draft-ietf-lamps-rfc5751-bis-09.txt		draft-ietf-lamps-rfc5751-bis-10.txt
	LAMPS J. Schaad		LAMPS J. Schaad
	Internet-Draft August Cellars		Internet-Draft August Cellars
	Obsoletes: 5751 (if approved) B. Ramsdell		Obsoletes: 5751 (if approved) B. Ramsdell
	Intended status: Standards Track Brute Squad Labs, Inc.		Intended status: Standards Track Brute Squad Labs, Inc.
	Expires: November 23, 2018 S. Turner		Expires: December 21, 2018 S. Turner
	sn3rd		sn3rd
	May 22, 2018		June 19, 2018
	Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0		Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0
	Message Specification		Message Specification
	draft-ietf-lamps-rfc5751-bis-09		draft-ietf-lamps-rfc5751-bis-10
	Abstract		Abstract
	This document defines Secure/Multipurpose Internet Mail Extensions		This document defines Secure/Multipurpose Internet Mail Extensions
	(S/MIME) version 4.0. S/MIME provides a consistent way to send and		(S/MIME) version 4.0. S/MIME provides a consistent way to send and
	receive secure MIME data. Digital signatures provide authentication,		receive secure MIME data. Digital signatures provide authentication,
	message integrity, and non-repudiation with proof of origin.		message integrity, and non-repudiation with proof of origin.
	Encryption provides data confidentiality. Compression can be used to		Encryption provides data confidentiality. Compression can be used to
	reduce data size. This document obsoletes RFC 5751.		reduce data size. This document obsoletes RFC 5751.
	skipping to change at page 1, line 47 ¶		skipping to change at page 1, line 47 ¶
	Internet-Drafts are working documents of the Internet Engineering		Internet-Drafts are working documents of the Internet Engineering
	Task Force (IETF). Note that other groups may also distribute		Task Force (IETF). Note that other groups may also distribute
	working documents as Internet-Drafts. The list of current Internet-		working documents as Internet-Drafts. The list of current Internet-
	Drafts is at https://datatracker.ietf.org/drafts/current/.		Drafts is at https://datatracker.ietf.org/drafts/current/.
	Internet-Drafts are draft documents valid for a maximum of six months		Internet-Drafts are draft documents valid for a maximum of six months
	and may be updated, replaced, or obsoleted by other documents at any		and may be updated, replaced, or obsoleted by other documents at any
	time. It is inappropriate to use Internet-Drafts as reference		time. It is inappropriate to use Internet-Drafts as reference
	material or to cite them other than as "work in progress."		material or to cite them other than as "work in progress."
	This Internet-Draft will expire on November 23, 2018.		This Internet-Draft will expire on December 21, 2018.
	Copyright Notice		Copyright Notice
	Copyright (c) 2018 IETF Trust and the persons identified as the		Copyright (c) 2018 IETF Trust and the persons identified as the
	document authors. All rights reserved.		document authors. All rights reserved.
	This document is subject to BCP 78 and the IETF Trust's Legal		This document is subject to BCP 78 and the IETF Trust's Legal
	Provisions Relating to IETF Documents		Provisions Relating to IETF Documents
	(https://trustee.ietf.org/license-info) in effect on the date of		(https://trustee.ietf.org/license-info) in effect on the date of
	publication of this document. Please review these documents		publication of this document. Please review these documents
	skipping to change at page 3, line 18 ¶		skipping to change at page 3, line 18 ¶
	2.7. ContentEncryptionAlgorithmIdentifier . . . . . . . . . . 17		2.7. ContentEncryptionAlgorithmIdentifier . . . . . . . . . . 17
	2.7.1. Deciding Which Encryption Method to Use . . . . . . . 17		2.7.1. Deciding Which Encryption Method to Use . . . . . . . 17
	2.7.2. Choosing Weak Encryption . . . . . . . . . . . . . . 19		2.7.2. Choosing Weak Encryption . . . . . . . . . . . . . . 19
	2.7.3. Multiple Recipients . . . . . . . . . . . . . . . . . 19		2.7.3. Multiple Recipients . . . . . . . . . . . . . . . . . 19
	3. Creating S/MIME Messages . . . . . . . . . . . . . . . . . . 19		3. Creating S/MIME Messages . . . . . . . . . . . . . . . . . . 19
	3.1. Preparing the MIME Entity for Signing, Enveloping, or		3.1. Preparing the MIME Entity for Signing, Enveloping, or
	Compressing . . . . . . . . . . . . . . . . . . . . . . . 20		Compressing . . . . . . . . . . . . . . . . . . . . . . . 20
	3.1.1. Canonicalization . . . . . . . . . . . . . . . . . . 21		3.1.1. Canonicalization . . . . . . . . . . . . . . . . . . 21
	3.1.2. Transfer Encoding . . . . . . . . . . . . . . . . . . 22		3.1.2. Transfer Encoding . . . . . . . . . . . . . . . . . . 22
	3.1.3. Transfer Encoding for Signing Using multipart/signed 23		3.1.3. Transfer Encoding for Signing Using multipart/signed 23
	3.1.4. Sample Canonical MIME Entity . . . . . . . . . . . . 23		3.1.4. Sample Canonical MIME Entity . . . . . . . . . . . . 24
	3.2. The application/pkcs7-mime Media Type . . . . . . . . . . 24		3.2. The application/pkcs7-mime Media Type . . . . . . . . . . 24
	3.2.1. The name and filename Parameters . . . . . . . . . . 25		3.2.1. The name and filename Parameters . . . . . . . . . . 25
	3.2.2. The smime-type Parameter . . . . . . . . . . . . . . 26		3.2.2. The smime-type Parameter . . . . . . . . . . . . . . 26
	3.3. Creating an Enveloped-Only Message . . . . . . . . . . . 27		3.3. Creating an Enveloped-Only Message . . . . . . . . . . . 27
	3.4. Creating an Authenticated Enveloped-Only Message . . . . 28		3.4. Creating an Authenticated Enveloped-Only Message . . . . 28
	3.5. Creating a Signed-Only Message . . . . . . . . . . . . . 29		3.5. Creating a Signed-Only Message . . . . . . . . . . . . . 29
	3.5.1. Choosing a Format for Signed-Only Messages . . . . . 29		3.5.1. Choosing a Format for Signed-Only Messages . . . . . 29
	3.5.2. Signing Using application/pkcs7-mime with SignedData 30		3.5.2. Signing Using application/pkcs7-mime with SignedData 30
	3.5.3. Signing Using the multipart/signed Format . . . . . . 31		3.5.3. Signing Using the multipart/signed Format . . . . . . 31
	3.6. Creating a Compressed-Only Message . . . . . . . . . . . 34		3.6. Creating a Compressed-Only Message . . . . . . . . . . . 34
	skipping to change at page 20, line 24 ¶		skipping to change at page 20, line 24 ¶
	for signed-only data, and several formats for signed and enveloped		for signed-only data, and several formats for signed and enveloped
	data. Several formats are required to accommodate several		data. Several formats are required to accommodate several
	environments, in particular for signed messages. The criteria for		environments, in particular for signed messages. The criteria for
	choosing among these formats are also described.		choosing among these formats are also described.
	The reader of this section is expected to understand MIME as		The reader of this section is expected to understand MIME as
	described in [MIME-SPEC] and [RFC1847].		described in [MIME-SPEC] and [RFC1847].
	3.1. Preparing the MIME Entity for Signing, Enveloping, or Compressing		3.1. Preparing the MIME Entity for Signing, Enveloping, or Compressing
	S/MIME is used to secure MIME entities. A MIME entity can be a sub-		S/MIME is used to secure MIME entities. A MIME message is composed
	part, sub-parts of a message, or the whole message with all its sub-		of a MIME header and a MIME body, the body can consist of a single
	parts. A MIME entity that is the whole message includes only the		part or of multiple parts. Any of these parts is designated as a
	MIME message headers and MIME body, and does not include the RFC-822		MIME message part. A MIME entity can be a sub-part, sub-parts of a
	header. Note that S/MIME can also be used to secure MIME entities		MIME message, or the whole MIME message with all of its sub-parts. A
	used in applications other than Internet mail. If protection of the		MIME entity that is the whole message includes only the MIME message
	RFC-822 header is required, the use of the message/rfc822 media type		headers and MIME body, and does not include the RFC-822 header. Note
	is explained later in this section.		that S/MIME can also be used to secure MIME entities used in
			applications other than Internet mail. If protection of the RFC-822
			header is required, the use of the message/rfc822 media type is
			explained later in this section.
	The MIME entity that is secured and described in this section can be		The MIME entity that is secured and described in this section can be
	thought of as the "inside" MIME entity. That is, it is the		thought of as the "inside" MIME entity. That is, it is the
	"innermost" object in what is possibly a larger MIME message.		"innermost" object in what is possibly a larger MIME message.
	Processing "outside" MIME entities into CMS content types is		Processing "outside" MIME entities into CMS content types is
	described in Section 3.2, Section 3.5, and elsewhere.		described in Section 3.2, Section 3.5, and elsewhere.
	The procedure for preparing a MIME entity is given in [MIME-SPEC].		The procedure for preparing a MIME entity is given in [MIME-SPEC].
	The same procedure is used here with some additional restrictions		The same procedure is used here with some additional restrictions
	when signing. The description of the procedures from [MIME-SPEC] is		when signing. The description of the procedures from [MIME-SPEC] is
End of changes. 6 change blocks.
	13 lines changed or deleted		16 lines changed or added
This html diff was produced by rfcdiff 1.46. The latest version is available from http://tools.ietf.org/tools/rfcdiff/