We've had well over a month of discussions about the requirement for email
address in end-entity certs, and the requirement for the MUA to check the
From field against the email addresses in the cert. Yet this latest draft
is virtually the same as the previous draft on these issues.
I thought that it had been settled that neither of these requirements would
remain. Wasn't that the concensus from the meeting in San Francisco?
Can somebody help me here? Did I hallucinate all this?
elliott ginsburg
At 09:40 AM 1/30/98 -0500, Internet-Drafts(_at_)ns(_dot_)ietf(_dot_)org wrote:
A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the S/MIME Mail Security Working Group of the
IETF.
Title : S/MIME Version 3 Certificate Handling
Author(s) : B. Ramsdell
Filename : draft-ietf-smime-cert-01.txt
Pages : 17
Date : 29-Jan-98
S/MIME (Secure/Multipurpose Internet Mail Extensions), described in
[SMIME-MSG], provides a method to send and receive secure MIME
messages. In order to validate the keys of a message sent to it, an
S/MIME agent needs to certify that the key is valid. This draft
describes the mechanisms S/MIME uses to create and validate keys using
certificates.
This specification is compatible with the Cryptographic Message Syntax
[CMS] in that it uses the data types defined by CMS. It also inherits
all the varieties of architectures for certificate-based key
management supported by CMS. Note that the method S/MIME messages make
certificate requests is defined in [SMIME-MSG].
In order to handle S/MIME certificates, an agent has to follow
specifications in this draft, as well as some of the specifications
listed in the following documents:
- ''PKCS #1: RSA Encryption'', [PKCS-1].
- ''Cryptographic Message Syntax'', [CMS].
- ''PKCS #10: Certification Request Syntax'', [PKCS-10].
Internet-Drafts are available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in,
type "cd internet-drafts" and then
"get draft-ietf-smime-cert-01.txt".
A URL for the Internet-Draft is:
ftp://ds.internic.net/internet-drafts/draft-ietf-smime-cert-01.txt
Internet-Drafts directories are located at:
Africa: ftp.is.co.za
Europe: ftp.nordu.net
ftp.nis.garr.it
Pacific Rim: munnari.oz.au
US East Coast: ds.internic.net
US West Coast: ftp.isi.edu
Internet-Drafts are also available by mail.
Send a message to: mailserv(_at_)ds(_dot_)internic(_dot_)net(_dot_) In
the body type:
"FILE /internet-drafts/draft-ietf-smime-cert-01.txt".
NOTE: The mail server at ds.internic.net can return the document in
MIME-encoded form by using the "mpack" utility. To use this
feature, insert the command "ENCODING mime" before the "FILE"
command. To decode the response(s), you will need "munpack" or
a MIME-compliant mail reader. Different MIME-compliant mail readers
exhibit different behavior, especially when dealing with
"multipart" MIME messages (i.e. documents which have been split
up into multiple messages), so check your local documentation on
how to manipulate these messages.
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
<ftp://ds.internic.net/internet-drafts/draft-ietf-smime-cert-01.txt>
Elliott N Ginsburg