idnits 2.17.1 draft-ietf-smime-x400wrap-06.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 631 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There are 4 instances of too long lines in the document, the longest one being 2 characters in excess of 72. ** The document seems to lack a both a reference to RFC 2119 and the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. RFC 2119 keyword, line 151: '...Sending and receiving agents MUST support SHA-1 [CMSALG]....' RFC 2119 keyword, line 155: '...Receiving agents MUST support id-dsa defined in [CMSALG]. The...' RFC 2119 keyword, line 156: '...rithm parameters MUST be absent (not e...' RFC 2119 keyword, line 157: '...agents MUST support rsaEncryption, defined in [CMSALG]....' RFC 2119 keyword, line 159: '...Sending agents MUST support either id-...' (55 more instances...) Miscellaneous warnings: ---------------------------------------------------------------------------- -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 1, 2003) is 7453 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? 'CMS' on line 559 looks like a reference -- Missing reference section? 'MSG' on line 568 looks like a reference -- Missing reference section? 'MIXER' on line 585 looks like a reference -- Missing reference section? 'BODYMAP' on line 582 looks like a reference -- Missing reference section? 'MUSTSHOULD' on line 589 looks like a reference -- Missing reference section? 'CMSALG' on line 562 looks like a reference -- Missing reference section? 'ESS' on line 565 looks like a reference -- Missing reference section? 'SMTP' on line 592 looks like a reference -- Missing reference section? 'TRANSPORT' on line 571 looks like a reference -- Missing reference section? 'CERT31' on line 556 looks like a reference Summary: 4 errors (**), 0 flaws (~~), 2 warnings (==), 12 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 S/MIME Working Group 2 Internet Draft Paul Hoffman, IMC 3 draft-ietf-smime-x400wrap-06.txt Chris Bonatti, IECA 4 May 1, 2003 Anders Eggen, FFI 5 Expires November 1, 2003 7 Securing X.400 Content with S/MIME 9 Status of this Memo 11 This document is an Internet-Draft and is in full conformance with all 12 provisions of Section 10 of RFC2026. 14 Internet-Drafts are working documents of the Internet Engineering Task 15 Force (IETF), its areas, and its working groups. Note that other groups 16 may also distribute working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference material 21 or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 Abstract 31 This document describes a protocol for adding cryptographic signature 32 and encryption services to X.400 content. 34 1. Introduction 36 The techniques described in the Cryptographic Message Syntax [CMS] 37 specification are general enough to support many different content 38 types. The [CMS] specification thus provides many options for providing 39 different security mechanisms. In order to ensure interoperability of 40 systems within the X.400 community, it is necessary to specify the use 41 of CMS features to protect X.400 content (called "CMS-X.400" in this 42 document). 44 1.1 Specification Overview 46 This document is intended to be similar to the S/MIME Version 3 Message 47 Specification [MSG] except that it is tailored to the requirements of 48 X.400 content rather than Multipurpose Internet Mail Extensions (MIME). 50 This document defines how to create an X.400 content type that has been 51 cryptographically enhanced according to [CMS]. In order to create S/MIME 52 messages carrying X.400 content, an S/MIME agent has to follow 53 specifications in this document, as well as the specifications listed in 54 [CMS]. This memo also defines new parameter values for the 55 application/pkcs7-mime MIME type that can be used to transport those 56 body parts. 58 Throughout this document, there are requirements and recommendations 59 made for how receiving agents handle incoming messages. There are 60 separate requirements and recommendations for how sending agents create 61 outgoing messages. In general, the best strategy is to "be liberal in 62 what you receive and conservative in what you send". Most of the 63 requirements are placed on the handling of incoming messages while the 64 recommendations are mostly on the creation of outgoing messages. 66 This document does not address transport of CMS-X.400 content. It is 67 assumed that CMS-X.400 content would be transported by Internet mail 68 systems, X.400, or other suitable transport. 70 This document describes applying security services to the content of 71 entire X.400 messages, which may or may not be IPMS messages. These 72 objects can be carried by several means, including SMTP-based mail and 73 X.400 mail. Note that cooperating S/MIME agents must support common 74 forms of message content in order to achieve interoperability. 76 If the CMS objects are sent as parts of an RFC 822 message, a standard 77 MIXER gateway [MIXER] will most likely choose to encapsulate the 78 message. This is not likely to be a format that is usable by an X.400 79 recipient. MIXER is specifically focused on translation between X.420 80 Interpersonal Messages and non-secure RFC822/MIME messages. The 81 discussion of security- related body parts in sections 7.3 and 7.4 of 82 [BODYMAP] is relevant to CMS messages. 84 Definition of gateway services to support relay of CMS object between 85 X.400 and SMTP environments is beyond the scope of this document. 87 1.2 Terminology 89 The key words "MUST", "SHALL", "REQUIRED", "SHOULD", "RECOMMENDED", and 90 "MAY" in this document are to be interpreted as described in RFC 2119 91 [MUSTSHOULD]. 93 1.3 Definitions 95 For the purposes of this document, the following definitions apply. 97 ASN.1: Abstract Syntax Notation One, as defined in ISO/IEC 8824. 99 BER: Basic Encoding Rules for ASN.1, as defined in ISO/IEC 8825-1. 101 Certificate: A type that binds an entity's distinguished name to a 102 public key with a digital signature. 104 DER: Distinguished Encoding Rules for ASN.1, as defined in ISO/IEC 105 8825-1. 107 7-bit data: Text data with lines less than 998 characters long, where 108 none of the characters have the 8th bit set, and there are no NULL 109 characters. and occur only as part of a end of line 110 delimiter. 112 8-bit data: Text data with lines less than 998 characters, and where 113 none of the characters are NULL characters. and occur only as 114 part of a end of line delimiter. 116 Binary data: Arbitrary data. 118 Transfer Encoding: A reversible transformation made on data so 8-bit or 119 binary data may be sent via a channel that only transmits 7-bit data. 121 Receiving agent: Software that interprets and processes S/MIME CMS 122 objects. 124 Sending agent: Software that creates S/MIME CMS objects. 126 S/MIME agent: User software that is a receiving agent, a sending agent, 127 or both. 129 1.4 Compatibility with Prior Practice of S/MIME 131 There are believed to be no existing X.400 implementations that support 132 S/MIME version 2. Further, signed interoperability between X.400 and 133 MIME systems that support S/MIME version 2 is not believed to be easily 134 achievable. Therefore backward compatibility with S/MIME version 2 is 135 not considered to be a requirement for this document. 137 It is a goal of this draft to, if possible, maintain backward 138 compatibility with existing X.400 implementations that employ S/MIME v3 139 wrappers. 141 2. CMS Options 143 CMS allows for a wide variety of options in content and algorithm 144 support. This section puts forth a number of support requirements and 145 recommendations in order to achieve a base level of interoperability 146 among all CMS-X.400 implementations. [CMS] provides additional details 147 regarding the use of the cryptographic algorithms. 149 2.1 DigestAlgorithmIdentifier 151 Sending and receiving agents MUST support SHA-1 [CMSALG]. 153 2.2 SignatureAlgorithmIdentifier 155 Receiving agents MUST support id-dsa defined in [CMSALG]. The 156 algorithm parameters MUST be absent (not encoded as NULL). Receiving 157 agents MUST support rsaEncryption, defined in [CMSALG]. 159 Sending agents MUST support either id-dsa or rsaEncryption. 161 2.3 KeyEncryptionAlgorithmIdentifier 163 Sending and receiving agents MUST support rsaEncryption, defined in 164 [CMSALG]. 166 Sending and receiving agents SHOULD support Diffie-Hellman defined in 167 [CMSALG]. 169 2.4 General Syntax 171 The general syntax of CMS objects consist of an instance of the 172 ContentInfo structure containing one of several defined CMS content 173 types. CMS defines multiple content types. Of these, only the SignedData 174 and EnvelopedData content types are used for CMS-X.400. 176 2.4.1 SignedData Content Type 178 Sending agents MUST use the signedData content type to apply a digital 179 signature to a message or, in a degenerate case where there is no 180 signature information, to convey certificates. 182 2.4.2 EnvelopedData Content Type 184 Senders MUST use the envelopedData content type to apply privacy 185 protection to a message. A sender needs to have access to a public key 186 for each intended message recipient to use this service. This content 187 type does not provide authentication. 189 2.5 Attribute SignerInfo Type 191 The SignerInfo type allows the inclusion of unsigned and signed 192 attributes to be included along with a signature. 194 Receiving agents MUST be able to handle zero or one instance of each of 195 the signed attributes listed here. Sending agents SHOULD generate one 196 instance of each of the following signed attributes in each CMS-X400 197 message: 198 - signingTime 199 - sMIMECapabilities 200 - sMIMEEncryptionKeyPreference 202 Requirements for processing of these attributes MUST be in accordance 203 with the S/MIME Message Specification [MSG]. Handling of the signingTime 204 attribute MUST comply with clause 2.5.1 of [MSG]. Handling of the 205 sMIMECapabilities attribute MUST comply with clause 2.5.2 of [MSG]. 206 Handling of the sMIMEEncryptionKeyPreference attribute MUST comply with 207 clause 2.5.3 of [MSG]. 209 Further, receiving agents SHOULD be able to handle zero or one instance 210 in the signed attributes of the signingCertificate attribute [ESS]. 212 Sending agents SHOULD generate one instance of the signingCertificate 213 signed attribute in each CMS-X400 message. 215 Additional attributes and values for these attributes may be defined in 216 the future. Receiving agents SHOULD handle attributes or values that it 217 does not recognize in a graceful manner. 219 Sending agents that include signed attributes that are not listed here 220 SHOULD display those attributes to the user, so that the user is aware 221 of all of the data being signed. 223 2.6 ContentEncryptionAlgorithmIdentifier 225 Sending and receiving agents MUST support encryption and decryption 226 with DES EDE3 CBC, hereinafter called "tripleDES" [CMSALG]. 228 3. Creating S/MIME Messages 230 This section describes the S/MIME message formats and how they can be 231 used to secure X.400 contents. The S/MIME messages are a combination of 232 X.400 contents and CMS objects (i.e., a ContentInfo structure containing 233 one of the CMS-defined content types). The X.400 content and other data, 234 such as certificates and algorithm identifiers, are given to CMS 235 processing facilities which produces a CMS object. This document also 236 describes how nested, secured S/MIME messages should be formatted when 237 encapsulating an X.400 content, and provides an example of how a 238 triple-wrapped S/MIME message over X.400 content should be created if 239 backwards compatibility with S/MIME version 2 is of no concern. 241 S/MIME provides one format for enveloped-only data, several formats for 242 signed-only data, and several formats for signed and enveloped data. The 243 different formats are required to accommodate several environments, in 244 particular for signed messages. Only one of these signed formats is 245 applicable to X.400. 247 Note that canonicalization is not required for X.400 content because it 248 is a binary rather than text encoding, and only the "embedded" content 249 version is used. These dramatically simplify the description of S/MIME 250 productions. 252 The reader of this section is expected to understand X.400 as described 253 in [X.400] and S/MIME as described in [CMS] and [ESS]. 255 3.1 The X.400 Message Structure 257 This section reviews the X.400 message format. An X.400 message has two 258 parts, the envelope and the content, as described in X.402 [X.400]: 260 Envelope -- An information object whose composition varies from one 261 transmittal step to another and that variously identifies the message's 262 originator and potential recipients, documents its previous conveyance 263 and directs its subsequent conveyance by the Message Transfer System 264 (MTS), and characterizes its content. 266 Content -- The content is the piece of information that the originating 267 User Agent wants to be delivered to one or more recipients. The MTS 268 neither examines nor modifies the content, except for conversion, during 269 its conveyance of the message. MTS conversion is not applicable to the 270 scenario of this draft because such conversion is incompatible with CMS 271 protection mechanisms. 273 One piece of information borne by the envelope identifies the type of 274 the content. The content type is an identifier (an ASN.1 OID or Integer) 275 that denotes the syntax and semantics of the content overall. This 276 identifier enables the MTS to determine the message's deliverability to 277 particular users, and enables User Agents and Message Stores to 278 interpret and process the content. 280 Another piece of information borne by the envelope identifies the types 281 of encoded information represented in the content. An encoded 282 information type (EIT) is an identifier (an ASN.1 Object Identifier or 283 Integer) that denotes the medium and format (e.g., IA5 text or Group 3 284 facsimile) of individual portions of the content. It further enables the 285 MTS to determine the message's deliverability to particular users, and 286 to identify opportunities for it to make the message deliverable by 287 converting a portion of the content from one EIT to another. 289 This document describes how S/MIME CMS is used to secure the content 290 part of X.400 messages. 292 3.2 Creating a Signed-only Message with X.400 Content 294 The SignedData format as described in the Cryptographic Message Syntax 295 [CMS] MUST be used for signing of X.400 contents. 297 The X.400 content to be protected MUST be placed in the SignedData 298 encapContentInfo eContent field. Note that this X.400 content SHOULD 299 maintain the encoding defined by the content type, but SHOULD NOT be 300 MIME wrapped. The object identifier for the content type of the 301 protected X.400 content MUST be placed in the SignedData 302 encapContentInfo eContentType field. 304 The signedData object is encapsulated by a ContentInfo SEQUENCE with a 305 contentType of id-signedData. 307 Note that if SMTP [SMTP] is used to transport the resulting signed-only 308 message then the optional MIME encoding SHOULD be used. If binary 309 transports such as X.400 are used then the optional MIME encoding SHOULD 310 NOT be used. 312 There are many reasons for this requirement. An outer MIME wrapper 313 should not be used in X.400. Further, there are places where X.400 314 systems will interact with SMTP/MIME systems where the outer MIME 315 wrapper might be necessary. Because this wrapping is outside the 316 security wrappers, whatever gateway system that is bridging the gap 317 between the two systems will be smart enough to apply or remove the 318 outer MIME wrapper as appropriate. 320 3.2.1 MIME Wrapping to Dynamically Support 7-bit Transport 322 The signedData object MAY optionally be wrapped in MIME. This allows 323 the system to support 7-bit transport when required. This outer MIME 324 wrapper MAY be dynamically added or removed throughout the delivery path 325 since it is out the signature and encryption wrappers. In this case the 326 application/pkcs7-mime type as defined in S/MIME Version 3 Message 327 Specification [MSG] SHOULD be used with the following parameters: 329 Content-Type: application/pkcs7-mime; smime-type=signed-x400 330 Content-Transfer-Encoding: base64 332 If the application/pkcs7-mime MIME type is used to support 7-bit 333 transport, the steps to create this format are: 335 Step 1. The X.400 content to be signed is ASN.1 encoded. 337 Step 2. The ASN.1 encoded X.400 content and other required data is 338 processed into a CMS object of type SignedData. The SignedData structure 339 is encapsulated by a ContentInfo SEQUENCE with a contentType of 340 id-signedData. 342 Step 3. The CMS object is inserted into an application/pkcs7-mime MIME 343 entity. 345 The smime-type parameter for messages using application/pkcs7-mime with 346 SignedData is "signed-x400" as defined in [TRANSPORT]. 348 3.3 Creating an Enveloped-only Message with X.400 Content 350 This section describes the format for enveloping an X.400 content 351 without signing it. It is important to note that sending enveloped but 352 not signed messages does not provide for data integrity. It is possible 353 to replace ciphertext in such a way that the processed message will 354 still be valid, but the meaning is altered. 356 The EnvelopedData format as described in [CMS] is used for 357 confidentiality of the X.400 contents. 359 The X.400 content to be protected MUST be placed in the EnvelopedData 360 encryptedContentInfo encryptedContent field. Note that this X.400 361 content SHOULD maintain the encoding defined by the content type, but 362 SHOULD NOT be MIME wrapped. The object identifier for content type of 363 the protected X.400 content MUST be placed in the EnvelopedData 364 encryptedContentInfo contentType field. 366 The envelopedData object is encapsulated by a ContentInfo SEQUENCE with 367 a contentType of id-envelopedData. 369 Note that if SMTP is used to transport the resulting enveloped-only 370 message then the optional MIME encoding SHOULD be used. If other binary 371 transport (e.g., X.400) is used then the optional MIME encoding SHOULD 372 NOT be used. 374 3.3.1 MIME Wrapping to Dynamically Support 7-bits Transport 376 The envelopedData object MAY optionally be wrapped in MIME. This allows 377 the system to support 7-bit transport when required. This outer MIME 378 wrapper MAY be dynamically added or removed throughout the delivery path 379 since it is out the signature and encryption wrappers. In this case, 380 the application/pkcs7-mime type as defined in S/MIME Version 3 Message 381 Specification [MSG] SHOULD be used with the following parameters: 383 Content-Type: application/pkcs7-mime; smime-type=enveloped-x400 384 Content-Transfer-Encoding: base64 386 If the application/pkcs7-mime MIME type is used to support 7-bit 387 transport, the steps to create this format are: 389 Step 1. The X.400 content to be enveloped is ASN.1 encoded. 391 Step 2. The ASN.1 encoded X.400 content and other required data is 392 processed into a CMS object of type EnvelopedData. In addition to 393 encrypting a copy of the content-encryption key for each recipient, a 394 copy of the content encryption key SHOULD be encrypted for the 395 originator and included in the EnvelopedData (see CMS Section 6). The 396 EnvelopedData structure is encapsulated by a ContentInfo SEQUENCE with a 397 contentType of id-envelopedData. 399 Step 3. The CMS object is inserted into an application/pkcs7-mime MIME 400 entity to allow for 7-bit transport. 402 If the application/pkcs7-mime MIME entity is used, the smime-type 403 parameter for enveloped-only messages is "enveloped-x400" as defined in 404 [TRANSPORT]. 406 3.4 Nested CMS Structures 408 To achieve signing and enveloping, any of the signed-only and 409 encrypted-only CMS objects may be nested. 411 When nesting is used, backwards compatibility with S/MIME version 2 412 requires that each layer of the nested message are identified with the 413 OID id-data, and when id-data is used a MIME wrapper is required. This 414 can potentially lead to an enormous amount of overhead and should be 415 avoided. Because S/MIME version 2 compatibility is of no concern, 416 implementations SHOULD directly encode the encapsulated object as the 417 eContent of the current structure. 419 MIME wrapping to support 7-bit transport is optional and need only be 420 used around the outermost CMS structure. In this case, the 421 application/pkcs7 content type MUST be used. 423 An S/MIME implementation MUST be able to receive and process arbitrarily 424 nested CMS structures within reasonable resource limits of the recipient 425 computer. 427 3.4.1 Creating a Triple Wrapped Message With an X.400 Content 429 The Enhanced Security Services for S/MIME [ESS] document provides 430 examples of how nested, secured S/MIME messages are formatted. ESS 431 provides an example of how a triple-wrapped S/MIME message is formatted 432 using application/pkcs7-mime for the signatures. 434 This section explains how an X.400 content may be conveyed within a 435 Triple Wrapped Message because S/MIME version 2 compatibility is of no 436 concern: 438 Step 1. Start with the X.400 content (called the "original content"). 439 The X.400 content MUST be ASN.1 encoded, but SHOULD NOT be MIME wrapped. 441 Step 2. Place the ASN.1 encoded X.400 content to be protected in the 442 SignedData encapContentInfo eContent field. Add any attributes 443 that are to be signed. 445 Step 3. Sign the result of step 2 (the original content). The SignedData 446 encapContentInfo eContentType MUST contain the object identifier of the 447 X.400 content. 449 Step 4. Encrypt the result of step 3 as a single block. The 450 EnvelopedData encryptedContentInfo contentType MUST be set to 451 id-signedData. This is called the "encrypted body". 453 Step 5. Using the same logic as in step 2 and 3 above, sign the result 454 of step 4 (the encrypted body) as a single block. The SignedData 455 encapContentInfo eContentType MUST be set to id-envelopedData. The outer 456 SignedData structure is encapsulated by a ContentInfo SEQUENCE with a 457 contentType of id-signedData. 459 Step 6. The resulting message is called the "outer signature", and is 460 also the triple wrapped message. 462 MIME wrapping to support 7-bit transport, is optional and MUST only be 463 used around the outermost CMS structure. In this case, the 464 application/pkcs7-mime content type MUST be used. The smime-type 465 in the case of adding a MIME wrapper MUST be consistent with 466 that appropriate to the innermost protection layer. 468 In some instances, an smime-type will be created that only reflects one 469 security service (such as certs-only, which is only for signed). 470 However, as new layers are wrapped, this smime-type SHOULD be propagated 471 upwards. Thus if a certs-only message were to be encrypted, or wrapped 472 in a new SignedData structure, the smime-type of certs-only should be 473 propagated up to the next MIME wrapper. In other words, the innermost 474 type is reflected outwards. 476 3.5 Carrying Plaintext X.400 Content in SMTP 478 While the objectives of this draft focus on protecting X.400 content 479 with CMS wrappers, it is a reality that users do not generally send 480 all message using security. It therefore stands to reason that a 481 means to carry non-secured X.400 content over the chosen transport 482 system must be seemlessly provided. While transporting X.400 content 483 in an X.400 system is trivial, carrying X.400 content in SMTP 484 requires additional definition. 486 Content-Type: application/x400-content; content-type = 487 1*DIGIT *( "." 1*DIGIT) 489 where the content-type parmeter value is either a single integer (for 490 a built-in content-type) or an OID in dotted notation (for an extended 491 content-type). 493 4. Use of Certificates 495 4.1 Certificate Enrollment 497 S/MIME v3 does not specify how to get a certificate from a certificate 498 authority, but instead mandates that every sending agent already has a 499 certificate. The PKIX Working Group has, at the time of this writing, 500 produced two separate standards for certificate enrollment: CMP (RFC 501 2510) and CMC (RFC 2792). 503 4.2 Certificate Processing 505 A receiving agent MUST provide some certificate retrieval mechanism in 506 order to gain access to certificates for recipients of digital 507 envelopes. This document does not cover how S/MIME agents handle 508 certificates, only what they do after a certificate has been validated 509 or rejected. S/MIME certification issues are covered in [CERT31]. 511 At a minimum, for initial S/MIME deployment, a user agent could 512 automatically generate a message to an intended recipient requesting 513 that recipient's certificate in a signed return message. Receiving and 514 sending agents SHOULD also provide a mechanism to allow a user to "store 515 and protect" certificates for correspondents in such a way so as to 516 guarantee their later retrieval. 518 4.3. Certificate Name Use for X.400 Content 520 End-entity certificates used in the context of this draft MAY contain 521 an X.400 address as described in [X.400]. The address must be in the 522 form of an "ORAddress". The X.400 address SHOULD be in the subjectAltName 523 extension, and SHOULD NOT be in the subject distinguished name. 525 Sending agents SHOULD make the originator address in the X.400 content 526 (e.g., the "originator" field in P22) match an X.400 address in the 527 signer's certificate. 529 Receiving agents MUST recognize X.400 addresses in the subjectAltName 530 field. 532 Receiving agents SHOULD check that the originator address in the X.400 533 content matches an X.400 address in the signer's certificate, if X.400 534 addresses are present in the certificate and an originator address is 535 available in the content. A receiving agent SHOULD provide some explicit 536 alternate processing of the message if this comparison fails, which may be 537 to display a message that shows the recipient the addresses in the 538 certificate or other certificate details. 540 The subject alternative name extension is used in S/MIME as the preferred 541 means to convey the X.400 address(es) that correspond to the entity for 542 this certificate. Any X.400 addresses present MUST be encoded using the 543 x400Address CHOICE of the GeneralName type. Since the SubjectAltName type 544 is a SEQUENCE OF GeneralName, multiple X.400 addresses MAY be present. 546 5. Security Considerations 548 This entire document discusses security. Additional security issues are 549 identified in section 5 of [MSG], section 6 of [ESS] and the Security 550 Considerations section of [CMS]. 552 A. References 554 A.1 Normative References 556 [CERT31] Ramsdell, B., Editor, "S/MIME Version 3 Certificate 557 Handling", Internet-Draft draft-ietf-smime-rfc2632bis. 559 [CMS] Housley, R., "Cryptographic Message Syntax", Internet-Draft 560 draft-ietf-smime-rfc2630bis. 562 [CMSALG] "Cryptographic Message Syntax (CMS) Algorithms", Internet- 563 Draft draft-ietf-smime-cmsalg 565 [ESS] Hoffman, P., Editor "Enhanced Security Services for S/MIME", 566 RFC 2634, June 1999. 568 [MSG] Ramsdell, B., Editor "S/MIME Version 3 Message Specification", 569 Internet-Draft draft-ietf-smime-rfc2633bis. 571 [TRANSPORT] Hoffman, P. and Bonatti, C., "Transporting S/MIME Objects in 572 X.400", work in progress (will progress with this document). 574 [X.400] ITU-T X.400 Series of Recommendations, Information technology 575 - Message Handling Systems (MHS). X.400: System and Service Overview; 576 X.402: Overall Architecture; X.411: Message Transfer System: Abstract 577 Service Definition and Procedures; X.420: Interpersonal Messaging 578 System; 1996. 580 A.2 Non-normative References 582 [BODYMAP] Alvestrand, H., Editor, "Mapping between X.400 and 583 RFC-822/MIME Message Bodies", RFC 2157, January 1998. 585 [MIXER] Kille, S., Editor, "MIXER (Mime Internet X.400 Enhanced 586 Relay): Mapping between X.400 and RFC 822/MIME", RFC 2156, 587 January 1998. 589 [MUSTSHOULD] Bradner, S., "Key words for use in RFCs to Indicate 590 Requirement Levels", BCP14, RFC 2119, March 1997. 592 [SMTP] Klensin, J., "Simple Mail Transfer Protocol", RFC 2821, 593 April, 2001. 595 B. Editor's Address 597 Paul Hoffman 598 Internet Mail Consortium 599 127 Segre Place 600 Santa Cruz, CA 95060 USA 601 phoffman@imc.org 603 Chris Bonatti 604 IECA, Inc. 605 15309 Turkey Foot Road 606 Darnestown, MD 20878-3640 USA 607 bonattic@ieca.com 609 Anders Eggen 610 Forsvarets Forskningsinstitutt 611 Postboks 25 612 2027 Kjeller, Norway 613 anders.eggen@ffi.no 615 draft-ietf-smime-x400wrap-06.txt expires November 1, 2003.