PKCS #7: Cryptographic Message Syntax Version 1.5
RFC 2315
Document | Type |
RFC - Informational
(March 1998; No errata)
Was draft-hoffman-pkcs-crypt-msg (individual)
|
|
---|---|---|---|
Author | Burt Kaliski | ||
Last updated | 2013-03-02 | ||
Stream | Legacy stream | ||
Formats | plain text html pdf htmlized (tools) htmlized bibtex | ||
Stream | Legacy state | (None) | |
Consensus Boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | RFC 2315 (Informational) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) |
Network Working Group B. Kaliski Request for Comments: 2315 RSA Laboratories, East Category: Informational March 1998 PKCS #7: Cryptographic Message Syntax Version 1.5 Status of this Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (1998). All Rights Reserved. Overview This document describes a general syntax for data that may have cryptography applied to it, such as digital signatures and digital envelopes. The syntax admits recursion, so that, for example, one envelope can be nested inside another, or one party can sign some previously enveloped digital data. It also allows arbitrary attributes, such as signing time, to be authenticated along with the content of a message, and provides for other attributes such as countersignatures to be associated with a signature. A degenerate case of the syntax provides a means for disseminating certificates and certificate-revocation lists. 1. Scope This document is compatible with Privacy-Enhanced Mail (PEM) in that signed-data and signed-and-enveloped-data content, constructed in a PEM-compatible mode, can be converted into PEM messages without any cryptographic operations. PEM messages can similarly be converted into the signed-data and signed-and-enveloped data content types. This document can support a variety of architectures for certificate-based key management, such as the one proposed for Privacy-Enhanced Mail in RFC 1422. Architectural decisions such as what certificate issuers are considered "top-level," what entities certificate issuers are authorized to certify, what distinguished names are considered acceptable, and what policies certificate issuers must follow (such as signing only with secure hardware, or requiring entities to present specific forms of identification) are left outside the document. Kaliski Informational [Page 1] RFC 2315 PKCS #7: Crytographic Message Syntax March 1998 The values produced according to this document are intended to be BER-encoded, which means that the values would typically be represented as octet strings. While many systems are capable of transmitting arbitrary octet strings reliably, it is well known that many electronic-mail systems are not. This document does not address mechanisms for encoding octet strings as (say) strings of ASCII characters or other techniques for enabling reliable transmission by re-encoding the octet string. RFC 1421 suggests one possible solution to this problem. 2. References FIPS PUB 46-1 National Bureau of Standards. FIPS PUB 46-1: Data Encryption Standard. January 1988. PKCS #1 RSA Laboratories. PKCS #1: RSA Encryption. Version 1.5, November 1993. PKCS #6 RSA Laboratories. PKCS #6: Extended-Certificate Syntax. Version 1.5, November 1993. PKCS #9 RSA Laboratories. PKCS #9: Selected Attribute Types. Version 1.1, November 1993. RFC 1421 Linn, J., "Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures," RFC 1421 February 1993. RFC 1422 Kent, S., "Privacy Enhancement for Internet Electronic Mail: Part II: Certificate- Based Key Management," RFC 1422, February 1993. RFC 1423 Balenson, D., "Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers," RFC 1423, February 1993. RFC 1424 Kaliski, B., "Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services," RFC 1424, February 1993. Kaliski Informational [Page 2] RFC 2315 PKCS #7: Crytographic Message Syntax March 1998 RFC 1319 Kaliski, B., "The MD2 Message-Digest Algorithm," RFC 1319, April 1992. RFC 1321 Rivest, R., "The MD5 Message-Digest Algorithm," RFC 1321, April 1992. X.208 CCITT. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988. X.209 CCITT. Recommendation X.209: Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1). 1988. X.500 CCITT. Recommendation X.500: The Directory-- Overview of Concepts, Models and Services. 1988. X.501 CCITT. Recommendation X.501: The Directory--Show full document text