rfc9939.original.xml		rfc9939.xml
	<?xml version='1.0' encoding='utf-8'?>		<?xml version='1.0' encoding='UTF-8'?>
	<!DOCTYPE rfc [		<!DOCTYPE rfc [
	<!ENTITY nbsp "&#160;">		<!ENTITY nbsp "&#160;">
	<!ENTITY zwsp "&#8203;">		<!ENTITY zwsp "&#8203;">
	<!ENTITY nbhy "&#8209;">		<!ENTITY nbhy "&#8209;">
	<!ENTITY wj "&#8288;">		<!ENTITY wj "&#8288;">
	]>		]>
	<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
	<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.29 (Ruby 3.4.		<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
	4) -->		-ietf-lamps-pkcs8-prikeyinfo-contenttypes-04" number="9939" updates="" obsoletes
	<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft		="" xml:lang="en" category="std" consensus="true" submissionType="IETF" tocInclu
	-ietf-lamps-pkcs8-prikeyinfo-contenttypes-04" category="std" consensus="true" su		de="true" sortRefs="true" symRefs="true" version="3">
	bmissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3"
	>		<!--[rfced] To more closely match the titles of other RFCs that
	<!-- xml2rfc v2v3 conversion 3.30.2 -->		discuss "PKCS", we added a colon after the PKCS number in the
			document title and short title that spans the running header of
			the PDF file. Please let us know of any objection.
			Original (document title):
			PKCS #8 Private-Key Information Content Types
			Current:
			PKCS #8: Private-Key Information Content Types
			...
			Original (short title):
			PKCS #8 PrivateKeyInfo Content Types
			Current:
			PKCS #8: PrivateKeyInfo Content Types
			-->
	<front>		<front>
	<title abbrev="PKCS #8 PrivateKeyInfo Content Types">PKCS #8 Private-Key Inf		<title abbrev="PKCS #8: PrivateKeyInfo Content Types">PKCS #8: Private-Key I
	ormation Content Types</title>		nformation Content Types</title>
	<seriesInfo name="Internet-Draft" value="draft-ietf-lamps-pkcs8-prikeyinfo-c		<seriesInfo name="RFC" value="9939"/>
	ontenttypes-04"/>
	<author initials="J." surname="Mandel" fullname="Joe Mandel">		<author initials="J." surname="Mandel" fullname="Joe Mandel">
	<organization abbrev="AKAYLA">AKAYLA, Inc.</organization>		<organization abbrev="AKAYLA">AKAYLA, Inc.</organization>
	<address>		<address>
	<email>joe@akayla.com</email>		<email>joe@akayla.com</email>
	</address>		</address>
	</author>		</author>
	<author initials="R." surname="Housley" fullname="Russ Housley">		<author initials="R." surname="Housley" fullname="Russ Housley">
	<organization abbrev="Vigil Security">Vigil Security, LLC</organization>		<organization abbrev="Vigil Security">Vigil Security, LLC</organization>
	<address>		<address>
	<email>housley@vigilsec.com</email>		<email>housley@vigilsec.com</email>
	</address>		</address>
	</author>		</author>
	<author initials="S." surname="Turner" fullname="Sean Turner">		<author initials="S." surname="Turner" fullname="Sean Turner">
	<organization abbrev="sn3rd">sn3rd</organization>		<organization abbrev="sn3rd">sn3rd</organization>
	<address>		<address>
	<email>sean@sn3rd.com</email>		<email>sean@sn3rd.com</email>
	</address>		</address>
	</author>		</author>
	<date year="2025" month="October" day="03"/>		<date year="2026" month="February"/>
	<area>Security</area>		<area>SEC</area>
	<workgroup>Limited Additional Mechanisms for PKIX and SMIME</workgroup>		<workgroup>lamps</workgroup>
	<keyword/>
	<abstract>		<!-- [rfced] Please insert any keywords (beyond those that appear in
	<?line 82?>		the title) for use on https://www.rfc-editor.org/search. -->
			<keyword>example</keyword>
			<abstract>
	<t>This document defines PKCS #8 content types for use with		<t>This document defines PKCS #8 content types for use with
	PrivateKeyInfo and EncryptedPrivateKeyInfo as specified in		PrivateKeyInfo and EncryptedPrivateKeyInfo as specified in
	RFC 5958.</t>		RFC 5958.</t>
	</abstract>		</abstract>
	<note removeInRFC="true">
	<name>About This Document</name>
	<t>
	The latest revision of this draft can be found at <eref target="https://
	github.com/lamps-wg/pkcs8-PriKeyInfoCt"/>.
	Status information for this document may be found at <eref target="https
	://datatracker.ietf.org/doc/draft-ietf-lamps-pkcs8-prikeyinfo-contenttypes/"/>.
	</t>
	<t>
	Discussion of this document takes place on the
	Limited Additional Mechanisms for PKIX and SMIME mailing list (<eref ta
	rget="mailto:spasm@ietf.org"/>),
	which is archived at <eref target="https://mailarchive.ietf.org/arch/bro
	wse/spasm/"/>.
	Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/spasm/"
	/>.
	</t>
	<t>Source for this draft and an issue tracker can be found at
	<eref target="https://github.com/lamps-wg/pkcs8-PriKeyInfoCt"/>.</t>
	</note>
	</front>		</front>
	<middle>		<middle>
	<?line 88?>
	<section anchor="intro">		<section anchor="intro">
	<name>Introduction</name>		<name>Introduction</name>
	<t>The syntax for private-key information was originally described in <xre f target="RFC5208"/>, and		<t>The syntax for private-key information was originally described in <xre f target="RFC5208"/>, and
	the syntax was later revised by <xref target="RFC5958"/> to include the Asymmetr icKeyPackage		the syntax was later revised by <xref target="RFC5958"/> to include the Asymmetr icKeyPackage
	content type that supports multiple PrivateKeyInfos. This document defines PKCS #8 content types for		content type that supports multiple PrivateKeyInfos. This document defines PKCS #8 content types for
	use with one PrivateKeyInfo and EncryptedPrivateKeyInfo. These content type assi		use with one PrivateKeyInfo and one EncryptedPrivateKeyInfo. These content type
	gnments are		assignments are
	needed for PrivateKeyInfo and EncryptedPrivateKeyInfo to be carried in the		needed for the PrivateKeyInfo and EncryptedPrivateKeyInfo to be carried in the
	Cryptographic Message Syntax (CMS) <xref target="RFC5652"/>.</t>		Cryptographic Message Syntax (CMS) <xref target="RFC5652"/>.</t>
	<t>Note: A very long time ago, media types for PrivateKeyInfo and Encrypte dPrivateKeyInfo were assigned		<t>Note: A very long time ago, media types for PrivateKeyInfo and Encrypte dPrivateKeyInfo were assigned
	as application/pkcs8 and application/pkcs8-encrypted, respectively.</t>		as "application/pkcs8" and "application/pkcs8-encrypted", respectively.</t>
	</section>		</section>
	<section anchor="ContentTypes">		<section anchor="ContentTypes">
	<name>Private-Key Information Content Types</name>		<name>Private-Key Information Content Types</name>
	<t>This section defines a content type for private-key information and		<t>This section defines a content type for private-key information and
	encrypted private-key information.</t>		encrypted private-key information.</t>
	<t>The PrivateKeyInfo content type is identified by the following object i		<t>The PrivateKeyInfo content type is identified by the following object identif
	dentifier:</t>		ier:</t>
	<artwork><![CDATA[
			<!--[rfced] In Section 2, we updated <artwork> to <sourcecode>. Please
			confirm that this is correct.
			In addition, please consider whether the “type" attribute of the
			sourcecode elements have been set correctly (all are set to "asn.1").
			The current list of preferred values for "type" is available at
			https://www.rfc-editor.org/materials/sourcecode-types.txt. If the current
			list does not contain an applicable type, feel free to suggest additions
			for consideration. Note that it is also acceptable to leave the "type"
			attribute not set.
			-->
			<sourcecode type="asn.1"><![CDATA[
	id-ct-privateKeyInfo OBJECT IDENTIFIER ::= { iso(1)		id-ct-privateKeyInfo OBJECT IDENTIFIER ::= { iso(1)
	member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)		member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
	smime(16) ct(1) TBD1 }		smime(16) ct(1) 52 }]]></sourcecode>
	]]></artwork>
	<t>The EncryptedPrivateKeyInfo content type is identified by the following object identifier:</t>		<t>The EncryptedPrivateKeyInfo content type is identified by the following object identifier:</t>
	<artwork><![CDATA[
			<sourcecode type="asn.1"><![CDATA[
	id-ct-encrPrivateKeyInfo OBJECT IDENTIFIER ::= { iso(1)		id-ct-encrPrivateKeyInfo OBJECT IDENTIFIER ::= { iso(1)
	member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)		member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
	smime(16) ct(1) TBD2 }		smime(16) ct(1) 53 }]]></sourcecode>
	]]></artwork>
	</section>		</section>
	<section anchor="asn1-mod">		<section anchor="asn1-mod">
	<name>ASN.1 Module</name>		<name>ASN.1 Module</name>
	<t>The ASN.1 module <xref target="X680"/><xref target="X690"/> in this sec		<t>The ASN.1 module <xref target="X680"/> <xref target="X690"/> in this se
	tion builds upon the modules in <xref target="RFC5911"/>.</t>		ction builds upon the modules in <xref target="RFC5911"/>.</t>
	<sourcecode type="asn.1" markers="true"><![CDATA[		<sourcecode type="asn.1" markers="true"><![CDATA[
	PrivateKeyInfoContentTypes		PrivateKeyInfoContentTypes
	{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)		{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
	pkcs-9(9) smime(16) modules(0) id-mod-pkcs8ContentType(TBD0) }		pkcs-9(9) smime(16) modules(0) id-mod-pkcs8ContentType(85) }
	DEFINITIONS IMPLICIT TAGS ::=		DEFINITIONS IMPLICIT TAGS ::=
	BEGIN		BEGIN
	-- EXPORTS ALL		-- EXPORTS ALL
	IMPORTS		IMPORTS
	CONTENT-TYPE		CONTENT-TYPE
	FROM CryptographicMessageSyntax-2009 -- in [RFC5911]		FROM CryptographicMessageSyntax-2009 -- in [RFC5911]
	skipping to change at line 126 ¶		skipping to change at line 148 ¶
	PrivateKeyInfoContentTypes CONTENT-TYPE ::= {		PrivateKeyInfoContentTypes CONTENT-TYPE ::= {
	ct-privateKeyInfo | ct-encrPrivateKeyInfo,		ct-privateKeyInfo | ct-encrPrivateKeyInfo,
	... -- Expect additional content types -- }		... -- Expect additional content types -- }
	ct-privateKeyInfo CONTENT-TYPE ::= { PrivateKeyInfo		ct-privateKeyInfo CONTENT-TYPE ::= { PrivateKeyInfo
	IDENTIFIED BY id-ct-privateKeyInfo }		IDENTIFIED BY id-ct-privateKeyInfo }
	id-ct-privateKeyInfo OBJECT IDENTIFIER ::= { iso(1)		id-ct-privateKeyInfo OBJECT IDENTIFIER ::= { iso(1)
	member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)		member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
	smime(16) ct(1) TBD1 }		smime(16) ct(1) 52 }
	ct-encrPrivateKeyInfo CONTENT-TYPE ::= { EncryptedPrivateKeyInfo		ct-encrPrivateKeyInfo CONTENT-TYPE ::= { EncryptedPrivateKeyInfo
	IDENTIFIED BY id-ct-encrPrivateKeyInfo }		IDENTIFIED BY id-ct-encrPrivateKeyInfo }
	id-ct-encrPrivateKeyInfo OBJECT IDENTIFIER ::= { iso(1)		id-ct-encrPrivateKeyInfo OBJECT IDENTIFIER ::= { iso(1)
	member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)		member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
	smime(16) ct(1) TBD2 }		smime(16) ct(1) 53 }
			END]]></sourcecode>
	END
	]]></sourcecode>
	</section>		</section>
	<section anchor="security-considerations">		<section anchor="security-considerations">
	<name>Security Considerations</name>		<name>Security Considerations</name>
	<t>The security considerations in <xref target="RFC5958"/> apply here.</t>		<t>The security considerations in <xref target="RFC5958"/> apply here.</t>
	</section>		</section>
	<section anchor="iana-considerations">		<section anchor="iana-considerations">
	<name>IANA Considerations</name>		<name>IANA Considerations</name>
	<t>For the private key info content types defined in section <xref target=		<t>For each of the private-key information content types defined in <xref
	"ContentTypes"/>,		target="ContentTypes"/>,
	IANA is requested to assign an object identifier (OID) for each of the content t		IANA has assigned an Object Identifier (OID). The
	ypes. The		OIDs for the content types have been allocated in the "SMI Security for S/MIME C
	OIDs for the content types should be alloacted in the "SMI Security for S/MIME C		MS Content Type (1.2.840.113549.1.9.16.1)" registry <xref target="IANA-CMS-CTS"/
	MS Content Type"		> as follows:
	registry (1.2.840.113549.1.9.16.1) <xref target="IANA-CMS-CTS"/>, and the descri		</t>
	ption should be set to id-ct-privateKeyInfo (TDB1)
	and id-ct-encrPrivateKeyInfo (TBD2).</t>		<table>
	<t>For the ASN.1 Module in <xref target="asn1-mod"/>, IANA is requested to		<thead>
	assign an		<tr>
	object identifier (OID) for the module identifier. The OID for the module		<th align="left">Decimal</th>
	should be allocated in the "SMI Security for S/MIME Module Identifier"		<th align="left">Description</th>
	registry (1.2.840.113549.1.9.16.0) <xref target="IANA-SMIME-MODS"/>, and the Des		<th align="left">Reference</th>
	cription for the new OID should be set		</tr>
	to "id-mod-pkcs8ContentType".</t>		</thead>
	<t>IANA is also requested to update the application/cms entry in the "Medi		<tbody>
	a Types" registry to add [ RFC-to-be] to the list of RFCs where Inner Content Ty		<tr>
	pes (ICTs) are defined in the "Optional parameters" and the "Interoperability co		<td align="left">52</td>
	nsiderations" sections.</t>		<td align="left">id-ct-privateKeyInfo</td>
	<t>IANA is also requested to update the application/cms entry in the "Medi		<td align="left">RFC 9939</td>
	a Types" registry to		</tr>
	add the following values to the "innerContent" list:</t>		<tr>
	<ul spacing="normal">		<td align="left">53</td>
			<td align="left">id-ct-encrPrivateKeyInfo</td>
			<td align="left">RFC 9939</td>
			</tr>
			</tbody>
			</table>
			<t>For the ASN.1 module in <xref target="asn1-mod"/>, IANA has assigned an
			OID for the module identifier. The OID for the module
			has been allocated in the "SMI Security for S/MIME Module Identifier (1.2.840.11
			3549.1.9.16.0)"
			registry <xref target="IANA-SMIME-MODS"/> as follows:</t>
			<table>
			<thead>
			<tr>
			<th align="left">Decimal</th>
			<th align="left">Description</th>
			<th align="left">Reference</th>
			</tr>
			</thead>
			<tbody>
			<tr>
			<td align="left">85</td>
			<td align="left">id-mod-pkcs8ContentType</td>
			<td align="left">RFC 9939</td>
			</tr>
			</tbody>
			</table>
			<t>IANA has updated the application/cms registration entry in the "Media T
			ypes" registry by adding RFC 9939 to the "Interoperability considerations" secti
			on and to the list of RFCs where Inner Content Types (ICTs) are defined (see the
			"Optional parameters" section) and by adding the following values to the list o
			f ICTs:</t>
			<ul spacing="compact">
	<li>		<li>
	<t>privateKeyInfo</t>		<t>privateKeyInfo</t>
	</li>		</li>
	<li>		<li>
	<t>encrPrivateKeyInfo</t>		<t>encrPrivateKeyInfo</t>
	</li>		</li>
	</ul>		</ul>
	<t>And, to update the following row in the application/cms entry's "Securi ty considerations" section:</t>		<t>IANA has also updated the "Security considerations" section in the appl ication/csm entry as follows:</t>
	<table>		<table>
	<thead>		<thead>
	<tr>		<tr>
	<th align="left">RFC</th>		<th align="left">RFC</th>
	<th align="left">CMS Protecting Content Type and Algorithms</th>		<th align="left">CMS Protecting Content Type and Algorithms</th>
	</tr>		</tr>
	</thead>		</thead>
	<tbody>		<tbody>
	<tr>		<tr>
	<td align="left">[ RFC-to-be ]</td>		<td align="left">RFC 9939</td>
	<td align="left">privateKeyInfo and encrPrivateKeyInfo</td>		<td align="left">privateKeyInfo and encrPrivateKeyInfo</td>
	</tr>		</tr>
	</tbody>		</tbody>
	</table>		</table>
	</section>		</section>
	</middle>		</middle>
	<back>		<back>
	<references anchor="sec-combined-references">		<references anchor="sec-combined-references">
	<name>References</name>		<name>References</name>
	<references anchor="sec-normative-references">		<references anchor="sec-normative-references">
	<name>Normative References</name>		<name>Normative References</name>
	<reference anchor="RFC5652">		<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
	<front>		652.xml"/>
	<title>Cryptographic Message Syntax (CMS)</title>		<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
	<author fullname="R. Housley" initials="R." surname="Housley"/>		958.xml"/>
	<date month="September" year="2009"/>		<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
	<abstract>		911.xml"/>
	<t>This document describes the Cryptographic Message Syntax (CMS).
	This syntax is used to digitally sign, digest, authenticate, or encrypt arbitra
	ry message content. [STANDARDS-TRACK]</t>
	</abstract>
	</front>
	<seriesInfo name="STD" value="70"/>
	<seriesInfo name="RFC" value="5652"/>
	<seriesInfo name="DOI" value="10.17487/RFC5652"/>
	</reference>
	<reference anchor="RFC5958">
	<front>
	<title>Asymmetric Key Packages</title>
	<author fullname="S. Turner" initials="S." surname="Turner"/>
	<date month="August" year="2010"/>
	<abstract>
	<t>This document defines the syntax for private-key information an
	d a content type for it. Private-key information includes a private key for a sp
	ecified public-key algorithm and a set of attributes. The Cryptographic Message
	Syntax (CMS), as defined in RFC 5652, can be used to digitally sign, digest, aut
	henticate, or encrypt the asymmetric key format content type. This document obso
	letes RFC 5208. [STANDARDS-TRACK]</t>
	</abstract>
	</front>
	<seriesInfo name="RFC" value="5958"/>
	<seriesInfo name="DOI" value="10.17487/RFC5958"/>
	</reference>
	<reference anchor="RFC5911">
	<front>
	<title>New ASN.1 Modules for Cryptographic Message Syntax (CMS) and
	S/MIME</title>
	<author fullname="P. Hoffman" initials="P." surname="Hoffman"/>
	<author fullname="J. Schaad" initials="J." surname="Schaad"/>
	<date month="June" year="2010"/>
	<abstract>
	<t>The Cryptographic Message Syntax (CMS) format, and many associa
	ted formats, are expressed using ASN.1. The current ASN.1 modules conform to the
	1988 version of ASN.1. This document updates those ASN.1 modules to conform to
	the 2002 version of ASN.1. There are no bits-on-the-wire changes to any of the f
	ormats; this is simply a change to the syntax. This document is not an Internet
	Standards Track specification; it is published for informational purposes.</t>
	</abstract>
	</front>
	<seriesInfo name="RFC" value="5911"/>
	<seriesInfo name="DOI" value="10.17487/RFC5911"/>
	</reference>
	<reference anchor="X680" target="https://www.itu.int/rec/T-REC-X.680">		<reference anchor="X680" target="https://www.itu.int/rec/T-REC-X.680">
	<front>		<front>
	<title>Information technology -- Abstract Syntax Notation One (ASN.1 ): Specification of basic notation</title>		<title>Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation</title>
	<author>		<author>
	<organization>ITU-T</organization>		<organization>ITU-T</organization>
	</author>		</author>
	<date year="2021" month="February"/>		<date year="2021" month="February"/>
	</front>		</front>
	<seriesInfo name="ITU-T Recommendation" value="X.680"/>		<seriesInfo name="ITU-T Recommendation" value="X.680"/>
	<seriesInfo name="ISO/IEC" value="8824-1:2021"/>		<seriesInfo name="ISO/IEC" value="8824-1:2021"/>
	</reference>		</reference>
	<reference anchor="X690" target="https://www.itu.int/rec/T-REC-X.690">		<reference anchor="X690" target="https://www.itu.int/rec/T-REC-X.690">
	<front>		<front>
	<title>Information technology -- ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)</title>		<title>Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)</title>
	<author>		<author>
	<organization>ITU-T</organization>		<organization>ITU-T</organization>
	</author>		</author>
	<date year="2021" month="February"/>		<date year="2021" month="February"/>
	</front>		</front>
	<seriesInfo name="ITU-T Recommendation" value="X.690"/>		<seriesInfo name="ITU-T Recommendation" value="X.690"/>
	<seriesInfo name="ISO/IEC" value="8825-1-2021"/>		<seriesInfo name="ISO/IEC" value="8825-1:2021"/>
	</reference>		</reference>
	</references>		</references>
	<references anchor="sec-informative-references">		<references anchor="sec-informative-references">
	<name>Informative References</name>		<name>Informative References</name>
	<reference anchor="RFC5208">		<xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.5
	<front>		208.xml"/>
	<title>Public-Key Cryptography Standards (PKCS) #8: Private-Key Info		<reference anchor="IANA-SMIME-MODS" target="https://www.iana.org/assignm
	rmation Syntax Specification Version 1.2</title>		ents/smi-numbers">
	<author fullname="B. Kaliski" initials="B." surname="Kaliski"/>
	<date month="May" year="2008"/>
	<abstract>
	<t>This document represents a republication of PKCS #8 v1.2 from R
	SA Laboratories' Public Key Cryptography Standard (PKCS) series. Change control
	is transferred to the IETF. The body of this document, except for the security c
	onsiderations section, is taken directly from the PKCS #8 v1.2 specification.</t
	>
	<t>This document describes a syntax for private-key information. T
	his memo provides information for the Internet community.</t>
	</abstract>
	</front>
	<seriesInfo name="RFC" value="5208"/>
	<seriesInfo name="DOI" value="10.17487/RFC5208"/>
	</reference>
	<reference anchor="IANA-SMIME-MODS" target="https://www.iana.org/assignm
	ents/smi-numbers/smi-numbers.xhtml#security-smime-0">
	<front>		<front>
	<title>SMI Security for S/MIME Module Identifier</title>		<title>SMI Security for S/MIME Module Identifier (1.2.840.113549.1.9 .16.0)</title>
	<author>		<author>
	<organization/>		<organization>IANA</organization>
	</author>		</author>
	<date>n.d.</date>
	</front>		</front>
	</reference>		</reference>
	<reference anchor="IANA-CMS-CTS" target="https://www.iana.org/assignment s/smi-numbers/smi-numbers.xhtml#security-smime-1">		<reference anchor="IANA-CMS-CTS" target="https://www.iana.org/assignment s/smi-numbers">
	<front>		<front>
	<title>SMI Security for S/MIME CMS Content Type</title>		<title>SMI Security for S/MIME CMS Content Type (1.2.840.113549.1.9. 16.1)</title>
	<author>		<author>
	<organization/>		<organization>IANA</organization>
	</author>		</author>
	<date>n.d.</date>
	</front>		</front>
	</reference>		</reference>
	</references>		</references>
	</references>		</references>
	<?line 207?>
	<section numbered="false" anchor="acknowledgments">		<section numbered="false" anchor="acknowledgments">
	<name>Acknowledgments</name>		<name>Acknowledgments</name>
	<t>Thanks to John Gray, Deb Cooley, Mohamed Boucadair, Orie Steele, and Ér		<t>Thanks to <contact fullname="John Gray"/>, <contact fullname="Deb
	ic Vyncke for reviewing the document and providing comments.</t>		Cooley"/>, <contact fullname="Mohamed Boucadair"/>, <contact
			fullname="Orie Steele"/>, and <contact fullname="Éric Vyncke"/> for
			reviewing the document and providing comments.</t>
	</section>		</section>
	</back>		</back>
	<!-- ##markdown-source:
	H4sIAAAAAAAAA+1ZW2/bOBZ+5684cB7q7EZynCZF4kUXdRyn6zaOg9hbtBj0
	gZYYmxNZ1JBSXCN13/d37R/bc0jJlmynl9kpdh42QGGJPDyX71ypep7HUplG
	ogW1m7edIeydwo2WDzwV3luxgF58p/SMp1LF0FFxKuIURotEmBrj47EWD9vn
	8Bid2iQPcGui9KIFJg0ZC1UQ8xmKDTW/Sz0p0jsv4rPEeMl9YE69RMt7sZDI
	yAsco5T4eIfHzGTjmTQGVaKlFvS6o0sWZ7Ox0C0WopgWwyNGxCYzLUh1Jhiq
	+ZxxLTiqOxRBpmW6qLG50vcTrbIEV6/kTKYihHYYSrKWR9AXwZTH0swMIAhw
	87b3HngcwrDf63drDNVDBmGLgcceRJyhWIDfzw7AWVOjxxmXET6ahJvZK8LG
	V3pCG1wHU9yYpmliWo0G0dGSfBB+QdaghcZYq7kRDcuhQScnMp1mYzzrUJ5P
	Gg5o9FrusU5KdBECaNKSDHfQD9Ss8dWjjGfpVKELPHCefaME9NFCESFbVKwF
	7bftD1ftA4yqwCdj8ghyy7ggnN2/KvGK3/NFxEnqit9tZgz8Q2UmEouC4zs5
	kREULj2Aq6tOiXF1dy1g6pi8eqB9I4KKmKHgMYwyHQtdSDHxcx2W+BbvOTuD
	J17ZNcuIxS5lHmxE3F52Tl6cHBWPZyenq8dmkx7fvzg9pF8MAK4nAqEvkJ/P
	575MM1/GaUOLoDHybrsd772PBxy9S9y/2xeo5GqKwRarSE0WgBnu9ttjk2oe
	pDBcxCn/BNcqdcSDWEC9Pbz2m/utnHaYiEDeycARqDsYcyMDiPMjlqrwNz17
	Dqje6J/eyC7YPISjw6Omd3hkV4zQUhjK6EKIpYZbgaDNRBxazi1Y24cUw0Gj
	1+204PT06NhrtoifhezsRyE7+32QESgg4kCFMp6AziKBJWULnHMLTrcguyUy
	qJ93b/cPckYdHqsYT0RbVB2ksnXgQpoU1zNpplg4NskukOwno362C/UTr+lZ
	1GUB1Tqsjw5tLPfa123PVjGvP7gYtspA13B9lYC27g0bRAl9FaJh0AuxsiOW
	Qtee9iePuStsWPQnMSqdmoaZSc/V/Mqz/2mazqI9k0v0cGsmvMNCy05/6HVG
	36kiElea2M/UsPl/HP8gHBnzPA8rtat1jI2m0gBOGxlxg1DcyRjzqZhZ8tnC
	9l7XlzMjYI4tj22MM5SimJR6kWBf39wzYFxNwMyVMcPkAKr0vlNmJsMwEozt
	Yb1JNTossIXjcU/S65J0FGBcUSYVknwAwwkDZKlCzVGO0tizcJyIFmiLCbQc
	W5Hw+Jhn5HJ5QLqydM2TzlFb14DdSxo8MF7kB1DJ5RJShSyCKAsF0LG2WWBp
	SLUM0MAbHtzziWBlpJCKp2CyJFE6NTDLolQmGIVVWIwPPwg+K8AHFW9y+5oD
	SJDAoxUdSzGEY5NgsRAhmm5nr+93LUIzRsZca+dbAoh1iFRNNE+mWPf7whhE
	qGirdYz3/RxebPzLJUYBtlrMkDY8CL2ASGFZTzFagU/UAcxEKHkpAH9AubnQ
	hZ0iZOhlniRR3pfcjGaPb616omB4gCFBoUtlPVr4FKPfNf5j8Obv9nWZ55kR
	LrQLT/OqS74W3BSzK7WeovJdrmzAUJGBWsiiGNpAp4i+U1Gk5tRO1fhX1HFN
	gp2UffnyhcnQC1IvqTIenL/pdkbQu+hej3qXve4ttFov4RFlqHoT2/FMUCny
	xipc1I/2sXTUT48P90EbHhpZbzafnxyf7QNBjuT21zurn+FBW6zqzRf7EKS0
	NTq/aMLSKmINfMrhf5ylBPXN/87ao8LavXzGyvvY4x43cdObqTAvi253lu8+
	0rC8XNLvGf66fCzF3TiTUWggS5RN1PycWRdInLltQqJsTJzYb26U+XJQs5Xt
	P2Y6tbeV9SXjc2XqeBB9gG/uqlsSWUdkcBdNv+he9q57o97gegi9/s1Vr9Mb
	waj9ekg+Yefd171r6i3QfX8zuB0NoX11xRgS0gtjncH1CJ3ojT7cdBlc3g76
	UClZecVyBQvHu8MzHHkJpF9yjD6SDb/f+u+1P5gZkn6Mw2r9uGkNr7rj4KlM
	yK3a1alcJL1rVkw6ObUm/Vc2fcOonCg3jVc0u5+8a9ZPyLUAf2ObVpaDDsq+
	cwnIYLsyfYadOYzXDd/3yfLuJ6rqwNffH6rdFkkI7m3O2/JhE/pVhbiA8w+w
	s3Ii6z9FRWW7S90OI58MtF3W7mC5svhPUFlZ9/rCltfHFhiV6QAve6HwZlzf
	4+T88hl9E3u2pOK7mtcxBg22Cm3brMlH0mIzqGyWqqmdHmm8WMAUZxEsrDTk
	4g1hi98ltn6qyHk8QNHYN8LSDQ520Cpq+uNjZdJYHjArAKu+Fr9lwtC4kKp8
	DMIxYrvxQX3Qu9i304fgwZRu7KRKRbIdIRnSuSFsax/MVGVRSMMgDt8Krxar
	cfBHbj5aTPCaj0Ngvekf+ehl33nXb/r474XfpMmxfMXKx3krxw38iUVlrY4R
	qR3gd6VbfXRxjgFGDJ4MTmo6R/v+2kWVhmx9verJqMzXwWdfA3/dkUv7FnhA
	mg0SVgWcPh9/G/Adt+FvIX64Qnx99S6DflECvdAwFnOrccUJDHGoPdHYawhv
	ARyPjKqilyX03cZyLo/q2B0Bz+vFyuy+vSq4D+qwMozwD0P4hb7JeKnyxuIj
	rdGJCCko3HHHwJxSFEf6GJ1SHebrvc7I7NMtqZyAVuQgydtHwjXHhob1o7bC
	pob3WaFVgmk+ltF2pagVSWx+rv2M7K9Ovw88QgEFDjVJVudG1ywsOA3/Barp
	ggvb+cFYO8ZrUlXNtRyt5oV6O3V/Ztb/4/AUOqjKZ3KRGyCwt1PduNF4Zwzo
	i2DFWRb7djRRyHCKQj6zzy1v9ffX0vM3//BoOWjgI0pOti+fO0oGSnVfNsY4
	ctkZPriP1TwS4cTet7HvuK80InxZu0OHi5od53l8b13yRk1jeK354gDTa4z2
	qUjgc19NMcRCOFdZwEMu9QEM8NoNw1SISLiU/Pe/cKSCd4s4uHf3SfqkIawr
	bIksvjUQbaLVg7QfUd23zpTC8D8ViePs8hoAAA==
			<!-- [rfced] Please review the "Inclusive Language" portion of the online
			Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language>
			and let us know if any changes are needed. Updates of this nature typically
			result in more precise language, which is helpful for readers.
			Note that our script did not flag any words in particular, but this should
			still be reviewed as a best practice.
	-->		-->
	</rfc>		</rfc>
End of changes. 40 change blocks.
	225 lines changed or deleted		168 lines changed or added
This html diff was produced by rfcdiff 1.48.