Internet Draft Editor: Peter Gutmann
draft-ietf-smime-compression-06.txt University of Auckland
August 30, 2001
Expires February 2002A new Request for Comments is now available in online RFC libraries.
RFC 3274
Title: Compressed Data Content Type for CMS
Status of this memo
Cryptographic Message Syntax (CMS)
Author(s): P. Gutmann
Status: Standards Track
Date: June 2002
Mailbox: pgut001@cs.auckland.ac.nz
Pages: 6
Characters: 11276
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-smime-compression-07.txt
URL: ftp://ftp.rfc-editor.org/in-notes/rfc3274.txt
This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.
Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups. Note that other
groups may also distribute working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for defines a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference material
or to cite them other than format for using compressed data as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
Abstract
The a
Cryptographic Message Syntax data format doesn't currently contain
any provisions for compressing data before processing it. (CMS) content type. Compressing data
before transmission provides a number of advantages advantages, including the
elimination of data redundancy which could help an attacker, speeding
up processing by reducing the amount of data to be processed by later
steps such (such as signing or encryption, encryption), and reducing overall message
size. Although there have been proposals for adding compression at
other levels (for example at the MIME or SSL level) level), these don't
address the problem of compression of CMS content unless the
compression is supplied by an external means (for example by
intermixing MIME and CMS).
This document defines a format for using compressed data as a
CMS content type.
1. Introduction
This document describes a compressed data content type for CMS. This is implemented as a new ContentInfo type and is an extension to the
types currently defined in CMS [RFC2630]. Future implementations of
CMS should include this extension.
The format of the messages are described in ASN.1 [ASN1].
The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in [RFC2119].
1.1 Compressed Data Content Type
The compressed-data content type consists of content of any type
compressed using a specified algorithm. The following object
identifier identifies the compressed-data content type:
id-ct-compressedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 9 }
The compressed-data content type shall have ASN.1 type CompressedData:
CompressedData ::= SEQUENCE {
version CMSVersion,
compressionAlgorithm CompressionAlgorithmIdentifier,
encapContentInfo EncapsulatedContentInfo
}
The fields product of type CompressedData have the following meanings:
version is the syntax version number. It MUST be 0. Details S/MIME Mail Security Working Group
of the
CMSVersion type are discussed in CMS [RFC2630], section 10.2.5.
compressionAlgorithm IETF.
This is now a compression algorithm identifier, as
defined in section 2.
encapContentInfo is the content which is compressed. Details of the
EncapsulatedContentInfo type are discussed in CMS [RFC2630], section
5.2.
Implementations SHOULD use the SMIMECapabilities attribute to indicate
their ability to process compressed content types. Details of
SMIMECapabilities are discussed in MSG [RFC2633], section 2.5.2
A compression SMIMECapability consists of the AlgorithmIdentifier for
the supported compression algorithm, in the case of the algorithm
specified in this Proposed Standard Protocol.
This document this is id-alg-zlibCompression as specified
in section 2. Alternatively, the use of compression may be handled by
prior arrangement (for example as part of specifies an interoperability profile).
The SMIMECapability SEQUENCE representing the ability to process
content compressed with the algorithm identified by id-alg-
zlibCompression MUST be DER-encoded as the following hexadecimal
string:
30 0D 06 0B 2A 86 48 86 F7 0D 01 09 10 03 08
(but see also Internet standards track protocol for
the implementation note in section 2.1).
2. Compression Types
CMS implementations SHOULD include ZLIB [RFC1950] [RFC1951], which is
free of any intellectual property restrictions Internet community, and has a freely-
available, portable requests discussion and efficient reference implementation. The
following object identifier identifies ZLIB:
id-alg-zlibCompress OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 8 }
This algorithm has no parameters. The parameters field SHOULD be
encoded as omitted, but MAY be encoded as NULL (see the implemenation
note in section 2.1).
2.1. Implementation notes
ZLIB allows suggestions
for a number of compression levels ranging from good but
slow compression to less good but fast compression. The compression
level is always compatible with the decompression algorithm, so there
is no need improvements. Please refer to specify the compression level as an algorithm parameter.
There are two possible encodings for the ZLIB null parameters field
which arise from the fact that when current edition of the 1988 syntax
"Internet Official Protocol Standards" (STD 1) for
AlgorithmIdentifier was translated into the 1997 syntax, the OPTIONAL
associated with the AlgorithmIdentifier parameters got lost. Later it
was recovered via a defect report, but by then everyone thought that
algorithm parameters were mandatory. Because
standardization state and status of this some
implementations will encode null parameters as an ASN.1 NULL element
and some will omit them entirely (see for example section 12 protocol. Distribution
of CMS
[RFC2630]). Although the correct encoding this memo is to omit the parameters
field, implementations may encounter encodings which use an ASN.1 NULL
element for the parameters.
3. Security Considerations unlimited.
This RFC announcement is not concerned with security, except for the fact that
compressing data before encryption can enhance the security provided by
other processing steps by reducing the quantity of known plaintext
available to an attacker.
4. IANA Considerations
The CompressedData content type and compression algorithms are
identified by object identifiers (OIDs). OIDs were assigned from an
arc contributed sent to the S/MIME Working Group by IETF list and the RSA Security.
Should additional compression algorithms RFC-DIST list.
Requests to be introduced, the advocates
for such algorithms are expected added to assign the necessary OIDs or deleted from
their own arcs. No action by the IANA is necessary for this document
or any anticipated updates.
Author Address
Peter Gutmann
University of Auckland
Private Bag 92019
Auckland, New Zealand
pgut001@cs.auckland.ac.nz
References
ASN1 CCITT Recommendation X.208: Specification of Abstract Syntax
Notation One (ASN.1), 1988.
RFC2119 Key Words for Use in RFC's IETF distribution list
should be sent to Indicate Requirement Levels,
S.Bradner, March 1997.
RFC1950 ZLIB Compressed Data Format Specification version 3.3,
P.Deutsch and J-L Gailly, May 1996.
RFC1951 DEFLATE Compressed Data Format Specification version 1.3,
P.Deutsch, May 1996.
RFC2630 Cryptographic Message Syntax, R.Housley, June 1999.
RFC2633 S/MIME Version 3 Message Specification, B.Ramsdell, June
1999.
Appendix A: ASN.1 Module
CompressedDataContent
{ iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
smime(16) modules(0) compress(11) }
DEFINITIONS IMPLICIT TAGS ::=
BEGIN
IMPORTS
CMSVersion, EncapsulatedContentInfo FROM CryptographicMessageSyntax
{ iso(1) member-body(2) us(840) rsadsi(113549)
pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) }
AlgorithmIdentifier FROM AuthenticationFramework
{ joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 3 };
CompressedData ::= SEQUENCE {
version CMSVersion, -- Always set IETF-REQUEST@IETF.ORG. Requests to 0
compressionAlgorithm CompressionAlgorithmIdentifier,
encapContentInfo EncapsulatedContentInfo
}
CompressionAlgorithmIdentifier ::= AlgorithmIdentifier
-- Algorithm Identifiers
id-alg-zlibCompress OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 8 }
-- Content Type Object Identifiers
id-ct-compressedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 9 }
END
Full Copyright Statement
Copyright (C) The Internet Society 2001. All Rights Reserved.
This document and translations of it may be copied and furnished
added to
others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind,
provided that deleted from the above copyright notice and this paragraph are
included RFC-DIST distribution list should
be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG.
Details on all such copies and derivative works. However, this
document itself obtaining RFCs via FTP or EMAIL may not be modified in any way, such as obtained by removing the
copyright notice or references sending
an EMAIL message to rfc-info@RFC-EDITOR.ORG with the Internet Society or other
Internet organizations, except as needed message body
help: ways_to_get_rfcs. For example:
To: rfc-info@RFC-EDITOR.ORG
Subject: getting rfcs
help: ways_to_get_rfcs
Requests for special distribution should be addressed to either the purpose
author of developing
Internet standards in which case the procedures for copyrights defined RFC in the Internet Standards process must be followed, question, or as required to
translate it into languages other than English.
The limited permissions granted above RFC-Manager@RFC-EDITOR.ORG. Unless
specifically noted otherwise on the RFC itself, all RFCs are perpetual and will not for
unlimited distribution.echo
Submissions for Requests for Comments should be
revoked by the Internet Society or its successors or assigns.
This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE. sent to
RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC
Authors, for further information.