Hi Russ,
On 09/03/2016 04:53, Russ Housley wrote:
Alexey:
Anything else?
It would be good if "Domain-based signing and encryption using S/MIME"
(draft-melnikov-smime-msa-to-mda-04) can also be included.
Can you summarize the things that you need that are not supported by RFC 3183?
3183 Domain Security Services using S/MIME. T. Dean, W. Ottaway. October
2001. (Format: TXT=57129 bytes) (Status: EXPERIMENTAL) (DOI:
10.17487/RFC3183)
My draft is effectively a revision of RFC 3183:
Changes from RFC 3183
Unlike RFC 3183, subject names of domain signing/encrypting X.509
certificates don't have to have a specific form. But Subject
Alternative Names need to include URIs for domain being protected.
A new signature type was added for the case when MSA signs/encrypts a
message on behalf of a user with a user specific key.
Incorporated erratum 3757 resolution.
Updated references and some minor editorial corrections.
_______________________________________________
smime mailing list
smime(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/smime