Well, last summer I was able to use PKCS (TIPEM from RSADSI) and
MIME-encode the binary output to send via Mail. It worked well.
I was able to have most stuff automated, and in this manner one
could sign a portion of the mail and leave the rest as normal
MIME mail. I used "application/pkcs" as the content-type.
One problem with this is that you lose the MIC-CLEAR type of mail,
since MIME will encode the whole PKCS output in IA5 encoding, so the
plain-text will get re-coded in MIME.
Thank you Derek for the proof of concept. I've been claiming this
sort of interoperability for quite some time without much response.
As far as the ability to do MIC-CLEAR, the PKCS message format allows
for a "detached" signature, a signature message which does not include
the data that was signed. Coupled with a mechanism to reference a
signature MIME part to the data-that-was-signed MIME part (such as
Message ID), you automatically get the equivalent of MIC-CLEAR for any
type of MIME message. If, for instance, you feel confident that a
text message will arrive at it's destination untouched (remember this
was the premise behind MIC-CLEAR in PEM) then you can use this
technique to do the equivalent of a MIC-CLEAR text message.
What were the other reasons why I strongly advocated this approach ?
- PEM/PKCS certificates are interchangable
(draft-ietf-pem-keymgmt-01.txt works for both)
- Algorithm suite and object Identifiers are identical in both,
gateway does not need any cryptographic transformations
(draft-ietf-algorithms-01.txt works for both)
- PKCS messages are binary for efficiency
- The PKCS allow for an enveloped-only message. This would eliminate
much of the need for those pesky PERSONA certs since no signature is
required to communicate privately and anonymously.
- PKCS messages carry CRLs (awfully convenient when you're asserting
your identity via certificates)
- and (my favorite) PKCS is published and stable for quite some time
(there is even a fair amount of industry acceptance)
And, finally, from my message in _July_ (which I will happily repost if
there is interest...):
Let me stress this point again, PKCS is NOT competition to PEM. PEM
is the best fit with the current RFC822 mail environment. If
anything, there is incredible pressure to release PEM as-is.
Integration of PKCS and MIME would allow the PEM effort to move
forward without reservation.
Cheers,
Steve Dusse
RSA Data Security, Inc.
p.s. As always, PKCS are available via anonymous ftp from rsa.com
Check out PKCS #7 which describes the PKCS message syntax