Portable Symmetric Key Container (PSKC)

Last Updated
Available Formats



Plain text

Registries included below

Algorithm URI Registry and Related PSKC Profiles

Registration Procedure(s)
Specification Required
Algorithm identifiers from this registry are also used as otp-algID values in the PA-OTP-CHALLENGE described in Section 4.1 and the PA-OTP-REQUEST described in Section 4.2 of [RFC6560].
Available Formats

Common Name Class URI Identifier Definition Algorithm Definition Registrant Contact Deprecated PSKC Profiling Reference
HOTP OTP urn:ietf:params:xml:ns:keyprov:pskc:hotp [RFC6030] [RFC4226] IESG FALSE The <KeyPackage> element MUST be present and the <ResponseFormat> element, which is a child element of the <AlgorithmParameters> element, MUST be used to indicate the OTP length and the value format.

The <Counter> element (see Section 4.1 of [RFC-ietf-keyprov-pskc-09]) MUST be provided as metadata for the key.

The following additional constraints apply:

+ The value of the <Secret> element MUST contain key material with a length of at least 16 octets (128 bits), if it is present.

+ The <ResponseFormat> element MUST have the 'Format' attribute set to "DECIMAL", and the 'Length' attribute MUST indicate a length value between 6 and 9 (inclusive).

+ The <PINPolicy> element MAY be present, but the 'PINUsageMode' attribute cannot be set to "Algorithmic".

An example can be found in Figure 3 of [RFC-ietf-keyprov-pskc-09].
PIN Symmetric static credential comparison urn:ietf:params:xml:ns:keyprov:pskc:pin [RFC6030] Section 5.1 IESG FALSE The <Usage> element MAY be present, but no attribute of the <Usage> element is required. The <ResponseFormat> element MAY be used to indicate the PIN value format.

The <Secret> element (see Section 4.1 of [RFC-ietf-keyprov-pskc-09]) MUST be provided.

See the example in Figure 5 of [RFC-ietf-keyprov-pskc-09].

PSKC Version Registry

Registration Procedure(s)
Standards Action
Available Formats

PSKC Version Reference
1.0 [RFC6030]

Key Usage Registry

Registration Procedure(s)
Expert Review
Available Formats

Key Usage Specification Deprecated Reference
OTP Section 5 FALSE [RFC6030]
CR Section 5 FALSE [RFC6030]
Encrypt Section 5 FALSE [RFC6030]
Integrity Section 5 FALSE [RFC6030]
Verify Section 5 FALSE [RFC6030]
Unlock Section 5 FALSE [RFC6030]
Decrypt Section 5 FALSE [RFC6030]
KeyWrap Section 5 FALSE [RFC6030]
Unwrap Section 5 FALSE [RFC6030]
Derive Section 5 FALSE [RFC6030]
Generate Section 5 FALSE [RFC6030]