S/MIME Version 2 Message Specification
RFC 2311

Document Type RFC - Historic (March 1998; No errata)
Was draft-dusse-smime-msg (individual)
Last updated 2013-03-02
Stream Legacy
Formats plain text pdf html
Stream Legacy state (None)
Document shepherd No shepherd assigned
IESG IESG state RFC 2311 (Historic)
Telechat date
Responsible AD (None)
Send notices to (None)
Network Working Group                                          S. Dusse
Request for Comments: 2311                            RSA Data Security
Category: Informational                                      P. Hoffman
                                               Internet Mail Consortium
                                                            B. Ramsdell
                                                           L. Lundblade
                                                               L. Repka
                                                             March 1998

                 S/MIME Version 2 Message Specification

Status of this Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (1998).  All Rights Reserved.

1. Introduction

   S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a
   consistent way to send and receive secure MIME data. Based on the
   popular Internet MIME standard, S/MIME provides the following
   cryptographic security services for electronic messaging
   applications: authentication, message integrity and non-repudiation
   of origin (using digital signatures) and privacy and data security
   (using encryption).

   S/MIME can be used by traditional mail user agents (MUAs) to add
   cryptographic security services to mail that is sent, and to
   interpret cryptographic security services in mail that is received.
   However, S/MIME is not restricted to mail; it can be used with any
   transport mechanism that transports MIME data, such as HTTP. As such,
   S/MIME takes advantage of the object-based features of MIME and
   allows secure messages to be exchanged in mixed-transport systems.

   Further, S/MIME can be used in automated message transfer agents that
   use cryptographic security services that do not require any human
   intervention, such as the signing of software-generated documents and
   the encryption of FAX messages sent over the Internet.

Dusse, et. al.               Informational                      [Page 1]
RFC 2311         S/MIME Version 2 Message Specification       March 1998

   Please note: The information in this document is historical material
   being published for the public record. It is not an IETF standard.
   The use of the word "standard" in this document indicates a standard
   for adopters of S/MIME version 2, not an IETF standard.

1.1 Specification Overview

   This document describes a protocol for adding cryptographic signature
   and encryption services to MIME data. The MIME standard [MIME-SPEC]
   provides a general structure for the content type of Internet
   messages and allows extensions for new content type applications.

   This memo defines how to create a MIME body part that has been
   cryptographically enhanced according to PKCS #7 [PKCS-7]. This memo
   also defines the application/pkcs7-mime MIME type that can be used to
   transport those body parts. This memo also defines how to create
   certification requests that conform to PKCS #10 [PKCS-10], and the
   application/pkcs10 MIME type for transporting those requests.

   This memo also discusses how to use the multipart/signed MIME type
   defined in [MIME-SECURE] to transport S/MIME signed messages. This
   memo also defines the application/pkcs7-signature MIME type, which is
   also used to transport S/MIME signed messages. This specification is
   compatible with PKCS #7 in that it uses the data types defined by
   PKCS #7.

   In order to create S/MIME messages, an agent has to follow
   specifications in this memo, as well as some of the specifications
   listed in the following documents:

    - "PKCS #1: RSA Encryption", [PKCS-1]
    - "PKCS #7: Cryptographic Message Syntax", [PKCS-7]
    - "PKCS #10: Certification Request Syntax", [PKCS-10]

   Throughout this memo, there are requirements and recommendations made
   for how receiving agents handle incoming messages. There are separate
   requirements and recommendations for how sending agents create
   outgoing messages. In general, the best strategy is to "be liberal in
   what you receive and conservative in what you send". Most of the
   requirements are placed on the handling of incoming messages while
   the recommendations are mostly on the creation of outgoing messages.

   The separation for requirements on receiving agents and sending
   agents also derives from the likelihood that there will be S/MIME
   systems that involve software other than traditional Internet mail
Show full document text