--- 1/draft-ietf-lamps-rfc5750-bis-03.txt 2017-04-07 16:13:21.180799672 -0700 +++ 2/draft-ietf-lamps-rfc5750-bis-04.txt 2017-04-07 16:13:21.236801015 -0700 @@ -1,34 +1,34 @@ LAMPS J. Schaad Internet-Draft August Cellars -Intended status: Standards Track B. Ramsdell -Expires: September 14, 2017 Brute Squad Labs, Inc. - S. Turner +Obsoletes: 5750 (if approved) B. Ramsdell +Intended status: Standards Track Brute Squad Labs, Inc. +Expires: October 9, 2017 S. Turner sn3rd - March 13, 2017 + April 7, 2017 Secure/Multipurpose Internet Mail Extensions (S/ MIME) Version 4.0 Certificate Handling - draft-ietf-lamps-rfc5750-bis-03 + draft-ietf-lamps-rfc5750-bis-04 Abstract This document specifies conventions for X.509 certificate usage by Secure/Multipurpose Internet Mail Extensions (S/MIME) v4.0 agents. S/MIME provides a method to send and receive secure MIME messages, and certificates are an integral part of S/MIME agent processing. S/MIME agents validate certificates as described in RFC 5280, the Internet X.509 Public Key Infrastructure Certificate and CRL Profile. S/MIME agents must meet the certificate processing requirements in this document as well as those in RFC 5280. This document obsoletes - RFC 3850. + RFC 5750. Contributing to this document The source for this draft is being maintained in GitHub. Suggested changes should be submitted as pull requests at . Instructions are on that page as well. Editorial changes can be managed in GitHub, but any substantial issues need to be discussed on the LAMPS mailing list. Status of This Memo @@ -38,21 +38,21 @@ Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet- Drafts is at http://datatracker.ietf.org/drafts/current/. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." - This Internet-Draft will expire on September 14, 2017. + This Internet-Draft will expire on October 9, 2017. Copyright Notice Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents @@ -91,24 +91,25 @@ 3. Using Distinguished Names for Internet Mail . . . . . . . . . 9 4. Certificate Processing . . . . . . . . . . . . . . . . . . . 10 4.1. Certificate Revocation Lists . . . . . . . . . . . . . . 11 4.2. Certificate Path Validation . . . . . . . . . . . . . . . 11 4.3. Certificate and CRL Signing Algorithms and Key Sizes . . 12 4.4. PKIX Certificate Extensions . . . . . . . . . . . . . . . 13 4.4.1. Basic Constraints . . . . . . . . . . . . . . . . . . 14 4.4.2. Key Usage Certificate Extension . . . . . . . . . . . 14 4.4.3. Subject Alternative Name . . . . . . . . . . . . . . 15 4.4.4. Extended Key Usage Extension . . . . . . . . . . . . 15 - 5. Security Considerations . . . . . . . . . . . . . . . . . . . 16 - 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 - 6.1. Normative References . . . . . . . . . . . . . . . . . . 18 - 6.2. Informational References . . . . . . . . . . . . . . . . 20 + 5. IANA Considertions . . . . . . . . . . . . . . . . . . . . . 16 + 6. Security Considerations . . . . . . . . . . . . . . . . . . . 16 + 7. References . . . . . . . . . . . . . . . . . . . . . . . . . 18 + 7.1. Normative References . . . . . . . . . . . . . . . . . . 18 + 7.2. Informational References . . . . . . . . . . . . . . . . 20 Appendix A. Historic Considerations . . . . . . . . . . . . . . 23 A.1. Signature Algorithms and Key Sizes . . . . . . . . . . . 23 Appendix B. Moving S/MIME v2 Certificate Handling to Historic Status . . . . . . . . . . . . . . . . . . . . . . . 24 Appendix C. Acknowledgments . . . . . . . . . . . . . . . . . . 24 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25 1. Introduction S/MIME (Secure/Multipurpose Internet Mail Extensions) v4.0, described @@ -591,23 +592,23 @@ [RFC4055] and the signature algorithm definition is found in [RFC3447]. For RSASSA-PSS with SHA-256 see [RFC4056]. For ECDSA see [RFC5758] and [RFC6090]. The first reference provides the signature algorithm's object identifier and the second provides the signature algorithm's definition. Curves other than curve P-256 MAY be used as well. - For EdDSA see [I-D.ietf-curdle-pkix] and [I-D.irtf-cfrg-eddsa]. The - first reference provides the signature algorithm's object identifier - and the second provides the signature algorithm's definition. Other + For EdDSA see [I-D.ietf-curdle-pkix] and [RFC8032]. The first + reference provides the signature algorithm's object identifier and + the second provides the signature algorithm's definition. Other curves than curve 25519 MAY be used as well. 4.4. PKIX Certificate Extensions PKIX describes an extensible framework in which the basic certificate information can be extended and describes how such extensions can be used to control the process of issuing and validating certificates. The PKIX Working Group has ongoing efforts to identify and create extensions that have value in particular certification environments. Further, there are active efforts underway to issue PKIX certificates @@ -706,21 +707,25 @@ extended key usage extension, then the certificate may also be used to sign but not encrypt S/MIME messages. If the extended key usage extension is present in the certificate, then interpersonal message S/MIME receiving agents MUST check that it contains either the emailProtection or the anyExtendedKeyUsage OID as defined in [RFC5280]. S/MIME uses other than interpersonal messaging MAY require the explicit presence of the extended key usage extension or other OIDs to be present in the extension or both. -5. Security Considerations +5. IANA Considertions + + This document has no new IANA considerations. + +6. Security Considerations All of the security issues faced by any cryptographic application must be faced by a S/MIME agent. Among these issues are protecting the user's private key, preventing various attacks, and helping the user avoid mistakes such as inadvertently encrypting a message for the wrong recipient. The entire list of security considerations is beyond the scope of this document, but some significant concerns are listed here. When processing certificates, there are many situations where the @@ -802,45 +807,45 @@ CRLs associated with newly received messages than the one provided for certificates and CRLs associated with previously stored messages. Server implementations (e.g., secure mail list servers) where user warnings are not appropriate SHOULD reject messages with weak cryptography. If an implementation is concerned about compliance with National Institute of Standards and Technology (NIST) key size recommendations, then see [SP800-57]. -6. References +7. References -6.1. Normative References +7.1. Normative References [FIPS186-2] National Institute of Standards and Technology (NIST), "Digital Signature Standard (DSS) [With Change Notice 1]", Federal Information Processing Standards Publication 186-2, January 2000. [FIPS186-3] National Institute of Standards and Technology (NIST), "Digital Signature Standard (DSS)", Federal Information Processing Standards Publication 186-3, June 2009. [I-D.ietf-lamps-eai-addresses] Melnikov, A. and W. Chuang, "Internationalized Email Addresses in X.509 certificates", draft-ietf-lamps-eai- addresses-08 (work in progress), March 2017. [I-D.ietf-lamps-rfc5751-bis] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 - Message Specification", draft-ietf-lamps-rfc5751-bis-03 - (work in progress), February 2017. + Message Specification", draft-ietf-lamps-rfc5751-bis-04 + (work in progress), March 2017. [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, . [RFC2634] Hoffman, P., Ed., "Enhanced Security Services for S/MIME", RFC 2634, DOI 10.17487/RFC2634, June 1999, . @@ -925,38 +930,32 @@ This group of documents represents S/MIME version 4.0. This set of documents are [RFC2634], [I-D.ietf-lamps-rfc5751-bis], [[This Document]], [RFC5652], and [RFC5035]. [X.680] "Information Technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation. ITU-T Recommendation X.680 (2002) | ISO/IEC 8824-1:2002.". -6.2. Informational References +7.2. Informational References [ESS] "Enhanced Security Services for S/ MIME". This is the set of documents dealing with enhanged security services and refers to [RFC2634] and [RFC5035]. [I-D.ietf-curdle-pkix] Josefsson, S. and J. Schaad, "Algorithm Identifiers for - Ed25519, Ed25519ph, Ed448, Ed448ph, X25519 and X448 for - use in the Internet X.509 Public Key Infrastructure", - draft-ietf-curdle-pkix-03 (work in progress), November - 2016. - - [I-D.irtf-cfrg-eddsa] - Josefsson, S. and I. Liusvaara, "Edwards-curve Digital - Signature Algorithm (EdDSA)", draft-irtf-cfrg-eddsa-08 - (work in progress), August 2016. + Ed25519, Ed448, X25519 and X448 for use in the Internet + X.509 Public Key Infrastructure", draft-ietf-curdle- + pkix-04 (work in progress), March 2017. [PKCS6] RSA Laboratories, "PKCS #6: Extended-Certificate Syntax Standard", November 1993. [RFC2311] Dusse, S., Hoffman, P., Ramsdell, B., Lundblade, L., and L. Repka, "S/MIME Version 2 Message Specification", RFC 2311, DOI 10.17487/RFC2311, March 1998, . [RFC2312] Dusse, S., Hoffman, P., Ramsdell, B., and J. Weinstein, @@ -1019,20 +1018,25 @@ [RFC6151] Turner, S. and L. Chen, "Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms", RFC 6151, DOI 10.17487/RFC6151, March 2011, . [RFC6194] Polk, T., Chen, L., Turner, S., and P. Hoffman, "Security Considerations for the SHA-0 and SHA-1 Message-Digest Algorithms", RFC 6194, DOI 10.17487/RFC6194, March 2011, . + [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital + Signature Algorithm (EdDSA)", RFC 8032, + DOI 10.17487/RFC8032, January 2017, + . + [SMIMEv2] "S/MIME version v2". This group of documents represents S/MIME version 2. This set of documents are [RFC2311], [RFC2312], [RFC2313], [RFC2314], and [RFC2315]. [SMIMEv3] "S/MIME version 3". This group of documents represents S/MIME version 3. This set of documents are [RFC2630], [RFC2631], [RFC2632],