idnits 2.17.1 draft-melnikov-smime-msa-to-mda-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 14, 2013) is 3848 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: 'RFC5280' is defined on line 109, but no explicit reference was found in the text == Unused Reference: 'RFC5322' is defined on line 114, but no explicit reference was found in the text == Unused Reference: 'RFC5751' is defined on line 117, but no explicit reference was found in the text ** Downref: Normative reference to an Experimental RFC: RFC 3183 ** Obsolete normative reference: RFC 5751 (Obsoleted by RFC 8551) Summary: 2 errors (**), 0 flaws (~~), 4 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group A. Melnikov 3 Internet-Draft Isode Ltd 4 Intended status: Standards Track October 14, 2013 5 Expires: April 17, 2014 7 MSA-to-MDA S/MIME signing & encryption 8 draft-melnikov-smime-msa-to-mda-00 10 Abstract 12 This document specifies how S/MIME signing and encryption can be 13 applied between a Message Submission Agent (MSA) and a Message 14 Delivery Agent (MDA) or between 2 Message Transfer Agents (MTA). 16 Status of This Memo 18 This Internet-Draft is submitted in full conformance with the 19 provisions of BCP 78 and BCP 79. 21 Internet-Drafts are working documents of the Internet Engineering 22 Task Force (IETF). Note that other groups may also distribute 23 working documents as Internet-Drafts. The list of current Internet- 24 Drafts is at http://datatracker.ietf.org/drafts/current/. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference 29 material or to cite them other than as "work in progress." 31 This Internet-Draft will expire on April 17, 2014. 33 Copyright Notice 35 Copyright (c) 2013 IETF Trust and the persons identified as the 36 document authors. All rights reserved. 38 This document is subject to BCP 78 and the IETF Trust's Legal 39 Provisions Relating to IETF Documents 40 (http://trustee.ietf.org/license-info) in effect on the date of 41 publication of this document. Please review these documents 42 carefully, as they describe your rights and restrictions with respect 43 to this document. Code Components extracted from this document must 44 include Simplified BSD License text as described in Section 4.e of 45 the Trust Legal Provisions and are provided without warranty as 46 described in the Simplified BSD License. 48 Table of Contents 50 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 51 2. Conventions Used in This Document . . . . . . . . . . . . . . 2 52 3. MSA-to-MDA S/MIME signing & encryption . . . . . . . . . . . 2 53 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 2 54 5. Security Considerations . . . . . . . . . . . . . . . . . . . 3 55 6. Normative References . . . . . . . . . . . . . . . . . . . . 3 56 Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . 3 58 1. Introduction 60 [RFC3183] specifies Domain Security Services using S/MIME. The 61 motivation provided there remains largely the same. This document 62 specifies a simplified variant of Domain Security Services to be used 63 between an MSA/MTA and an MTA/MDA. 65 2. Conventions Used in This Document 67 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 68 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 69 document are to be interpreted as described in [RFC2119]. 71 3. MSA-to-MDA S/MIME signing & encryption 73 An MSA/MTA wishing to sign or encrypt an email message on bahalf of a 74 domain ("originating S/MIME MSA" or "originating S/MIME MTA") follows 75 rules specified in [RFC3183], except as specified in this document. 77 Originating S/MIME MSA/MTA uses a domain signature as specified in 78 [RFC3183]. However the rules below replace naming rules specified in 79 Sections 3.1.1 and 4.1 of that document. 81 The subject name of the Originating S/MIME MSA/MTA's X.509 82 certificate is not restricted as specified in RFC 3183. In order for 83 a verifier to recognize a signing/encrypting certificate as the 84 Originating S/MIME MSA/MTA's certificate, it MUST contain 85 uniformResourceIdentifier GeneralName of the format "smtp://" in its SubjectAltName. (Here is the domain that is being served by the signing/encrypting 88 MSA/MTA.) An rfc822Name GeneralName as specified in RFC 3183 MAY 89 optionally be included in the SubjectAltName. 91 [[Do we need to distinguish signing versa encryption in certificate's 92 SubjectAltName?]] 94 4. IANA Considerations 95 This document doesn't require any action from IANA. 97 5. Security Considerations 99 TBD 101 6. Normative References 103 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 104 Requirement Levels", BCP 14, RFC 2119, March 1997. 106 [RFC3183] Dean, T. and W. Ottaway, "Domain Security Services using S 107 /MIME", RFC 3183, October 2001. 109 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 110 Housley, R., and W. Polk, "Internet X.509 Public Key 111 Infrastructure Certificate and Certificate Revocation List 112 (CRL) Profile", RFC 5280, May 2008. 114 [RFC5322] Resnick, P., Ed., "Internet Message Format", RFC 5322, 115 October 2008. 117 [RFC5751] Ramsdell, B. and S. Turner, "Secure/Multipurpose Internet 118 Mail Extensions (S/MIME) Version 3.2 Message 119 Specification", RFC 5751, January 2010. 121 Appendix A. Acknowledgements 123 TBD 125 Author's Address 127 Alexey Melnikov 128 Isode Ltd 129 5 Castle Business Village 130 36 Station Road 131 Hampton, Middlesex TW12 2BX 132 UK 134 EMail: Alexey.Melnikov@isode.com