Header Protection for Cryptographically Protected Email
RFC 9788

Received changes through RFC Editor sync (created document RFC 9788, created became rfc relationship between draft-ietf-lamps-header-protection and RFC 9788, set title to 'Header Protection for Cryptographically Protected Email', set abstract to 'S/MIME version 3.1 introduced a mechanism to provide end-to-end cryptographic protection of email message headers. However, few implementations generate messages using this mechanism, and several legacy implementations have revealed rendering or security issues when handling such a message.

This document updates the S/MIME specification (RFC 8551) to offer a different mechanism that provides the same cryptographic protections but with fewer downsides when handled by legacy clients. Furthermore, it offers more explicit usability, privacy, and security guidance for clients when generating or handling email messages with cryptographic protection of message headers.

The Header Protection scheme defined here is also applicable to messages with PGP/MIME (Pretty Good Privacy with MIME) cryptographic protections.', set pages to 218, set standardization level to Proposed Standard, added RFC published event at 2025-08-22, created updates relation between RFC 9788 and RFC 8551)