draft-ietf-smime-compression-04.txt   draft-ietf-smime-compression-05.txt 
Internet Draft Editor: Peter Gutmann Internet Draft Editor: Peter Gutmann
draft-ietf-smime-compression-04.txt University of Auckland draft-ietf-smime-compression-05.txt University of Auckland
May 8, 2001 July 17, 2001
Expires November 2001 Expires January 2002
Compressed Data Content Type for CMS Compressed Data Content Type for CMS
Status of this memo Status of this memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts. groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference material
material or to cite them other than as "work in progress." or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
Copyright (C) The Internet Society July 2001. All Rights Reserved.
Abstract Abstract
The Cryptographic Message Syntax data format doesn't currently contain The Cryptographic Message Syntax data format doesn't currently contain
any provisions for compressing data before processing it. Compressing any provisions for compressing data before processing it. Compressing
data before transmission provides a number of advantages including the data before transmission provides a number of advantages including the
elimination of data redundancy which could help an attacker, speeding elimination of data redundancy which could help an attacker, speeding
up processing by reducing the amount of data to be processed by later up processing by reducing the amount of data to be processed by later
steps such as signing or encryption, and reducing overall message steps such as signing or encryption, and reducing overall message size.
size. Although there have been proposals for adding compression at Although there have been proposals for adding compression at other
other levels (for example at the MIME or SSL level) these don't levels (for example at the MIME or SSL level) these don't address the
address the problem of compression of CMS content unless the problem of compression of CMS content unless the compression is
compression is supplied by an external means (for example by supplied by an external means (for example by intermixing MIME and
intermixing MIME and CMS). This document defines a format for using CMS). This document defines a format for using compressed data as a
compressed data as a CMS content type. CMS content type.
1. Introduction 1. Introduction
This document describes a compressed data content type for S/MIME. This document describes a compressed data content type for S/MIME. This
This is implemented as a new ContentInfo type and is an extension to is implemented as a new ContentInfo type and is an extension to the
the types currently defined in CMS [RFC2630]. Future implementations types currently defined in CMS [RFC2630]. Future implementations of
of CMS SHOULD include this extension. CMS SHOULD include this extension.
The format of the messages are described in ASN.1 [ASN1]. The format of the messages are described in ASN.1 [ASN1].
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in [RFC2119]. interpreted as described in [RFC2119].
1.1 Compressed Data Content Type 1.1 Compressed Data Content Type
The compressed-data content type consists of content of any type The compressed-data content type consists of content of any type
skipping to change at line 75 skipping to change at line 78
The compressed-data content type shall have ASN.1 type CompressedData: The compressed-data content type shall have ASN.1 type CompressedData:
CompressedData ::= SEQUENCE { CompressedData ::= SEQUENCE {
version CMSVersion, version CMSVersion,
compressionAlgorithm CompressionAlgorithmIdentifier, compressionAlgorithm CompressionAlgorithmIdentifier,
encapContentInfo EncapsulatedContentInfo encapContentInfo EncapsulatedContentInfo
} }
The fields of type CompressedData have the following meanings: The fields of type CompressedData have the following meanings:
version is the syntax version number. It MUST be 0. Details of version is the syntax version number. It MUST be 0. Details of the
the CMSVersion type are discussed in CMS [RFC2630], section CMSVersion type are discussed in CMS [RFC2630], section 10.2.5.
10.2.5.
compressionAlgorithm is a compression algorithm identifier, as compressionAlgorithm is a compression algorithm identifier, as
defined in section 2. defined in section 2.
encapContentInfo is the content which is compressed. Details of encapContentInfo is the content which is compressed. Details of the
the EncapsulatedContentInfo type are discussed in CMS [RFC2630], EncapsulatedContentInfo type are discussed in CMS [RFC2630], section
section 5.2. 5.2.
Implementations SHOULD use the SMIMECapabilities attribute to indicate Implementations SHOULD use the SMIMECapabilities attribute to indicate
their ability to process compressed content types. Details of their ability to process compressed content types. Details of
SMIMECapabilities are discussed in MSG [RFC2633], section 2.5.2 SMIMECapabilities are discussed in MSG [RFC2633], section 2.5.2
A compression SMIMECapability consists of the AlgorithmIdentifier for A compression SMIMECapability consists of the AlgorithmIdentifier for
the supported compression algorithm, in the case of the algorithm the supported compression algorithm, in the case of the algorithm
specified in this document this is id-alg-zlibCompression as specified specified in this document this is id-alg-zlibCompression as specified
in section 2. Alternatively, the use of compression may be handled by in section 2. Alternatively, the use of compression may be handled by
prior arrangement (for example as part of an interoperability prior arrangement (for example as part of an interoperability profile).
profile).
The SMIMECapability SEQUENCE representing the ability to process The SMIMECapability SEQUENCE representing the ability to process
content compressed with the algorithm identified by id-alg- content compressed with the algorithm identified by id-alg-
zlibCompression MUST be DER-encoded as the following hexadecimal zlibCompression MUST be DER-encoded as the following hexadecimal
string: string:
30 0D 06 0B 2A 86 48 86 F7 0D 01 09 10 03 08 30 0D 06 0B 2A 86 48 86 F7 0D 01 09 10 03 08
(but see also the implementation note in section 2.1). (but see also the implementation note in section 2.1).
skipping to change at line 135 skipping to change at line 136
There are two possible encodings for the ZLIB null parameters field There are two possible encodings for the ZLIB null parameters field
which arise from the fact that when the 1988 syntax for which arise from the fact that when the 1988 syntax for
AlgorithmIdentifier was translated into the 1997 syntax, the OPTIONAL AlgorithmIdentifier was translated into the 1997 syntax, the OPTIONAL
associated with the AlgorithmIdentifier parameters got lost. Later it associated with the AlgorithmIdentifier parameters got lost. Later it
was recovered via a defect report, but by then everyone thought that was recovered via a defect report, but by then everyone thought that
algorithm parameters were mandatory. Because of this some algorithm parameters were mandatory. Because of this some
implementations will encode null parameters as an ASN.1 NULL element implementations will encode null parameters as an ASN.1 NULL element
and some will omit them entirely (see for example section 12 of CMS and some will omit them entirely (see for example section 12 of CMS
[RFC2630]). Although the correct encoding is to omit the parameters [RFC2630]). Although the correct encoding is to omit the parameters
field, implementations may encounter encodings which use an ASN.1 field, implementations may encounter encodings which use an ASN.1 NULL
NULL element for the parameters. element for the parameters.
3. Security Considerations 3. Security Considerations
This RFC is not concerned with security, except for the fact that This RFC is not concerned with security, except for the fact that
compressing data before encryption can enhance the security provided compressing data before encryption can enhance the security provided by
by other processing steps by reducing the quantity of known plaintext other processing steps by reducing the quantity of known plaintext
available to an attacker. available to an attacker.
4. IANA Considerations
The CompressedData content type and compression algorithms are
identified by object identifiers (OIDs). OIDs were assigned from an
arc contributed to the S/MIME Working Group by the RSA Security.
Should additional compression algorithms be introduced, the advocates
for such algorithms are expected to assign the necessary OIDs from
their own arcs. No action by the IANA is necessary for this document
or any anticipated updates.
Author Address Author Address
Peter Gutmann Peter Gutmann
University of Auckland University of Auckland
Private Bag 92019 Private Bag 92019
Auckland, New Zealand Auckland, New Zealand
pgut001@cs.auckland.ac.nz pgut001@cs.auckland.ac.nz
References References
skipping to change at line 213 skipping to change at line 224
id-ct-compressedData OBJECT IDENTIFIER ::= { iso(1) member-body(2) id-ct-compressedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 9 } us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 9 }
END END
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society 2001. All Rights Reserved. Copyright (C) The Internet Society 2001. All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it others, and derivative works that comment on or otherwise explain it or
or assist in its implementation may be prepared, copied, published and assist in its implementation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind, distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing document itself may not be modified in any way, such as by removing the
the copyright notice or references to the Internet Society or other copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of developing Internet organizations, except as needed for the purpose of developing
Internet standards in which case the procedures for copyrights defined Internet standards in which case the procedures for copyrights defined
in the Internet Standards process must be followed, or as required to in the Internet Standards process must be followed, or as required to
translate it into languages other than English. translate it into languages other than English.
The limited permissions granted above are perpetual and will not be The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns. revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. FITNESS FOR A PARTICULAR PURPOSE.
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/