S/MIME Mail Security (smime)

Last Modified: 2010-01-25

Additional information is available at tools.ietf.org/wg/smime

Chair(s):

Security Area Director(s):

Security Area Advisor:

Mailing Lists:

General Discussion: smime@ietf.org
To Subscribe: smime-request@ietf.org
Archive: http://www.ietf.org/mail-archive/web/smime/current/maillist.html

Description of Working Group:

The S/MIME Working Group has completed a series of Proposed Standards
that comprise the S/MIME version 3.1 specification. As part of the
specification update, a new suite of "mandatory to implement"
algorithms
was be selected. Current efforts update and build upon these base
specifications.

The Cryptographic Message Syntax (CMS) (RFC 3852) is cryptographic
algorithm independent, yet there is always more than one way to use any
algorithm. To ensure interoperability, each algorithm should have a
specification that describes its use with CMS. Specifications for the
use of additional cryptographic algorithms will be developed.

CMS, as well as S/MIME version 3 and later, permit the use of
previously
distributed symmetric key-encryption keys. Specifications for the
distribution of symmetric key-encryption keys to multiple message
recipients will be developed. Mail List Agents (MLAs) are one use of
symmetric key-encryption keys. The specification will be algorithm
independent.

To aid initial determination of recipient's cryptographic capabilities
a
specification will be developed allowing S/MIME capabilities to be
stored and asserted in X.509 certificates based on the X.509
certificate
and CRL profile developed by the PKIX Working Group.

The working group will perform necessary interoperability testing to
progress the CMS and S/MIME specifications to Draft Standard. The CMS
specification depends on the RFC 3280, which was developed by the PKIX
working group. This profile must progress to Draft Standard before CMS
and the other S/MIME specifications can progress to Draft Standard.
Assuming timely progress by the PKIX Working Group, the S/MIME
specification can start progressing to Draft Standard in 2005.

Goals and Milestones:

Done  First draft of security label usage specification.
Done  First draft of CMS RecipientInfo extension.
Done  Last call on KEA and SKIPJACK algorithm specification.
Done  Last call on small subgroup attack avoidance
Done  First draft of CAST algorithm specification.
Done  Last call on certificate distribution specification.
Done  First draft of mail list key distribution.
Done  Submit KEA and SKIPJACK algorithm specification as Informational RFC.
Done  Submit small subgroup attack avoidance as Informational RFC
Done  Last call on CAST algorithm specification.
Done  Updated draft of domain security services document.
Done  Last call on security label usage specification.
Done  Last call on IDEA algorithm specification.
Done  Last call on CMS RecipientInfo extension.
Done  Last call on mail list key distribution.
Done  Submit CAST algorithm specification as Informational RFC.
Done  Submit security label usage specification as Informational RFC.
Done  Submit IDEA algorithm specification as Informational RFC.
Done  Submit CMS RecipientInfo extension to IESG for consideration as a Proposed Standard.
Done  Last call on domain security services document.
Done  Submit domain security services as Experimental RFC.
Done  Submit mail list key distribution as a Proposed Standard
Done  Submit X.400 CMS wrapper specification as a Proposed Standard
Done  Submit HMAC key wrap description as Proposed Standard
Done  Submit RSA OAEP algorithm specification as Proposed Standard
Done  Sumbit AES algorithm specification as Proposed Standard
Done  Submit X.400 transport as a Proposed Standard
Done  Last call on CMS and ESS examples document
Done  First draft of RSA KEM algorithm specification
Done  Submit update to MSG as Proposed Standard
Done  Submit update to CERT as Proposed Standard
Done  Last call on RSA PSS algorithm specification
Done  Submit RSA PSS algorithm specification as Proposed Standard
Done  First draft of S/MIME Capabilities Certificate Extension
Done  Working Group Last Call for S/MIME Capabilities Certificate Extension
Done  Submit S/MIME Capabilities Certificate Extension as Informational RFC
Done  Submit SHA-2 algorithms with CMS as Proposed Standard
Done  Submit S/MIME Certificate Handling as Proposed Standard
Done  Submit S/MIME Message Specification as Proposed Standard
Dec 2008  Submit necessary algorithms documents* as Draft Standard
Dec 2008  Submit Enhanced Security Services as Draft Standard
Dec 2008  Submit S/MIME Message Specification as Draft Standard
Dec 2008  Submit S/MIME Certificate Handling as Draft Standard
Done  Submit CMS as Draft Standard

Internet-Drafts:

Use of the RSA-KEM Key Transport Algorithm in CMS (53621 bytes)
New ASN.1 Modules for CMS and S/MIME (104949 bytes)

Request For Comments:

S/MIME Version 2 Message Specification (RFC 2311) (70901 bytes)
S/MIME Version 2 Certificate Handling (RFC 2312) (39829 bytes)
Cryptographic Message Syntax (RFC 2630) (128599 bytes) obsoleted by RFC 3369
Diffie-Hellman Key Agreement Method (RFC 2631) (25932 bytes)
S/MIME Version 3 Certificate Handling (RFC 2632) (27925 bytes) obsoleted by RFC 3850
S/MIME Version 3 Message Specification (RFC 2633) (67870 bytes) obsoleted by RFC 3851
Enhanced Security Services for S/MIME (RFC 2634) (131153 bytes) updated by RFC 5035
Methods for Avoiding the 'Small-Subgroup' Attacks on the Diffie-Hellman Key Agreement Method for S/MIME (RFC 2785) (24415 bytes)
Use of the KEA and SKIPJACK Algorithms in CMS (RFC 2876) (29265 bytes)
Use of the CAST-128 Encryption Algorithm in CMS (RFC 2984) (11591 bytes)
Use of the IDEA Encryption Algorithm in CMS (RFC 3058) (17257 bytes)
Electronic Signature Policies (RFC 3125) (95505 bytes)
Domain Security Services using S/MIME (RFC 3183) (57129 bytes)
Electronic Signature Formats for long term electronic signatures (RFC 3126) (175886 bytes) obsoleted by RFC 5126
Reuse of CMS Content Encryption Keys (RFC 3185) (20404 bytes)
Triple-DES and RC2 Key Wrapping (RFC 3217) (19855 bytes)
Password-based Encryption for SMS (RFC 3211) (30527 bytes) obsoleted by RFC 3369
Preventing the Million Message Attack on CMS (RFC 3218) (16047 bytes)
Use of ECC Algorithms in CMS (RFC 3278) (33779 bytes) obsoleted by RFC 5753
Compressed Data Content Type for Cryptographic Message Syntax (CMS) (RFC 3274) (11276 bytes)
Cryptographic Message Syntax (CMS) Algorithms (RFC 3370) (51001 bytes) updated by RFC 5754
Cryptographic Message Syntax (RFC 3369) (113975 bytes) obsoletes RFC 2630,RFC 3211/ obsoleted by RFC 3852
Advanced Encryption Standard (AES) Key Wrap Algorithm (RFC 3394) (73072 bytes)
Implementing Company Classification Policy with the S/MIME Security Label (RFC 3114) (27764 bytes)
Wrapping a Hashed Message Authentication Code (HMAC) key with a Triple-Data Encryption Standard (DES) Key or an Advanced Encryption Standard (AES)Key (RFC 3537) (16885 bytes)
Use of the Advanced Encryption Standard (AES)Encryption Algorithm in Cryptographic Message Syntax (CMS) (RFC 3565) (26773 bytes)
Use of the RSAES-OAEP Key Transport Algorithm in Cryptographic Message Syntax (CMS) (RFC 3560) (37381 bytes)
Use of the Camellia Encryption Algorithm in CMS (RFC 3657) (26282 bytes)
S/MIME Version 3.1 Certificate Handling (RFC 3850) (37446 bytes) obsoletes RFC 2632/ obsoleted by RFC 5750
S/MIME Version 3.1 Message Specification (RFC 3851) (79612 bytes) obsoletes RFC 2633/ obsoleted by RFC 5751
Cryptographic Message Syntax (CMS) (RFC 3852) (124168 bytes) obsoletes RFC 3369/ obsoleted by RFC 5652/ updated by RFC 4853
Transporting S/MIME Objects in X.400 (RFC 3855) (25774 bytes)
Securing X.400 Content with S/MIME (RFC 3854) (32801 bytes)
Use of the SEED Encryption Algorithm in Cryptographic Message Syntax (CMS) (RFC 4010) (22403 bytes)
Use of the RSASSA-PSS Signature Algorithm in Cryptographic Message Syntax (CMS) (RFC 4056) (11514 bytes)
Examples of S/MIME Messages (RFC 4134) (325865 bytes)
X.509 Certificate Extension for Secure/Multipurpose Internet Mail Extensions (S/MIME) Capabilities (RFC 4262) (9801 bytes)
Using the GOST 28147-89, GOST R 34.11-94, GOST R 34.10-94 and GOST R 34.10-2001 Algorithms with the Cryptographic Message Syntax (CMS) (RFC 4490) (54912 bytes)
Cryptographic Message Syntax (CMS) Multiple Signer Clarification (RFC 4853) (10146 bytes) updates RFC 3852
Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility (RFC 5035) (32674 bytes) updates RFC 2634
Using AES-CCM and AES-GCM Authenticated Encryption in the Cryptographic Message Syntax (CMS) (RFC 5084) (21821 bytes)
Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type (RFC 5083) (22810 bytes)
CMS Advanced Electronic Signatures (CAdES) (RFC 5126) (309173 bytes) obsoletes RFC 3126
CMS Symmetric Key Management and Distribution (RFC 5275) (207920 bytes)
Using the Boneh-Franklin and Boneh-Boyen Identity-Based Encryption Algorithms with the Cryptographic Message Syntax (CMS) (RFC 5409) (25481 bytes)
Identity-Based Encryption Architecture and Supporting Data Structures (RFC 5408) (61973 bytes)
Cryptographic Message Syntax (CMS) (RFC 5652) (126813 bytes) obsoletes RFC 3852
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Certificate Handling (RFC 5750) (48716 bytes) obsoletes RFC 3850
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification (RFC 5751) (98638 bytes) obsoletes RFC 3851
Multiple Signatures in Cryptographic Message Syntax (CMS) (RFC 5752) (34502 bytes)
Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS) (RFC 5753) (112095 bytes) obsoletes RFC 3278
Using SHA2 Algorithms with Cryptographic Message Syntax (RFC 5754) (21543 bytes) updates RFC 3370

Internet SocietyAMSHome - Tools - Datatracker - IASA - IAB - RFC Editor - IANA - IRTF - IETF Trust - ISOC - Contact Us
Secretariat services provided by Association Management Solutions, LLC (AMS).
Please send problem reports to: ietf-action@ietf.org.