Re: [precis] [media-types] Internet media type application/pkcs8-encrypted rev 3

Sean Leonard <> Tue, 05 January 2016 05:08 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id 9FC521B2B54 for <>; Mon, 4 Jan 2016 21:08:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.099
X-Spam-Status: No, score=0.099 tagged_above=-999 required=5 tests=[BAYES_50=0.8, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id Tc2O0wHNoy_C for <>; Mon, 4 Jan 2016 21:08:08 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 7A2E11B2AB8 for <>; Mon, 4 Jan 2016 21:08:08 -0800 (PST)
Received: from [] (unknown []) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPSA id ADA55509BB; Tue, 5 Jan 2016 00:08:06 -0500 (EST)
To:, "" <>
References: <> <> <> <> <>
From: Sean Leonard <>
Message-ID: <>
Date: Mon, 4 Jan 2016 21:07:26 -0800
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.5.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg=sha-256; boundary="------------ms010801070008060803010600"
Archived-At: <>
Subject: Re: [precis] [media-types] Internet media type application/pkcs8-encrypted rev 3
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Preparation and Comparison of Internationalized Strings <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 05 Jan 2016 05:08:10 -0000


This is rev 3 of the application/pkcs8-encrypted template. It continues 
the progression from the thread at the end of November.



Type name: application

Subtype name: pkcs8-encrypted

Required parameters: N/A

Optional parameters:

When the private key encryption algorithm incorporates a "password" that is an octet string, a mapping between user input and the octet string is desirable. PKCS #5 [RFC2898] Section 3 recommends "that applications follow some common text encoding rules"; it then suggests, but does not recommend, ASCII and UTF-8. This parameter specifies the charset that a recipient SHOULD attempt first when mapping user input to the octet string. It has similar semantics as the charset parameter from text/plain, except that it only applies to the user’s input of the password. There is no default value.

The following special values are defined:
*pkcs12  = UTF-16LE with U+0000 NULL terminator (PKCS #12-style)
*precis  = PRECIS password profile, i.e., OpaqueString from Section 4 of RFC 7613 (always UTF-8)
*precis-XXX = PRECIS profile as named XXX in the IANA PRECIS Profiles Registry <>
*hex     = hexadecimal input: the input is mapped to 0-9, A-F, and then converted directly to octets. If there are an odd number of hex digits, the final digit 0 is appended, or an error condition may be raised. Compare with Annex M.4 of IEEE 802.11-2012.
*dtmf    = The characters "0"-"9", "A"-"D", "*", and "#", which map to their corresponding ASCII codes. (This is to support restricted-input devices, i.e., telephones and telephone-like equipment.)

Otherwise, the value of this parameter is a charset, from the Character Sets Registry <>.

Encoding considerations: binary

Security considerations:
Carries a cryptographic private key. See Section 6 of RFC 5958.
EncryptedPrivateKeyInfo PKCS #8 data contains exactly one private key. Poor password choices, weak algorithms, or improper parameter selections (e.g., insufficient salting rounds) will make the confidential payloads much easier to compromise.

Interoperability considerations:
PKCS #8 is a widely recognized format for private key information on all modern cryptographic stacks. The encrypted variation in this registration, EncryptedPrivateKeyInfo (Section 3, Encrypted Private Key Info, of RFC 5958, and Section 6 of PKCS #8), is less widely used for exchange than PKCS #12, but it is much simpler to implement. The contents are exactly one private key (with optional attributes), so the possibility for hidden "easter eggs" in the payload such as unexpected certificates or miscellaneous secrets is drastically reduced.

Published specification:
PKCS #8 v1.2, November 1993 (republished as RFC 5208, May 2008); RFC 5958, August 2010

Applications that use this media type:
Machines, applications, browsers, Internet kiosks, and so on, that support this standard allow a user to import, export, and exercise a single private key.

Fragment identifier considerations: N/A

Additional information:

Deprecated alias names for this type: N/A
Magic number(s): None.
File extension(s): .p8e
Macintosh file type code(s): N/A

Person & email address to contact for further information:
Sean Leonard <dev+ietf&>

Intended usage: COMMON

Restrictions on usage: None.


Change controller: The IETF

Provisional registration? (standards tree only): No