 4.7).
      The sequence number processing described in Section 6 MUST
      successfully complete before any of the updates are processed.

   o  commConfirm contains either a terse community update confirmation
      or a verbose community update confirmation.  The terse response is
      represented by TerseCommunityConfirm, and the verbose response is
      represented by VerboseCommunityConfirm.

   The TerseCommunityConfirm contains a single status code, indicating
   the success or failure of the Community Update message processing.
   If the community update failed, then the status code indicates the
   reason for the failure.  Each of the status codes is discussed in
   Section 5.

Housley, et al.              Standards Track                   [Page 41]



RFC 5934                          TAMP                       August 2010

   The fields of VerboseCommunityConfirm are used as follows:

   o  status contains a single status code, indicating the success or
      failure of the Community Update message processing.  If the
      community update failed, then the status code indicates the reason
      for the failure.  Each of the status codes is discussed in
      Section 5.

   o  communities is OPTIONAL.  When present, it contains the sequence
      of community identifiers present in the trust anchor store after
      the update is processed.  When the trust anchor store belongs to
      no communities, this field is omitted.

4.9.  Sequence Number Adjust

   The trust anchor store maintains the current sequence number for the
   apex trust anchor and each management trust anchor authorized for
   TAMP messages.  Sequence number processing is discussed in Section 6.
   The Sequence Number Adjust message can be used to provide the most
   recently used sequence number to one or more targets, thereby
   reducing the possibility of replay.  The Sequence Number Adjust
   message MUST be signed.  For the Sequence Number Adjust message to be
   valid, the trust anchor store MUST be an intended recipient of the
   Sequence Number Adjust message, the sequence number MUST be equal to
   or larger than the most recently stored sequence number for the
   originating trust anchor, and the digital signature MUST be validated
   by the apex trust anchor operational public key or an authorized
   management trust anchor.

   If the digital signature on the Sequence Number Adjust message is
   valid, the sequence number is equal to or larger than the most
   recently stored sequence number for the originating trust anchor, the
   signer is authorized, and the trust anchor store is an intended
   recipient of the TAMP message, then the trust anchor store MUST
   update the sequence number associated with the originating trust
   anchor and return a Sequence Number Adjust Confirm message.  If a
   Sequence Number Adjust Confirm message is not returned, then a TAMP
   Error message SHOULD be returned.

   The Sequence Number Adjust message contains an adjustment for the
   sequence number of the TAMP message signer.

Housley, et al.              Standards Track                   [Page 42]



RFC 5934                          TAMP                       August 2010

   The Sequence Number Adjust content type has the following syntax:

    tamp-sequence-number-adjust CONTENT-TYPE  ::=
       { SequenceNumberAdjust IDENTIFIED BY id-ct-TAMP-seqNumAdjust }

    id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }

    SequenceNumberAdjust ::= SEQUENCE {
      Version  [0] TAMPVersion DEFAULT v2,
      msgRef   TAMPMsgRef }

   The fields of SequenceNumberAdjust are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  msgRef contains two items: the target and the seqNum.  target
      identifies the target(s) of the sequence number adjust message.
      The TargetIdentifier syntax as described in Section 4.1 is used.
      The allModules target is expected to be used for Sequence Number
      Adjust messages.  seqNum MUST be equal to or larger than the most
      recently stored sequence number for this TAMP message signer, and
      the value will be used to match the Sequence Number Adjust message
      with the Sequence Number Adjust Confirm message.  The sequence
      number processing described in Section 6 applies, except that the
      sequence number in a Sequence Number Adjust message is acceptable
      if it matches the most recently stored sequence number for this
      TAMP message signer.  If sequence number checking completes
      successfully, then the sequence number is adjusted; otherwise, it
      remains unchanged.

4.10.  Sequence Number Adjust Confirm

   The Sequence Number Adjust Confirm message is a reply by a trust
   anchor store to a valid Sequence Number Adjust message.  The Sequence
   Number Adjust Confirm message provides success or failure
   information.  Success is returned only if the sequence number for the
   trust anchor that signed the Sequence Number Adjust message
   originator is adjusted.  If the sequence number cannot be adjusted,
   then a failure is indicated, and the sequence number stored in the
   trust anchor store is unchanged.  The Sequence Number Adjust Confirm
   message MAY be signed or unsigned.  A Sequence Number Adjust Confirm
   message MUST be signed if the trust anchor store is capable of
   signing it.

Housley, et al.              Standards Track                   [Page 43]



RFC 5934                          TAMP                       August 2010

   The Sequence Number Adjust Confirm content type has the following
   syntax:

    tamp-sequence-number-adjust-confirm CONTENT-TYPE  ::=
       { SequenceNumberAdjustConfirm IDENTIFIED BY
         id-ct-TAMP-seqNumAdjustConfirm }

    id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::=
       { id-tamp 11 }

    SequenceNumberAdjustConfirm ::= SEQUENCE {
      version  [0] TAMPVersion DEFAULT v2,
      adjust   TAMPMsgRef,
      status   StatusCode }

   The fields of SequenceNumberAdjustConfirm are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  adjust identifies the Sequence Number Adjust message to which the
      trust anchor store is responding.  The adjust structure repeats
      the TAMPMsgRef from the Sequence Number Adjust message (see
      Section 4.9).  The sequence number processing described in
      Section 6 MUST successfully complete to adjust the sequence number
      associated with the Sequence Number Adjust message originator.

   o  status contains a single status code, indicating the success or
      failure of the Sequence Number Adjust message processing.  If the
      adjustment failed, then the status code indicates the reason for
      the failure.  Each of the status codes is discussed in Section 5.

4.11.  TAMP Error

   The TAMP Error message is a reply by a trust anchor store to any
   invalid TAMP message.  The TAMP Error message provides an indication
   of the reason for the error.  The TAMP Error message MAY be signed or
   unsigned.  A TAMP Error message MUST be signed if the trust anchor
   store is capable of signing it.  For the request types defined in
   this specification, TAMP Error messages MUST NOT be used to indicate
   a request message was successfully processed.  Each TAMP Error
   message identifies the type of TAMP message that caused the error.
   In cases where the TAMP message type cannot be determined, errors MAY
   be returned via other means, such as at the protocol level, via an
   attached display, etc.

Housley, et al.              Standards Track                   [Page 44]



RFC 5934                          TAMP                       August 2010

   The TAMP Error message content type has the following syntax:

    tamp-error CONTENT-TYPE  ::=
       { TAMPError IDENTIFIED BY id-ct-TAMP-error }

    id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }

    TAMPError ::= SEQUENCE {
      version  [0] TAMPVersion DEFAULT v2,
      msgType  OBJECT IDENTIFIER,
      status   StatusCode,
      msgRef   TAMPMsgRef OPTIONAL }

   The fields of TAMPError are used as follows:

   o  version identifies version of TAMP.  For this version of the
      specification, the default value, v2, MUST be used.

   o  msgType indicates the content type of the TAMP message that caused
      the error.

   o  status contains a status code that indicates the reason for the
      error.  Each of the status codes is discussed in Section 5.

   o  msgRef is OPTIONAL, but whenever possible it SHOULD be present.
      It identifies the TAMP message that caused the error.  It repeats
      the target and seqNum from the TAMP message that caused the error
      (see Sections 4.1, 4.3, 4.5, 4.7, and 4.9).

5.  Status Codes

   The Trust Anchor Update Confirm, the Apex Trust Anchor Update
   Confirm, the Community Update Confirm, the Sequence Number Adjust
   Confirm, and the TAMP Error messages include status codes.  The
   syntax for the status codes is:

     StatusCode ::= ENUMERATED {
       success                            (0),
       decodeFailure                      (1),
       badContentInfo                     (2),
       badSignedData                      (3),
       badEncapContent                    (4),
       badCertificate                     (5),
       badSignerInfo                      (6),
       badSignedAttrs                     (7),
       badUnsignedAttrs                   (8),
       missingContent                     (9),
       noTrustAnchor                     (10),

Housley, et al.              Standards Track                   [Page 45]



RFC 5934                          TAMP                       August 2010

       notAuthorized                     (11),
       badDigestAlgorithm                (12),
       badSignatureAlgorithm             (13),
       unsupportedKeySize                (14),
       unsupportedParameters             (15),
       signatureFailure                  (16),
       insufficientMemory                (17),
       unsupportedTAMPMsgType            (18),
       apexTAMPAnchor                    (19),
       improperTAAddition                (20),
       seqNumFailure                     (21),
       contingencyPublicKeyDecrypt       (22),
       incorrectTarget                   (23),
       communityUpdateFailed             (24),
       trustAnchorNotFound               (25),
       unsupportedTAAlgorithm            (26),
       unsupportedTAKeySize              (27),
       unsupportedContinPubKeyDecryptAlg (28),
       missingSignature                  (29),
       resourcesBusy                     (30),
       versionNumberMismatch             (31),
       missingPolicySet                  (32),
       revokedCertificate                (33),
       unsupportedTrustAnchorFormat      (34),
       improperTAChange                  (35),
       malformed                         (36),
       cmsError                          (37),
       unsupportedTargetIdentifier       (38),
       other                            (127) }

   The various values of StatusCode are used as follows:

   o  success is used to indicate that an update, portion of an update,
      or adjust was processed successfully.

   o  decodeFailure is used to indicate that the trust anchor store was
      unable to successfully decode the provided message.  The specified
      content type and the provided content do not match.

   o  badContentInfo is used to indicate that the ContentInfo syntax is
      invalid or that the contentType carried within the ContentInfo is
      unknown or unsupported.

   o  badSignedData is used to indicate that the SignedData syntax is
      invalid, the version is unknown or unsupported, or more than one
      entry is present in digestAlgorithms.

Housley, et al.              Standards Track                   [Page 46]



RFC 5934                          TAMP                       August 2010

   o  badEncapContent is used to indicate that the
      EncapsulatedContentInfo syntax is invalid.  This error can be
      generated due to problems located in SignedData.

   o  badCertificate is used to indicate that the syntax for one or more
      certificates in CertificateSet is invalid.

   o  badSignerInfo is used to indicate that the SignerInfo syntax is
      invalid, or the version is unknown or unsupported.

   o  badSignedAttrs is used to indicate that the signedAttrs syntax
      within SignerInfo is invalid.

   o  badUnsignedAttrs is used to indicate that the unsignedAttrs syntax
      within SignerInfo is invalid.

   o  missingContent is used to indicate that the OPTIONAL eContent is
      missing in EncapsulatedContentInfo, which is REQUIRED in this
      specification.  This error can be generated due to problems
      located in SignedData.

   o  noTrustAnchor is used to indicate one of two possible error
      situations.  In one case, the subjectKeyIdentifier does not
      identify the public key of a trust anchor or a certification path
      that terminates with an installed trust anchor.  In the other
      case, the issuerAndSerialNumber is used to identify the TAMP
      message signer, which is prohibited by this specification.

   o  notAuthorized is used to indicate one of two possible error
      situations.  In one case, the sid within SignerInfo leads to an
      installed trust anchor, but that trust anchor is not an authorized
      signer for the received TAMP message content type.  Identity trust
      anchors are not authorized signers for any of the TAMP message
      content types.  In the other case, the signer of a Trust Anchor
      Update message is not authorized to manage the to-be-updated trust
      anchor as determined by a failure of the subordination processing
      in Section 7.

   o  badDigestAlgorithm is used to indicate that the digestAlgorithm in
      either SignerInfo or SignedData is unknown or unsupported.

   o  badSignatureAlgorithm is used to indicate that the
      signatureAlgorithm in SignerInfo is unknown or unsupported.

   o  unsupportedKeySize is used to indicate that the signatureAlgorithm
      in SignerInfo is known and supported, but the TAMP message digital
      signature could not be validated because an unsupported key size
      was employed by the signer.

Housley, et al.              Standards Track                   [Page 47]



RFC 5934                          TAMP                       August 2010

   o  unsupportedParameters is used to indicate that the
      signatureAlgorithm in SignerInfo is known, but the TAMP message
      digital signature could not be validated because unsupported
      parameters were employed by the signer.

   o  signatureFailure is used to indicate that the signatureAlgorithm
      in SignerInfo is known and supported, but the digital signature in
      the signature field within SignerInfo could not be validated.

   o  insufficientMemory indicates that the update could not be
      processed because the trust anchor store did not have sufficient
      memory to store the resulting trust anchor configuration or
      community identifier.

   o  unsupportedTAMPMsgType indicates that the TAMP message could not
      be processed because the trust anchor store does not support the
      provided TAMP message type.  This code will be used if the
      id-ct-TAMP-communityUpdate content type is provided and the trust
      anchor store does not support the Community Update message.  This
      status code will also be used if the contentType value within
      eContentType is not one that is defined in this specification.

   o  apexTAMPAnchor indicates that the update could not be processed
      because the Trust Anchor Update message tried to remove the apex
      trust anchor.

   o  improperTAAddition indicates that a trust anchor update is trying
      to add a new trust anchor that may already exist, but some
      attributes of the to-be-added trust anchor are being modified in
      an improper manner.  The desired trust anchor configuration may be
      attainable with a change operation instead of an add operation.

   o  seqNumFailure indicates that the TAMP message could not be
      processed because the processing of the sequence number, which is
      described in Section 6, resulted in an error.

   o  contingencyPublicKeyDecrypt indicates that the update could not be
      processed because an error occurred while decrypting the
      contingency public key.

   o  incorrectTarget indicates that the query, update, or adjust
      message could not be processed because the trust anchor store is
      not the intended recipient.

   o  communityUpdateFailed indicates that the community update
      requested the addition of a community identifier or the removal of
      a community identifier, but the request could not be honored.

Housley, et al.              Standards Track                   [Page 48]



RFC 5934                          TAMP                       August 2010

   o  trustAnchorNotFound indicates that a change to a trust anchor was
      requested, but the referenced trust anchor is not represented in
      the trust anchor store.

   o  unsupportedTAAlgorithm indicates that an update message would
      result in the trust anchor with a public key associated with a
      digital signature validation algorithm that is not implemented.
      In addition, this status code is used if the algorithm is
      supported, but the parameters associated with the algorithm are
      not supported.

   o  unsupportedTAKeySize indicates that the trust anchor would include
      a public key of a size that is not supported.

   o  unsupportedContinPubKeyDecryptAlg indicates that the decryption
      algorithm for the apex trust anchor contingency public key is not
      supported.

   o  missingSignature indicates that an unsigned TAMP message was
      received, but the received TAMP message type MUST be signed.

   o  resourcesBusy indicates that the resources necessary to process
      the TAMP message are not available at the present time, but the
      resources might be available at some point in the future.

   o  versionNumberMismatch indicates that the version number in a
      received TAMP message is not acceptable.

   o  missingPolicySet indicates that the policyFlags associated with a
      trust anchor are set in a fashion that requires the policySet to
      be present, but the policySet is missing.

   o  revokedCertificate indicates that one or more of the certificates
      needed to properly process the TAMP message have been revoked.

   o  unsupportedTrustAnchorFormat indicates that an unsupported trust
      anchor format was presented or the version is unknown or
      unsupported.

   o  improperTAChange indicates that a trust anchor update is trying to
      change a new trust anchor using a format different than the format
      of the existing trust anchor.

   o  malformed indicates an error in the composition of the CMS
      structure encapsulating a TAMP message.

Housley, et al.              Standards Track                   [Page 49]



RFC 5934                          TAMP                       August 2010

   o  cmsError indicates an error processing a CMS structure that
      encapsulated a TAMP message, such as an error processing
      ContentType or MessageDigest attributes.

   o  unsupportedTargetIdentifier indicates that a msgRef with an
      unsupported TargetIdentifier option was encountered.

   o  other indicates that the update could not be processed, but the
      reason is not covered by any of the assigned status codes.  Use of
      this status code SHOULD be avoided.

6.  Sequence Number Processing

   The sequence number processing facilities in TAMP represent a balance
   between replay protection, operational considerations, and trust
   anchor store memory management.  The goal is to provide replay
   protection without making TAMP difficult to use, creating an
   environment where surprising error conditions occur on a regular
   basis, or imposing onerous memory management requirements on
   implementations.  This balance is achieved by performing sequence
   number checking on TAMP messages that are validated directly using a
   trust anchor, and allowing these checks to be skipped whenever the
   TAMP message originator is not represented by a trust anchor.
   Implementations MUST perform sequence number checking on TAMP
   messages that are validated directly using a trust anchor and MAY
   perform sequence number checking for TAMP messages validated using a
   certification path.

   The TAMP Status Query, Trust Anchor Update, Apex Trust Anchor Update,
   Community Update, and Sequence Number Adjust messages include a
   sequence number.  This single-use identifier is used to match a TAMP
   message with the response to that TAMP message.  When the TAMP
   message is validated directly using a trust anchor, the sequence
   number is also used to detect TAMP message replay.

   To provide replay protection, each TAMP message originator MUST treat
   the sequence number as a monotonically increasing non-negative
   integer.  The sequence number counter is associated with the signing
   operation performed by the private key.  The trust anchor store MUST
   ensure that a newly received TAMP message that is validated directly
   by a trust anchor public key contains a sequence number that is
   greater than the most recent successfully processed TAMP message from
   that originator.  Note that the Sequence Number Adjust message is
   considered valid if the sequence number is greater than or equal to
   the most recent successfully processed TAMP message from that

Housley, et al.              Standards Track                   [Page 50]



RFC 5934                          TAMP                       August 2010

   originator.  If the sequence number in a received TAMP message does
   not meet these conditions, then the trust anchor store MUST reject
   the TAMP message, returning a sequence number failure (seqNumFailure)
   error.

   Whenever a trust anchor is authorized for TAMP messages, either as a
   newly installed trust anchor or as a modification to an existing
   trust anchor, if a sequence number value is not provided in the Trust
   Anchor Update message, memory MUST be allocated for the sequence
   number and set to zero.  The first TAMP message received that is
   validated using that trust anchor is not rejected based on sequence
   number checks, and the sequence number from that first TAMP message
   is stored.  The TAMP message recipient MUST maintain a database of
   the most recent sequence number from a successfully processed TAMP
   message from a trust anchor.  The index for this database is the
   trust anchor public key.  This could be the apex trust anchor
   operational public key or a management trust anchor public key.  In
   the first case, the apex trust anchor operational public key is used
   directly to validate the TAMP message digital signature.  In the
   second case, a management trust anchor public key is used directly to
   validate the TAMP message digital signature.

   Sequence number values MUST be 64-bit non-negative integers.  Since
   ASN.1 encoding of an INTEGER always includes a sign bit, a TAMP
   message signer can generate 9,223,372,036,854,775,807 TAMP messages
   before exhausting the 64-bit sequence number space, before which the
   TAMP message signer MUST transition to a different public/private key
   pair.  The ability to reset a sequence number provided by the Trust
   Anchor Update and Sequence Number Adjust messages is not intended to
   avoid the transition to a different key pair; rather, it is intended
   to aid recovery from operational errors.  A relatively small non-
   volatile storage requirement is imposed on the trust anchor store for
   the apex trust anchor and each management trust anchor authorized for
   TAMP messages.

   When the apex trust anchor or a management trust anchor is replaced
   or removed from the trust anchor store, the associated sequence
   number storage SHOULD be reclaimed.

7.  Subordination Processing

   When a TAMP update message is processed, several checks are
   performed:

   o  TAMP message authentication is checked including, if necessary,
      building and validating a certification path to the signer.

Housley, et al.              Standards Track                   [Page 51]



RFC 5934                          TAMP                       August 2010

   o  The signer's authorization is checked, including authorization to
      manage trust anchors included in the update message.

   o  Calculation of the trust anchor information to be stored.

   This section describes how to perform the second and third steps.
   Section 1.2 discusses authentication of TAMP messages.  Where a trust
   anchor is represented as a certificate and the calculation of the
   trust anchor information to be stored is different than the
   information in the certificate, the TAMP update fails.  The TAMP
   message signer may then wrap the certificate inside a TrustAnchorInfo
   structure to assert the intended information.

   The apex trust anchor is unconstrained, which means that
   subordination checking need not be performed on Trust Anchor Update
   messages signed with the apex trust anchor operational public key and
   that trust anchor information can be stored as it appears in the
   update message.  Subordination checking is performed as part of the
   validation process of all other Trust Anchor Update messages.

   For a Trust Anchor Update message that is not signed with the apex
   trust anchor operational public key to be valid, the digital
   signature MUST be validated using an authorized trust anchor, either
   directly or via an X.509 certification path originating with the apex
   trust anchor operational public key or an authorized management trust
   anchor.  The following subordination checks MUST also be performed as
   part of validation of the update message.

   Each Trust Anchor Update message contains one or more individual
   updates, each of which is used to add, modify, or remove a trust
   anchor.  For each individual update, the constraints of the TAMP
   message signer MUST be greater than or equal to the constraints of
   the trust anchor in the update.  Specifically, constraints included
   in the CertPathControls field of a TrustAnchorInfo object (or
   equivalent extensions in Certificate or TBSCertificate objects) must
   be checked as described below.  [RFC5280] describes how the
   intersection and union operations referenced below are performed.

   o  The values of the policy flags stored with a trust anchor as the
      result of a TAMPUpdate are either true or equal to the value of
      the policy flags associated with the TAMP message signer, i.e., an
      update may set a flag to false only if the value associated with
      the TAMP message signer is false.  The policy flags associated
      with the TAMP message signer are read from the policyFlags field
      or policyConstraints and inhibitAnyPolicy extensions if the signer

Housley, et al.              Standards Track                   [Page 52]



RFC 5934                          TAMP                       August 2010

      is represented as a trust anchor or from the explicit_policy,
      policy_mapping, and inhibit_anyPolicy state variables following
      path validation if the signer is not represented as a trust
      anchor.

   o  The certificate policies stored with a trust anchor as the result
      of a TAMPUpdate are equal to the intersection of the value of the
      certificate policies associated with the TAMP message signer and
      the value of the policySet field or certificatePolicies extension
      from the update.  The certificate policies associated with the
      TAMP message signer are read from the policySet field in a
      TrustAnchorInfo or certificatePolicies extension in a Certificate
      or TBSCertificate if the signer is represented as a trust anchor
      or from the valid_policy_tree returned following path validation
      if the signer is not represented by a trust anchor.  Where the
      TAMP message signer is represented as a trust anchor, no policy
      mapping is performed.  If the intersection is NULL and the
      to-be-stored requireExplicitPolicy value is true, the TAMP update
      fails.

   o  The excluded names stored with a trust anchor as the result of a
      TAMPUpdate are equal to the union of the excluded names associated
      with the TAMP message signer and the value from the nameConstr
      field or nameConstraints extension from the update.  The name
      constraints associated with the TAMP message signer are read from
      the nameConstr field in a TrustAnchorInfo or nameConstraints
      extension in a Certificate or TBSCertificate if the signer is a
      trust anchor or from the excludedSubtrees state variable following
      path validation if the signer is not a trust anchor.  The name of
      the trust anchor included in the update MUST NOT fall within the
      excluded name space of the TAMP signer.  If the name of the trust
      anchor falls within the excluded name space of the TAMP signer,
      the TAMP update fails.

   o  The permitted names stored with a trust anchor as the result of a
      TAMPUpdate are equal to the intersection of the permitted names
      associated with the TAMP message signer and the value from the
      nameConstr field or nameConstraints extension from the update.
      The name constraints associated with the TAMP message signer are
      read from the nameConstr field in a TrustAnchorInfo or
      nameConstraints extension in a Certificate or TBSCertificate if
      the signer is a trust anchor or from the permittedSubtrees state
      variable following path validation if the signer is not a trust
      anchor.  The name of the trust anchor included in the update MUST
      fall within the permitted name space of the TAMP signer.  If the
      name of the trust anchor does not fall within the permitted name
      space of the TAMP signer, the TAMP update fails.  If the
      intersection is NULL for all name forms, the TAMP update fails.

Housley, et al.              Standards Track                   [Page 53]



RFC 5934                          TAMP                       August 2010

   No other extensions defined in [RFC5280] must be processed as part of
   subordination processing.  Other extensions may define subordination
   rules.

8.  Implementation Considerations

   A public key identifier is used to identify a TAMP message signer.
   Since there is no guarantee that the same public key identifier is
   not associated with more than one public key, implementations MUST be
   prepared for one or more trust anchors to have the same public key
   identifier.  In practical terms, this means that when a digital
   signature validation fails, the implementation MUST see if there is
   another trust anchor with the same public key identifier that can be
   used to validate the digital signature.  While duplicate public key
   identifiers are expected to be rare, implementations MUST NOT fail to
   find the correct trust anchor when they do occur.

   An X.500 distinguished name is used to identify certificate issuers
   and certificate subjects.  The same X.500 distinguished name can be
   associated with more than one trust anchor.  However, the trust
   anchor public key will be different.  The probability that two trust
   anchors will have the same X.500 distinguished name and the same
   public key identifier but a different public key is diminishingly
   small.  Therefore, the authority key identifier certificate extension
   can be used to resolve X.500 distinguished name collisions.

   TAMP assumes a reliable underlying transport protocol.

9.  Wrapped Apex Contingency Key Certificate Extension

   An apex trust anchor MAY contain contingency key information using
   the WrappedApexContingencyKey extension.  The extension uses the
   ApexContingencyKey structure as defined below.

    ApexContingencyKey ::= SEQUENCE {
      wrapAlgorithm        AlgorithmIdentifier OPTIONAL,
      wrappedContinPubKey  OCTET STRING  OPTIONAL }

   The fields of ApexContingencyKey are used as described below.  When
   one field is present, both MUST be present.  When one field is
   absent, both MUST be absent.  The fields are allowed to be absent to
   enable usage of this extension as a means of indicating that the
   corresponding public key is recognized as an apex trust anchor by
   some relying parties.

   o  wrapAlgorithm identifies the symmetric algorithm used to encrypt
      the apex trust anchor contingency public key.  If this public key
      is ever needed, the symmetric key needed to decrypt it will be

Housley, et al.              Standards Track                   [Page 54]



RFC 5934                          TAMP                       August 2010

      provided in the message that is to be validated using it.  The
      algorithm identifier is an AlgorithmIdentifier, which contains an
      object identifier and OPTIONAL parameters.  The object identifier
      indicates the syntax of the parameters, if present.

   o  wrappedContinPubKey is the encrypted apex trust anchor contingency
      public key.  Once decrypted, it yields the PublicKeyInfo
      structure, which consists of the algorithm identifier followed by
      the public key itself.  The algorithm identifier is an
      AlgorithmIdentifier that contains an object identifier and
      OPTIONAL parameters.  The object identifier indicates the format
      of the public key and the syntax of the parameters, if present.
      The public key is encoded as a BIT STRING.

   The WrappedApexContingencyKey certificate extension MAY be critical,
   and it MUST appear at most one time in a set of extensions. The apex
   trust anchor info extension is identified by the
   id-pe-wrappedApexContinKey object identifier:

         id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
             { iso(1) identified-organization(3) dod(6) internet(1)
               security(5) mechanisms(5) pkix(7) pe(1) 20 }

10.  Security Considerations

   The majority of this specification is devoted to the syntax and
   semantics of TAMP messages.  It relies on other specifications,
   especially [RFC5914], [RFC3852], and [RFC5280], for the syntax and
   semantics of trust anchors, intermediate CMS content types, and X.509
   certificates, respectively.  Since TAMP messages that change the
   trust anchor state of a trust anchor store are always signed by a
   Trust Anchor Manager, no further data integrity or data origin
   authentication mechanisms are needed; however, no confidentiality for
   these messages is provided.  Similarly, certificates are digitally
   signed, and no additional data integrity or data origin
   authentication mechanisms are needed.  Trust anchor configurations,
   Trust Anchor Manager certificates, and trust anchor store
   certificates are not intended to be sensitive.  As a result, this
   specification does not provide for confidentiality of TAMP messages.

   Security factors outside the scope of this specification greatly
   affect the assurance provided.  The procedures used by certification
   authorities (CAs) to validate the binding of the subject identity to
   their public key greatly affect the assurance associated with the
   resulting certificate.  This is particularly important when issuing
   certificates to other CAs.  In the context of TAMP, the issuance of
   an end entity certificate under a management trust anchor is an act
   of delegation.  However, such end entities cannot further delegate.

Housley, et al.              Standards Track                   [Page 55]



RFC 5934                          TAMP                       August 2010

   On the other hand, issuance of a CA certificate under a management
   trust anchor is an act of delegation where the CA can perform further
   delegation.  The scope of the delegation can be constrained by
   including appropriate certificate extensions in a CA certificate.

   X.509 certification path construction involves comparison of X.500
   distinguished names.  Inconsistent application of name comparison
   rules can result in acceptance of invalid X.509 certification paths
   or rejection of valid ones.  Name comparison can be extremely
   complex.  To avoid imposing this complexity on trust anchor stores,
   any certificate profile used with TAMP SHOULD employ simple name
   structures and impose rigorous restrictions on acceptable
   distinguished names, including the way that they are encoded.  The
   goal of that certificate profile should be to enable simple binary
   comparison.  That is, case conversion, character set conversion,
   white space compression, and leading and trailing white space
   trimming SHOULD be avoided.

   Some digital signature algorithms (DSAs) require the generation of
   random one-time values.  For example, when generating a DSA digital
   signature, the signer MUST generate a random k value [DSS].  Also,
   the generation of public/private key pairs relies on random numbers.

   The use of an inadequate random number generator (RNG) or an
   inadequate pseudo-random number generator (PRNG) to generate such
   cryptographic values can result in little or no security.  An
   attacker may find it much easier to reproduce the random number
   generation environment, searching the resulting small set of
   possibilities, rather than brute-force searching the whole space.

   Compromise of an identity trust anchor private key permits
   unauthorized parties to issue certificates that will be acceptable to
   all trust anchor stores configured with the corresponding identity
   trust anchor.  The unauthorized private key holder will be limited by
   the certification path controls associated with the identity trust
   anchor.  For example, clearance constraints in the identity trust
   anchor will determine the clearances that will be accepted in
   certificates that are issued by the unauthorized private key holder.

   Compromise of a management trust anchor private key permits
   unauthorized parties to generate signed messages that will be
   acceptable to all trust anchor stores configured with the
   corresponding management trust anchor.  All devices that include the
   compromised management trust anchor can be configured as desired by
   the unauthorized private key holder within the limits of the
   subordination checks described in Section 7.  If the management trust
   anchor is associated with content types other than TAMP, then the
   unauthorized private key holder can generate signed messages of that

Housley, et al.              Standards Track                   [Page 56]



RFC 5934                          TAMP                       August 2010

   type.  For example, if the management trust anchor is associated with
   firmware packages, then the unauthorized private key holder can
   install different firmware.

   Compromise of the apex trust anchor operational private key permits
   unauthorized parties to generate signed messages that will be
   acceptable to all trust anchor stores configured with the
   corresponding apex trust anchor.  All devices that include that apex
   trust anchor can be configured as desired by the unauthorized private
   key holder, and the unauthorized private key holder can generate
   signed messages of any content type.  The optional contingency
   private key offers a potential way to recover from such a compromise.

   The compromise of a CA's private key leads to the same type of
   problems as the compromise of an identity or a management trust
   anchor private key.  The unauthorized private key holder will be
   limited by the certification path controls and extensions associated
   with the trust anchor.

   The compromise of an end entity private key leads to the same type of
   problems as the compromise of an identity or a management trust
   anchor private key, except that the end entity is unable to issue any
   certificates.  The unauthorized private key holder will be limited by
   the certification path controls and extensions associated with the
   trust anchor.

   Compromise of a trust anchor store's digital signature private key
   permits unauthorized parties to generate signed TAMP response
   messages, masquerading as the trust anchor store.

   Premature disclosure of the key-encryption key used to encrypt the
   apex trust anchor contingency public key may result in early exposure
   of the apex trust anchor contingency public key.

   TAMP implementations need to be able to parse messages and
   certificates.  Care must be taken to ensure that there are no
   implementation defects in the TAMP message parser or the processing
   that acts on the message content.  A validation suite is one way to
   increase confidence in the parsing of TAMP messages, CMS content
   types, attributes, certificates, and extensions.

   TrustAnchorList messages do not provide a replay detection mechanism.
   Where TrustAnchorList messages are accepted as an alternative means
   of adding trust anchors to a trust anchor store, applications may
   require additional mechanisms to address the risks associated with
   replay of old TrustAnchorList messages.

Housley, et al.              Standards Track                   [Page 57]



RFC 5934                          TAMP                       August 2010

   As sequence number values are used to detect replay attempts, trust
   anchor store managers must take care to maintain their own sequence
   number state, i.e., knowledge of which sequence number to include in
   the next TAMP message generated by the trust anchor store manager.
   Loss of sequence number state can result in generation of TAMP
   messages that cannot be processed due to seqNumFailure.  In the event
   of loss, sequence number state can be restored by inspecting the most
   recently generated TAMP message, provided the messages are logged, or
   in collaboration with a trust anchor store manager who can
   successfully issue a TAMPStatusQuery message.

11.  IANA Considerations

   The details of TAMP requests and responses are communicated using
   object identifiers (OIDs).  The objects are defined in an arc
   delegated by IANA to the PKIX working group.  This document also
   includes eleven media type registrations in Appendix B.  No further
   action by IANA is necessary for this document or any anticipated
   updates.

12.  References

12.1.  Normative References

   [RFC2119]       Bradner, S., "Key words for use in RFCs to Indicate
                   Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC2616]       Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
                   Masinter, L., Leach, P., and T. Berners-Lee,
                   "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616,
                   June 1999.

   [RFC3986]       Berners-Lee, T., Fielding, R., and L. Masinter,
                   "Uniform Resource Identifier (URI): Generic Syntax",
                   STD 66, RFC 3986, January 2005.

   [RFC5280]       Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
                   Housley, R., and W. Polk, "Internet X.509 Public Key
                   Infrastructure Certificate and Certificate Revocation
                   List (CRL) Profile", RFC 5280, May 2008.

   [RFC5652]       Housley, R., "Cryptographic Message Syntax (CMS)",
                   RFC 5652, September 2009.

   [RFC5912]       Hoffman, P. and J. Schaad, "New ASN.1 Modules for the
                   Public Key Infrastructure Using X.509 (PKIX)", RFC
                   5912, June 2010.

Housley, et al.              Standards Track                   [Page 58]



RFC 5934                          TAMP                       August 2010

   [RFC5914]       Housley, R., Ashmore, S., and C. Wallace, "Trust
                   Anchor Format", RFC 5914, June 2010.

   [X.680]         "ITU-T Recommendation X.680 - Information Technology
                   - Abstract Syntax Notation One", 1997.

   [X.690]         "ITU-T Recommendation X.690 - Information Technology
                   - ASN.1 encoding rules: Specification of Basic
                   Encoding Rules (BER), Canonical Encoding Rules (CER)
                   and Distinguished Encoding Rules (DER)", 1997.

12.2.  Informative References

   [DSS]           "FIPS Pub 186: Digital Signature Standard", May 1994.

   [PKCS#6]        "PKCS #6: Extended-Certificate Syntax Standard,
                   Version 1.5", November 1993.

   [RFC3279]       Bassham, L., Polk, W., and R. Housley, "Algorithms
                   and Identifiers for the Internet X.509 Public Key
                   Infrastructure Certificate and Certificate Revocation
                   List (CRL) Profile", RFC 3279, April 2002.

   [RFC3370]       Housley, R., "Cryptographic Message Syntax (CMS)
                   Algorithms", RFC 3370, August 2002.

   [RFC4049]       Housley, R., "BinaryTime: An Alternate Format for
                   Representing Date and Time in ASN.1", RFC 4049, April
                   2005.

   [RFC4108]       Housley, R., "Using Cryptographic Message Syntax
                   (CMS) to Protect Firmware Packages", RFC 4108, August
                   2005.

   [RFC5753]       Turner, S. and D. Brown, "Use of Elliptic Curve
                   Cryptography (ECC) Algorithms in Cryptographic
                   Message Syntax (CMS)", RFC 5753, January 2010.

   [RFC5754]       Turner, S., "Using SHA2 Algorithms with Cryptographic
                   Message Syntax", RFC 5754, January 2010.

   [RFC5755]       Farrell, S., Housley, R., and S. Turner, "An Internet
                   Attribute Certificate Profile for Authorization", RFC
                   5755, January 2010.

   [TA-MGMT-REQS]  Reddy, R. and C. Wallace, "Trust Anchor Management
                   Requirements", Work in Progress, March 2010.

Housley, et al.              Standards Track                   [Page 59]



RFC 5934                          TAMP                       August 2010

   [X.208]         "ITU-T Recommendation X.208 - Specification of
                   Abstract Syntax Notation One (ASN.1)", 1988.

   [X.509]         "ITU-T Recommendation X.509 - The Directory -
                   Authentication Framework", 2000.

Housley, et al.              Standards Track                   [Page 60]



RFC 5934                          TAMP                       August 2010

Appendix A.  ASN.1 Modules

   Appendix A.1 provides the normative ASN.1 definitions for the
   structures described in this specification using ASN.1 as defined in
   [X.680].  Appendix A.2 provides a module using ASN.1 as defined in
   [X.208].  The module in Appendix A.2 removes usage of newer ASN.1
   features that provide support for limiting the types of elements that
   may appear in certain SEQUENCE and SET constructions.  Otherwise, the
   modules are compatible in terms of encoded representation, i.e., the
   modules are bits-on-the-wire compatible aside from the limitations on
   SEQUENCE and SET constituents.  Extension markers are not used due to
   lack of support in [X.208].  Appendix A.2 is included as a courtesy
   to developers using ASN.1 compilers that do not support current
   ASN.1.  Appendix A.1 includes definitions imported from [RFC5280],
   [RFC5912], and [RFC5914].

A.1.  ASN.1 Module Using 1993 Syntax

   TAMP-Protocol-v2
   { joint-iso-ccitt(2) country(16) us(840) organization(1)
     gov(101) dod(2) infosec(1) modules(0) 30 }

   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   IMPORTS
   TrustAnchorChoice, TrustAnchorTitle, CertPathControls
   FROM TrustAnchorInfoModule
      { joint-iso-ccitt(2) country(16) us(840)
      organization(1) gov(101) dod(2) infosec(1)
      modules(0) 33 }
   AlgorithmIdentifier{}, SIGNATURE-ALGORITHM, KEY-WRAP
   FROM AlgorithmInformation-2009
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-algorithmInformation-02(58)}
   Certificate, Name, TBSCertificate,
   CertificateSerialNumber, Validity, SubjectPublicKeyInfo
   FROM PKIX1Explicit-2009 -- from [RFC5912]
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkix1-explicit-02(51)}
   KeyIdentifier, OTHER-NAME
   FROM PKIX1Implicit-2009 -- from [RFC5912]
      {iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkix1-implicit-02(59)}
   EXTENSION, Extensions {}, ATTRIBUTE, SingleAttribute{}

Housley, et al.              Standards Track                   [Page 61]



RFC 5934                          TAMP                       August 2010

   FROM PKIX-CommonTypes-2009 -- from [RFC5912]
      { iso(1) identified-organization(3) dod(6) internet(1)
      security(5) mechanisms(5) pkix(7) id-mod(0)
      id-mod-pkixCommon-02(57) }         ;

   -- Object Identifier Arc for TAMP Message Content Types

   id-tamp OBJECT IDENTIFIER ::= {
   joint-iso-ccitt(2) country(16) us(840) organization(1)
   gov(101) dod(2) infosec(1) formats(2) 77 }

   SupportedSigAlgorithms SIGNATURE-ALGORITHM ::= {
      -- add any locally defined algorithms here
      ...
   }

   SupportedWrapAlgorithms KEY-WRAP ::= {
      -- add any locally defined algorithms here
      ...
   }

   -- CMS Content Types

   CONTENT-TYPE  ::= TYPE-IDENTIFIER

   TAMPContentTypes CONTENT-TYPE  ::= {
     tamp-status-query |
     tamp-status-response |
     tamp-update |
     tamp-update-confirm |
     tamp-apex-update |
     tamp-apex-update-confirm |
     tamp-community-update |
     tamp-community-update-confirm |
     tamp-sequence-number-adjust |
     tamp-sequence-number-adjust-confirm |
     tamp-error,
     ... -- Expect additional content types --
     }

   -- TAMP Status Query Message
   tamp-status-query CONTENT-TYPE  ::=
     { TAMPStatusQuery IDENTIFIED BY id-ct-TAMP-statusQuery }

   id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }

Housley, et al.              Standards Track                   [Page 62]



RFC 5934                          TAMP                       August 2010

   TAMPStatusQuery ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     query           TAMPMsgRef }

   TAMPVersion ::= INTEGER { v1(1), v2(2) }

   TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }

   SeqNumber ::= INTEGER (0..9223372036854775807)

   TAMPMsgRef ::= SEQUENCE {
     target          TargetIdentifier,
     seqNum          SeqNumber }

   TargetIdentifier ::= CHOICE {
     hwModules    [1] HardwareModuleIdentifierList,
     communities  [2] CommunityIdentifierList,
     allModules   [3] NULL,
     uri          [4] IA5String,
     otherName    [5] INSTANCE OF OTHER-NAME }

   HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
                                     HardwareModules

   HardwareModules ::= SEQUENCE {
     hwType          OBJECT IDENTIFIER,
     hwSerialEntries SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }

   HardwareSerialEntry ::= CHOICE {
     all             NULL,
     single          OCTET STRING,
     block           SEQUENCE {
       low             OCTET STRING,
       high            OCTET STRING } }

   CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community

   Community ::= OBJECT IDENTIFIER

   -- TAMP Status Response Message

   tamp-status-response CONTENT-TYPE  ::=
     { TAMPStatusResponse IDENTIFIED BY id-ct-TAMP-statusResponse }

   id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }

Housley, et al.              Standards Track                   [Page 63]



RFC 5934                          TAMP                       August 2010

   TAMPStatusResponse ::= SEQUENCE {
     version   [0] TAMPVersion DEFAULT v2,
     query     TAMPMsgRef,
     response  StatusResponse,
     usesApex  BOOLEAN DEFAULT TRUE }

   StatusResponse ::= CHOICE {
     terseResponse         [0] TerseStatusResponse,
     verboseResponse       [1] VerboseStatusResponse }

   TerseStatusResponse ::= SEQUENCE {
     taKeyIds              KeyIdentifiers,
     communities           CommunityIdentifierList OPTIONAL }

   KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier

   VerboseStatusResponse ::= SEQUENCE {
     taInfo                 TrustAnchorChoiceList,
     continPubKeyDecryptAlg [0] AlgorithmIdentifier
                   {KEY-WRAP, {SupportedWrapAlgorithms}} OPTIONAL,
     communities            [1] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [2] TAMPSequenceNumbers OPTIONAL }

   TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
        TrustAnchorChoice

   TAMPSequenceNumber ::= SEQUENCE {
     keyId       KeyIdentifier,
     seqNumber   SeqNumber }

   TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF TAMPSequenceNumber

   -- Trust Anchor Update Message

   tamp-update CONTENT-TYPE  ::=
     { TAMPUpdate IDENTIFIED BY id-ct-TAMP-update }

   id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }

   TAMPUpdate ::= SEQUENCE {
     version  [0] TAMPVersion DEFAULT v2,
     terse    [1] TerseOrVerbose DEFAULT verbose,
     msgRef   TAMPMsgRef,
     updates  SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
     tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }

Housley, et al.              Standards Track                   [Page 64]



RFC 5934                          TAMP                       August 2010

   TrustAnchorUpdate ::= CHOICE {
     add             [1] TrustAnchorChoice,
     remove          [2] SubjectPublicKeyInfo,
     change          [3] EXPLICIT TrustAnchorChangeInfoChoice }

   TrustAnchorChangeInfoChoice ::= CHOICE {
     tbsCertChange  [0] TBSCertificateChangeInfo,
     taChange       [1] TrustAnchorChangeInfo }

   TBSCertificateChangeInfo  ::=  SEQUENCE  {
     serialNumber         CertificateSerialNumber OPTIONAL,
     signature            [0] AlgorithmIdentifier
             {SIGNATURE-ALGORITHM, {SupportedSigAlgorithms}} OPTIONAL,
     issuer               [1] Name OPTIONAL,
     validity             [2] Validity OPTIONAL,
     subject              [3] Name OPTIONAL,
     subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
     exts                 [5] EXPLICIT Extensions{{...}} OPTIONAL }

   TrustAnchorChangeInfo ::= SEQUENCE {
     pubKey          SubjectPublicKeyInfo,
     keyId           KeyIdentifier OPTIONAL,
     taTitle         TrustAnchorTitle OPTIONAL,
     certPath        CertPathControls OPTIONAL,
     exts            [1] Extensions{{...}} OPTIONAL }

   -- Trust Anchor Update Confirm Message

   tamp-update-confirm CONTENT-TYPE  ::=
     { TAMPUpdateConfirm IDENTIFIED BY id-ct-TAMP-updateConfirm }

   id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }

   TAMPUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     update                TAMPMsgRef,
     confirm               UpdateConfirm }

   UpdateConfirm ::= CHOICE {
     terseConfirm          [0] TerseUpdateConfirm,
     verboseConfirm        [1] VerboseUpdateConfirm }

   TerseUpdateConfirm ::= StatusCodeList

   StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode

Housley, et al.              Standards Track                   [Page 65]



RFC 5934                          TAMP                       August 2010

   VerboseUpdateConfirm ::= SEQUENCE {
     status          StatusCodeList,
     taInfo          TrustAnchorChoiceList,
     tampSeqNumbers  TAMPSequenceNumbers OPTIONAL,
     usesApex        BOOLEAN DEFAULT TRUE }

   -- Apex Trust Anchor Update Message

   tamp-apex-update CONTENT-TYPE  ::=
       { TAMPApexUpdate IDENTIFIED BY id-ct-TAMP-apexUpdate }

   id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }

   TAMPApexUpdate ::= SEQUENCE {
     version            [0] TAMPVersion DEFAULT v2,
     terse              [1] TerseOrVerbose DEFAULT verbose,
     msgRef             TAMPMsgRef,
     clearTrustAnchors  BOOLEAN,
     clearCommunities   BOOLEAN,
     seqNumber          SeqNumber OPTIONAL,
     apexTA             TrustAnchorChoice }

   -- Apex Trust Anchor Update Confirm Message

   tamp-apex-update-confirm CONTENT-TYPE  ::=
     { TAMPApexUpdateConfirm IDENTIFIED BY
         id-ct-TAMP-apexUpdateConfirm }

   id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }

   TAMPApexUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     apexReplace           TAMPMsgRef,
     apexConfirm           ApexUpdateConfirm }

   ApexUpdateConfirm ::= CHOICE {
     terseApexConfirm      [0] TerseApexUpdateConfirm,
     verboseApexConfirm    [1] VerboseApexUpdateConfirm }

   TerseApexUpdateConfirm ::= StatusCode

   VerboseApexUpdateConfirm ::= SEQUENCE {
     status                  StatusCode,
     taInfo                  TrustAnchorChoiceList,
     communities            [0] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [1] TAMPSequenceNumbers OPTIONAL }

Housley, et al.              Standards Track                   [Page 66]



RFC 5934                          TAMP                       August 2010

   -- Community Update Message

   tamp-community-update CONTENT-TYPE  ::=
     { TAMPCommunityUpdate IDENTIFIED BY id-ct-TAMP-communityUpdate }

   id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }

   TAMPCommunityUpdate ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     msgRef          TAMPMsgRef,
     updates         CommunityUpdates }

   CommunityUpdates ::= SEQUENCE {
     remove       [1] CommunityIdentifierList OPTIONAL,
     add          [2] CommunityIdentifierList OPTIONAL }
     -- At least one must be present

   -- Community Update Confirm Message

   tamp-community-update-confirm CONTENT-TYPE  ::=
     { TAMPCommunityUpdateConfirm IDENTIFIED BY
       id-ct-TAMP-communityUpdateConfirm }

   id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::=
     { id-tamp 8 }

   TAMPCommunityUpdateConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     update          TAMPMsgRef,
     commConfirm     CommunityConfirm }

   CommunityConfirm ::= CHOICE {
     terseCommConfirm      [0] TerseCommunityConfirm,
     verboseCommConfirm    [1] VerboseCommunityConfirm }

   TerseCommunityConfirm ::= StatusCode

   VerboseCommunityConfirm ::= SEQUENCE {
     status          StatusCode,
     communities     CommunityIdentifierList OPTIONAL }

   -- Sequence Number Adjust Message

   tamp-sequence-number-adjust CONTENT-TYPE  ::=
     { SequenceNumberAdjust IDENTIFIED BY id-ct-TAMP-seqNumAdjust }

   id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }

Housley, et al.              Standards Track                   [Page 67]



RFC 5934                          TAMP                       August 2010

   SequenceNumberAdjust ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,

     msgRef          TAMPMsgRef }

   -- Sequence Number Adjust Confirm Message

   tamp-sequence-number-adjust-confirm CONTENT-TYPE  ::=
     { SequenceNumberAdjustConfirm IDENTIFIED BY
       id-ct-TAMP-seqNumAdjustConfirm }

   id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::= { id-tamp 11 }

   SequenceNumberAdjustConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     adjust          TAMPMsgRef,
     status          StatusCode }

   -- TAMP Error Message

   tamp-error CONTENT-TYPE  ::=
     { TAMPError IDENTIFIED BY id-ct-TAMP-error }

   id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }

   TAMPError ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     msgType         OBJECT IDENTIFIER,
     status          StatusCode,
     msgRef          TAMPMsgRef OPTIONAL }

   -- Status Codes

   StatusCode ::= ENUMERATED {
     success                            (0),
     decodeFailure                      (1),
     badContentInfo                     (2),
     badSignedData                      (3),
     badEncapContent                    (4),
     badCertificate                     (5),
     badSignerInfo                      (6),
     badSignedAttrs                     (7),
     badUnsignedAttrs                   (8),
     missingContent                     (9),
     noTrustAnchor                     (10),
     notAuthorized                     (11),
     badDigestAlgorithm                (12),
     badSignatureAlgorithm             (13),

Housley, et al.              Standards Track                   [Page 68]



RFC 5934                          TAMP                       August 2010

     unsupportedKeySize                (14),
     unsupportedParameters             (15),
     signatureFailure                  (16),
     insufficientMemory                (17),
     unsupportedTAMPMsgType            (18),
     apexTAMPAnchor                    (19),
     improperTAAddition                (20),
     seqNumFailure                     (21),
     contingencyPublicKeyDecrypt       (22),
     incorrectTarget                   (23),
     communityUpdateFailed             (24),
     trustAnchorNotFound               (25),
     unsupportedTAAlgorithm            (26),
     unsupportedTAKeySize              (27),
     unsupportedContinPubKeyDecryptAlg (28),
     missingSignature                  (29),
     resourcesBusy                     (30),
     versionNumberMismatch             (31),
     missingPolicySet                  (32),
     revokedCertificate                (33),
     unsupportedTrustAnchorFormat      (34),
     improperTAChange                  (35),
     malformed                         (36),
     cmsError                          (37),
     unsupportedTargetIdentifier       (38),
     other                            (127) }

   -- Object Identifier Arc for Attributes

   id-attributes OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
     us(840) organization(1) gov(101) dod(2) infosec(1) 5 }

   -- TAMP Unsigned Attributes
   -- These attributes are unsigned attributes and go into the
   --    UnsignedAttributes set in [RFC5652]

   TAMPUnsignedAttributes ATTRIBUTE ::= {
     contingency-public-key-decrypt-key,
     ... -- Expect additional attributes --
     }

   -- contingency-public-key-decrypt-key unsigned attribute

   contingency-public-key-decrypt-key ATTRIBUTE ::= {
     TYPE PlaintextSymmetricKey IDENTIFIED BY
     id-aa-TAMP-contingencyPublicKeyDecryptKey }

Housley, et al.              Standards Track                   [Page 69]



RFC 5934                          TAMP                       August 2010

   id-aa-TAMP-contingencyPublicKeyDecryptKey OBJECT IDENTIFIER ::= {
     id-attributes 63 }

   PlaintextSymmetricKey ::= OCTET STRING

   -- id-pe-wrappedApexContinKey extension

   wrappedApexContinKey EXTENSION ::= {
        SYNTAX         ApexContingencyKey
        IDENTIFIED BY  id-pe-wrappedApexContinKey }

   id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) pe(1) 20 }

   ApexContingencyKey ::= SEQUENCE {
     wrapAlgorithm
         AlgorithmIdentifier{KEY-WRAP, {SupportedWrapAlgorithms}},
     wrappedContinPubKey  OCTET STRING }

   END

A.2.  ASN.1 Module Using 1988 Syntax

   TAMP-Protocol-v2-88
      { joint-iso-ccitt(2) country(16) us(840) organization(1)
        gov(101) dod(2) infosec(1) modules(0) 31 }

   DEFINITIONS IMPLICIT TAGS ::=
   BEGIN

   IMPORTS
     TrustAnchorChoice, TrustAnchorTitle, CertPathControls
     FROM TrustAnchorInfoModule-88 -- from [RFC5914]
          { joint-iso-ccitt(2) country(16) us(840) organization(1)
            gov(101) dod(2) infosec(1) modules(0) 37 }
     AlgorithmIdentifier, Certificate, Name, Attribute, TBSCertificate,
     SubjectPublicKeyInfo, CertificateSerialNumber, Validity, Extensions
       FROM PKIX1Explicit88 -- from [RFC5280]
         { iso(1) identified-organization(3) dod(6) internet(1)
           security(5) mechanisms(5) pkix(7) id-mod(0)
           id-pkix1-explicit(18) }
     KeyIdentifier, AnotherName
       FROM PKIX1Implicit88 -- from [RFC5280]
         { iso(1) identified-organization(3) dod(6) internet(1)
           security(5) mechanisms(5) pkix(7) id-mod(0)
           id-pkix1-implicit(19) } ;

Housley, et al.              Standards Track                   [Page 70]



RFC 5934                          TAMP                       August 2010

   -- Object Identifier Arc for TAMP Message Content Types

   id-tamp OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
   us(840) organization(1) gov(101) dod(2) infosec(1) formats(2) 77 }

   -- CMS Content Types

   -- TAMP Status Query Message

   id-ct-TAMP-statusQuery OBJECT IDENTIFIER ::= { id-tamp 1 }

   TAMPStatusQuery ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     query           TAMPMsgRef }

   TAMPVersion ::= INTEGER { v1(1), v2(2) }

   TerseOrVerbose ::= ENUMERATED { terse(1), verbose(2) }

   SeqNumber ::= INTEGER (0..9223372036854775807)

   TAMPMsgRef ::= SEQUENCE {
     target          TargetIdentifier,
     seqNum          SeqNumber }

   TargetIdentifier ::= CHOICE {
     hwModules    [1] HardwareModuleIdentifierList,
     communities  [2] CommunityIdentifierList,
     allModules   [3] NULL,
     uri          [4] IA5String,
     otherName    [5] AnotherName }

   HardwareModuleIdentifierList ::= SEQUENCE SIZE (1..MAX) OF
                                     HardwareModules

   HardwareModules ::= SEQUENCE {
     hwType          OBJECT IDENTIFIER,
     hwSerialEntries SEQUENCE SIZE (1..MAX) OF HardwareSerialEntry }

   HardwareSerialEntry ::= CHOICE {
     all             NULL,
     single          OCTET STRING,
     block           SEQUENCE {
       low             OCTET STRING,
       high            OCTET STRING } }

Housley, et al.              Standards Track                   [Page 71]



RFC 5934                          TAMP                       August 2010

   CommunityIdentifierList ::= SEQUENCE SIZE (0..MAX) OF Community

   Community ::= OBJECT IDENTIFIER

   -- TAMP Status Response Message

   id-ct-TAMP-statusResponse OBJECT IDENTIFIER ::= { id-tamp 2 }

   TAMPStatusResponse ::= SEQUENCE {
     version   [0] TAMPVersion DEFAULT v2,
     query     TAMPMsgRef,
     response  StatusResponse,
     usesApex  BOOLEAN DEFAULT TRUE }

   StatusResponse ::= CHOICE {
     terseResponse         [0] TerseStatusResponse,
     verboseResponse       [1] VerboseStatusResponse }

   TerseStatusResponse ::= SEQUENCE {
     taKeyIds              KeyIdentifiers,
     communities           CommunityIdentifierList OPTIONAL }

   KeyIdentifiers ::= SEQUENCE SIZE (1..MAX) OF KeyIdentifier

   VerboseStatusResponse ::= SEQUENCE {
     taInfo                 TrustAnchorChoiceList,
     continPubKeyDecryptAlg [0] AlgorithmIdentifier OPTIONAL,
     communities            [1] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [2] TAMPSequenceNumbers OPTIONAL }

   TrustAnchorChoiceList ::= SEQUENCE SIZE (1..MAX) OF
        TrustAnchorChoice

   TAMPSequenceNumber ::= SEQUENCE {
     keyId       KeyIdentifier,
     seqNumber   SeqNumber }

   TAMPSequenceNumbers ::= SEQUENCE SIZE (1..MAX) OF
        TAMPSequenceNumber

   -- Trust Anchor Update Message

   id-ct-TAMP-update OBJECT IDENTIFIER ::= { id-tamp 3 }

Housley, et al.              Standards Track                   [Page 72]



RFC 5934                          TAMP                       August 2010

   TAMPUpdate ::= SEQUENCE {
     version  [0] TAMPVersion DEFAULT v2,
     terse    [1] TerseOrVerbose DEFAULT verbose,
     msgRef   TAMPMsgRef,
     updates  SEQUENCE SIZE (1..MAX) OF TrustAnchorUpdate,
     tampSeqNumbers [2]TAMPSequenceNumbers OPTIONAL }

   TrustAnchorUpdate ::= CHOICE {
     add             [1] TrustAnchorChoice,
     remove          [2] SubjectPublicKeyInfo,
     change          [3] EXPLICIT TrustAnchorChangeInfoChoice }

   TrustAnchorChangeInfoChoice ::= CHOICE {
     tbsCertChange [0] TBSCertificateChangeInfo,
     taChange      [1] TrustAnchorChangeInfo }

   TBSCertificateChangeInfo  ::=  SEQUENCE  {
     serialNumber         CertificateSerialNumber OPTIONAL,
     signature            [0] AlgorithmIdentifier OPTIONAL,
     issuer               [1] Name OPTIONAL,
     validity             [2] Validity OPTIONAL,
     subject              [3] Name OPTIONAL,
     subjectPublicKeyInfo [4] SubjectPublicKeyInfo,
     exts                 [5] EXPLICIT Extensions OPTIONAL }

   TrustAnchorChangeInfo ::= SEQUENCE {
     pubKey          SubjectPublicKeyInfo,
     keyId           KeyIdentifier OPTIONAL,
     taTitle         TrustAnchorTitle OPTIONAL,
     certPath        CertPathControls OPTIONAL,
     exts            [1] Extensions OPTIONAL }

   -- Trust Anchor Update Confirm Message

   id-ct-TAMP-updateConfirm OBJECT IDENTIFIER ::= { id-tamp 4 }

   TAMPUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     update                TAMPMsgRef,
     confirm               UpdateConfirm }

   UpdateConfirm ::= CHOICE {
     terseConfirm          [0] TerseUpdateConfirm,
     verboseConfirm        [1] VerboseUpdateConfirm }

   TerseUpdateConfirm ::= StatusCodeList

   StatusCodeList ::= SEQUENCE SIZE (1..MAX) OF StatusCode

Housley, et al.              Standards Track                   [Page 73]



RFC 5934                          TAMP                       August 2010

   VerboseUpdateConfirm ::= SEQUENCE {
     status          StatusCodeList,
     taInfo          TrustAnchorChoiceList,
     tampSeqNumbers  TAMPSequenceNumbers OPTIONAL,
     usesApex        BOOLEAN DEFAULT TRUE }

   -- Apex Trust Anchor Update Message

   id-ct-TAMP-apexUpdate OBJECT IDENTIFIER ::= { id-tamp 5 }

   TAMPApexUpdate ::= SEQUENCE {
     version            [0] TAMPVersion DEFAULT v2,
     terse              [1] TerseOrVerbose DEFAULT verbose,
     msgRef             TAMPMsgRef,
     clearTrustAnchors  BOOLEAN,
     clearCommunities   BOOLEAN,
     seqNumber          SeqNumber OPTIONAL,
     apexTA             TrustAnchorChoice }

   -- Apex Trust Anchor Update Confirm Message

   id-ct-TAMP-apexUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 6 }

   TAMPApexUpdateConfirm ::= SEQUENCE {
     version               [0] TAMPVersion DEFAULT v2,
     apexReplace           TAMPMsgRef,
     apexConfirm           ApexUpdateConfirm }

   ApexUpdateConfirm ::= CHOICE {
     terseApexConfirm      [0] TerseApexUpdateConfirm,
     verboseApexConfirm    [1] VerboseApexUpdateConfirm }

   TerseApexUpdateConfirm ::= StatusCode

   VerboseApexUpdateConfirm ::= SEQUENCE {
     status                  StatusCode,
     taInfo                  TrustAnchorChoiceList,
     communities            [0] CommunityIdentifierList OPTIONAL,
     tampSeqNumbers         [1] TAMPSequenceNumbers OPTIONAL }

   -- Community Update Message

   id-ct-TAMP-communityUpdate OBJECT IDENTIFIER ::= { id-tamp 7 }

Housley, et al.              Standards Track                   [Page 74]



RFC 5934                          TAMP                       August 2010

   TAMPCommunityUpdate ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     terse           [1] TerseOrVerbose DEFAULT verbose,
     msgRef          TAMPMsgRef,
     updates         CommunityUpdates }

   CommunityUpdates ::= SEQUENCE {
     remove          [1] CommunityIdentifierList OPTIONAL,
     add             [2] CommunityIdentifierList OPTIONAL }
     -- At least one must be present

   -- Community Update Confirm Message

   id-ct-TAMP-communityUpdateConfirm OBJECT IDENTIFIER ::= { id-tamp 8 }

   TAMPCommunityUpdateConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     update          TAMPMsgRef,
     commConfirm     CommunityConfirm }

   CommunityConfirm ::= CHOICE {
     terseCommConfirm      [0] TerseCommunityConfirm,
     verboseCommConfirm    [1] VerboseCommunityConfirm }

   TerseCommunityConfirm ::= StatusCode

   VerboseCommunityConfirm ::= SEQUENCE {
     status          StatusCode,
     communities     CommunityIdentifierList OPTIONAL }

   -- Sequence Number Adjust Message

   id-ct-TAMP-seqNumAdjust OBJECT IDENTIFIER ::= { id-tamp 10 }

   SequenceNumberAdjust ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     msgRef          TAMPMsgRef }

   -- Sequence Number Adjust Confirm Message

   id-ct-TAMP-seqNumAdjustConfirm OBJECT IDENTIFIER ::= { id-tamp 11 }

   SequenceNumberAdjustConfirm ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     adjust          TAMPMsgRef,
     status          StatusCode }

Housley, et al.              Standards Track                   [Page 75]



RFC 5934                          TAMP                       August 2010

   -- TAMP Error Message

   id-ct-TAMP-error OBJECT IDENTIFIER ::= { id-tamp 9 }

   TAMPError ::= SEQUENCE {
     version         [0] TAMPVersion DEFAULT v2,
     msgType         OBJECT IDENTIFIER,
     status          StatusCode,
     msgRef          TAMPMsgRef OPTIONAL }

   -- Status Codes

   StatusCode ::= ENUMERATED {
     success                            (0),
     decodeFailure                      (1),
     badContentInfo                     (2),
     badSignedData                      (3),
     badEncapContent                    (4),
     badCertificate                     (5),
     badSignerInfo                      (6),
     badSignedAttrs                     (7),
     badUnsignedAttrs                   (8),
     missingContent                     (9),
     noTrustAnchor                     (10),
     notAuthorized                     (11),
     badDigestAlgorithm                (12),
     badSignatureAlgorithm             (13),
     unsupportedKeySize                (14),
     unsupportedParameters             (15),
     signatureFailure                  (16),
     insufficientMemory                (17),
     unsupportedTAMPMsgType            (18),
     apexTAMPAnchor                    (19),
     improperTAAddition                (20),
     seqNumFailure                     (21),
     contingencyPublicKeyDecrypt       (22),
     incorrectTarget                   (23),
     communityUpdateFailed             (24),
     trustAnchorNotFound               (25),
     unsupportedTAAlgorithm            (26),
     unsupportedTAKeySize              (27),
     unsupportedContinPubKeyDecryptAlg (28),
     missingSignature                  (29),
     resourcesBusy                     (30),
     versionNumberMismatch             (31),
     missingPolicySet                  (32),
     revokedCertificate                (33),
     unsupportedTrustAnchorFormat      (34),

Housley, et al.              Standards Track                   [Page 76]



RFC 5934                          TAMP                       August 2010

     improperTAChange                  (35),
     malformed                         (36),
     cmsError                          (37),
     unsupportedTargetIdentifier       (38),
     other                            (127) }

   -- Object Identifier Arc for Attributes

   id-attributes OBJECT IDENTIFIER ::= { joint-iso-ccitt(2) country(16)
       us(840) organization(1) gov(101) dod(2) infosec(1) 5 }

   -- id-aa-TAMP-contingencyPublicKeyDecryptKey uses
   -- PlaintextSymmetricKey syntax
   id-aa-TAMP-contingencyPublicKeyDecryptKey OBJECT IDENTIFIER ::= {
     id-attributes 63 }

   PlaintextSymmetricKey ::= OCTET STRING

   -- id-pe-wrappedApexContinKey extension

   id-pe-wrappedApexContinKey OBJECT IDENTIFIER ::=
        { iso(1) identified-organization(3) dod(6) internet(1)
          security(5) mechanisms(5) pkix(7) pe(1) 20 }

   ApexContingencyKey ::= SEQUENCE {
     wrapAlgorithm        AlgorithmIdentifier,
     wrappedContinPubKey  OCTET STRING }

   END

Appendix B.  Media Type Registrations

   Eleven media type registrations are provided in this appendix, one
   for each content type defined in this specification.  As noted in
   Section 2, in all cases TAMP messages are encapsulated within
   ContentInfo structures.  Signed messages are additionally
   encapsulated within a SignedData structure.

B.1.  application/tamp-status-query

   Media type name: application

   Subtype name: tamp-status-query

   Required parameters: None

   Optional parameters: None

Housley, et al.              Standards Track                   [Page 77]



RFC 5934                          TAMP                       August 2010

   Encoding considerations: binary

   Security considerations: Carries a signed request for status
   information.  Integrity protection is discussed in Section 4.1.
   Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests for status information.

   Additional information:

      Magic number(s): None

      File extension(s): .tsq

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.2.  application/tamp-status-response

   Media type name: application

   Subtype name: tamp-status-response

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries optionally signed status
   information.  Integrity protection is discussed in Section 4.2.

Housley, et al.              Standards Track                   [Page 78]



RFC 5934                          TAMP                       August 2010

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests for status information.

   Additional information:

      Magic number(s): None

      File extension(s): .tsr

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.3.  application/tamp-update

   Media type name: application

   Subtype name: tamp-update

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed trust anchor update
   message.  Integrity protection is discussed in Section 4.3.  Replay
   detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

Housley, et al.              Standards Track                   [Page 79]



RFC 5934                          TAMP                       August 2010

   Applications that use this media type: TAMP clients responding to
   requests to update trust anchor information.

   Additional information:

      Magic number(s): None

      File extension(s): .tur

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.4.  application/tamp-update-confirm

   Media type name: application

   Subtype name: tamp-update-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed TAMP update
   response.  Integrity protection is discussed in Section 4.4.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update trust anchor information.

Housley, et al.              Standards Track                   [Page 80]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .tuc

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.5.  application/tamp-apex-update

   Media type name: application

   Subtype name: tamp-apex-update

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed request to update an apex
   trust anchor information.  Integrity protection is discussed in
   Section 4.5.  Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update an apex trust anchor.

Housley, et al.              Standards Track                   [Page 81]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .tau

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.6.  application/tamp-apex-update-confirm

   Media type name: application

   Subtype name: tamp-apex-update-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed response to an
   apex update request.  Integrity protection is discussed in
   Section 4.6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update an apex trust anchor.

Housley, et al.              Standards Track                   [Page 82]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .auc

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.7.  application/tamp-community-update

   Media type name: application

   Subtype name: tamp-community-update

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed request to update community
   membership information.  Integrity protection is discussed in
   Section 4.7.  Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update community membership.

Housley, et al.              Standards Track                   [Page 83]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .tcu

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.8.  application/tamp-community-update-confirm

   Media type name: application

   Subtype name: tamp-community-update-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed response to a
   community update request.  Integrity protection is discussed in
   Section 4.8.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update community membership.

Housley, et al.              Standards Track                   [Page 84]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .cuc

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.9.  application/tamp-sequence-adjust

   Media type name: application

   Subtype name: tamp-sequence-adjust

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries a signed request to update sequence
   number information.  Integrity protection is discussed in
   Section 4.9.  Replay detection is discussed in Section 6.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update sequence number information.

Housley, et al.              Standards Track                   [Page 85]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .tsa

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.10.  application/tamp-sequence-adjust-confirm

   Media type name: application

   Subtype name: tamp-sequence-adjust-confirm

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries an optionally signed sequence number
   adjust confirmation message.  Integrity protection is discussed in
   Section 4.10.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients responding to
   requests to update sequence number information.

Housley, et al.              Standards Track                   [Page 86]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .sac

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

B.11.  application/tamp-error

   Media type name: application

   Subtype name: tamp-error

   Required parameters: None

   Optional parameters: None

   Encoding considerations: binary

   Security considerations: Carries optionally signed error information
   collecting during TAMP processing.  Integrity protection is discussed
   in Section 4.11.

   Interoperability considerations: None

   Published specification: RFC 5934

   Applications that use this media type: TAMP clients processing TAMP
   messages.

Housley, et al.              Standards Track                   [Page 87]



RFC 5934                          TAMP                       August 2010

   Additional information:

      Magic number(s): None

      File extension(s): .ter

      Macintosh File Type Code(s):

   Person & email address to contact for further information:

   Sam Ashmore - srashmo@radium.ncsc.mil

   Intended usage: LIMITED USE

   Restrictions on usage: None

   Author: Sam Ashmore - srashmo@radium.ncsc.mil

   Change controller: IESG

Appendix C.  TAMP over HTTP

   This appendix describes the formatting and transportation conventions
   for the TAMP messages when carried by HTTP [RFC2616].  Each TAMP
   message type is covered by a subsection below.  Each TAMP request
   message sent via HTTP is responded to either with an HTTP response
   containing a TAMP response or error or, if failure occurs prior to
   invoking TAMP, an HTTP error.  TAMP response, confirmation, and error
   messages are not suitable for caching.  In order for TAMP clients and
   servers using HTTP to interoperate, the following rules apply.

   o  Clients MUST use the POST method to submit their requests.

   o  Servers MUST use the 200 response code for successful responses.

   o  Clients MAY attempt to send HTTPS requests using Transport Layer
      Security (TLS) 1.0 or later, although servers are not required to
      support TLS.

   o  Servers MUST NOT assume client support for any type of HTTP
      authentication such as cookies, Basic authentication, or Digest
      authentication.

   o  Clients and servers are expected to follow the other rules and
      restrictions in [RFC2616].  Note that some of those rules are for
      HTTP methods other than POST; clearly, only the rules that apply
      to POST are relevant for this specification.

Housley, et al.              Standards Track                   [Page 88]



RFC 5934                          TAMP                       August 2010

C.1.  TAMP Status Query Message

   A TAMP Status Query Message using the POST method is constructed as
   follows: The Content-Type header MUST have the value "application/
   tamp-status-query".

   The body of the message is the binary value of the DER encoding of
   the TAMPStatusQuery, wrapped in a CMS body as described in Section 2.

C.2.  TAMP Status Response Message

   An HTTP-based TAMP Status Response message is composed of the
   appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPStatusResponse, wrapped in a CMS body as
   described in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-status-response."

C.3.  Trust Anchor Update Message

   A Trust Anchor Update Message using the POST method is constructed as
   follows: The Content-Type header MUST have the value "application/
   tamp-update".

   The body of the message is the binary value of the DER encoding of
   the TAMPUpdate, wrapped in a CMS body as described in Section 2.

C.4.  Trust Anchor Update Confirm Message

   An HTTP-based Trust Anchor Update Confirm message is composed of the
   appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPUpdateConfirm, wrapped in a CMS body as described
   in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-update-confirm".

C.5.  Apex Trust Anchor Update Message

   An Apex Trust Anchor Update Message using the POST method is
   constructed as follows: The Content-Type header MUST have the value
   "application/tamp-apex-update".

   The body of the message is the binary value of the DER encoding of
   the TAMPApexUpdate, wrapped in a CMS body as described in Section 2.

Housley, et al.              Standards Track                   [Page 89]



RFC 5934                          TAMP                       August 2010

C.6.  Apex Trust Anchor Update Confirm Message

   An HTTP-based Apex Trust Anchor Update Confirm message is composed of
   the appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPApexUpdateConfirm, wrapped in a CMS body as
   described in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-apex-update-confirm".

C.7.  Community Update Message

   A Community Update Message using the POST method is constructed as
   follows: The Content-Type header MUST have the value "application/
   tamp-community-update".

   The body of the message is the binary value of the DER encoding of
   the TAMPCommunityUpdate, wrapped in a CMS body as described in
   Section 2.

C.8.  Community Update Confirm Message

   An HTTP-based Community Update Confirm message is composed of the
   appropriate HTTP headers, followed by the binary value of the DER
   encoding of the TAMPCommunityUpdateConfirm, wrapped in a CMS body as
   described in Section 2.

   The Content-Type header MUST have the value "application/
   tamp-community-update-confirm".

C.9.  Sequence Number Adjust Message

   A Sequence Number Adjust Message using the POST method is constructed
   as follows: The Content-Type header MUST have the value "application/
   tamp-sequence-adjust".

   The body of the message is the binary value of the DER encoding of
   the SequenceNumberAdjust, wrapped in a CMS body as described in
   Section 2.

C.10.  Sequence Number Adjust Confirm Message

   An HTTP-based Sequence Number Adjust Confirm message is composed of
   the appropriate HTTP headers, followed by the binary value of the DER
   encoding of the SequenceNumberAdjustConfirm, wrapped in a CMS body as
   described in Section 2.

Housley, et al.              Standards Track                   [Page 90]



RFC 5934                          TAMP                       August 2010

   The Content-Type header MUST have the value "application/
   tamp-sequence-adjust-confirm".

C.11.  TAMP Error Message

   An HTTP-based TAMP Error message is composed of the appropriate HTTP
   headers, followed by the binary value of the DER encoding of the
   TAMPError, wrapped in a CMS body as described in Section 2.

   The Content-Type header MUST have the value "application/tamp-error".

Authors' Addresses

   Russ Housley
   Vigil Security, LLC
   918 Spring Knoll Drive
   Herndon, VA  20170
   USA

   EMail: housley@vigilsec.com

   Sam Ashmore
   National Security Agency
   Suite 6751
   9800 Savage Road
   Fort Meade, MD  20755
   USA

   EMail: srashmo@radium.ncsc.mil

   Carl Wallace
   Cygnacom Solutions
   Suite 5400
   7925 Jones Branch Drive
   McLean, VA  22102
   USA

   EMail: cwallace@cygnacom.com

Housley, et al.              Standards Track                   [Page 91]