[Top] [All Lists]

WG Charter

1997-01-16 14:00:12
Hi All,

One small detail for the WG to resolve, we need to establish a protocol
about the certificates field  in the Signed Data message. Do we keep a
single certificate or the chain? Trusted Root Certificate first or last?
Similarly for the CRLs. 


  --Arup Biswas
    Software Engineer,
    Novell Inc.

Greetings again.  In the interest of generating a bit more (as in, some)
action here, I'd like to start the discussion off with a proposed working
group charter and milestones for the S/MIME WG.  Please feel free to

Description of the Working Group:

S/MIME is a method for encrypting and/or authenticating MIME data.  The
definition of S/MIME falls into three areas:

*    Description of the overall message format
*    Description of the security portions of the message
*    Defaults, options, and extensions of the security portions

The first area, the message format, has already been submitted to
the IETF ("draft-dusse-mime-msg-spec").  The second area, the security
portions, are defined by RSA's PKCS #7 and PKCS #10 specifications. 
may be published as Informational RFCs, eventually.  The third area,
security profile, is the main task of this current effort, in order to insure
interoperability of S/MIME-compliant programs.

In order to create a complete (and more perfect) specification, the
Group must fully specify the message format, as well as the minimum
security profile needed in order for two mail clients to communicate.  The
profile must also include other optional security mechanisms, such as
additional hashing algorithms, as well as a method for syncrhonize two
S/MIME agents that have never communicated to determine which of the
optional mechanisms can be used in future messages.  Further, the
must specify an extension registration mechanism (probably through
IANA) so
that future security protocols can be included in S/MIME.

A modestly aggressive schedule is specified, due to the amount of
work on S/MIME.

Goals and Milestones:

February 1997: Revised draft of the message format document

March 1997: Submit PKCS #7 and PKCS #10 as Informational RFCs

March 1997: Draft of security profile document

April 1997: Submit message format document for standards track

May 1997: Revised draft of the security profile document

June 1997: Submit security profile document, submit for standards track

--Paul E. Hoffman, Director
--Internet Mail Consortium

<Prev in Thread] Current Thread [Next in Thread>