ietf-smime
[Top] [All Lists]

Re: Revised section 2.5 of draft-ietf-smime-x400transport-01

2001-04-18 12:55:13
Chris:


I have a few comments on your proposed text.  See below.

If I do not hear concerns raised in the next few days, I will assign the OIDs that Chris needs to proceed on this path.

Russ


2.5 Encoded Information Type Indication

In [MSG], the application/pkcs7-mime content type and optional
"smime-type" parameter are used to convey details about the
security applied (signed or enveloped) along with infomation
about the contained content.  This may aid receiving S/MIME
implementations in correctly processing the secured content.
Additional values of smime-type are defined in [ESS] and
[X400WRAP]. In an X.400 transport environment, MIME typing is not
available.  Therefore the equivalent semantic is conveyed using
the Encoded Information Types (EITs).  The EITs are conveyed in
the original-encoded-information-types field of the X.400 message
envelope.  This memo defines the following smime-types.

     smime-type       EIT Value (OID)
     Security         Inner Content

It took me two or three readings to understand this "table." Please replace "Security" with "CMS protection content type."


     enveloped-data   id-eit-envelopedData
     EnvelopedData    Data

     signed-data      id-eit-signedData
     SignedData       Data

     cert-management  id-eit-certManagement
     SignedData       none

Instead of "none," I personally prefer "empty (zero length content)."


     signed-receipt   id-eit-signedReceipt
     SignedData       Receipt

     enveloped-x400   id-eit-envelopedx400
     EnvelopedData    X.400 content

     signed-x400      id-eit-signedx400
     SignedData       X.400 content

Sending agents SHOULD include the appropriate S/MIME EIT OID
value.  Receiving agents SHOULD recognize S/MIME OID values in
the EITs field, and process the message appropriately according
to local procedures.

In order that consistency can be obtained with future, the

I do not understand the introductory phrase.  Is there a word missing?

following guidelines should be followed when assigning a new
values of EIT.  Values assigned for S/MIME EITs should correspond
to assigned smime-type values on a one to one basis.  The
restrictions of section 3.2.2 of [MSG] therefore apply.  S/MIME
EIT values may coexist with other EIT values intended to further
qualify the makeup of the protected content.

2.5.1 Enveloped Data

The enveloped data EIT indicates that the X.400 content field
contains a MIME type that has been protected by the CMS
Enveloped-data content type in accordance with [MSG]. The
resulting enveloped data CMS content is conveyed in accordance
with section 2.2. This EIT should be indicated by the following
OID value:

    id-eit-envelopedData  OBJECT IDENTIFIER ::=
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) eits(***) envelopedData(0) }

2.5.2 Signed Data

The signed data EIT indicates that the X.400 content field
contains a MIME type that has been protected by the CMS
Signed-data content type in accordance with [MSG]. The resulting
signed data CMS content is conveyed in accordance with section
2.2. This EIT should be indicated by the following OID value:

   id-eit-signedData  OBJECT IDENTIFIER ::=
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) eits(***) signedData(1) }

2.5.3 Certificate Management

The certificate management message is used to transport
certificates and/or CRLs, such as in response to a registration
request. The certificate management message consists of a single
instance of CMS content of type Signed-data.  The
encapContentInfo eContent field MUST be absent and signerInfos
field MUST be empty. The resulting certificate management CMS
content is conveyed in accordance with section 2.2. This EIT
should be indicated by the following OID value:

    id-eit-certManagement  OBJECT IDENTIFIER ::=
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) eits(***) certManagement(2) }

2.5.4 Signed Receipt

The signed receipt EIT indicates that the X.400 content field
contains a Receipt content that has been protected by the CMS
Signed-data content type in accordance with [ESS]. The resulting
signed data CMS content is conveyed in accordance with section
2.2. This EIT should be indicated by the following OID value:

    id-eit-signedReceipt  OBJECT IDENTIFIER ::=
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) eits(***) signedReceipt(3) }

2.5.5 Enveloped X.400

The enveloped X.400 EIT indicates that the X.400 content field
contains X.400 content that has been protected by the CMS
Enveloped-data content type in accordance with [X400WRAP]. The
resulting enveloped X.400 CMS content is conveyed in accordance
with section 2.2. This EIT should be indicated by the following
OID value:

    id-eit-envelopedX400  OBJECT IDENTIFIER ::=
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) eits(***) envelopedX400(4) }

2.5.6 Signed X.400

The signed X.400 EIT indicates that the X.400 content field
contains X.400 content that has been protected by the CMS
Signed-data content type in accordance with [X400WRAP]. The
resulting signed X.400 CMS content is conveyed in accordance with
section 2.2. This EIT should be indicated by the following OID
value:

    id-eit-signedX400  OBJECT IDENTIFIER ::=
        { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
        pkcs-9(9) smime(16) eits(***) signedX400(5) }


<Prev in Thread] Current Thread [Next in Thread>