S/MIME Mail Security (smime)
----------------------------

Charter
Last Modified: 2005-10-03

Current Status: Active Working Group

Chair(s):
    Sean Turner  <[email protected]>
    Blake Ramsdell  <[email protected]>

Security Area Director(s):
    Russ Housley  <[email protected]>
    Sam Hartman  <[email protected]>

Security Area Advisor:
    Russ Housley  <[email protected]>

Mailing Lists:
    General Discussion:[email protected]
    To Subscribe:      [email protected]
    Archive:           http://www.imc.org/ietf-smime/

Description of Working Group:

The S/MIME Working Group has completed a series of Proposed Standards
that comprise the S/MIME version 3.1 specification. As part of the
specification update, a new suite of "mandatory to implement"
algorithms
was be selected. Current efforts update and build upon these base
specifications.

The Cryptographic Message Syntax (CMS) (RFC 3852) is cryptographic
algorithm independent, yet there is always more than one way to use any
algorithm. To ensure interoperability, each algorithm should have a
specification that describes its use with CMS. Specifications for the
use of additional cryptographic algorithms will be developed.

CMS, as well as S/MIME version 3 and later, permit the use of
previously
distributed symmetric key-encryption keys. Specifications for the
distribution of symmetric key-encryption keys to multiple message
recipients will be developed. Mail List Agents (MLAs) are one use of
symmetric key-encryption keys. The specification will be algorithm
independent.

To aid initial determination of recipient's cryptographic capabilities
a
specification will be developed allowing S/MIME capabilities to be
stored and asserted in X.509 certificates based on the X.509
certificate
and CRL profile developed by the PKIX Working Group.

The working group will perform necessary interoperability testing to
progress the CMS and S/MIME specifications to Draft Standard. The CMS
specification depends on the RFC 3280, which was developed by the PKIX
working group. This profile must progress to Draft Standard before CMS
and the other S/MIME specifications can progress to Draft Standard.
Assuming timely progress by the PKIX Working Group, the S/MIME
specification can start progressing to Draft Standard in 2005.

Goals and Milestones:

  Done         First draft of security label usage specification.

  Done         First draft of CMS RecipientInfo extension.

  Done         Last call on KEA and SKIPJACK algorithm specification.

  Done         Last call on small subgroup attack avoidance

  Done         First draft of CAST algorithm specification.

  Done         Last call on certificate distribution specification.

  Done         First draft of mail list key distribution.

  Done         Submit KEA and SKIPJACK algorithm specification as
               Informational RFC.

  Done         Submit small subgroup attack avoidance as Informational RFC

  Done         Last call on CAST algorithm specification.

  Done         Updated draft of domain security services document.

  Done         Last call on security label usage specification.

  Done         Last call on IDEA algorithm specification.

  Done         Last call on CMS RecipientInfo extension.

  Done         Last call on mail list key distribution.

  Done         Submit CAST algorithm specification as Informational RFC.

  Done         Submit security label usage specification as Informational RFC.

  Done         Submit IDEA algorithm specification as Informational RFC.

  Done         Submit CMS RecipientInfo extension to IESG for consideration as
               a Proposed Standard.

  Done         Last call on domain security services document.

  Done         Submit domain security services as Experimental RFC.

  Done         Submit mail list key distribution as a Proposed Standard

  Done         Submit X.400 CMS wrapper specification as a Proposed Standard

  Done         Submit HMAC key wrap description as Proposed Standard

  Done         Submit RSA OAEP algorithm specification as Proposed Standard

  Done         Sumbit AES algorithm specification as Proposed Standard

  Done         Submit X.400 transport as a Proposed Standard

  Done         Last call on CMS and ESS examples document

  Done         First draft of RSA KEM algorithm specification

  Done         Submit update to MSG as Proposed Standard

  Done         Submit update to CERT as Proposed Standard

  Done         Last call on RSA PSS algorithm specification

  Done         Submit RSA PSS algorithm specification as Proposed Standard

  Done         First draft of S/MIME Capabilities Certificate Extension

  Done         Working Group Last Call for S/MIME Capabilities Certificate
               Extension

  Done         Submit S/MIME Capabilities Certificate Extension as
               Informational RFC

  Feb 2005       Request advancement of CMS Algorithms to Draft Standard

  Feb 2005       Request advancement of CMS to Draft Standard

  Feb 2005       Request advancement of ESS to Draft Standard

  Feb 2005       Request advancement of CERT to Draft Standard

  Feb 2005       Request advancement of MSG to Draft Standard

  Nov 2005       Last call on RSA KEM algorithm specification

  Jan 2006       Submit RSA KEM algorithm specification as Proposed Standard


Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
Dec 1999 Jan 2003   <draft-ietf-smime-symkeydist-09.txt>
               CMS Symmetric Key Management and Distribution

Mar 2006 Jan 2007   <draft-ietf-smime-escertid-04.txt>
               ESS Update: Adding CertID Algorithm Agility

Apr 2006 Feb 2007   <draft-ietf-smime-cms-mult-sign-03.txt>
               Cryptographic Message Syntax (CMS) Multiple Signer
               Clarification

Jun 2006 Dec 2006   <draft-ietf-smime-ibearch-02.txt>
               Identity-based Encryption Architecture

Jun 2006 Oct 2006   <draft-ietf-smime-bfibecms-01.txt>
               Using the Boneh-Franklin and Boneh-Boyen identity-based
               encryption algorithms with the Cryptographic Message Syntax
               (CMS)

Dec 2006 Dec 2006   <draft-ietf-smime-multisig-00.txt>
               Multiple Signatures in S/MIME

Jan 2007 Feb 2007   <draft-ietf-smime-cms-auth-enveloped-02.txt>
               Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data
               Content Type

Jan 2007 Jan 2007   <draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt>
               Using AES-CCM and AES-GCM Authenticated Encryption in the
               Cryptographic Message Syntax (CMS)

Request For Comments:

 RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC2311 I    Mar 1998    S/MIME Version 2 Message Specification

RFC2312 I    Mar 1998    S/MIME Version 2 Certificate Handling

RFC2630 PS   Jul 1999    Cryptographic Message Syntax

RFC2631 PS   Jul 1999    Diffie-Hellman Key Agreement Method

RFC2632 PS   Jul 1999    S/MIME Version 3 Certificate Handling

RFC2633 PS   Jul 1999    S/MIME Version 3 Message Specification

RFC2634 PS   Jul 1999    Enhanced Security Services for S/MIME

RFC2785 I    Mar 2000    Methods for Avoiding the 'Small-Subgroup' Attacks on the
                      Diffie-Hellman Key Agreement Method for S/MIME

RFC2876 I    Jul 2000    Use of the KEA and SKIPJACK Algorithms in CMS

RFC2984 PS   Oct 2000    Use of the CAST-128 Encryption Algorithm in CMS

RFC3058 I    Feb 2001    Use of the IDEA Encryption Algorithm in CMS

RFC3125 E    Sep 2001    Electronic Signature Policies

RFC3183 E    Oct 2001    Domain Security Services using S/MIME

RFC3126 I    Oct 2001    Electronic Signature Formats for long term electronic
                      signatures

RFC3185 PS   Oct 2001    Reuse of CMS Content Encryption Keys

RFC3217 I    Dec 2001    Triple-DES and RC2 Key Wrapping

RFC3211 PS   Dec 2001    Password-based Encryption for SMS

RFC3218 I    Jan 2002    Preventing the Million Message Attack on CMS

RFC3278 I    May 2002    Use of ECC Algorithms in CMS

RFC3274 PS   Jun 2002    Compressed Data Content Type for Cryptographic Message
                      Syntax (CMS)

RFC3369 PS   Sep 2002    Cryptographic Message Syntax

RFC3370 PS   Sep 2002    Cryptographic Message Syntax (CMS) Algorithms

RFC3394 I    Oct 2002    Advanced Encryption Standard (AES) Key Wrap Algorithm

RFC3114 I    Jan 2003    Implementing Company Classification Policy with the
                      S/MIME Security Label

RFC3537 PS   Jun 2003    Wrapping a Hashed Message Authentication Code (HMAC) key
                      with a Triple-Data Encryption Standard (DES) Key or an
                      Advanced Encryption Standard (AES)Key

RFC3560 PS   Jul 2003    Use of the RSAES-OAEP Key Transport Algorithm in
                      Cryptographic Message Syntax (CMS)

RFC3565 PS   Jul 2003    Use of the Advanced Encryption Standard (AES)Encryption
                      Algorithm in Cryptographic Message Syntax (CMS)

RFC3657Standard  Jan 2004    Use of the Camellia Encryption Algorithm in CMS

RFC3851Standard  Jul 2004    S/MIME Version 3.1 Message Specification

RFC3850Standard  Jul 2004    S/MIME Version 3.1 Certificate Handling

RFC3852Standard  Jul 2004    Cryptographic Message Syntax (CMS)

RFC3854Standard  Aug 2004    Securing X.400 Content with S/MIME

RFC3855Standard  Aug 2004    Transporting S/MIME Objects in X.400

RFC4010Standard  Feb 2005    Use of the SEED Encryption Algorithm in Cryptographic
                      Message Syntax (CMS)

RFC4056Standard  Jun 2005    Use of the RSASSA-PSS Signature Algorithm in
                      Cryptographic Message Syntax (CMS)

RFC4134 I    Jul 2005    Examples of S/MIME Messages

RFC4262Standard  Dec 2005    X.509 Certificate Extension for Secure/Multipurpose
                      Internet Mail Extensions (S/MIME) Capabilities

RFC4490 PS   May 2006    Using the GOST 28147-89, GOST R 34.11-94, GOST R
                      34.10-94 and GOST R 34.10-2001 Algorithms with the
                      Cryptographic Message Syntax (CMS)