|
1.
|
Clear description of the referenced document:
|
|
|
|
|
2.
|
Status of approval:
|
|
|
Specification approved December 2001. Obsoleted by RFC 3369, RFC 3370.
|
|
3.
|
Justification for the specific reference:
|
|
|
Password-based Encryption for CMS in this obsolete RFC is used by ITU-T H.810 for the encryption of data using user-supplied passords over the WAN Interface. This document provides a method of encrypting data using user-supplied passwords and, by extension, any form of variable-length keying material which is not necessarily an algorithm-specific fixed-format key. The Cryptographic Message Syntax data format does not currently contain any provisions for password-based data encryption and therefore ITU-TT H.810 requires this within the Continua architecture. Utilized within many ITU-T H.810-compliant devices certified by Continua Health Alliance. There is also dependency on the use of this spec across other IHE and HL7 that also use this version of the protocol.
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
N/A.
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
Proposed Standard RFC approved December 2001. Obsoleted by RFC 3369, RFC 3370.
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
See 5. above.
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
Specification approved December 2001 and Continua has several WAN certified devices that have implemented this specification. It has also been tested and verifed within Continua Plugfest events.
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[ASN1] CCITT Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1), 1988./
/
[RFC2119] Bradner, S., "Key Words for Use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997./
/
[RFC2630] Housley, R., "Cryptographic Message Syntax", RFC 2630, June 1999./
/
[RFC2898] Kaliski, B., "PKCS #5: Password-Based Cryptography Specification, Version 2.0", RFC 2898, September 2000./
/
[PACKAGE] All-or-Nothing Encryption and the Package Transform, R. Rivest, Proceedings of Fast Software Encryption '97, Haifa, Israel, January 1997.
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
N/A.
|
