Authentication-Results Registration for S/MIME Signature Verification
RFC 7281
Document Type RFC - Informational (June 2014; No errata)
Author Alexey Melnikov 
Last updated 2014-06-24
Stream ISE
Formats plain text html pdf htmlized bibtex
IETF conflict review conflict-review-melnikov-authentication-results-smime
Stream ISE state Published RFC
Consensus Boilerplate Unknown
Document shepherd Adrian Farrel
Shepherd write-up Show (last changed 2014-03-06)
IESG IESG state RFC 7281 (Informational)
Telechat date
Responsible AD (None)
Send notices to (None)
IANA IANA review state IANA OK - Actions Needed
IANA action state RFC-Ed-Ack
Email authors IPR References Referenced by Nits 
Independent Submission                                       A. Melnikov
Request for Comments: 7281                                     Isode Ltd
Category: Informational                                        June 2014
ISSN: 2070-1721

 Authentication-Results Registration for S/MIME Signature Verification

Abstract

   RFC 7001 specifies the Authentication-Results header field for
   conveying results of message authentication checks.  This document
   defines a new authentication method to be used in the Authentication-
   Results header field for S/MIME-related signature checks.

Status of This Memo

   This document is not an Internet Standards Track specification; it is
   published for informational purposes.

   This is a contribution to the RFC Series, independently of any other
   RFC stream.  The RFC Editor has chosen to publish this document at
   its discretion and makes no statement about its value for
   implementation or deployment.  Documents approved for publication by
   the RFC Editor are not a candidate for any level of Internet
   Standard; see Section 2 of RFC 5741.

   Information about the current status of this document, any errata,
   and how to provide feedback on it may be obtained at
   http://www.rfc-editor.org/info/rfc7281.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.

Melnikov                      Informational                     [Page 1]
RFC 7281     Authentication-Results Registration for S/MIME    June 2014

Table of Contents

   1. Introduction ....................................................2
   2. Conventions Used in This Document ...............................2
   3. "smime" Authentication Method ...................................2
      3.1. S/MIME Results .............................................3
      3.2. Email Authentication Parameters for S/MIME .................4
           3.2.1. body.smime-part .....................................4
           3.2.2. body.smime-identifier ...............................4
           3.2.3. body.smime-serial and body.smime-issuer .............5
      3.3. Examples ...................................................5
   4. IANA Considerations .............................................7
   5. Security Considerations .........................................9
   6. References .....................................................10
      6.1. Normative References ......................................10
      6.2. Informative References ....................................10
   Appendix A. Acknowledgements ......................................11

1.  Introduction

   [RFC7001] specifies the Authentication-Results header field for
   conveying results of message authentication checks.  As S/MIME
   signature verification (and alteration) is sometimes implemented in
   border message transfer agents, guards, and gateways (for example,
   see [RFC3183]), there is a need to convey signature verification
   status to Mail User Agents (MUAs) and downstream filters.  This
   document defines a new authentication method to be used in the
   Authentication-Results header field for S/MIME-related signature
   checks.

2.  Conventions Used in This Document

   The formal syntax uses the Augmented Backus-Naur Form (ABNF)
   [RFC5234] notation, including the core rules defined in Appendix B of
   [RFC5234].

3.  "smime" Authentication Method

   S/MIME signature and countersignature verification is represented by
   the "smime" method and is defined in [RFC5751].

Melnikov                      Informational                     [Page 2]
RFC 7281     Authentication-Results Registration for S/MIME    June 2014

3.1.  S/MIME Results

   The result values used by S/MIME [RFC5751] are as follows:

   +-----------+-------------------------------------------------------+
   | Result    | Meaning                                               |
   | code      |                                                       |
   +-----------+-------------------------------------------------------+
   | none      | The message was not signed.                           |
   |           |                                                       |
   | pass      | The message was signed, the signature or signatures   |
   |           | were acceptable to the verifier, and the signature(s) |
   |           | passed verification tests.                            |
   |           |                                                       |
   | fail      | The message was signed and the signature or           |
   |           | signatures were acceptable to the verifier, but they  |
Show full document text
RFC Editor IASA & IETF LLC IETF Trust IRTF IETF IESG IAB IANA Privacy Statement IETF Tools