S/MIME Mail Security (smime)

Last Modified: 2007-05-21

Additional information is available at tools.ietf.org/wg/smime

Chair(s):

  • Sean Turner <turners@ieca.com>

  • Blake Ramsdell <blake@sendmail.com>

    Security Area Director(s):

  • Tim Polk <tim.polk@nist.gov>
  • Sam Hartman <hartmans-ietf@mit.edu>

    Security Area Advisor:

  • Tim Polk <tim.polk@nist.gov>

    Mailing Lists:

    General Discussion: ietf-smime@imc.org
    To Subscribe: ietf-smime-request@imc.org
    Archive: http://www.imc.org/ietf-smime/

    Description of Working Group:

    The S/MIME WG was established in the winter of 1997 to define MIME
    encapsulation techniques of objects whose format was based on PKCS#7
    (RFC2315). These encapsulation techniques can be used to provide
    security services for an arbitrary encapsulated content.

    Initially the Cryptographic Message Syntax (CMS) (RFC2630) was not
    algorithm independent; however, the 1st revision separated the syntax
    (RFC3369) and the algorithms (RFC3370) to allow the two to be
    updated without affecting one another. Since this split, other
    documents have been written to document the use of CMS with other
    algorithms (e.g., ECDSA, AES, GOST). Also since the initial CMS,
    additional key management techniques (e.g., password-based and an
    extensible type) and encapsulation techniques (e.g., compression) have
    been added and other documents have been written to add additional
    security services. CMS is also transport independent, and documents
    have been written to define a consistent way to transport MIME objects.

    The S/MIME specifications, one for the message specification and
    another for certificate handling, have been updated to migrate
    algorithms over time.

    Appropriate WG topics are as follows:

    - Specifications for the use of additional cryptographic algorithms
    with CMS.
    - Specifications that define additional CMS content types.
    - Specifications to document algorithm migration of S/MIME.
    - With the approval of the area director, specifications that define
    additional CMS security services.

    The WG will perform interoperability testing to progress the CMS and
    S/MIME Specifications to Draft Standard.

    Goals and Milestones:

    Done  First draft of security label usage specification.
    Done  First draft of CMS RecipientInfo extension.
    Done  Last call on KEA and SKIPJACK algorithm specification.
    Done  Last call on small subgroup attack avoidance
    Done  First draft of CAST algorithm specification.
    Done  Last call on certificate distribution specification.
    Done  First draft of mail list key distribution.
    Done  Submit KEA and SKIPJACK algorithm specification as Informational RFC.
    Done  Submit small subgroup attack avoidance as Informational RFC
    Done  Last call on CAST algorithm specification.
    Done  Updated draft of domain security services document.
    Done  Last call on security label usage specification.
    Done  Last call on IDEA algorithm specification.
    Done  Last call on CMS RecipientInfo extension.
    Done  Last call on mail list key distribution.
    Done  Submit CAST algorithm specification as Informational RFC.
    Done  Submit security label usage specification as Informational RFC.
    Done  Submit IDEA algorithm specification as Informational RFC.
    Done  Submit CMS RecipientInfo extension to IESG for consideration as a Proposed Standard.
    Done  Last call on domain security services document.
    Done  Submit domain security services as Experimental RFC.
    Done  Submit mail list key distribution as a Proposed Standard
    Done  Submit X.400 CMS wrapper specification as a Proposed Standard
    Done  Submit HMAC key wrap description as Proposed Standard
    Done  Submit RSA OAEP algorithm specification as Proposed Standard
    Done  Sumbit AES algorithm specification as Proposed Standard
    Done  Submit X.400 transport as a Proposed Standard
    Done  Last call on CMS and ESS examples document
    Done  First draft of RSA KEM algorithm specification
    Done  Submit update to MSG as Proposed Standard
    Done  Submit update to CERT as Proposed Standard
    Done  Last call on RSA PSS algorithm specification
    Done  Submit RSA PSS algorithm specification as Proposed Standard
    Done  First draft of S/MIME Capabilities Certificate Extension
    Done  Working Group Last Call for S/MIME Capabilities Certificate Extension
    Done  Submit S/MIME Capabilities Certificate Extension as Informational RFC
    Dec 2007  Submit SHA-2 algorithms with CMS as Proposed Standard
    Dec 2007  Submit S/MIME Certificate Handling as Proposed Standard
    Dec 2007  Submit S/MIME Message Specification as Proposed Standard
    Dec 2008  Submit CMS as Draft Standard
    Dec 2008  Submit necessary algorithms documents* as Draft Standard
    Dec 2008  Submit Enhanced Security Services as Draft Standard
    Dec 2008  Submit S/MIME Message Specification as Draft Standard
    Dec 2008  Submit S/MIME Certificate Handling as Draft Standard

    Internet-Drafts:

    CMS Symmetric Key Management and Distribution (212424 bytes)
    CMS Advanced Electronic Signatures (CAdES) (299493 bytes)
    ESS Update: Adding CertID Algorithm Agility (32701 bytes)
    Identity-based Encryption Architecture (55224 bytes)
    Using the Boneh-Franklin and Boneh-Boyen identity-based encryption algorithms with the Cryptographic Message Syntax (CMS) (31712 bytes)
    Multiple Signatures in S/MIME (35595 bytes)
    Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type (23002 bytes)
    Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) (21914 bytes)
    Using SHA2 Algorithms with Cryptographic Message Syntax (11554 bytes)

    Request For Comments:

    S/MIME Version 2 Message Specification (RFC 2311) (70901 bytes)
    S/MIME Version 2 Certificate Handling (RFC 2312) (39829 bytes)
    Cryptographic Message Syntax (RFC 2630) (128599 bytes) obsoleted by RFC 3369
    Diffie-Hellman Key Agreement Method (RFC 2631) (25932 bytes)
    S/MIME Version 3 Certificate Handling (RFC 2632) (27925 bytes) obsoleted by RFC 3850
    S/MIME Version 3 Message Specification (RFC 2633) (67870 bytes) obsoleted by RFC 3851
    Enhanced Security Services for S/MIME (RFC 2634) (131153 bytes)
    Methods for Avoiding the 'Small-Subgroup' Attacks on the Diffie-Hellman Key Agreement Method for S/MIME (RFC 2785) (24415 bytes)
    Use of the KEA and SKIPJACK Algorithms in CMS (RFC 2876) (29265 bytes)
    Use of the CAST-128 Encryption Algorithm in CMS (RFC 2984) (11591 bytes)
    Use of the IDEA Encryption Algorithm in CMS (RFC 3058) (17257 bytes)
    Electronic Signature Policies (RFC 3125) (95505 bytes)
    Domain Security Services using S/MIME (RFC 3183) (57129 bytes)
    Electronic Signature Formats for long term electronic signatures (RFC 3126) (175886 bytes)
    Reuse of CMS Content Encryption Keys (RFC 3185) (20404 bytes)
    Triple-DES and RC2 Key Wrapping (RFC 3217) (19855 bytes)
    Password-based Encryption for SMS (RFC 3211) (30527 bytes) obsoleted by RFC 3369
    Preventing the Million Message Attack on CMS (RFC 3218) (16047 bytes)
    Use of ECC Algorithms in CMS (RFC 3278) (33779 bytes)
    Compressed Data Content Type for Cryptographic Message Syntax (CMS) (RFC 3274) (11276 bytes)
    Cryptographic Message Syntax (RFC 3369) (113975 bytes) obsoletes RFC 2630,RFC 3211/ obsoleted by RFC 3852
    Cryptographic Message Syntax (CMS) Algorithms (RFC 3370) (51001 bytes)
    Advanced Encryption Standard (AES) Key Wrap Algorithm (RFC 3394) (73072 bytes)
    Implementing Company Classification Policy with the S/MIME Security Label (RFC 3114) (27764 bytes)
    Wrapping a Hashed Message Authentication Code (HMAC) key with a Triple-Data Encryption Standard (DES) Key or an Advanced Encryption Standard (AES)Key (RFC 3537) (16885 bytes)
    Use of the RSAES-OAEP Key Transport Algorithm in Cryptographic Message Syntax (CMS) (RFC 3560) (37381 bytes)
    Use of the Advanced Encryption Standard (AES)Encryption Algorithm in Cryptographic Message Syntax (CMS) (RFC 3565) (26773 bytes)
    Use of the Camellia Encryption Algorithm in CMS (RFC 3657) (26282 bytes)
    S/MIME Version 3.1 Message Specification (RFC 3851) (79612 bytes) obsoletes RFC 2633
    S/MIME Version 3.1 Certificate Handling (RFC 3850) (37446 bytes) obsoletes RFC 2632
    Cryptographic Message Syntax (CMS) (RFC 3852) (124168 bytes) obsoletes RFC 3369/ updated by RFC 4853
    Securing X.400 Content with S/MIME (RFC 3854) (32801 bytes)
    Transporting S/MIME Objects in X.400 (RFC 3855) (25774 bytes)
    Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS) (RFC 4010) (22403 bytes)
    Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) (RFC 4056) (11514 bytes)
    Examples of S/MIME Messages (RFC 4134) (325865 bytes)
    X.509 Certificate Extension for Secure/Multipurpose Internet Mail Extensions (S/MIME) Capabilities (RFC 4262) (9801 bytes)
    Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94 and GOST R 34.10-2001 Algorithms with the Cryptographic Message Syntax (CMS) (RFC 4490) (54912 bytes)
    Cryptographic Message Syntax (CMS) Multiple Signer Clarification (RFC 4853) (10146 bytes) updates RFC 3852
    IETF Secretariat - Please send questions, comments, and/or suggestions to ietf-web@ietf.org.

    Return to working group directory.

    Return to IETF home page.