idnits 2.17.1 

draft-ietf-smime-compression-01.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** Looks like you're using RFC 2026 boilerplate.  This must be updated to
     follow RFC 3978/3979, as updated by RFC 4748.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

  ** The document seems to lack a 1id_guidelines paragraph about 6 months
     document validity -- however, there's a paragraph with a matching
     beginning. Boilerplate error?

  == No 'Intended status' indicated for this document; assuming Proposed
     Standard

  == The page length should not exceed 58 lines per page, but there was 1
     longer page, the longest (page 1) being 187 lines


  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  ** The document seems to lack an IANA Considerations section.  (See Section
     2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
     when there are no actions for IANA.)

  ** The document seems to lack separate sections for Informative/Normative
     References.  All references will be assumed normative when checking for
     downward references.

  ** There are 2 instances of too long lines in the document, the longest one
     being 2 characters in excess of 72.

  ** The document seems to lack a both a reference to RFC 2119 and the
     recommended RFC 2119 boilerplate, even if it appears to use RFC 2119
     keywords -- however, there's a paragraph with a matching beginning.
     Boilerplate error?

     RFC 2119 keyword, line 48: '...entations of CMS SHOULD include this e...'
     RFC 2119 keyword, line 82: '...Implementations SHOULD use the SMIMECa...'


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
     match the current year

  == The "Author's Address" (or "Authors' Addresses") section title is
     misspelled.

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (February 2001) is 8468 days in the past.  Is this
     intentional?


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  -- Missing reference section? 'RFC 2630' on line 47 looks like a reference

  -- Missing reference section? 'ASN1' on line 50 looks like a reference

  -- Missing reference section? 'RFC2119' on line 55 looks like a reference

  -- Missing reference section? 'RFC 1950' on line 92 looks like a reference

  -- Missing reference section? 'RFC 1951' on line 92 looks like a reference


     Summary: 6 errors (**), 0 flaws (~~), 4 warnings (==), 7 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------

1	Internet Draft                                      Editor: Peter Gutmann
2	draft-ietf-smime-compression-01.txt                 University of Auckland
3	August 29, 2000
4	Expires February 2001

6	                   Compressed Data Content Type for S/MIME

8	Status of this memo

10	This document is an Internet-Draft and is in full conformance with all
11	provisions of Section 10 of RFC2026.

13	Internet-Drafts are working documents of the Internet Engineering Task
14	Force (IETF), its areas, and its working groups.  Note that other
15	groups may also distribute working documents as Internet-Drafts.

17	Internet-Drafts are draft documents valid for a maximum of six months
18	and may be updated, replaced, or obsoleted by other documents at any
19	time.  It is inappropriate to use Internet- Drafts as reference
20	material or to cite them other than as "work in progress."

22	The list of current Internet-Drafts can be accessed at
23	http://www.ietf.org/ietf/1id-abstracts.txt

25	The list of Internet-Draft Shadow Directories can be accessed at
26	http://www.ietf.org/shadow.html.

28	Abstract

30	The Cryptographic Message Syntax data format doesn't currently contain
31	any provisions for compressing data before processing it.  Compressing
32	data before transmission provides a number of advantages including the
33	elimination of data redundancy which could help an attacker, speeding
34	up processing by reducing the amount of data to be processed by later
35	steps such as signing or encryption, and reducing overall message size.
36	Although there have been proposals for adding compression at other
37	levels (for example at the MIME or SSL level) these don't address the
38	problem of compression of CMS content unless the compression is
39	supplied by an external means (for example by intermixing MIME and
40	CMS).  This document defines a format for using compressed data as a
41	CMS content type.

43	1. Introduction

45	This document describes a compressed data content encryption type for
46	S/MIME. This is implemented as a new ContentInfo type and is an
47	extension to the types currently defined in CMS [RFC 2630].  Future
48	implementations of CMS SHOULD include this extension.

50	The format of the messages are described in ASN.1:1994 [ASN1].

52	The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
53	"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
54	interpreted as described in [RFC2119].

56	1.1 Compressed Data Content Type

58	The compressed-data content type consists of content of any type
59	compressed using a specified algorithm.  The following object
60	identifier identifies the compressed-data content type:

62	  id-ct-compressedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
63	    us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 9 }

65	The compressed-data content type shall have ASN.1 type CompressedData:

67	  CompressedData ::= SEQUENCE {
68	    version CMSVersion,
69	    compressionAlgorithm CompressionAlgorithmIdentifier,
70	    encapContentInfo EncapsulatedContentInfo
71	    }

73	The fields of type CompressedData have the following meanings:

75	    version is the syntax version number.  It shall be 0.

77	    compressionAlgorithm is a compression algorithm identifier, as
78	    defined in section 2.

80	    encapContentInfo is the content which is compressed.

82	Implementations SHOULD use the SMIMECapabilities attribute to indicate
83	their ability to process compressed content types.  A compression
84	SMIMECapability consists of the AlgorithmIdentifier for the supported
85	compression algorithm, in the case of the algorithm specified in this
86	document this is id-alg-zlibCompression with parameters NULL.
87	Alternatively, the use of compression may be handled by prior
88	arrangement (for example as part of an interoperability profile).

90	2. Compression Types

92	CMS implementations should include ZLIB [RFC 1950] [RFC 1951], which is
93	free of any intellectual property restrictions and has a freely-
94	available, portable and efficient reference implementation.  The
95	following object identifier identifies ZLIB:

97	  id-alg-zlibCompress OBJECT IDENTIFIER ::= { iso(1) member-body(2)
98	    us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 8 }

100	The parameters for this algorithm are NULL.

102	3. Security Considerations

104	This RFC is not concerned with security, except for the fact that
105	compressing data before encryption can enhance the security provided by
106	other processing steps by reducing the quantity of known plaintext
107	available to an attacker.

109	Author Address

111	Peter Gutmann
112	University of Auckland
113	Private Bag 92019
114	Auckland, New Zealand
115	pgut001@cs.auckland.ac.nz

117	References

119	  ASN1  Recommendation X.680: Specification of Abstract Syntax Notation
120	        One (ASN.1), 1994.

122	  RFC2119 Key Words for Use in RFC's to Indicate Requirement Levels,
123	        S.Bradner, March 1997.

125	  RFC1950 ZLIB Compressed Data Format Specification version 3.3,
126	        P.Deutsch and J-L Gailly, May 1996.

128	  RFC1951 DEFLATE Compressed Data Format Specification version 1.3,
129	        P.Deutsch, May 1996.

131	  RFC 2630 Cryptographic Message Syntax, R.Housley, June 1999.

133	Appendix A: ASN.1 Module

135	CompressedDataContent
136	  { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
137	    smime(16) modules(0) compress(11) }

139	DEFINITIONS IMPLICIT TAGS ::=
140	BEGIN

142	IMPORTS
143	  CMSVersion, EncapsulatedContentInfo FROM CryptographicMessageSyntax
144	    { iso(1) member-body(2) us(840) rsadsi(113549)
145	      pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) },
146	  AlgorithmIdentifier FROM AuthenticationFramework
147	    { joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 3 };

149	CompressedData ::= SEQUENCE {
150	  version CMSVersion,       -- Always set to 0
151	  compressionAlgorithm CompressionAlgorithmIdentifier,
152	  encapContentInfo EncapsulatedContentInfo
153	  }

155	CompressionAlgorithmIdentifer ::= AlgorithmIdentifier

157	END

159	Full Copyright Statement

161	Copyright (C) The Internet Society 1999.  All Rights Reserved.

163	This document and translations of it may be copied and furnished to
164	others, and derivative works that comment on or otherwise explain it or
165	assist in its implementation may be prepared, copied, published and
166	distributed, in whole or in part, without restriction of any kind,
167	provided that the above copyright notice and this paragraph are
168	included on all such copies and derivative works. However, this
169	document itself may not be modified in any way, such as by removing the
170	copyright notice or references to the Internet Society or other
171	Internet organizations, except as needed for the purpose of developing
172	Internet standards in which case the procedures for copyrights defined
173	in the Internet Standards process must be followed, or as required to
174	translate it into languages other than English.

176	The limited permissions granted above are perpetual and will not be
177	revoked by the Internet Society or its successors or assigns.

179	This document and the information contained herein is provided on an
180	"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
181	TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
182	NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
183	NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
184	FITNESS FOR A PARTICULAR PURPOSE.