Message Authorizing Email Header Field and Its Use for the Draft and Release Procedure
RFC 7912
| Document | Type |
RFC - Informational
(June 2016; No errata)
Was draft-melnikov-mmhs-authorizing-users (individual)
|
|
|---|---|---|---|
| Last updated | 2016-06-21 | ||
| Stream | ISE | ||
| Formats | plain text pdf html bibtex | ||
| IETF conflict review | conflict-review-melnikov-mmhs-authorizing-users | ||
| Stream | ISE state | Published RFC | |
| Consensus Boilerplate | Unknown | ||
| Document shepherd | Adrian Farrel | ||
| Shepherd write-up | Show (last changed 2016-03-11) | ||
| IESG | IESG state | RFC 7912 (Informational) | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | "Nevil Brownlee" <rfc-ise@rfc-editor.org> | ||
| IANA | IANA review state | Version Changed - Review Needed | |
| IANA action state | RFC-Ed-Ack | ||
Independent Submission A. Melnikov
Request for Comments: 7912 Isode Ltd
Category: Informational June 2016
ISSN: 2070-1721
Message Authorizing Email Header Field and Its Use for the
Draft and Release Procedure
Abstract
This document describes a procedure for when a Military Message
Handling System (MMHS) message is composed by one user and is only
released to the mail transfer system when one or more Authorizing
Users authorize release of the message by adding the
MMHS-Authorizing-Users header field. The resulting message can be
optionally signed by the sender and/or reviewer, allowing recipients
to verify both the original signature (if any) and the review
signatures.
Status of This Memo
This document is not an Internet Standards Track specification; it is
published for informational purposes.
This is a contribution to the RFC Series, independently of any other
RFC stream. The RFC Editor has chosen to publish this document at
its discretion and makes no statement about its value for
implementation or deployment. Documents approved for publication by
the RFC Editor are not a candidate for any level of Internet
Standard; see Section 2 of RFC 7841.
Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
http://www.rfc-editor.org/info/rfc7912.
Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document.
Melnikov Informational [Page 1]
RFC 7912 Message Authorizing Header Field June 2016
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions Used in This Document . . . . . . . . . . . . . . 3
3. Draft and Release Procedure . . . . . . . . . . . . . . . . . 3
3.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3
3.2. Handling of Initial Message Submission by the MSA . . . . 3
3.3. Review by Authorizing User(s) . . . . . . . . . . . . . . 4
3.3.1. Processing of Encrypted Messages . . . . . . . . . . 5
3.3.2. Authorizing S/MIME Signatures . . . . . . . . . . . . 5
3.4. Role of Other Messaging Agents at the Sender's Domain . . 6
3.4.1. MDA at the Sender's Domain . . . . . . . . . . . . . 6
3.4.2. Border MTA at the Sender's Domain . . . . . . . . . . 6
4. MMHS-Authorizing-Users Header Field . . . . . . . . . . . . . 6
5. Updated MIXER Mapping . . . . . . . . . . . . . . . . . . . . 7
5.1. Mapping from RFC 5322/MIME to X.400 . . . . . . . . . . . 7
5.2. Mapping from X.400 to RFC 5322/MIME . . . . . . . . . . . 7
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8
7. Security Considerations . . . . . . . . . . . . . . . . . . . 8
7.1. Forged Header Fields . . . . . . . . . . . . . . . . . . 9
7.2. Intentionally Malformed Header Fields . . . . . . . . . . 9
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 9
8.1. Normative References . . . . . . . . . . . . . . . . . . 9
8.2. Informative References . . . . . . . . . . . . . . . . . 10
Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 11
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction
In some secure environments, email messages can't be released to the
Message Transfer System (MTS); thus, they can't be delivered to
recipients unless they are authorized by one or more Authorizing
Users (e.g., Releasing Officers or Release Authorities). This
document describes how this mechanism can be realized by an
additional Internet Email [RFC5322] header field and optionally
protected using S/MIME [RFC5750] [RFC5751] or DomainKeys Identified
Mail (DKIM) [RFC6376].
This document describes a procedure for how an email message composed
by one user can be released to the MTS when one or more Authorizing
Users authorize and optionally countersign the message. The MMHS-
Authorizing-Users header field (see Section 4) communicates which
user(s) authorized the message. If S/MIME signed, the resulting
message allows recipients to verify both the original (if any) and
counter signatures. The original S/MIME signature generated by the
sender (if any) is unaffected by additional S/MIME review signatures.
Show full document text