Re: key usage - key encipherment or data encipherment

[Russ Housley <housley@xxxxxxxxxxxx>]

I believe that RFC 3280 is quite clear that more than one of these bits can 
be set.  It says:

   This profile does not restrict the combinations of bits that may be
   set in an instantiation of the keyUsage extension.  However,
   appropriate values for keyUsage extensions for particular algorithms
   are specified in [PKIXALGS].

Russ

At 03:47 AM 5/11/2005, Wen-Cheng Wang wrote:


> Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx> wrote:
> > Andrew Sciberras <andrewsciberras@xxxxxxxxx> writes:
> >
> > >     The keyEncipherment bit is asserted when the subject public key is
> > >      used for key transport.  For example, when an RSA key is to be
> > >      used for key management, then this bit shall asserted.
> > >
> > >      The dataEncipherment bit is asserted when the subject public key
> > >      is used for enciphering user data, other than cryptographic keys.
> > Quoting that won't help (I've seen this sort of thing before) because as far
> > as the user is concerned what's being encrypted is data, so the valid bit to
> > use is dataEncipherment (quite logical to them).  What might help is to make
> > this more explicit in the text:
> >  The dataEncipherment bit is asserted when the subject public key is 
> > used for
> >  directly enciphering raw user data without the use of an intermediate
> >  symmetric cipher.  This bit MUST NOT be set when the intention is to
> >  encipher intermediate cryptographic keys rather than raw user data.
> It is better to clarify that it is legitimate to assert both the 
> keyEncipherment bit
> and the dataEncipherment bit in one certificate. In that case, it means 
> that the
> key (e.g., RSA key) may be used for enciphering intermediate cryptographic
> keys or directly enciphering raw user data (e.g., user password).
>
> Wen-Cheng Wang