Securing Header Fields with S/MIME
draft-cailleux-secure-headers-00
Network Working Group L. Cailleux
Internet-Draft DGA MI
Intended status: Experimental C. Bonatti
Expires: 16 April 2012 IECA
16 October 2011
Securing Header Fields with S/MIME
draft-cailleux-secure-headers-00
Abstract
This document describes how the S/MIME protocol can be extended in
order to secure message header fields. This technology provides
security services such as data integrity, non-repudiation and
confidentiality. This extension is referred to as 'Secure Headers'.
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 16 April 2012.
Draft Version 0.26 (20110728)
Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
Cailleux Expires 16 April 2012 [Page 1]
Internet-Draft Securing Header Fields with S/MIME October 2011
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document MUST
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction...................................................2
2. Terminology and conventions used in this document..............3
3. Context........................................................3
4. Mechanisms to secure message header fields.....................5
4.1. ASN.1 syntax of secure header fields......................6
4.2. Secure header fields length and format....................7
4.3. Canonization algorithm....................................7
4.4. Header fields statuses....................................8
4.5. Signature Process.........................................8
4.5.1. Signature Generation Process.........................8
4.5.2. Signature verification process.......................9
4.6. Encryption and Decryption Processes......................11
4.6.1. Encryption Process..................................11
4.6.2. Decryption Process..................................12
5. Case of triple wrapping.......................................13
6. Security Considerations.......................................13
7. References....................................................13
7.1. Normative References.....................................13
7.2. Informative References...................................14
Appendix A. Formal syntax of Secure Header.......................15
Appendix B. Secure Header Fields example.........................16
Appendix C. Acknowledgements.....................................18
1. Introduction
S/MIME [RFC5751] standard defines a data encapsulation format for the
achievement of end to end security services such as integrity,
authentication, non-repudiation and confidentiality. By default,
S/MIME secures message body parts, at the exclusion of the message
header fields.
S/MIME provides an alternative solution to secure header fields. "The
sending client MAY wrap a full MIME [RFC2045] message in a
Show full document text