The application/cms Media Type
RFC 7193

Document Type RFC - Informational (April 2014; Errata)
Was draft-turner-application-cms-media-type (individual in sec area)
Authors Sean Turner  , Russ Housley  , Jim Schaad 
Last updated 2015-10-14
Replaces draft-turner-application-firmware-media-types
Stream IETF
Formats plain text html pdf htmlized bibtex
Stream WG state (None)
Document shepherd Paul Hoffman
Shepherd write-up Show (last changed 2013-10-30)
IESG IESG state RFC 7193 (Informational)
Action Holders
Consensus Boilerplate Yes
Telechat date
Responsible AD Stephen Farrell
Send notices to
IANA IANA review state Version Changed - Review Needed
IANA action state RFC-Ed-Ack
Internet Engineering Task Force (IETF)                         S. Turner
Request for Comments: 7193                                          IECA
Category: Informational                                       R. Housley
ISSN: 2070-1721                                           Vigil Security
                                                               J. Schaad
                                                 Soaring Hawk Consulting
                                                              April 2014

                     The application/cms Media Type


   This document registers the application/cms media type for use with
   the corresponding CMS (Cryptographic Message Syntax) content types.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This document is a product of the Internet Engineering Task Force
   (IETF).  It represents the consensus of the IETF community.  It has
   received public review and has been approved for publication by the
   Internet Engineering Steering Group (IESG).  Not all documents
   approved by the IESG are a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   ( in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Turner, et al.               Informational                      [Page 1]
RFC 7193               application/cms Media Type             April 2014

1.  Introduction

   [RFC5751] registered the application/pkc7-mime media type.  That
   document defined five optional smime-type parameters.  The smime-type
   parameter originally conveyed details about the security applied to
   the data content type, indicating whether it was signed or enveloped,
   as well as the name of the data content; it was later expanded to
   indicate whether the data content is compressed and whether the data
   content contained a certs-only message.  This document does not
   affect those registrations as this document places no requirements on
   S/MIME (Secure Multipurpose Internet Mail Extensions) agents.

   The registration done by the S/MIME documents was done assuming that
   there would be a MIME (Multipurpose Internet Mail Extensions)
   wrapping layer around each of the different enveloping contents;
   thus, there was no need to include more than one item in each smime-
   type.  This is no longer the case with some of the more advanced
   enveloping types.  Some protocols such as the CMC (Certificate
   Management over Cryptographic Message Syntax) [RFC5273] have defined
   additional S/MIME types.  New protocols that intend to wrap MIME
   content should continue to define a smime-type string; however, new
   protocols that intend to wrap non-MIME types should use this
   mechanism instead.

   CMS (Cryptographic Message Syntax) [RFC5652] associates a content
   type identifier (OID) with specific content; CMS content types have
   been widely used to define contents that can be enveloped using other
   CMS content types and to define enveloping content types some of
   which provide security services.  CMS protecting content types, those
   that provide security services, include: Signed-Data [RFC5652],
   Enveloped-Data [RFC5652], Digested-Data [RFC5652], Encrypted-Data
   [RFC5652], Authenticated-Data [RFC5652], Authenticated-Enveloped-Data
   [RFC5083], and Encrypted Key Package [RFC6032].  CMS non-protecting
   content types, those that provide no security services but
   encapsulate other CMS content types, include: Content Information
   [RFC5652], Compressed Data [RFC3274], Content Collection [RFC4073],
   and Content With Attributes [RFC4073].  Then, there are the innermost
   content types that include: Data [RFC5652], Asymmetric Key Package
   [RFC5958], Symmetric Key Package [RFC6031], Firmware Package
   [RFC4108], Firmware Package Load Receipt [RFC4108], Firmware Package
   Load Error [RFC4108], Trust Anchor List [RFC5914], TAMP Status Query,
   TAMP Status Response, TAMP Update, TAMP Update Confirm, TAMP Apex
   Update, TAMP Apex Update Confirmation, TAMP Community Update, TAMP
   Community Update Confirm, TAMP Sequence Adjust, TAMP Sequence Adjust
Show full document text