Skip to main content

Use of the RSA-KEM Key Transport Algorithm in the Cryptographic Message Syntax (CMS)
RFC 5990

Approval announcement
Draft of message to be sent after approval:


From: The IESG <>
To: IETF-Announce <>
Cc: Internet Architecture Board <>,
    RFC Editor <>, 
    smime mailing list <>, 
    smime chair <>
Subject: Protocol Action: 'Use of the RSA-KEM Key Transport Algorithm in CMS' to Proposed Standard

The IESG has approved the following document:

- 'Use of the RSA-KEM Key Transport Algorithm in CMS '
   <draft-ietf-smime-cms-rsa-kem-13.txt> as a Proposed Standard

This document is the product of the S/MIME Mail Security Working Group. 

The IESG contact persons are Tim Polk and Sean Turner.

A URL of this Internet-Draft is:

Ballot Text

Technical Summary

The RSA-KEM Key Transport Algorithm is a one-pass (store-and-forward)
mechanism for transporting keying data to a recipient using the
recipient's RSA public key. This document specifies the conventions for
using the RSA-KEM Key Transport Algorithm with the Cryptographic Message
Syntax (CMS).

Working Group Summary

The draft was development in ANSI and ISO/IEC. The CMS part describes
where you put the OIDs is non-controversial. Note that the algorithm in
Appendix A and ASN.1 in Appendix B is aligned with ANS X9.44 and ISO/IEC

This document was scheduled to be on an IESG telechat in 2008-12-11, but
it was sent back to the S/MIME WG after comments were received from
Steve Kent during his SECDIR review on the public key certificate
parameters. This version addresses, Steve's comments as well as other
comments raised by Jim Schaad on the S/MIME mailing list.

Note that there is one remaining OID that to be registered, and this
will occur immediately following IESG approval.

Document Quality

As noted in the draft: The RSA-KEM Key Transport Algorithm in various
forms is being adopted in several draft standards as well as in
ANS-X9.44 and ISO/IEC 18033-2. It has also been recommended by the
NESSIE project [NESSIE].


Blake Ramsdell is the document Shepherd. Tim Polk is the responsible
Security Area AD.

RFC Editor Note