Protocol Action: 'Cryptographic Messages Syntax (CMS) Algorithm Identifier Protection Attribute' to Proposed Standard (draft-schaad-smime-algorithm-attribute-05.txt)

The IESG <> Tue, 25 January 2011 17:05 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id D0A753A684F; Tue, 25 Jan 2011 09:05:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id rJhWn53Ojx3g; Tue, 25 Jan 2011 09:05:50 -0800 (PST)
Received: from [] (localhost []) by (Postfix) with ESMTP id 9FF9B3A6855; Tue, 25 Jan 2011 09:05:49 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <>
To: IETF-Announce <>
Subject: Protocol Action: 'Cryptographic Messages Syntax (CMS) Algorithm Identifier Protection Attribute' to Proposed Standard (draft-schaad-smime-algorithm-attribute-05.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 3.10
Message-ID: <20110125170549.32528.35336.idtracker@localhost>
Date: Tue, 25 Jan 2011 09:05:49 -0800
Cc: Internet Architecture Board <>, RFC Editor <>
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 25 Jan 2011 17:05:50 -0000

The IESG has approved the following document:
- 'Cryptographic Messages Syntax (CMS) Algorithm Identifier Protection
  (draft-schaad-smime-algorithm-attribute-05.txt) as a Proposed Standard

This document has been reviewed in the IETF but is not the product of an
IETF Working Group.

The IESG contact person is Sean Turner.

A URL of this Internet Draft is:

Technical Summary

An authenticated/signed attribute is defined to protect the algorithm 
definitions of the message body and the signature. Currently this 
information is not included in the signature computation and could 
theoretically be changed without the signature validator knowing. This 
provides an attack avenue on CMS signature and authentication operations 
that currently has no known successful attacks. The new attribute is 

Working Group Summary

There was a small amount of discussion on the working group list if this
should be expanded to include the new authenticated encryption 
algorithms. It was decided that these should be treated separately by any
interested community. The document was considered in the S/MIME working 
group, but there was no push for adoption as it was believed that the 
working group would be shutting down shortly.

Document Quality

The document has been implemented by the author and an example of using 
the attribute can be found in draft-schaad-smime-hash-experiment. There 
are no known plans for vendors to implement this, but I have received 
private email asking as to the status of the document.


Jim Schaad ( is the Document Shepherd.
Sean Turner ( is the Responsible Area Director.