MIME Object Security Services
RFC 1848
Document | Type |
RFC - Historic
(October 1995; No errata)
Was draft-ietf-pem-mime (pem WG)
|
|
---|---|---|---|
Authors | James Galvin , Sandra Murphy , Steve Crocker , Ned Freed | ||
Last updated | 2013-03-02 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 1848 (Historic) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group S. Crocker Request For Comments: 1848 CyberCash, Inc. Category: Standards Track N. Freed Innosoft International, Inc. J. Galvin S. Murphy Trusted Information Systems October 1995 MIME Object Security Services Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document defines MIME Object Security Services (MOSS), a protocol that uses the multipart/signed and multipart/encrypted framework [7] to apply digital signature and encryption services to MIME objects. The services are offered through the use of end-to-end cryptography between an originator and a recipient at the application layer. Asymmetric (public key) cryptography is used in support of the digital signature service and encryption key management. Symmetric (secret key) cryptography is used in support of the encryption service. The procedures are intended to be compatible with a wide range of public key management approaches, including both ad hoc and certificate-based schemes. Mechanisms are provided to support many public key management approaches. Table of Contents 1. Introduction ............................................. 3 2. Applying MIME Object Security Services ................... 4 2.1 Digital Signature Service ............................... 4 2.1.1 Canonicalization ...................................... 5 2.1.2 Digital Signature Control Information ................. 7 2.1.2.1 Version: ............................................ 8 2.1.2.2 Originator-ID: ...................................... 8 2.1.2.3 MIC-Info: ........................................... 8 2.1.3 application/moss-signature Content Type Definition .... 9 2.1.4 Use of multipart/signed Content Type .................. 10 2.2 Encryption Service ...................................... 11 Crocker, et al Standards Track [Page 1] RFC 1848 MIME Object Security Services October 1995 2.2.1 Encryption Control Information ........................ 12 2.2.1.1 DEK-Info: ........................................... 13 2.2.1.2 Recipient-ID: ....................................... 14 2.2.1.3 Key-Info: ........................................... 14 2.2.2 application/moss-keys Content Type Definition ......... 15 2.2.3 Use of multipart/encrypted Content Type ............... 16 3. Removing MIME Object Security Services ................... 17 3.1 Digital Signature Service ............................... 18 3.1.1 Preparation ........................................... 18 3.1.2 Verification .......................................... 19 3.1.3 Results ............................................... 19 3.2 Encryption Service ...................................... 20 3.2.1 Preparation ........................................... 20 3.2.2 Decryption ............................................ 20 3.2.3 Results ............................................... 21 4. Identifying Originators, Recipients, and Their Keys ...... 21 4.1 Name Forms .............................................. 23 4.1.1 Email Addresses ....................................... 23 4.1.2 Arbitrary Strings ..................................... 23 4.1.3 Distinguished Names ................................... 23 4.2 Identifiers ............................................. 24 4.2.1 Email Address ......................................... 25 4.2.2 Arbitrary String ...................................... 25 4.2.3 Distinguished Name .................................... 26 4.2.4 Public Key ............................................ 26 4.2.5 Issuer Name and Serial Number ......................... 27 5. Key Management Content Types ............................. 27 5.1 application/mosskey-request Content Type Definition ..... 28 5.2 application/mosskey-data Content Type Definition ........ 29 6. Examples ................................................. 31 6.1 Original Message Prepared for Protection ................ 31 6.2 Sign Text of Original Message ........................... 32Show full document text