MIME Object Security Services
RFC 1848

Document Type RFC - Historic (October 1995; No errata)
Last updated 2013-03-02
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 1848 (Historic)
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                         S. Crocker
Request For Comments: 1848                               CyberCash, Inc.
Category: Standards Track                                       N. Freed
                                            Innosoft International, Inc.
                                                               J. Galvin
                                                               S. Murphy
                                             Trusted Information Systems
                                                            October 1995

                     MIME Object Security Services

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   This document defines MIME Object Security Services (MOSS), a
   protocol that uses the multipart/signed and multipart/encrypted
   framework [7] to apply digital signature and encryption services to
   MIME objects.  The services are offered through the use of end-to-end
   cryptography between an originator and a recipient at the application
   layer.  Asymmetric (public key) cryptography is used in support of
   the digital signature service and encryption key management.
   Symmetric (secret key) cryptography is used in support of the
   encryption service.  The procedures are intended to be compatible
   with a wide range of public key management approaches, including both
   ad hoc and certificate-based schemes.  Mechanisms are provided to
   support many public key management approaches.

Table of Contents

   1.  Introduction .............................................    3
   2.  Applying MIME Object Security Services ...................    4
   2.1  Digital Signature Service ...............................    4
   2.1.1  Canonicalization ......................................    5
   2.1.2  Digital Signature Control Information .................    7
   2.1.2.1  Version: ............................................    8
   2.1.2.2  Originator-ID: ......................................    8
   2.1.2.3  MIC-Info: ...........................................    8
   2.1.3  application/moss-signature Content Type Definition ....    9
   2.1.4  Use of multipart/signed Content Type ..................   10
   2.2  Encryption Service ......................................   11

Crocker, et al              Standards Track                     [Page 1]
RFC 1848             MIME Object Security Services          October 1995

   2.2.1  Encryption Control Information ........................   12
   2.2.1.1  DEK-Info: ...........................................   13
   2.2.1.2  Recipient-ID: .......................................   14
   2.2.1.3  Key-Info: ...........................................   14
   2.2.2  application/moss-keys Content Type Definition .........   15
   2.2.3  Use of multipart/encrypted Content Type ...............   16
   3.  Removing MIME Object Security Services ...................   17
   3.1  Digital Signature Service ...............................   18
   3.1.1  Preparation ...........................................   18
   3.1.2  Verification ..........................................   19
   3.1.3  Results ...............................................   19
   3.2  Encryption Service ......................................   20
   3.2.1  Preparation ...........................................   20
   3.2.2  Decryption ............................................   20
   3.2.3  Results ...............................................   21
   4.  Identifying Originators, Recipients, and Their Keys ......   21
   4.1  Name Forms ..............................................   23
   4.1.1  Email Addresses .......................................   23
   4.1.2  Arbitrary Strings .....................................   23
   4.1.3  Distinguished Names ...................................   23
   4.2  Identifiers .............................................   24
   4.2.1  Email Address .........................................   25
   4.2.2  Arbitrary String ......................................   25
   4.2.3  Distinguished Name ....................................   26
   4.2.4  Public Key ............................................   26
   4.2.5  Issuer Name and Serial Number .........................   27
   5.  Key Management Content Types .............................   27
   5.1  application/mosskey-request Content Type Definition .....   28
   5.2  application/mosskey-data Content Type Definition ........   29
   6.  Examples .................................................   31
   6.1  Original Message Prepared for Protection ................   31
   6.2  Sign Text of Original Message ...........................   32
Show full document text