Re: OpenPGP Minutes / Quick Summary
Thomas Roessler <roessler@does-not-exist.org> Mon, 21 August 2006 18:16 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1GFEKH-0001B4-1u for openpgp-archive@lists.ietf.org; Mon, 21 Aug 2006 14:16:41 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1GFEKD-000305-GT for openpgp-archive@lists.ietf.org; Mon, 21 Aug 2006 14:16:41 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k7LHh2tF061054; Mon, 21 Aug 2006 10:43:02 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k7LHh2mH061053; Mon, 21 Aug 2006 10:43:02 -0700 (MST) (envelope-from owner-ietf-openpgp@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-openpgp@mail.imc.org using -f
Received: from kamino.does-not-exist.org (kamino.does-not-exist.org [217.160.221.198]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k7LHh0Id061029 for <ietf-openpgp@imc.org>; Mon, 21 Aug 2006 10:43:00 -0700 (MST) (envelope-from roessler@does-not-exist.org)
Received: from raktajino.does-not-exist.org (ip-83-99-50-11.dyn.luxdsl.pt.lu [83.99.50.11]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by kamino.does-not-exist.org (Postfix) with ESMTP id 611F81936FA; Mon, 21 Aug 2006 19:42:59 +0200 (CEST)
Received: from roessler by raktajino.does-not-exist.org with local (Exim 4.62) (envelope-from <roessler@does-not-exist.org>) id 1GFDnc-0007TP-Ph; Mon, 21 Aug 2006 19:42:56 +0200
Date: Mon, 21 Aug 2006 19:42:56 +0200
From: Thomas Roessler <roessler@does-not-exist.org>
To: derek@ihtfp.com
Cc: ietf-openpgp@imc.org
Subject: Re: OpenPGP Minutes / Quick Summary
Message-ID: <20060821174256.GH17407@raktajino.does-not-exist.org>
Mail-Followup-To: derek@ihtfp.com, ietf-openpgp@imc.org
References: <sjmveq2foz6.fsf@cliodev.pgp.com> <20060805213931.GA14257@lavazza.does-not-exist.org> <20060821171452.GG17407@raktajino.does-not-exist.org> <20060821133937.0mvvxpb552ggog80@webmail.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <20060821133937.0mvvxpb552ggog80@webmail.mit.edu>
User-Agent: Mutt/1.5.13 (2006-08-16)
Sender: owner-ietf-openpgp@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-Unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
List-ID: <ietf-openpgp.imc.org>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 789c141a303c09204b537a4078e2a63f
On 2006-08-21 13:39:37 -0400, Derek Atkins <derek@ihtfp.com> wrote: > How about emailing the draft to this list without submitting it > to the I-D editor? I always thought that sending I-Ds to lists (as opposed to submitting them) was considered bad form -- but here we go, sans boiler-plate material. -- Thomas Roessler <roessler@does-not-exist.org> 1. Introduction Various digital signature services for electronic mail rely on the framework defined in RFC 1847. These signature services do not address the issue of parallel signatures on the same content. Instead of specifying parallel signature formats for individual signature services such as OpenPGP, the present document defines a "multipart/mixed" protocol for the "multipart/signed" body type introduced in RFC 1847. The "multipart/mixed" protocol permits users to bundle parallel signatures for the same content into one "multipart/signed" body part. It is independent of the protocols used to form the individual digital signatures. 1.1. Compliance In order for an implementation to be compliant with this specification, is it absolutely necessary for it to obey all items labeled as MUST or REQUIRED. 2. The "multipart/mixed" protocol 2.1. Specification Digitally signed messages conforming to this document are denoted by the "multipart/signed" content type, defined in RFC 1847, with a "protocol" parameter which MUST have a value of "multipart/mixed". (MUST be quoted). The "micalg" parameter MUST contain a comma-separated list of hash- symbols. These hash-symbols identify the message integrity check (MIC) algorithm(s) used to generate the subsequent signature(s). Hash-symbols MUST NOT occur more than once in this list. The multipart/signed body MUST consist of exactly two parts. The first part contains the signed data in MIME canonical format, including a set of appropriate content headers describing the data. The second part MUST be of type "multipart/mixed". Each sub-part represents an individual digital signature which has been formed according to RFC 1847 and the specification of the signature protocol used. 2.2. Example message From: Dave Del Torto <ddt@openpgp.net> To: Raph Levien <raph@acm.org> Mime-Version: 1.0 Content-Type: multipart/signed; protocol="multipart/mixed"; boundary=0000_031; micalg="pgp-sha1, rsa-md5, pgp-md5" --0000_031 Content-Type: text/plain Hi Raph, Here's some text with parallel (multiple) digital signatures in various formats. dave ______________________________________________________________________ "All email luxuriantly hand-crafted using only the finest ASCII text." --0000_031 Content-Type: multipart/mixed; boundary=0000_032 --0000_032 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Comment: Hash computed using SHA-1 micalg (FIPS 180-1). iQCVAwUBM0It9qHBOF9KrwDlAQFBaQQAisIzQUgyknT2v729b7MImcUc3ROdRBh6 nwMyAfdewQYCDxqdDWvnD1UWoUjwjA1JNA6qhTXBxs8yPtZdDZaguOG2zWawyat9 Jib556AuSx10psREDC3vNsaJ99MV8SKFF92H53l9w/YhVOA0aMZeNfLE0jJVypkY /so4/7DHhqQ= =/wlj -----END PGP SIGNATURE----- --0000_032 Content-Type: application/x-pkcs7-signature Content-Transfer-Encoding: base64 Comment: Hash computed using S/MIME MD5 micalg. MIAGCSqGSIb3DQEHAqCAMIACAQExDjAMBggqhkiG9w0CBQUAMIAGCSqGSIb3DQEH [signature material removed] +kNIWIbxNiNje1wlzIhaGjrGrOnvYc8+tFn2LgAAAAAAAAAA --0000_032 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: PGP 2.6.2 Comment: Hash computed using MD5 micalg. iQCVAwUBM0Iu16HBOF9KrwDlAQGaiQP9EU1YXgMSoNxDAqSmo7UoCE52DuYCfxm7 x8RfRr9+Xz3nPFytSYM2TIWGMeKi1fVr5PhfjdrKvOh9sCq97h6zndZVpGA9x62k mPVn/QY3fz1eOdyJbYvW4ba7WQll5OoA6cqmEb9tWwh4ra4yE8hZMnLS9a0uPpuB 5dpiTTAE/gY= =hD3D -----END PGP SIGNATURE----- --0000_032-- --0000_031-- 3. Security Considerations Use of this protocol has the same security considerations as RFC 1847 and the individual digital signature protocols used. It is not known to either increase or decrease the security of messages using it. Users should be aware of the fact that each individual signature can be broken out and used to create a valid "multipart/signed" body according to the underlying protocol and RFC 1847. 4. Acknowledgements We thank Jim Galvin, Sandy Murphy, Steve Crocker, and Ned Freed for their pioneering work on security using MIME multiparts, on which the refinement specified in this document is based. This draft document relies on the work of the IETF's OpenPGP Working Group.
- OpenPGP Minutes / Quick Summary Derek Atkins
- Re: OpenPGP Minutes / Quick Summary Ian G
- Re: OpenPGP Minutes / Quick Summary Sam Hartman
- Re: OpenPGP Minutes / Quick Summary vedaal
- Re: OpenPGP Minutes / Quick Summary Daniel A. Nagy
- Re: OpenPGP Minutes / Quick Summary Brian G. Peterson
- Re: OpenPGP Minutes / Quick Summary Cat Okita
- Re: OpenPGP Minutes / Quick Summary Derek Atkins
- Re: OpenPGP Minutes / Quick Summary Ian G
- Re: OpenPGP Minutes / Quick Summary Derek Atkins
- Re: OpenPGP Minutes / Quick Summary Werner Koch
- Re: OpenPGP Minutes / Quick Summary David Shaw
- Re: OpenPGP Minutes / Quick Summary Hironobu SUZUKI
- Re: OpenPGP Minutes / Quick Summary Jon Callas
- Re: OpenPGP Minutes / Quick Summary Thomas Roessler
- Re: OpenPGP/MIME changes Brian G. Peterson
- Re: OpenPGP Minutes / Quick Summary Cat Okita
- Re: OpenPGP Minutes / Quick Summary Peter Gutmann
- Re: OpenPGP/MIME changes Jon Callas
- Re: OpenPGP Minutes / Quick Summary vedaal
- Re: OpenPGP Minutes / Quick Summary Jon Callas
- Re: OpenPGP Minutes / Quick Summary Thomas Roessler
- Re: OpenPGP/MIME changes Thomas Roessler
- Re: OpenPGP Minutes / Quick Summary Thomas Roessler
- Re: OpenPGP Minutes / Quick Summary Derek Atkins <derek@ihtfp.com>
- Re: OpenPGP Minutes / Quick Summary Thomas Roessler
- Re: OpenPGP Minutes / Quick Summary Jon Callas
- Multisig (was: OpenPGP Minutes / Quick Summary) Werner Koch