S/MIME Mail Security (smime)

Last Modified: 2005-10-03

Chair(s):

  • Sean Turner <turners@ieca.com>

  • Blake Ramsdell <blake@sendmail.com>

    Security Area Director(s):

  • Russ Housley <housley@vigilsec.com>
  • Sam Hartman <hartmans-ietf@mit.edu>

    Security Area Advisor:

  • Russ Housley <housley@vigilsec.com>

    Mailing Lists:

    General Discussion: ietf-smime@imc.org
    To Subscribe: ietf-smime-request@imc.org
    Archive: http://www.imc.org/ietf-smime/

    Description of Working Group:

    The S/MIME Working Group has completed a series of Proposed Standards
    that comprise the S/MIME version 3.1 specification. As part of the
    specification update, a new suite of "mandatory to implement"
    algorithms
    was be selected. Current efforts update and build upon these base
    specifications.

    The Cryptographic Message Syntax (CMS) (RFC 3852) is cryptographic
    algorithm independent, yet there is always more than one way to use any
    algorithm. To ensure interoperability, each algorithm should have a
    specification that describes its use with CMS. Specifications for the
    use of additional cryptographic algorithms will be developed.

    CMS, as well as S/MIME version 3 and later, permit the use of
    previously
    distributed symmetric key-encryption keys. Specifications for the
    distribution of symmetric key-encryption keys to multiple message
    recipients will be developed. Mail List Agents (MLAs) are one use of
    symmetric key-encryption keys. The specification will be algorithm
    independent.

    To aid initial determination of recipient's cryptographic capabilities
    a
    specification will be developed allowing S/MIME capabilities to be
    stored and asserted in X.509 certificates based on the X.509
    certificate
    and CRL profile developed by the PKIX Working Group.

    The working group will perform necessary interoperability testing to
    progress the CMS and S/MIME specifications to Draft Standard. The CMS
    specification depends on the RFC 3280, which was developed by the PKIX
    working group. This profile must progress to Draft Standard before CMS
    and the other S/MIME specifications can progress to Draft Standard.
    Assuming timely progress by the PKIX Working Group, the S/MIME
    specification can start progressing to Draft Standard in 2005.

    Goals and Milestones:

    Done  First draft of security label usage specification.
    Done  First draft of CMS RecipientInfo extension.
    Done  Last call on KEA and SKIPJACK algorithm specification.
    Done  Last call on small subgroup attack avoidance
    Done  First draft of CAST algorithm specification.
    Done  Last call on certificate distribution specification.
    Done  First draft of mail list key distribution.
    Done  Submit KEA and SKIPJACK algorithm specification as Informational RFC.
    Done  Submit small subgroup attack avoidance as Informational RFC
    Done  Last call on CAST algorithm specification.
    Done  Updated draft of domain security services document.
    Done  Last call on security label usage specification.
    Done  Last call on IDEA algorithm specification.
    Done  Last call on CMS RecipientInfo extension.
    Done  Last call on mail list key distribution.
    Done  Submit CAST algorithm specification as Informational RFC.
    Done  Submit security label usage specification as Informational RFC.
    Done  Submit IDEA algorithm specification as Informational RFC.
    Done  Submit CMS RecipientInfo extension to IESG for consideration as a Proposed Standard.
    Done  Last call on domain security services document.
    Done  Submit domain security services as Experimental RFC.
    Done  Submit mail list key distribution as a Proposed Standard
    Done  Submit X.400 CMS wrapper specification as a Proposed Standard
    Done  Submit HMAC key wrap description as Proposed Standard
    Done  Submit RSA OAEP algorithm specification as Proposed Standard
    Done  Sumbit AES algorithm specification as Proposed Standard
    Done  Submit X.400 transport as a Proposed Standard
    Done  Last call on CMS and ESS examples document
    Done  First draft of RSA KEM algorithm specification
    Done  Submit update to MSG as Proposed Standard
    Done  Submit update to CERT as Proposed Standard
    Done  Last call on RSA PSS algorithm specification
    Done  Submit RSA PSS algorithm specification as Proposed Standard
    Done  First draft of S/MIME Capabilities Certificate Extension
    Done  Working Group Last Call for S/MIME Capabilities Certificate Extension
    Done  Submit S/MIME Capabilities Certificate Extension as Informational RFC
    Feb 2005  Request advancement of CMS Algorithms to Draft Standard
    Feb 2005  Request advancement of CMS to Draft Standard
    Feb 2005  Request advancement of ESS to Draft Standard
    Feb 2005  Request advancement of CERT to Draft Standard
    Feb 2005  Request advancement of MSG to Draft Standard
    Nov 2005  Last call on RSA KEM algorithm specification
    Jan 2006  Submit RSA KEM algorithm specification as Proposed Standard

    Internet-Drafts:

    CMS Symmetric Key Management and Distribution (212424 bytes)
    Use of the RSA-KEM Key Transport Algorithm in CMS (49816 bytes)
    CMS Advanced Electronic Signatures (CAdES) (297390 bytes)
    ESS Update: Adding CertID Algorithm Agility (27283 bytes)
    Cryptographic Message Syntax (CMS) Multiple Signer Clarification (10623 bytes)
    Identity-based Encryption Architecture (19284 bytes)
    Identity-Based Cryptography Standard (IBCS) #1: Supersingular Curve Implementations of the BF and BB1 Cryptosystems (110980 bytes)
    Identity-based Encryption Parameter and Policy Lookup (21499 bytes)
    Identity-based Encryption Private Key Request Protocol (21647 bytes)
    Using the Boneh-Franklin identity-based encryption algorithm with the Cryptographic Message Syntax (CMS) (19967 bytes)

    Request For Comments:

    S/MIME Version 2 Message Specification (RFC 2311) (70901 bytes)
    S/MIME Version 2 Certificate Handling (RFC 2312) (39829 bytes)
    Cryptographic Message Syntax (RFC 2630) (128599 bytes) obsoleted by RFC 3369
    Diffie-Hellman Key Agreement Method (RFC 2631) (25932 bytes)
    S/MIME Version 3 Certificate Handling (RFC 2632) (27925 bytes) obsoleted by RFC 3850
    S/MIME Version 3 Message Specification (RFC 2633) (67870 bytes) obsoleted by RFC 3851
    Enhanced Security Services for S/MIME (RFC 2634) (131153 bytes)
    Methods for Avoiding the 'Small-Subgroup' Attacks on the Diffie-Hellman Key Agreement Method for S/MIME (RFC 2785) (24415 bytes)
    Use of the KEA and SKIPJACK Algorithms in CMS (RFC 2876) (29265 bytes)
    Use of the CAST-128 Encryption Algorithm in CMS (RFC 2984) (11591 bytes)
    Use of the IDEA Encryption Algorithm in CMS (RFC 3058) (17257 bytes)
    Electronic Signature Policies (RFC 3125) (95505 bytes)
    Domain Security Services using S/MIME (RFC 3183) (57129 bytes)
    Electronic Signature Formats for long term electronic signatures (RFC 3126) (175886 bytes)
    Reuse of CMS Content Encryption Keys (RFC 3185) (20404 bytes)
    Triple-DES and RC2 Key Wrapping (RFC 3217) (19855 bytes)
    Password-based Encryption for SMS (RFC 3211) (30527 bytes) obsoleted by RFC 3369
    Preventing the Million Message Attack on CMS (RFC 3218) (16047 bytes)
    Use of ECC Algorithms in CMS (RFC 3278) (33779 bytes)
    Compressed Data Content Type for Cryptographic Message Syntax (CMS) (RFC 3274) (11276 bytes)
    Cryptographic Message Syntax (RFC 3369) (113975 bytes) obsoletes RFC 2630,RFC 3211/ obsoleted by RFC 3852
    Cryptographic Message Syntax (CMS) Algorithms (RFC 3370) (51001 bytes)
    Advanced Encryption Standard (AES) Key Wrap Algorithm (RFC 3394) (73072 bytes)
    Implementing Company Classification Policy with the S/MIME Security Label (RFC 3114) (27764 bytes)
    Wrapping a Hashed Message Authentication Code (HMAC) key with a Triple-Data Encryption Standard (DES) Key or an Advanced Encryption Standard (AES)Key (RFC 3537) (16885 bytes)
    Use of the RSAES-OAEP Key Transport Algorithm in Cryptographic Message Syntax (CMS) (RFC 3560) (37381 bytes)
    Use of the Advanced Encryption Standard (AES)Encryption Algorithm in Cryptographic Message Syntax (CMS) (RFC 3565) (26773 bytes)
    Use of the Camellia Encryption Algorithm in CMS (RFC 3657) (26282 bytes)
    S/MIME Version 3.1 Message Specification (RFC 3851) (79612 bytes) obsoletes RFC 2633
    S/MIME Version 3.1 Certificate Handling (RFC 3850) (37446 bytes) obsoletes RFC 2632
    Cryptographic Message Syntax (CMS) (RFC 3852) (124168 bytes) obsoletes RFC 3369
    Securing X.400 Content with S/MIME (RFC 3854) (32801 bytes)
    Transporting S/MIME Objects in X.400 (RFC 3855) (25774 bytes)
    Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS) (RFC 4010) (22403 bytes)
    Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) (RFC 4056) (11514 bytes)
    Examples of S/MIME Messages (RFC 4134) (325865 bytes)
    X.509 Certificate Extension for Secure/Multipurpose Internet Mail Extensions (S/MIME) Capabilities (RFC 4262) (9801 bytes)
    Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94 and GOST R 34.10-2001 Algorithms with the Cryptographic Message Syntax (CMS) (RFC 4490) (54912 bytes)
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.