draft-ietf-smime-rfc2632bis-04.txt   draft-ietf-smime-rfc2632bis-05.txt 
Internet Draft Editor: Blake Ramsdell, Internet Draft Editor: Blake Ramsdell,
draft-ietf-smime-rfc2632bis-04.txt Brute Squad Labs draft-ietf-smime-rfc2632bis-05.txt Sendmail, Inc.
October 26, 2003 February 15, 2003
Expires April 26, 2004 Expires August 15, 2004
S/MIME Version 3.1 Certificate Handling S/MIME Version 3.1 Certificate Handling
Status of this memo Status of this memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other Force (IETF), its areas, and its working groups. Note that other
skipping to change at line 553 skipping to change at line 553
At the Selected Areas in Cryptography '95 conference in May 1995, At the Selected Areas in Cryptography '95 conference in May 1995,
Rogier and Chauvaud presented an attack on MD2 that can nearly find Rogier and Chauvaud presented an attack on MD2 that can nearly find
collisions [RC95]. Collisions occur when one can find two different collisions [RC95]. Collisions occur when one can find two different
messages that generate the same message digest. A checksum operation messages that generate the same message digest. A checksum operation
in MD2 is the only remaining obstacle to the success of the attack. in MD2 is the only remaining obstacle to the success of the attack.
For this reason, the use of MD2 for new applications is discouraged. For this reason, the use of MD2 for new applications is discouraged.
It is still reasonable to use MD2 to verify existing signatures, as It is still reasonable to use MD2 to verify existing signatures, as
the ability to find collisions in MD2 does not enable an attacker to the ability to find collisions in MD2 does not enable an attacker to
find new messages having a previously computed hash value. find new messages having a previously computed hash value.
A. References A. Normative References
[ACAUTH] "An Internet Attribute Certificate Profile for [ACAUTH] "An Internet Attribute Certificate Profile for
Authorization", RFC 3281 Authorization", RFC 3281
[CERTV2] "S/MIME Version 2 Certificate Handling", RFC 2312
[CMS] "Cryptographic Message Syntax", RFC 3369 [CMS] "Cryptographic Message Syntax", RFC 3369
[CMSALG] "Cryptographic Message Syntax (CMS) Algorithms", RFC 3370 [CMSALG] "Cryptographic Message Syntax (CMS) Algorithms", RFC 3370
[KEYM] "Internet X.509 Public Key Infrastructure Certificate and CRL [KEYM] "Internet X.509 Public Key Infrastructure Certificate and CRL
Profile", RFC 3280 Profile", RFC 3280
[KEYMALG] "Algorithms and Identifiers for the Internet X.509 Public [KEYMALG] "Algorithms and Identifiers for the Internet X.509 Public
Key Infrastructure Certificate and CRL Profile ", RFC 3279 Key Infrastructure Certificate and CRL Profile ", RFC 3279
[MUSTSHOULD] "Key words for use in RFCs to Indicate Requirement [MUSTSHOULD] "Key words for use in RFCs to Indicate Requirement
Levels", RFC 2119 Levels", RFC 2119
[PKCS9] "PKCS #9: Selected Object Classes and Attribute Types Version [PKCS9] "PKCS #9: Selected Object Classes and Attribute Types Version
2.0", RFC 2985 2.0", RFC 2985
[RFC-2822], "Internet Message Format", RFC 2822
[SMIME-MSG] "S/MIME Version 3 Message Specification ", Internet Draft
draft-ietf-smime-msg
B. Informative References
[CERTV2] "S/MIME Version 2 Certificate Handling", RFC 2312
[RC95] Rogier, N. and Chauvaud, P., "The compression function of MD2 [RC95] Rogier, N. and Chauvaud, P., "The compression function of MD2
is not collision free," Presented at Selected Areas in Cryptography is not collision free," Presented at Selected Areas in Cryptography
'95, May 1995 '95, May 1995
[RFC-2822], "Internet Message Format", RFC 2822
[SECLABEL] "Implementing Company Classification Policy with the S/MIME [SECLABEL] "Implementing Company Classification Policy with the S/MIME
Security Label", RFC 3114 Security Label", RFC 3114
[SMIME-MSG] "S/MIME Version 3 Message Specification ", Internet Draft
draft-ietf-smime-msg
[X.500] ITU-T Recommendation X.500 (1997) | ISO/IEC 9594-1:1997, [X.500] ITU-T Recommendation X.500 (1997) | ISO/IEC 9594-1:1997,
Information technology - Open Systems Interconnection - The Directory: Information technology - Open Systems Interconnection - The Directory:
Overview of concepts, models and services Overview of concepts, models and services
[X.501] ITU-T Recommendation X.501 (1997) | ISO/IEC 9594-2:1997, [X.501] ITU-T Recommendation X.501 (1997) | ISO/IEC 9594-2:1997,
Information technology - Open Systems Interconnection - The Directory: Information technology - Open Systems Interconnection - The Directory:
Models Models
[X.509] ITU-T Recommendation X.509 (1997) | ISO/IEC 9594-8:1997, [X.509] ITU-T Recommendation X.509 (1997) | ISO/IEC 9594-8:1997,
Information technology - Open Systems Interconnection - The Directory: Information technology - Open Systems Interconnection - The Directory:
Authentication framework Authentication framework
[X.520] ITU-T Recommendation X.520 (1997) | ISO/IEC 9594-6:1997, [X.520] ITU-T Recommendation X.520 (1997) | ISO/IEC 9594-6:1997,
Information technology - Open Systems Interconnection - The Directory: Information technology - Open Systems Interconnection - The Directory:
Selected attribute types. Selected attribute types.
B. Acknowledgements C. Acknowledgements
Many thanks go out to the other authors of the S/MIME v2 RFC: Steve Many thanks go out to the other authors of the S/MIME v2 RFC: Steve
Dusse, Paul Hoffman and Jeff Weinstein. Without v2, there wouldn't be Dusse, Paul Hoffman and Jeff Weinstein. Without v2, there wouldn't be
a v3. a v3.
A number of the members of the S/MIME Working Group have also worked A number of the members of the S/MIME Working Group have also worked
very hard and contributed to this document. Any list of people is very hard and contributed to this document. Any list of people is
doomed to omission and for that I apologize. In alphabetical order, doomed to omission and for that I apologize. In alphabetical order,
the following people stand out in my mind due to the fact that they the following people stand out in my mind due to the fact that they
made direct contributions to this document. made direct contributions to this document.
skipping to change at line 627 skipping to change at line 629
Trevor Freeman Trevor Freeman
Elliott Ginsburg Elliott Ginsburg
Paul Hoffman Paul Hoffman
Russ Housley Russ Housley
David P. Kemp David P. Kemp
Michael Myers Michael Myers
John Pawling John Pawling
Denis Pinkas Denis Pinkas
Jim Schaad Jim Schaad
C. Editor's address D. Editor's address
Blake Ramsdell Blake Ramsdell
Brute Squad Labs Sendmail, Inc.
Suite 407-C 704 228th Ave NE #775
16451 Redmond Way Sammamish, WA 98074
Redmond, WA 98052-4482
blake@brutesquadlabs.com blake@sendmail.com
D. Changes from last draft E. Changes from last draft
Updated editor contact info (Blake Ramsdell)
Separated normative and informative references (Jim Schaad)
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/