S/MIME Mail Security (smime)
----------------------------

Charter
Last Modified: 2008-04-23

Current Status: Active Working Group

Chair(s):
    Sean Turner  <[email protected]>
    Blake Ramsdell  <[email protected]>

Security Area Director(s):
    Tim Polk  <[email protected]>
    Pasi Eronen  <[email protected]>

Security Area Advisor:
    Tim Polk  <[email protected]>

Mailing Lists:
    General Discussion:[email protected]
    To Subscribe:      [email protected]
    Archive:           http://www.imc.org/ietf-smime/

Description of Working Group:

The S/MIME Working Group has completed a series of Proposed Standards
that comprise the S/MIME version 3.1 specification. As part of the
specification update, a new suite of "mandatory to implement"
algorithms
was be selected. Current efforts update and build upon these base
specifications.

The Cryptographic Message Syntax (CMS) (RFC 3852) is cryptographic
algorithm independent, yet there is always more than one way to use any
algorithm. To ensure interoperability, each algorithm should have a
specification that describes its use with CMS. Specifications for the
use of additional cryptographic algorithms will be developed.

CMS, as well as S/MIME version 3 and later, permit the use of
previously
distributed symmetric key-encryption keys. Specifications for the
distribution of symmetric key-encryption keys to multiple message
recipients will be developed. Mail List Agents (MLAs) are one use of
symmetric key-encryption keys. The specification will be algorithm
independent.

To aid initial determination of recipient's cryptographic capabilities
a
specification will be developed allowing S/MIME capabilities to be
stored and asserted in X.509 certificates based on the X.509
certificate
and CRL profile developed by the PKIX Working Group.

The working group will perform necessary interoperability testing to
progress the CMS and S/MIME specifications to Draft Standard. The CMS
specification depends on the RFC 3280, which was developed by the PKIX
working group. This profile must progress to Draft Standard before CMS
and the other S/MIME specifications can progress to Draft Standard.
Assuming timely progress by the PKIX Working Group, the S/MIME
specification can start progressing to Draft Standard in 2005.

Goals and Milestones:

  Done         First draft of security label usage specification.

  Done         First draft of CMS RecipientInfo extension.

  Done         Last call on KEA and SKIPJACK algorithm specification.

  Done         Last call on small subgroup attack avoidance

  Done         First draft of CAST algorithm specification.

  Done         Last call on certificate distribution specification.

  Done         First draft of mail list key distribution.

  Done         Submit KEA and SKIPJACK algorithm specification as
               Informational RFC.

  Done         Submit small subgroup attack avoidance as Informational RFC

  Done         Last call on CAST algorithm specification.

  Done         Updated draft of domain security services document.

  Done         Last call on security label usage specification.

  Done         Last call on IDEA algorithm specification.

  Done         Last call on CMS RecipientInfo extension.

  Done         Last call on mail list key distribution.

  Done         Submit CAST algorithm specification as Informational RFC.

  Done         Submit security label usage specification as Informational RFC.

  Done         Submit IDEA algorithm specification as Informational RFC.

  Done         Submit CMS RecipientInfo extension to IESG for consideration as
               a Proposed Standard.

  Done         Last call on domain security services document.

  Done         Submit domain security services as Experimental RFC.

  Done         Submit mail list key distribution as a Proposed Standard

  Done         Submit X.400 CMS wrapper specification as a Proposed Standard

  Done         Submit HMAC key wrap description as Proposed Standard

  Done         Submit RSA OAEP algorithm specification as Proposed Standard

  Done         Sumbit AES algorithm specification as Proposed Standard

  Done         Submit X.400 transport as a Proposed Standard

  Done         Last call on CMS and ESS examples document

  Done         First draft of RSA KEM algorithm specification

  Done         Submit update to MSG as Proposed Standard

  Done         Submit update to CERT as Proposed Standard

  Done         Last call on RSA PSS algorithm specification

  Done         Submit RSA PSS algorithm specification as Proposed Standard

  Done         First draft of S/MIME Capabilities Certificate Extension

  Done         Working Group Last Call for S/MIME Capabilities Certificate
               Extension

  Done         Submit S/MIME Capabilities Certificate Extension as
               Informational RFC

  Dec 2007       Submit SHA-2 algorithms with CMS as Proposed Standard

  Dec 2007       Submit S/MIME Certificate Handling as Proposed Standard

  Dec 2007       Submit S/MIME Message Specification as Proposed Standard

  Dec 2008       Submit CMS as Draft Standard

  Dec 2008       Submit necessary algorithms documents* as Draft Standard

  Dec 2008       Submit Enhanced Security Services as Draft Standard

  Dec 2008       Submit S/MIME Message Specification as Draft Standard

  Dec 2008       Submit S/MIME Certificate Handling as Draft Standard


Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
May 2003 Nov 2008   <draft-ietf-smime-cms-rsa-kem-06.txt>
               Use of the RSA-KEM Key Transport Algorithm in CMS

Dec 2006 Mar 2008   <draft-ietf-smime-multisig-05.txt>
               Multiple Signatures in S/MIME

May 2007 Jan 2009   <draft-ietf-smime-sha2-11.txt>
               Using SHA2 Algorithms with Cryptographic Message Syntax

Nov 2007 Oct 2008   <draft-ietf-smime-3850bis-08.txt>
               Secure/Multipurpose Internet Mail Extensions (S/MIME) Version
               3.2 Certificate Handling

Nov 2007 Oct 2008   <draft-ietf-smime-3851bis-08.txt>
               Secure/Multipurpose Internet Mail Extensions (S/MIME) Version
               3.2 Message Specification

Dec 2007 Mar 2009   <draft-ietf-smime-new-asn1-03.txt>
               New ASN.1 Modules for CMS and S/MIME

Jun 2008 Jan 2009   <draft-ietf-smime-3278bis-05.txt>
               Use of Elliptic Curve Cryptography (ECC) Algorithms in
               Cryptographic Message Syntax (CMS)

Request For Comments:

 RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC2311 I    Mar 1998    S/MIME Version 2 Message Specification

RFC2312 I    Mar 1998    S/MIME Version 2 Certificate Handling

RFC2634 PS   Jul 1999    Enhanced Security Services for S/MIME

RFC2633 PS   Jul 1999    S/MIME Version 3 Message Specification

RFC2632 PS   Jul 1999    S/MIME Version 3 Certificate Handling

RFC2631 PS   Jul 1999    Diffie-Hellman Key Agreement Method

RFC2630 PS   Jul 1999    Cryptographic Message Syntax

RFC2785 I    Mar 2000    Methods for Avoiding the 'Small-Subgroup' Attacks on the
                      Diffie-Hellman Key Agreement Method for S/MIME

RFC2876 I    Jul 2000    Use of the KEA and SKIPJACK Algorithms in CMS

RFC2984 PS   Oct 2000    Use of the CAST-128 Encryption Algorithm in CMS

RFC3058 I    Feb 2001    Use of the IDEA Encryption Algorithm in CMS

RFC3125 E    Sep 2001    Electronic Signature Policies

RFC3183 E    Oct 2001    Domain Security Services using S/MIME

RFC3126 I    Oct 2001    Electronic Signature Formats for long term electronic
                      signatures

RFC3185 PS   Oct 2001    Reuse of CMS Content Encryption Keys

RFC3217 I    Dec 2001    Triple-DES and RC2 Key Wrapping

RFC3211 PS   Dec 2001    Password-based Encryption for SMS

RFC3218 I    Jan 2002    Preventing the Million Message Attack on CMS

RFC3278 I    May 2002    Use of ECC Algorithms in CMS

RFC3274 PS   Jun 2002    Compressed Data Content Type for Cryptographic Message
                      Syntax (CMS)

RFC3369 PS   Sep 2002    Cryptographic Message Syntax

RFC3370 PS   Sep 2002    Cryptographic Message Syntax (CMS) Algorithms

RFC3394 I    Oct 2002    Advanced Encryption Standard (AES) Key Wrap Algorithm

RFC3114 I    Jan 2003    Implementing Company Classification Policy with the
                      S/MIME Security Label

RFC3537 PS   Jun 2003    Wrapping a Hashed Message Authentication Code (HMAC) key
                      with a Triple-Data Encryption Standard (DES) Key or an
                      Advanced Encryption Standard (AES)Key

RFC3560 PS   Jul 2003    Use of the RSAES-OAEP Key Transport Algorithm in
                      Cryptographic Message Syntax (CMS)

RFC3565 PS   Jul 2003    Use of the Advanced Encryption Standard (AES)Encryption
                      Algorithm in Cryptographic Message Syntax (CMS)

RFC3657Standard  Jan 2004    Use of the Camellia Encryption Algorithm in CMS

RFC3851Standard  Jul 2004    S/MIME Version 3.1 Message Specification

RFC3850Standard  Jul 2004    S/MIME Version 3.1 Certificate Handling

RFC3852Standard  Jul 2004    Cryptographic Message Syntax (CMS)

RFC3854Standard  Aug 2004    Securing X.400 Content with S/MIME

RFC3855Standard  Aug 2004    Transporting S/MIME Objects in X.400

RFC4010Standard  Feb 2005    Use of the SEED Encryption Algorithm in Cryptographic
                      Message Syntax (CMS)

RFC4056Standard  Jun 2005    Use of the RSASSA-PSS Signature Algorithm in
                      Cryptographic Message Syntax (CMS)

RFC4134 I    Jul 2005    Examples of S/MIME Messages

RFC4262Standard  Dec 2005    X.509 Certificate Extension for Secure/Multipurpose
                      Internet Mail Extensions (S/MIME) Capabilities

RFC4490 PS   May 2006    Using the GOST 28147-89, GOST R 34.11-94, GOST R
                      34.10-94 and GOST R 34.10-2001 Algorithms with the
                      Cryptographic Message Syntax (CMS)

RFC4853 PS   Apr 2007    Cryptographic Message Syntax (CMS) Multiple Signer
                      Clarification

RFC5035 PS   Aug 2007    Enhanced Security Services (ESS) Update: Adding CertID
                      Algorithm Agility

RFC5083 PS   Nov 2007    Cryptographic Message Syntax (CMS)
                      Authenticated-Enveloped-Data Content Type

RFC5084 PS   Nov 2007    Using AES-CCM and AES-GCM Authenticated Encryption in
                      the Cryptographic Message Syntax (CMS)

RFC5126 I    Mar 2008    CMS Advanced Electronic Signatures (CAdES)

RFC5275 PS   Jun 2008    CMS Symmetric Key Management and Distribution

RFC5409 I    Jan 2009    Using the Boneh-Franklin and Boneh-Boyen Identity-Based
                      Encryption Algorithms with the Cryptographic Message
                      Syntax (CMS)

RFC5408 I    Jan 2009    Identity-Based Encryption Architecture and Supporting
                      Data Structures

You are viewing proxied material from ftp.icm.edu.pl. The copyright of proxied material belongs to its original authors. Any comments or complaints in relation to proxied material should be directed to the original authors of the content concerned. Please see the disclaimer for more details.