idnits 2.17.1 draft-ietf-acme-email-smime-14.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (February 15, 2021) is 1137 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'RFCXXXX' is mentioned on line 441, but not defined ** Obsolete normative reference: RFC 2818 (Obsoleted by RFC 9110) Summary: 1 error (**), 0 flaws (~~), 2 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Melnikov 3 Internet-Draft Isode Ltd 4 Intended status: Informational February 15, 2021 5 Expires: August 19, 2021 7 Extensions to Automatic Certificate Management Environment for end-user 8 S/MIME certificates 9 draft-ietf-acme-email-smime-14 11 Abstract 13 This document specifies identifiers and challenges required to enable 14 the Automated Certificate Management Environment (ACME) to issue 15 certificates for use by email users that want to use S/MIME. 17 Status of This Memo 19 This Internet-Draft is submitted in full conformance with the 20 provisions of BCP 78 and BCP 79. 22 Internet-Drafts are working documents of the Internet Engineering 23 Task Force (IETF). Note that other groups may also distribute 24 working documents as Internet-Drafts. The list of current Internet- 25 Drafts is at https://datatracker.ietf.org/drafts/current/. 27 Internet-Drafts are draft documents valid for a maximum of six months 28 and may be updated, replaced, or obsoleted by other documents at any 29 time. It is inappropriate to use Internet-Drafts as reference 30 material or to cite them other than as "work in progress." 32 This Internet-Draft will expire on August 19, 2021. 34 Copyright Notice 36 Copyright (c) 2021 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (https://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with respect 44 to this document. Code Components extracted from this document must 45 include Simplified BSD License text as described in Section 4.e of 46 the Trust Legal Provisions and are provided without warranty as 47 described in the Simplified BSD License. 49 Table of Contents 51 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 52 2. Conventions Used in This Document . . . . . . . . . . . . . . 3 53 3. Use of ACME for issuing end-user S/MIME certificates . . . . 3 54 3.1. ACME challenge email . . . . . . . . . . . . . . . . . . 5 55 3.2. ACME response email . . . . . . . . . . . . . . . . . . . 7 56 3.3. Generating encryption only or signing only S/MIME 57 certificates . . . . . . . . . . . . . . . . . . . . . . 9 58 4. Internationalization Considerations . . . . . . . . . . . . . 9 59 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 60 5.1. ACME Identifier Type . . . . . . . . . . . . . . . . . . 10 61 5.2. ACME Challenge Type . . . . . . . . . . . . . . . . . . . 10 62 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 63 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 64 7.1. Normative References . . . . . . . . . . . . . . . . . . 12 65 7.2. Informative References . . . . . . . . . . . . . . . . . 14 66 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 15 67 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 15 69 1. Introduction 71 ACME [RFC8555] is a mechanism for automating certificate management 72 on the Internet. It enables administrative entities to prove 73 effective control over resources like domain names, and automates the 74 process of generating and issuing certificates. 76 This document describes an extension to ACME for use by S/MIME. 77 Section 3 defines extensions for issuing end-user S/MIME [RFC8550] 78 certificates. 80 This document aims to support both: 82 1. A Mail User Agent (MUA) which has built-in ACME client which is 83 aware of the extension described in this document. (We will call 84 such MUAs "ACME-email-aware".) Such MUA can present nice User 85 Interface to the user and automate certificate issuance. 87 2. A MUA which is not ACME aware, with a separate ACME client 88 implemented in a command line tool or as a part of a website. 89 While S/MIME certificate issuance is not going to be as painless 90 as in the case of the ACME-email-aware MUA, the extra burden on a 91 user is going to be minimal. 93 2. Conventions Used in This Document 95 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 96 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 97 document are to be interpreted as described in [RFC2119]. 99 3. Use of ACME for issuing end-user S/MIME certificates 101 ACME [RFC8555] defines a "dns" Identifier Type that is used to verify 102 that a particular entity has control over a domain or specific 103 service associated with the domain. In order to be able to issue 104 end-user S/MIME certificates, ACME needs a new Identifier Type that 105 proves ownership of an email address. 107 This document defines a new Identifier Type "email" which corresponds 108 to an email address. The address can be all ASCII [RFC5321] or 109 internationalized [RFC6531]; when an internationalized email address 110 is used, the domain part can contain both U-labels and A-labels 111 [RFC5890]. This can be used with S/MIME or other similar service 112 that requires possession of a certificate tied to an email address. 114 Any identifier of type "email" in a newOrder request MUST NOT have a 115 wildcard ("*") character in its value. 117 A new challenge type "email-reply-00" is used with "email" Identifier 118 Type, which provides proof that an ACME client has control over an 119 email address. 121 The process of issing an S/MIME certificate works as follows. Note 122 that the ACME client can be a standalone application (if the MUA is 123 not ACME-email-aware) or can be a component of the MUA. 125 1. An end-user initiates issuance of an S/MIME certificate for one 126 of her email addresses. This might be done using email client 127 UI, by running a command line tool, by visiting a Certificate 128 Authority web page, etc. This document doesn't prescribe 129 specific UI used to initiate S/MIME certificate issuance or 130 where the ACME client is located. 132 2. The ACME-email-aware client component begins the certificate 133 issuance process by sending a POST request to the server's 134 newOrder resource, including the identifier of type "email". 135 See Section 7.4 of [RFC8555] for more details. 137 3. The ACME server responds to the POST request, including an 138 "authorizations" URL for the requested email address. The ACME 139 client then retrieves information about the corresponding 140 "email-reply-00" challenge as specified in Section 7.5 of 142 [RFC8555]. The "token" field of the corresponding challenge 143 object (from the "challenges" array) contains token-part2. 144 token-part2 should contain at least 128 bits of entropy. The 145 "type" field of the challenge object is "email-reply-00". The 146 challenge object also contains the "from" field, with the email 147 address that would be used in the From header field of the 148 "challenge" email message (see the next step). 150 An example Challenge object might look like this: 152 { 153 "type": "email-reply-00", 154 "url": "https://example.com/acme/chall/ABprV_B7yEyA4f", 155 "from": "acme-challenge+2i211oi1204310@example.com", 156 "token": "DGyRejmCefe7v4NfDGDKfA" 157 } 159 4. After responding to the authorization request the ACME server 160 generates another token and a "challenge" email message with the 161 subject "ACME: ", where is the 162 base64url encoded [RFC4648] form of the token. The ACME server 163 MUST generate a fresh token for each S/MIME issuance request 164 (authorization request), and token-part1 MUST contain at least 165 128 bits of entropy. The "challenge" email message structure is 166 described in more details in Section 3.1. 168 5. The MUA retrieves and parses the "challenge" email message. If 169 the MUA is ACME-email-aware, it ignores any "challenge" email 170 that is not expected, e.g. if there is no ACME certificate 171 issuance pending. The ACME-email-aware MUA also ignores any 172 "challenge" email that has the Subject header field which 173 indicates that it is an email reply, e.g. a subject starting 174 with the reply prefix "Re:". 176 6. The ACME client concatenates "token-part1" (received over email) 177 and "token-part2" (received over HTTPS [RFC2818]) to create the 178 ACME "token", calculates keyAuthorization (as per Section 8.1 of 179 [RFC8555]), then returns the base64url encoded SHA-256 digest 180 [FIPS180-4] of the key authorization. The MUA returns the 181 base64url encoded SHA-256 digest obtained from the ACME client 182 in the body of a "response" email message. The "response" email 183 message structure is described in more details in Section 3.2. 184 If the MUA is ACME-email-aware, it MUST NOT respond to the same 185 "challenge" email more than once. 187 7. Once the MUA sends the "response" email, the ACME client 188 notifies the ACME server by POST to the challenge URL ("url" 189 field). 191 8. The ACME client can start polling the authorization URL (using 192 POST-as-GET requests) to see if the ACME server received and 193 validated the "response" email message. (See Section 7.5.1 of 194 [RFC8555] for more details.) If the "status" field of the 195 challenge switches to "valid", then the ACME client can proceed 196 with request finalization. The Certificate Signing Request 197 (CSR) MUST indicate the exact same set of requested identifiers 198 as the initial newOrder request. For an identifier of type 199 "email", the PKCS#10 [RFC2986] CSR MUST contain the requested 200 email address in an extensionRequest attribute [RFC2985] 201 requesting a subjectAltName extension. Such email address MUST 202 also match the From header field value of the "response" email 203 message. 205 9. In order to request generation of signing only or encryption 206 only S/MIME certificates (as opposed to requesting generation of 207 S/MIME certificates suitable for both), the CSR needs to include 208 the key usage extension (see Section 4.4.2 of [RFC8550]. This 209 is described in more details in Section 3.3. 211 10. If a request to finalize an order is successful, the ACME server 212 will return a 200 (OK) with an updated order object. If the 213 certificate is issued successfully, i.e. if the order "status" 214 is "valid", then the ACME client can download the issued S/MIME 215 certificate from the URL specified in the "certificate" field. 217 3.1. ACME challenge email 219 A "challenge" email message MUST have the following structure: 221 1. The message Subject header field has the following syntax: "ACME: 222 ", where the prefix "ACME:" is followed by folding 223 white space (FWS, see [RFC5322]) and then by , which 224 is the base64url encoded first part of the ACME token that MUST 225 be at least 128 bits long after decoding. Due to the recommended 226 78-octet line length limit in [RFC5322], the subject line can be 227 folded, so whitespaces (if any) within the MUST be 228 ignored. [RFC2231] encoding of the message Subject header field 229 MUST be supported, and when used, only the "UTF-8" and "US-ASCII" 230 charsets are allowed: other charsets MUST NOT be used. US-ASCII 231 charset SHOULD be used. 233 2. The From header field MUST be the same email address as specified 234 in the "from" field of the challange object. 236 3. The To header field MUST be the email address of the entity that 237 requested the S/MIME certificate to be generated. 239 4. The message MAY contain a Reply-To and/or CC header fields. 241 5. The message MUST include the "Auto-Submitted: auto-generated" 242 header field [RFC3834]. To aid in debugging (and in for some 243 implementations to make automated processing easier) the "Auto- 244 Submitted" header field SHOULD include the "type=acme" parameter. 245 It MAY include other optional parameters as allowed by the syntax 246 of the Auto-Submitted header field. 248 6. In order to prove authenticity of a challenge message, it MUST be 249 signed using either DKIM [RFC6376] or S/MIME [RFC8551]. 251 If DKIM signing is used, the resulting DKIM-Signature header 252 field MUST contain the "h=" tag that includes at least "From", 253 "Sender", "Reply-To", "To", "CC", "Subject", "Date", "In- 254 Reply-To", "References", "Message-ID", "Auto-Submitted", 255 "Content-Type", and "Content-Transfer-Encoding" header fields. 256 The DKIM-Signature header field's "h=" tag SHOULD also include 257 "Resent-Date", "Resent-From", "Resent-To", "Resent-Cc", "List- 258 Id", "List-Help", "List-Unsubscribe", "List-Subscribe", "List- 259 Post", "List-Owner", "List-Archive" and "List-Unsubscribe- 260 Post" header fields. The domain from the "d=" tag of DKIM- 261 Signature header field MUST be the same as the domain from the 262 From header field of the "challenge" email. 264 If S/MIME signing is used, the certificate corresponding to 265 the signer MUST have an rfc822Name subjectAltName extension 266 with the value equal to the From header field email address of 267 the "challenge" email. 269 7. The body of the challenge message is not used for automated 270 processing, so it can be any media type. (However there are 271 extra requirements on S/MIME signing, if used. See below.) 272 Typically it is text/plain or text/html containing a human- 273 readable explanation of the purpose of the message. If S/MIME 274 signing is used to prove authenticity of the challenge message, 275 then the multipart/signed or "application/pkcs7-mime; smime- 276 type=signed-data;" media type should be used. Either way, it 277 MUST use S/MIME header protection. 279 An email client compliant with this specification that detects that a 280 particular "challenge" email fails validation described above MUST 281 ignore the challenge and thus will not generate any "response" email. 282 To aid in debugging such failed validations SHOULD be logged. 284 An example ACME "challenge" email (note that for simplicity DKIM 285 related header fields are not included). 287 Auto-Submitted: auto-generated; type=acme 288 Date: Sat, 5 Dec 2020 10:08:55 +0100 289 Message-ID: 290 From: acme-generator@example.org 291 To: alexey@example.com 292 Subject: ACME: LgYemJLy3F1LDkiJrdIGbEzyFJyOyf6vBdyZ1TG3sME= 293 Content-Type: text/plain 294 MIME-Version: 1.0 296 This is an automatically generated ACME challenge for email address 297 "alexey@example.com". If you haven't requested an S/MIME 298 certificate generation for this email address, be very afraid. 299 If you did request it, your email client might be able to process 300 this request automatically, or you might have to paste the first 301 token part into an external program. 303 Figure 1 305 3.2. ACME response email 307 A valid "response" email message MUST have the following structure: 309 1. The message Subject header field is formed as a reply to the ACME 310 "challenge" email (see Section 3.1). Its syntax is the same as 311 that of the challenge message except that it may be prefixed by a 312 US-ASCII reply prefix (typically "Re:") and folding white space 313 (FWS, see [RFC5322]), as is normal in reply messages. When 314 parsing the subject, ACME servers MUST decode [RFC2231] encoding 315 (if any) and then they can ignore any prefix before the "ACME:" 316 label. 318 2. The From: header field contains the email address of the user 319 that is requesting S/MIME certificate issuance. 321 3. The To: header field of the response contains the value from the 322 Reply-To: header field from the challenge message (if set) or 323 from the From: header field of the challenge message otherwise. 325 4. The Cc: header field is ignored if present in the "response" 326 email message. 328 5. The In-Reply-To: header field SHOULD be set to the Message-ID 329 header field of the challenge message according to rules in 330 Section 3.6.4 of [RFC5322]. 332 6. List-* header fields [RFC4021][RFC8058] MUST be absent (i.e., the 333 reply can't come from a mailing list) 335 7. The media type of the "response" email message is either text/ 336 plain or multipart/alternative [RFC2046] containing text/plain as 337 one of the alternatives. (Note that the requirement to support 338 multipart/alternative is to allow use of ACME-unaware MUAs which 339 can't always generate pure text/plain, e.g. if they reply to a 340 text/html). The text/plain body part (whether or not it is 341 inside multipart/alternative) MUST contain a block of lines 342 starting with the line "-----BEGIN ACME RESPONSE-----", followed 343 by one or more line containing the base64url-encoded SHA-256 344 digest [FIPS180-4] of the key authorization, calculated from 345 concatenated token-part1 (received over email) and token-part2 346 (received over HTTPS), as outlined in the 5th bullet in 347 Section 3. (Note that each line of text/plain is terminated by 348 CRLF. Bare LFs or bare CRs are not allowed.) Due to historical 349 line length limitations in email, line endings (CRLFs) can be 350 freely inserted in the middle of the encoded digest, so they MUST 351 be ignored when processing it.) The final line of the encoded 352 digest is followed by a line containing "-----END ACME 353 RESPONSE-----". Any text before and after this block is ignored. 354 For example such text might explain what to do with it for ACME- 355 unaware clients. 357 8. There is no need to use any Content-Transfer-Encoding other than 358 7bit for the text/plain body part. Use of Quoted-Printable or 359 base64 in a "response" email message is not necessary and should 360 be avoided, though it is permitted. 362 9. In order to prove authenticity of a response message, it MUST be 363 DKIM [RFC6376] signed. The resulting DKIM-Signature header field 364 MUST contain the "h=" tag that includes at least "From", 365 "Sender", "Reply-To", "To", "CC", "Subject", "Date", "In-Reply- 366 To", "References", "Message-ID", "Content-Type" and "Content- 367 Transfer-Encoding" header fields. The DKIM-Signature header 368 field's "h=" tag SHOULD also include "Resent-Date", "Resent- 369 From", "Resent-To", "Resent-Cc", "List-Id", "List-Help", "List- 370 Unsubscribe", "List-Subscribe", "List-Post", "List-Owner", "List- 371 Archive" and "List-Unsubscribe-Post" header fields. The domain 372 from the "d=" tag of DKIM-Signature header field MUST be the same 373 as the domain from the From header field of the "response" email. 375 Example ACME "response" email (note that for simplicity DKIM related 376 header fields are not included). 378 Date: Sat, 5 Dec 2020 12:01:45 +0100 379 Message-ID: <111-22222-3333333@example.com> 380 In-Reply-To: 381 From: alexey@example.com 382 To: acme-generator@example.org 383 Subject: Re: ACME: LgYemJLy3F1LDkiJrdIGbEzyFJyOyf6vBdyZ1TG3sME= 384 Content-Type: text/plain 385 MIME-Version: 1.0 387 -----BEGIN ACME RESPONSE----- 388 LoqXcYV8q5ONbJQxbmR7SCTNo3tiAXDfowy 389 jxAjEuX0= 390 -----END ACME RESPONSE----- 392 Figure 2 394 3.3. Generating encryption only or signing only S/MIME certificates 396 ACME extensions specified in this document can be used to request 397 signing only or encryption only S/MIME certificates. 399 In order to request signing only S/MIME certificate, the CSR MUST 400 include the key usage extension with digitalSignature and/or 401 nonRepudiation bits set and no other bits set. 403 In order to request encryption only S/MIME certificate, the CSR MUST 404 include the key usage extension with keyEncipherment or keyAgreement 405 bits set and no other bits set. 407 Presence of both of the above sets of key usage bits in the CSR, as 408 well as absence of key usage extension in the CSR, signals to ACME 409 server to issue an S/MIME certificate suitable for both signing and 410 encryption. 412 4. Internationalization Considerations 414 [RFC8616] updated/clarified use of DKIM with Internationalized Email 415 addresses [RFC6531]. Please consult RFC 8616 in regards to any 416 changes that need to be implemented. 418 Use of non ASCII characters in left hand sides of Internationalized 419 Email addresses requires putting Internationalized Email Addresses in 420 X.509 Certificates [RFC8398]. 422 5. IANA Considerations 424 5.1. ACME Identifier Type 426 IANA is requested to register a new Identifier type in the "ACME 427 Identifier Types" registry defined in Section 9.7.7 of [RFC8555] with 428 Label "email" and a Reference to [RFCXXXX], [RFC5321] and [RFC6531]. 429 The new Identifier Type corresponds to an (all ASCII) email address 430 [RFC5321] or Internationalized Email addresses [RFC6531]. 432 5.2. ACME Challenge Type 434 IANA is also requested to register a new entry in the "ACME 435 Validation Methods" registry defined in Section 9.7.8 of [RFC8555]. 436 This entry is as follows: 438 +----------------+-----------------+------+-----------+ 439 | Label | Identifier Type | ACME | Reference | 440 +----------------+-----------------+------+-----------+ 441 | email-reply-00 | email | Y | [RFCXXXX] | 442 +----------------+-----------------+------+-----------+ 444 6. Security Considerations 446 Please see Security Considerations of [RFC8555] for general security 447 considerations related to use of ACME. This challenge/response 448 protocol demonstrates that an entity that controls the private key 449 (corresponding to the public key in the certificate) also controls 450 the named email account. The ACME server is confirming that the 451 requested email address belongs to the entity that requested the 452 certificate, but this makes no claim to correctness or fitness-for- 453 purpose of the address. It such claims are needed they must be 454 obtained by some other mechanism. 456 The security of the "email-reply-00" challenge type depends on the 457 security of the email system. A third party that can read and reply 458 to user's email messages (by possessing a user's password or a secret 459 derived from it that can give read and reply access, such as 460 "password equivalent" information; or by being given permissions to 461 act on a user's behalf using email delegation feature common in some 462 email systems) can request S/MIME certificates using the protocol 463 specified in this document and is indistinguishable from the email 464 account owner. This has several possible implications: 466 1. an entity that compromised an email account would be able to 467 request S/MIME certificates using the protocol specified in this 468 document and such entity couldn't be distinguished from the 469 legitimate email account owner (unless some external sources of 470 information are consulted); 472 2. for email addresses with legitimate shared access/control by 473 multiple users, any such user would be able to request S/MIME 474 certificates using the protocol specified in this document and 475 such requests can't be attributed to a specific user without 476 consulting external systems (such as IMAP/SMTP access logs); 478 3. the protocol specified in this document is not suitable for use 479 with email addresses associated with mailing lists [RFC5321]. 480 While it is not always possible to guarantee that a particular 481 S/MIME certificate request is not from a mailing list address, 482 prohibition on inclusion of List-* header fields helps 483 Certificate Issuers to handle most common cases. 485 An email system in its turn depends on DNS. A third party that can 486 manipulate DNS MX records for a domain might be able to redirect 487 email and can get (at least temporary) read and reply access to it. 488 Similar considerations apply to DKIM TXT records in DNS. Use of 489 DNSSEC by email system administrators is recommended to avoid making 490 it easy to spoof DNS records affecting email system. However use of 491 DNSSEC is not ubiquitous at the time of publishing of this document, 492 so it is not required here. Also, many existing systems that rely on 493 verification of ownership of an email address, for example 2 factor 494 authentication systems used by banks or traditional certificate 495 issuance systems send email messages to email addresses, expecting 496 the owner to click on the link supplied in them (or to reply to a 497 message), without requiring use of DNSSEC. So the risk of not 498 requiring DNSSEC is presumed acceptable in this document. 500 An ACME email challenge message can be forged by an attacker. As per 501 requirements on an ACME-email-aware MUA specified in Section 3, the 502 MUA will not respond to requests it is not expecting. Even if the 503 attacker causes the erroneous "response" email to go to an attacker- 504 controlled email address, very little information is leaked -- the 505 SHA-256 hash of the key authorization, not the key authorization 506 itself, so no parts of the token or the the account key thumbprint 507 are leaked. 509 An attacker that can read the "response" email has only one chance to 510 guess the token-part2. Even if the attacker can guess it right, it 511 still needs to know the ACME account key to be able to make use of 512 the intercepted SHA-256 hash of the key authorization. 514 Also see Security Considerations section of [RFC6376] for details on 515 how DKIM depends on the DNS and the respective vulnerabilities this 516 dependence has. 518 7. References 520 7.1. Normative References 522 [FIPS180-4] 523 National Institute of Standards and Technology, "Secure 524 Hash Standard (SHS)", FIPS PUB 180-4, August 2015, 525 . 528 [RFC2046] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 529 Extensions (MIME) Part Two: Media Types", RFC 2046, 530 DOI 10.17487/RFC2046, November 1996, 531 . 533 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 534 Requirement Levels", BCP 14, RFC 2119, 535 DOI 10.17487/RFC2119, March 1997, 536 . 538 [RFC2231] Freed, N. and K. Moore, "MIME Parameter Value and Encoded 539 Word Extensions: Character Sets, Languages, and 540 Continuations", RFC 2231, DOI 10.17487/RFC2231, November 541 1997, . 543 [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, 544 DOI 10.17487/RFC2818, May 2000, 545 . 547 [RFC2985] Nystrom, M. and B. Kaliski, "PKCS #9: Selected Object 548 Classes and Attribute Types Version 2.0", RFC 2985, 549 DOI 10.17487/RFC2985, November 2000, 550 . 552 [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification 553 Request Syntax Specification Version 1.7", RFC 2986, 554 DOI 10.17487/RFC2986, November 2000, 555 . 557 [RFC3834] Moore, K., "Recommendations for Automatic Responses to 558 Electronic Mail", RFC 3834, DOI 10.17487/RFC3834, August 559 2004, . 561 [RFC4648] Josefsson, S., "The Base16, Base32, and Base64 Data 562 Encodings", RFC 4648, DOI 10.17487/RFC4648, October 2006, 563 . 565 [RFC5321] Klensin, J., "Simple Mail Transfer Protocol", RFC 5321, 566 DOI 10.17487/RFC5321, October 2008, 567 . 569 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 570 DOI 10.17487/RFC5322, October 2008, 571 . 573 [RFC5890] Klensin, J., "Internationalized Domain Names for 574 Applications (IDNA): Definitions and Document Framework", 575 RFC 5890, DOI 10.17487/RFC5890, August 2010, 576 . 578 [RFC6376] Crocker, D., Ed., Hansen, T., Ed., and M. Kucherawy, Ed., 579 "DomainKeys Identified Mail (DKIM) Signatures", STD 76, 580 RFC 6376, DOI 10.17487/RFC6376, September 2011, 581 . 583 [RFC6531] Yao, J. and W. Mao, "SMTP Extension for Internationalized 584 Email", RFC 6531, DOI 10.17487/RFC6531, February 2012, 585 . 587 [RFC8398] Melnikov, A., Ed. and W. Chuang, Ed., "Internationalized 588 Email Addresses in X.509 Certificates", RFC 8398, 589 DOI 10.17487/RFC8398, May 2018, 590 . 592 [RFC8550] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ 593 Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 594 Certificate Handling", RFC 8550, DOI 10.17487/RFC8550, 595 April 2019, . 597 [RFC8551] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ 598 Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 599 Message Specification", RFC 8551, DOI 10.17487/RFC8551, 600 April 2019, . 602 [RFC8555] Barnes, R., Hoffman-Andrews, J., McCarney, D., and J. 603 Kasten, "Automatic Certificate Management Environment 604 (ACME)", RFC 8555, DOI 10.17487/RFC8555, March 2019, 605 . 607 [RFC8616] Levine, J., "Email Authentication for Internationalized 608 Mail", RFC 8616, DOI 10.17487/RFC8616, June 2019, 609 . 611 7.2. Informative References 613 [RFC4021] Klyne, G. and J. Palme, "Registration of Mail and MIME 614 Header Fields", RFC 4021, DOI 10.17487/RFC4021, March 615 2005, . 617 [RFC8058] Levine, J. and T. Herkula, "Signaling One-Click 618 Functionality for List Email Headers", RFC 8058, 619 DOI 10.17487/RFC8058, January 2017, 620 . 622 Appendix A. Acknowledgements 624 Thank you to Andreas Schulze, Gerd v. Egidy, James A. Baker, Ben 625 Schwartz, Peter Yee, Hilarie Orman, Michael Jenkins, Barry Leiba, 626 Fraser Tweedale, Daniel Kahn Gillmor and Benjamin Kaduk for 627 suggestions, comments, and corrections on this document. 629 Author's Address 631 Alexey Melnikov 632 Isode Ltd 633 14 Castle Mews 634 Hampton, Middlesex TW12 2NP 635 UK 637 EMail: alexey.melnikov@isode.com