Securing Header Fields with S/MIME
draft-cailleux-secure-headers-00

The information below is for an old version of the document
Document Type Active Internet-Draft (individual)
Last updated 2011-10-16
Stream (None)
Intended RFC status (None)
Formats plain text pdf html bibtex
IETF conflict review conflict-review-cailleux-secure-headers
Additional URLs
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state I-D Exists
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                       L. Cailleux 
     Internet-Draft                                                   DGA MI 
     Intended status: Experimental                                C. Bonatti 
     Expires: 16 April 2012                                             IECA 
                                                             16 October 2011 
      
      
                         Securing Header Fields with S/MIME 
                          draft-cailleux-secure-headers-00 

     Abstract 

       This document describes how the S/MIME protocol can be extended in 
       order to secure message header fields. This technology provides 
       security services such as data integrity, non-repudiation and 
       confidentiality. This extension is referred to as 'Secure Headers'. 
        
     Status of this Memo 

       This Internet-Draft is submitted in full conformance with the 
       provisions of BCP 78 and BCP 79. 
        
       Internet-Drafts are working documents of the Internet Engineering 
       Task Force (IETF).  Note that other groups may also distribute 
       working documents as Internet-Drafts.  The list of current Internet-
       Drafts is at http://datatracker.ietf.org/drafts/current/. 
        
       Internet-Drafts are draft documents valid for a maximum of six months 
       and may be updated, replaced, or obsoleted by other documents at any 
       time.  It is inappropriate to use Internet-Drafts as reference 
       material or to cite them other than as "work in progress." 
        
       This Internet-Draft will expire on 16 April 2012. 
        
       Draft Version 0.26 (20110728) 
        
     Copyright Notice 

       Copyright (c) 2011 IETF Trust and the persons identified as the 
       document authors.  All rights reserved. 
        
       This document is subject to BCP 78 and the IETF Trust's Legal 
       Provisions Relating to IETF Documents 
       (http://trustee.ietf.org/license-info) in effect on the date of 
       publication of this document.  Please review these documents 
      
      
      
     Cailleux                Expires 16 April 2012                  [Page 1] 
      

     Internet-Draft    Securing Header Fields with S/MIME       October 2011 
         

       carefully, as they describe your rights and restrictions with respect 
       to this document.  Code Components extracted from this document MUST 
       include Simplified BSD License text as described in Section 4.e of 
       the Trust Legal Provisions and are provided without warranty as 
       described in the Simplified BSD License. 
        
     Table of Contents 

        1. Introduction...................................................2 
        2. Terminology and conventions used in this document..............3 
        3. Context........................................................3 
        4. Mechanisms to secure message header fields.....................5 
           4.1. ASN.1 syntax of secure header fields......................6 
           4.2. Secure header fields length and format....................7 
           4.3. Canonization algorithm....................................7 
           4.4. Header fields statuses....................................8 
           4.5. Signature Process.........................................8 
              4.5.1. Signature Generation Process.........................8 
              4.5.2. Signature verification process.......................9 
           4.6. Encryption and Decryption Processes......................11 
              4.6.1. Encryption Process..................................11 
              4.6.2. Decryption Process..................................12 
        5. Case of triple wrapping.......................................13 
        6. Security Considerations.......................................13 
        7. References....................................................13 
           7.1. Normative References.....................................13 
           7.2. Informative References...................................14 
        Appendix A. Formal syntax of Secure Header.......................15 
        Appendix B. Secure Header Fields example.........................16 
        Appendix C. Acknowledgements.....................................18 
         

     1. Introduction 

       S/MIME [RFC5751] standard defines a data encapsulation format for the 
       achievement of end to end security services such as integrity, 
       authentication, non-repudiation and confidentiality. By default, 
       S/MIME secures message body parts, at the exclusion of the message 
       header fields.  
        
       S/MIME provides an alternative solution to secure header fields. "The 
       sending client MAY wrap a full MIME [RFC2045] message in a 
Show full document text