The application/cms Media Type
RFC 7193
| Document | Type |
RFC - Informational
(April 2014; Errata)
Was draft-turner-application-cms-media-type (individual in sec area)
|
|
|---|---|---|---|
| Last updated | 2015-10-14 | ||
| Stream | IETF | ||
| Formats | plain text pdf html bibtex | ||
| Reviews | |||
| Stream | WG state | (None) | |
| Document shepherd | Paul Hoffman | ||
| Shepherd write-up | Show (last changed 2013-10-30) | ||
| IESG | IESG state | RFC 7193 (Informational) | |
| Consensus Boilerplate | Yes | ||
| Telechat date | |||
| Responsible AD | Stephen Farrell | ||
| Send notices to | paul.hoffman@vpnc.org | ||
| IANA | IANA review state | Version Changed - Review Needed | |
| IANA action state | RFC-Ed-Ack | ||
Internet Engineering Task Force (IETF) S. Turner
Request for Comments: 7193 IECA
Category: Informational R. Housley
ISSN: 2070-1721 Vigil Security
J. Schaad
Soaring Hawk Consulting
April 2014
The application/cms Media Type
Abstract
This document registers the application/cms media type for use with
the corresponding CMS (Cryptographic Message Syntax) content types.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by the
Internet Engineering Steering Group (IESG). Not all documents
approved by the IESG are a candidate for any level of Internet
Standard; see Section 2 of RFC 5741.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7193.
Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Turner, et al. Informational [Page 1]
RFC 7193 application/cms Media Type April 2014
1. Introduction
[RFC5751] registered the application/pkc7-mime media type. That
document defined five optional smime-type parameters. The smime-type
parameter originally conveyed details about the security applied to
the data content type, indicating whether it was signed or enveloped,
as well as the name of the data content; it was later expanded to
indicate whether the data content is compressed and whether the data
content contained a certs-only message. This document does not
affect those registrations as this document places no requirements on
S/MIME (Secure Multipurpose Internet Mail Extensions) agents.
The registration done by the S/MIME documents was done assuming that
there would be a MIME (Multipurpose Internet Mail Extensions)
wrapping layer around each of the different enveloping contents;
thus, there was no need to include more than one item in each smime-
type. This is no longer the case with some of the more advanced
enveloping types. Some protocols such as the CMC (Certificate
Management over Cryptographic Message Syntax) [RFC5273] have defined
additional S/MIME types. New protocols that intend to wrap MIME
content should continue to define a smime-type string; however, new
protocols that intend to wrap non-MIME types should use this
mechanism instead.
CMS (Cryptographic Message Syntax) [RFC5652] associates a content
type identifier (OID) with specific content; CMS content types have
been widely used to define contents that can be enveloped using other
CMS content types and to define enveloping content types some of
which provide security services. CMS protecting content types, those
that provide security services, include: Signed-Data [RFC5652],
Enveloped-Data [RFC5652], Digested-Data [RFC5652], Encrypted-Data
[RFC5652], Authenticated-Data [RFC5652], Authenticated-Enveloped-Data
[RFC5083], and Encrypted Key Package [RFC6032]. CMS non-protecting
content types, those that provide no security services but
encapsulate other CMS content types, include: Content Information
[RFC5652], Compressed Data [RFC3274], Content Collection [RFC4073],
and Content With Attributes [RFC4073]. Then, there are the innermost
content types that include: Data [RFC5652], Asymmetric Key Package
[RFC5958], Symmetric Key Package [RFC6031], Firmware Package
[RFC4108], Firmware Package Load Receipt [RFC4108], Firmware Package
Load Error [RFC4108], Trust Anchor List [RFC5914], TAMP Status Query,
TAMP Status Response, TAMP Update, TAMP Update Confirm, TAMP Apex
Show full document text