Securing Header Fields with S/MIME
RFC 7508
Document | Type |
RFC - Experimental
(April 2015; Errata)
Was draft-cailleux-secure-headers (individual)
|
|
---|---|---|---|
Authors | Laurent Cailleux , Chris Bonatti | ||
Last updated | 2020-01-21 | ||
Stream | ISE | ||
Formats | plain text html pdf htmlized with errata bibtex | ||
IETF conflict review | conflict-review-cailleux-secure-headers | ||
Stream | ISE state | Published RFC | |
Consensus Boilerplate | Unknown | ||
Document shepherd | Adrian Farrel | ||
Shepherd write-up | Show (last changed 2014-08-11) | ||
IESG | IESG state | RFC 7508 (Experimental) | |
Telechat date | |||
Responsible AD | (None) | ||
Send notices to | (None) | ||
IANA | IANA review state | Version Changed - Review Needed | |
IANA action state | RFC-Ed-Ack |
Independent Submission L. Cailleux Request for Comments: 7508 DGA MI Category: Experimental C. Bonatti ISSN: 2070-1721 IECA April 2015 Securing Header Fields with S/MIME Abstract This document describes how the S/MIME protocol can be extended in order to secure message header fields defined in RFC 5322. This technology provides security services such as data integrity, non- repudiation, and confidentiality. This extension is referred to as 'Secure Headers'. Status of This Memo This document is not an Internet Standards Track specification; it is published for examination, experimental implementation, and evaluation. This document defines an Experimental Protocol for the Internet community. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained at http://www.rfc-editor.org/info/rfc7508. Copyright Notice Copyright (c) 2015 IETF Trust and the persons identified as the document authors. All rights reserved. This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Cailleux & Bonatti Experimental [Page 1] RFC 7508 Securing Header Fields with S/MIME April 2015 Table of Contents 1. Introduction ....................................................2 2. Terminology and Conventions Used in This Document ...............3 3. Context .........................................................4 4. Mechanisms to Secure Message Header Fields ......................6 4.1. ASN.1 Syntax of Secure Header Fields .......................7 4.2. Secure Header Fields Length and Format .....................8 4.3. Canonicalization Algorithm .................................8 4.4. Header Field Statuses ......................................8 4.5. Signature Process ..........................................9 4.5.1. Signature Generation Process ........................9 4.5.2. Signature Verification Process .....................10 4.6. Encryption and Decryption Processes .......................11 4.6.1. Encryption Process .................................11 4.6.2. Decryption Process .................................12 5. Case of Triple Wrapping ........................................13 6. Security Gateways ..............................................13 7. Security Considerations ........................................13 8. IANA Considerations ............................................14 9. References .....................................................14 9.1. Normative References ......................................14 9.2. Informative References ....................................15 Appendix A. Formal Syntax of Secure Header ........................16 Appendix B. Example of Secure Header Fields .......................18 Acknowledgements ..................................................19 Authors' Addresses ................................................19 1. Introduction The S/MIME [RFC5751] standard defines a data encapsulation format for the achievement of end-to-end security services such as integrity, authentication, non-repudiation, and confidentiality. By default, S/MIME secures message body parts, at the exclusion of the message header fields. S/MIME provides an alternative solution to secure header fields: "the sending client MAY wrap a full MIME message in a message/rfc822 wrapper in order to apply S/MIME security services to header fields". However, the S/MIME solution doesn't provide any guidance regarding what subset of message header fields to secure, procedures for clients to reconcile the "inner" and "outer" headers, or procedures for client interpretation or display of any failures. Several other security specifications supplement S/MIME features but fail to address the target requirement set of this document. Such other security specifications include DomainKeys Identified MailShow full document text