OID: {iso(1) identified-organization(3) ieee(111) standards-association-numbered-series-standards(2) wave-stds(1609) dot2(2) extension-standards(255) dot1(1) interfaces(1) acpc(18) major-version-3(3) minor-version-2(2)}
This structure contains an APrV structure produced by the CAM. An overview of this structure is as follows:
tree of type AprvBinaryTree
contains an AprvBinaryTree.
aprv of type IndividualAprv
contains a single IndividualAprv.
AcpcPdu ::= CHOICE {
tree AprvBinaryTree,
aprv IndividualAprv,
...
}
This structure encodes a binary tree. An overview of this structure is as follows:
version of type Uint8 (2)
contains the current version of the structure.
generationTime of type Time32
contains the generation time of AprvBinaryTree.
currentI of type IValue
contains the i-value associated with the batch of
certificates.
acpcTreeId of type AcpcTreeId
contains an identifier for the CAM creating this binary
tree.
hashAlgorithmId of type HashAlgorithm
contains the identifier of the hash algorithm used
inside the binary tree.
tree of type BIT STRING
contains a bit string indicating which nodes of the tree are
present. It is calculated as specified in 9.5.4.2, and can be used by the
EE to determine which entry in nodeValueList to use to derive that EE's
APrV as specified in 9.5.2.
nodeValueList of type SEQUENCE (SIZE (1..MAX)) OF AcpcNodeValue
contains the values of the nodes that are present in
the order indicated by tree.
AprvBinaryTree ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
currentI IValue,
acpcTreeId AcpcTreeId,
hashAlgorithmId HashAlgorithm,
tree BIT STRING,
nodeValueList SEQUENCE (SIZE (1..MAX)) OF AcpcNodeValue,
...
}
This is the PSID used to indicate activities in ACPC as specified in this document.
AcpcPsid ::= Psid(2113696)
This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for transmission if the policy is that the AprvBinaryTree need not be signed. See 9.5.6 for discussion.
UnsecuredAprvBinaryTree ::= Ieee1609Dot2Data-Unsecured {
AcpcPdu (WITH COMPONENTS {
tree
})
}
This is used to wrap an AprvBinaryTree in an Ieee1609Dot2Data for transmission if the policy is that the AprvBinaryTree be signed. See 9.5.6 for discussion.
SignedAprvBinaryTree ::= Ieee1609Dot2Data-Signed {
AcpcPdu (WITH COMPONENTS {
tree
}),
AcpcPsid
}
This structure contains an individual APrV. An overview of this structure is as follows:
version of type Uint8 (2)
contains the current version of the structure.
generationTime of type Time32
contains the generation time of IndividualAprv.
currentI of type IValue
contains the i-value associated with the batch of
certificates.
acpcTreeId of type AcpcTreeId
contains an identifier for the CAM creating this binary
tree.
nodeId of type BIT STRING
contains the identifier of the node.
nodeValue of type AcpcNodeValue
contains the value of the node.
IndividualAprv ::= SEQUENCE {
version Uint8 (2),
generationTime Time32,
currentI IValue,
acpcTreeId AcpcTreeId,
nodeId BIT STRING,
nodeValue AcpcNodeValue,
...
}
This is used to wrap an IndividualAprv in an Ieee1609Dot2Data for transmission if the policy is that the IndividualAprv be signed. See 9.5.6 for discussion.
SignedIndividualAprv ::= Ieee1609Dot2Data-Signed {
AcpcPdu (WITH COMPONENTS {
aprv
}),
AcpcPsid
}
This is an 8 byte string that identifies an ACPC tree series. It is required to be globally unique within the system and is the same for all ACPC tree instances within the ACPC tree series. Registration of AcpcTreeId values is managed by the IEEE RA; see http://standards.ieee.org/regauth. A list of assigned AcpcTreeId values is provided in M.2.
AcpcTreeId ::= OCTET STRING (SIZE(8))
This is a 16 byte string that represents the value of a node in the ACPC tree.
AcpcNodeValue ::= OCTET STRING (SIZE(16))
This structure, C-OER encoded, is the input to the hash function to calculate child node values from a parent node. By including the ID fields it "firewalls" the hash function so that an attacker who inverts the hash has only found the hash preimage for a specific node, in a specific tree, for a specific time period. An overview of this structure is as follows:
version of type Uint8 (2)
contains the current version of the structure.
acpcTreeId of type AcpcTreeId
contains an identifier for this ACPC tree series.
acpcPeriod of type IValue
contains an identifier for the time period for this tree.
If the certificates for which this set of APrVs are intended have an IValue
field, acpcPeriod in this structure shall be the IValue field in the
certificates. How the RA and the CAM synchronize on this value is outside
the scope of this document.
childNodeId of type BIT STRING
contains a bit string of length l encoding the node
location within the l'th level.
parentNodeValue of type OCTET STRING (SIZE(16))
contains the value of the parent node.
AprvHashCalculationInput ::= SEQUENCE {
version Uint8 (2),
acpcTreeId AcpcTreeId,
acpcPeriod IValue,
childNodeId BIT STRING,
parentNodeValue OCTET STRING (SIZE(16)),
...
}