Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted
RFC 1847
Document | Type |
RFC - Proposed Standard
(October 1995; No errata)
Was draft-ietf-pem-sigenc (pem WG)
|
|
---|---|---|---|
Authors | Sandy Murphy , James Galvin , Steve Crocker , Ned Freed | ||
Last updated | 2013-03-02 | ||
Stream | IETF | ||
Formats | plain text html pdf htmlized bibtex | ||
Stream | WG state | (None) | |
Document shepherd | No shepherd assigned | ||
IESG | IESG state | RFC 1847 (Proposed Standard) | |
Consensus Boilerplate | Unknown | ||
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group J. Galvin Request For Comments: 1847 S. Murphy Category: Standards Track Trusted Information Systems S. Crocker CyberCash, Inc. N. Freed Innosoft International, Inc. October 1995 Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited. Abstract This document defines a framework within which security services may be applied to MIME body parts. MIME, an acronym for "Multipurpose Internet Mail Extensions", defines the format of the contents of Internet mail messages and provides for multi-part textual and non- textual message bodies. The new content types are subtypes of multipart: signed and encrypted. Each will contain two body parts: one for the protected data and one for the control information necessary to remove the protection. The type and contents of the control information body parts are determined by the value of the protocol parameter of the enclosing multipart/signed or multipart/encrypted content type, which is required to be present. Table of Contents 1. Introduction .............................................. 2 2. Definition of Security Subtypes of Multipart .............. 2 2.1 Definition of Multipart/Signed .......................... 3 2.2 Definition of Multipart/Encrypted ....................... 6 3. Definition of Control Information Content Types ........... 9 4. Definition of Key Management Content Types ................ 9 5. Security Considerations ................................... 10 6. Acknowledgements .......................................... 10 7. References ................................................ 10 8. Authors' Addresses ........................................ 11 Galvin, et al Standards Track [Page 1] RFC 1847 Security Multiparts October 1995 1. Introduction An Internet electronic mail message consists of two parts: the headers and the body. The headers form a collection of field/value pairs structured according to STD 11, RFC 822 [1], whilst the body, if structured, is defined according to MIME [2]. The basic MIME specification does not provide specific security protection. This document defines a framework whereby security protection provided by other protocols may be used with MIME in a complementary fashion. By itself, it does not specify security protection. A MIME agent must include support for both the framework defined here and a mechanism to interact with a security protocol defined in a separate document. The resulting combined service provides security for single-part and multi-part textual and non-textual messages. The framework is provided by defining two new security subtypes of the MIME multipart content type: signed and encrypted. In each of the security subtypes, there are exactly two related body parts: one for the protected data and one for the control information. The type and contents of the control information body parts are determined by the value of the protocol parameter of the enclosing multipart/signed or multipart/encrypted content type, which is required to be present. By registering new values for the required protocol parameter, the framework is easily extended to accommodate a variety of protocols. A MIME agent that includes support for this framework will be able to recognize a security multipart body part and to identify its protected data and control information body parts. If the value of the protocol parameter is unrecognized the MIME agent will not be able to process the security multipart. However, a MIME agent may continue to process any other body parts that may be present. 2. Definition of Security Subtypes of Multipart The multipart/signed content type specifies how to support authentication and integrity services via digital signature. The control information is carried in the second of the two required body parts. The multipart/encrypted content type specifies how to support confidentiality via encryption. The control information is carriedShow full document text