draft-ietf-smime-x400wrap-06.txt   draft-ietf-smime-x400wrap-07.txt 
S/MIME Working Group S/MIME Working Group
Internet Draft Paul Hoffman, IMC Internet Draft Paul Hoffman, IMC
draft-ietf-smime-x400wrap-06.txt Chris Bonatti, IECA draft-ietf-smime-x400wrap-07.txt Chris Bonatti, IECA
May 1, 2003 Anders Eggen, FFI June 29, 2003 Anders Eggen, FFI
Expires November 1, 2003 Expires December 29, 2003
Securing X.400 Content with S/MIME Securing X.400 Content with S/MIME
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with all This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other groups Force (IETF), its areas, and its working groups. Note that other groups
skipping to change at line 155 skipping to change at line 155
recommendations in order to achieve a base level of interoperability recommendations in order to achieve a base level of interoperability
among all CMS-X.400 implementations. [CMS] provides additional details among all CMS-X.400 implementations. [CMS] provides additional details
regarding the use of the cryptographic algorithms. regarding the use of the cryptographic algorithms.
2.1 DigestAlgorithmIdentifier 2.1 DigestAlgorithmIdentifier
Sending and receiving agents MUST support SHA-1 [CMSALG]. Sending and receiving agents MUST support SHA-1 [CMSALG].
2.2 SignatureAlgorithmIdentifier 2.2 SignatureAlgorithmIdentifier
Receiving agents MUST support id-dsa defined in [CMSALG]. The Receiving agents MUST support id-dsa-with-sha1 defined in [CMSALG]. The
algorithm parameters MUST be absent (not encoded as NULL). Receiving algorithm parameters MUST be absent (not encoded as NULL). Receiving
agents MUST support rsaEncryption, defined in [CMSALG]. agents MUST support rsaEncryption, defined in [CMSALG].
Sending agents MUST support either id-dsa or rsaEncryption. Sending agents MUST support either id-dsa-with-sha1 or rsaEncryption.
2.3 KeyEncryptionAlgorithmIdentifier 2.3 KeyEncryptionAlgorithmIdentifier
Sending and receiving agents MUST support rsaEncryption, defined in Sending and receiving agents MUST support rsaEncryption, defined in
[CMSALG]. [CMSALG].
Sending and receiving agents SHOULD support Diffie-Hellman defined in Sending and receiving agents SHOULD support Diffie-Hellman defined in
[CMSALG]. [CMSALG].
2.4 General Syntax 2.4 General Syntax
skipping to change at line 226 skipping to change at line 226
the future. Receiving agents SHOULD handle attributes or values that it the future. Receiving agents SHOULD handle attributes or values that it
does not recognize in a graceful manner. does not recognize in a graceful manner.
Sending agents that include signed attributes that are not listed here Sending agents that include signed attributes that are not listed here
SHOULD display those attributes to the user, so that the user is aware SHOULD display those attributes to the user, so that the user is aware
of all of the data being signed. of all of the data being signed.
2.6 ContentEncryptionAlgorithmIdentifier 2.6 ContentEncryptionAlgorithmIdentifier
Sending and receiving agents MUST support encryption and decryption Sending and receiving agents MUST support encryption and decryption
with DES EDE3 CBC, hereinafter called "tripleDES" [CMSALG]. with DES EDE3 CBC, hereinafter called "tripleDES" [CMSALG]. Sending and
receiving agents SHOULD support encryption and decryption using the AES
algorithm [AES].
3. Creating S/MIME Messages 3. Creating S/MIME Messages
This section describes the S/MIME message formats and how they can be This section describes the S/MIME message formats and how they can be
used to secure X.400 contents. The S/MIME messages are a combination of used to secure X.400 contents. The S/MIME messages are a combination of
X.400 contents and CMS objects (i.e., a ContentInfo structure containing X.400 contents and CMS objects (i.e., a ContentInfo structure containing
one of the CMS-defined content types). The X.400 content and other data, one of the CMS-defined content types). The X.400 content and other data,
such as certificates and algorithm identifiers, are given to CMS such as certificates and algorithm identifiers, are given to CMS
processing facilities which produces a CMS object. This document also processing facilities which produces a CMS object. This document also
describes how nested, secured S/MIME messages should be formatted when describes how nested, secured S/MIME messages should be formatted when
skipping to change at line 555 skipping to change at line 557
5. Security Considerations 5. Security Considerations
This entire document discusses security. Additional security issues are This entire document discusses security. Additional security issues are
identified in section 5 of [MSG], section 6 of [ESS] and the Security identified in section 5 of [MSG], section 6 of [ESS] and the Security
Considerations section of [CMS]. Considerations section of [CMS].
A. References A. References
A.1 Normative References A.1 Normative References
[AES] J. Schaad, "Use of the AES Encryption Algorithm in CMS", Internet
Draft draft-ietf-smime-aes-alg.
[CERT31] Ramsdell, B., Editor, "S/MIME Version 3 Certificate [CERT31] Ramsdell, B., Editor, "S/MIME Version 3 Certificate
Handling", Internet-Draft draft-ietf-smime-rfc2632bis. Handling", Internet-Draft draft-ietf-smime-rfc2632bis.
[CMS] Housley, R., "Cryptographic Message Syntax", Internet-Draft [CMS] Housley, R., "Cryptographic Message Syntax", Internet-Draft
draft-ietf-smime-rfc2630bis. draft-ietf-smime-rfc2630bis.
[CMSALG] "Cryptographic Message Syntax (CMS) Algorithms", Internet- [CMSALG] "Cryptographic Message Syntax (CMS) Algorithms", Internet-
Draft draft-ietf-smime-cmsalg Draft draft-ietf-smime-cmsalg
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/