Stefan Santesson
Microsoft Security Center of Excellence (SCOE)





S/MIME Working Group                            S. Santesson (Microsoft)
INTERNET-DRAFT
Expires August 2005
                                                           February 2005

             Certificate extension for S/MIME Capabilities
                   <draft-ietf-smime-certcapa-03.txt>


   By submitting this Internet-Draft, I certify that any applicable
   patent or other IPR claims of which I am aware have been disclosed,
   or will be disclosed, and any of which I become aware will be
   disclosed, in accordance with RFC 3668

Status of this Memo

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as Internet-
   Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than a "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html


Abstract

   This document defines a certificate extension for inclusion of S/MIME
   capabilities in public key certificates defined by RFC 3280.

   S/MIME Capabilities provides an optional method to communicate
   cryptographic capabilities of the certified subject as a complement
   to use of the S/MIME Capabilities signed attribute in S/MIME messages
   according to RFC 3851.









Santesson                                                       [Page 1]


INTERNET DRAFT        S/MIME Capabilities Extension        February 2005


Table of Contents

   1  Introduction ................................................    2
   1.1  Terminology ...............................................    3
   2  S/MIME Capabilities Extension ...............................    3
   3  Use in applications .........................................    3
   4  Security Considerations .....................................    4
   5  References ..................................................    4
   Authors' Addresses .............................................    5
   Disclaimer .....................................................    5
   Copyright Statement ............................................    5

1  Introduction

   This document defines a certificate extension for inclusion of S/MIME
   capabilities in public key certificates defined by RFC 3280 [RFC
   3280].

   The S/MIME Capabilities attribute is defined in RFC 3851 for
   specifying cryptographic capabilities of the sender of a signed
   S/MIME message. This information can be used by the recipient in
   subsequent S/MIME secured exchanges to select appropriate
   cryptographic properties for future exchange with the opponent.

   The use of S/MIME does however introduce the scenario where e.g. a
   sender of an encrypted message has no prior established knowledge of
   the recipient's cryptographic capabilities through recent S/MIME
   exchanges.

   In such case the sender is forced to rely on its default
   configuration for encrypted messages to recipients with unknown
   capabilities. The problem is however that this default configuration
   may not be compatible with the recipient's capabilities and/or
   security policy.

   The solution defined in this specification leverages on the fact that
   S/MIME encryption requires possession of the recipient's public key
   certificate. This certificate contains information about the
   recipient's public key and the cryptographic capabilities of this
   key. Through the extension mechanism defined in this specification
   the certificate will also have the capacity to identify the subject's
   cryptographic capabilities for use with S/MIME, to be used as an
   optional additional information resource when knowledge about the
   subject capabilities is considered insufficient.

   This document is limited to the "static" approach where asserted
   cryptographic capabilities remain unchanged until the certificate
   expires or is revoked. Other "dynamic" approaches which allow



Santesson                                                       [Page 2]


INTERNET DRAFT        S/MIME Capabilities Extension        February 2005


   retrieval of certified dynamically updatable capabilities during the
   lifetime of a certificate are out of scope of this document.

1.1  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [STDWORDS].

2  S/MIME Capabilities Extension

   This section defines the S/MIME Capabilities extension.

   The S/MIME capabilities extension data structure used in this
   specification is identical to the data structure of the
   SMIMECapabilities attribute defined in RFC 3851 [RFC 3851].

   The S/MIME Capabilities extension MUST follow the requirements and
   definitions defined in RFC 3851. (The ASN.1 structure of
   smimeCapabilities is included below for illustrative purposes only)

      smimeCapabilities OBJECT IDENTIFIER ::=
         {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
         pkcs-9(9) 15}


      sMIMECapabilitiesExt EXTENSION ::= {
            SYNTAX             SMIMECapabilities
            IDENTIFIED BY      smimeCapabilities }

      SMIMECapabilities ::= SEQUENCE OF SMIMECapability

      SMIMECapability ::= SEQUENCE {
         capabilityID OBJECT IDENTIFIER,
         parameters ANY DEFINED BY capabilityID OPTIONAL }

   This extension is expected to hold the same type of capability data
   as the SMIMECapabilities attribute defined in RFC 3851.

   This extension MUST NOT be marked critical.

3  Use in applications

   Applications using the S/MIME Capabilities extension SHOULD NOT use
   information in the extension if more reliable and relevant
   authenticated capabilities information are available to the
   application.




Santesson                                                       [Page 3]


INTERNET DRAFT        S/MIME Capabilities Extension        February 2005


   It is outside the scope of this specification to define what is, or
   is not, regarded as more reliable source of information by the
   encrypting application.


4  Security Considerations

   The S/MIME capabilities extension contains a statement about the
   subject's capabilities made at the time of certificate issuance.
   Implementers should therefore take into account any effect caused by
   the change of these capabilities during the lifetime of the
   certificate.

   Change in the subject's capabilities during the lifetime of a
   certificate may require revocation of the certificate. Revocation
   should however only be motivated if a listed algorithm is considered
   broken and/or considered too weak to use for the adopted encryption
   policy.

   Implementers should take into account that the use of this extension
   does not change the fact that it is always the responsibility of the
   sender to choose sufficiently strong encryption for its information
   disclosure.

5 References

   Normative references:

   [STDWORDS] Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC 3280] R. Housley, W. Polk, W. Ford, and D. Solo, "Internet
              X.509 Public Key Infrastructure: Certificate and
              Certificate Revocation List (CRL) Profile", RFC 3280,
              April 2002.

   [RFC 3851] B. Ramsdell, "Secure/Multipurpose Internet Mail
              Extensions (S/MIME) Version 3.1 Message Specification",
              RFC 3851, July 2004












Santesson                                                       [Page 4]


INTERNET DRAFT        S/MIME Capabilities Extension        February 2005


Authors' Addresses


   Stefan Santesson
   Microsoft
   Tuborg Boulevard 12
   2900 Hellerup
   Denmark

   EMail: stefans@microsoft.com



Disclaimer

   This document and the information contained herein are provided on an
   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.


Copyright Statement

   Copyright (C) The Internet Society (2004).  This document is subject
   to the rights, licenses and restrictions contained in BCP 78, and
   except as set forth therein, the authors retain all their rights.




Expires August 2005

















Santesson                                                       [Page 5]