Plasma Service Cryptographic Message Syntax (CMS) Processing

Document Type Expired Internet-Draft (individual)
Last updated 2014-08-16 (latest revision 2014-02-12)
Stream (None)
Intended RFC status (None)
Expired & archived
plain text pdf html bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


Secure MIME (S/MIME) defined a method of placing security labels on a Cryptographic Message Syntax (CMS) object. These labels are placed as part of the data signed and validated by the parties. This means that the message content is visible to the recipient prior to the label enforcement. A new model for enforcement of policy using a third party is described in RFC TBD [I-D.freeman-plasma-requirements]. This is the Policy Augmented S/ MIME (PLASMA) system. This document provides the details needed to implement the new Plasma model in the CMS infrastructure. An additional benefit of using the Plasma module is that the server, based on policy, manages who has access to the message and how the keys are protected. The document details how the client encryption and decryption processes are performed, defines how to construct the CMS recipient info structure, a new content to hold the data required for the Plasma server to store the keys and policy information. The document does not cover the protocol between the client and the Plasma policy enforcement server. One example of the client/server protocol can be found in RFC TBD [I-D.schaad-plasma-service].


Jim Schaad (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)