ietf-smime
[Top] [All Lists]

Labeling and SMIME

2002-03-20 04:17:30
Hi,
I think that the current SMIME implementation for labeling is too
inflexible.  This is probably because it is modeled on a military world
where a Top Secret message stays Top Secret for ever.  However, in the
commercial world a "Commercially Sensitive" document may become "Public"
overtime or because of a change of circumstances (details released to Stock
Markets, document signed off by marketing etc.).
 
Since, in SMIME, the label of a message is signed with the content of the
document it is impossible for the label to be changed without re-computing a
signature on the content of the document.  This is erroneous since the
person changing the label may not be the original creator of the document
contents.  Hence the proof-of-origin of the document will be lost.
 
Have I missed a way to do this in the current CMS/SMIME model? If not, I
would propose a scheme as follows:
 
a new MIME entity application/pkcs7-labeled that has 2 parts:
 
application/pkcs7-document that contains the document part of a
multipart/signed entity and
 
application/pkcs7-label - a MIME entity that contains a signed CMS object
containing the label and the original document's detached signature.  The
latter signature is provided by the person who creates the message.  The
outer signed CMS object is signed by the labeler of the document.
Typically, the signatories will be the same person.
 
This approach allows labeled documents to be re-classified over time but
keeps the original document signature.
 
Any thoughts?
 
Thanks,
Piers
 
Piers Chivers
Product Architect
Protek Network Security
+44 (0)1270 507800
www.protek.com <http://www.protek.com> 
 
<Prev in Thread] Current Thread [Next in Thread>