I am proposing a pair of charter changes to deal with the two new drafts
which the working group decided it wanted to look at during the March IETF
meeting. These drafts are:
1. A draft to address methods of publishing certificates with authenticated
attributes in directories.
2. A draft proposing a new authenticated attribute which carries the issuer
and serial number fields to more tightly bind the signing certificate into
the signature itself.
The charter changes are a new paragraph (paragraph #3) and a new sentence at
the end of paragraph #2
The S/MIME Working Group will define MIME encapsulation of digitally signed
and encrypted objects whose format is based on PKCS #7. [1] X.509
Certificates and CRLs as profiled by the existing PKIX Working Group will be
used to support authentication and key management. The Working Group will
base its work on the S/MIME version 2 specification (available from RSA Data
Security), but the Working Group will be free to change any part of that
specification. In particular, the Working Group will prepare a new document
that allows algorithm independence, based on PKCS #7 1.5.
The message syntax specification, based on PKCS #7 version 1.5, will be
expanded to allow additional key signature and key exchange algorithms. The
message and certificate specifications will be revised to allow them to
become standards. The optional security extensions document will specify
protocols that allow for additional security features, such as signed
message receipts. An optional specification will provide an authenticated
attribute to provide for tight binding of the signing certificate to a
signature.
The S/MIME Working Group will define methods of publishing certificates in
public repositories with the aim of maximizing the ability to send
encrypted and signed mail between two parties without prior direct
negotiation between the parties.
The S/MIME Working Group will attempt to coordinate its efforts with the
OpenPGP Working Group in areas where the work of the two groups overlap,
particularly in specification of cryptographic algorithms and MIME
structure.
[1] RSA Data Security publishes the PKCS Series of documents. RSA Data
Security has permitted the IETF to publish them as Informational RFCs as
well as to extend and enhance them.