Re: Comments on draft-ietf-smime-compression-00.txt
Sean Turner <turners@ieca.com> Fri, 31 March 2000 08:20 UTC
Received: from ns.secondary.com (ns.secondary.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id DAA10736 for <smime-archive@odin.ietf.org>; Fri, 31 Mar 2000 03:20:26 -0500 (EST)
Received: by ns.secondary.com (8.9.3/8.9.3) id XAA19854 for ietf-smime-bks; Thu, 30 Mar 2000 23:45:21 -0800 (PST)
Received: from atlas.arc.nasa.gov (atlas-ops.arc.nasa.gov [198.123.8.49]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id XAA19848 for <ietf-smime@imc.org>; Thu, 30 Mar 2000 23:45:20 -0800 (PST)
Received: from ieca.com (1cust40.tnt2.cbr1.da.uu.net [210.84.115.40]) by atlas.arc.nasa.gov (8.8.5/8.7.3/arc) with ESMTP id XAA01835; Thu, 30 Mar 2000 23:47:34 -0800 (PST)
Message-ID: <38E52404.4B18895F@ieca.com>
Date: Fri, 31 Mar 2000 02:47:40 -0500
From: Sean Turner <turners@ieca.com>
Organization: IECA, Inc.
X-Mailer: Mozilla 4.72 [en] (Win98; U)
X-Accept-Language: en
MIME-Version: 1.0
To: pgut001@cs.aucKland.ac.nz
CC: Jim Schaad <jimsch@nwlink.com>, ietf-smime@imc.org
Subject: Re: Comments on draft-ietf-smime-compression-00.txt
References: <NDBBJGDMMGBPBDENLEIHOEJLCAAA.jimsch@nwlink.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit
I agree with Jim. Let's do it. spt Jim Schaad wrote: > My personal opinion is that we have given the MIME people a lot of time to > work on this issue. They have not gotten anyplace that I am aware of so I > think that we need to do it. If we end up with two ways of doing this then > the S/MIME draft could always say what is to be used for that application. > > jim > > -----Original Message----- > From: owner-ietf-smime@mail.imc.org > [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Peter Gutmann > Sent: Wednesday, March 29, 2000 3:15 PM > To: ietf-smime@imc.org > Subject: Comments on draft-ietf-smime-compression-00.txt > > Does anyone have any further thoughts on compression as a CMS content type > vs a MIME type? I think this was more or less beaten to death (and > beyond :-) the last time it came up, but if anyone has any further thoughts > please post them. > > (The password issues are being worked on offline, I'll post an update in a > day or two). > > Peter. Received: by ns.secondary.com (8.9.3/8.9.3) id XAA19854 for ietf-smime-bks; Thu, 30 Mar 2000 23:45:21 -0800 (PST) Received: from atlas.arc.nasa.gov (atlas-ops.arc.nasa.gov [198.123.8.49]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id XAA19848 for <ietf-smime@imc.org>; Thu, 30 Mar 2000 23:45:20 -0800 (PST) Received: from ieca.com (1cust40.tnt2.cbr1.da.uu.net [210.84.115.40]) by atlas.arc.nasa.gov (8.8.5/8.7.3/arc) with ESMTP id XAA01835; Thu, 30 Mar 2000 23:47:34 -0800 (PST) Message-ID: <38E52404.4B18895F@ieca.com> Date: Fri, 31 Mar 2000 02:47:40 -0500 From: Sean Turner <turners@ieca.com> Organization: IECA, Inc. X-Mailer: Mozilla 4.72 [en] (Win98; U) X-Accept-Language: en MIME-Version: 1.0 To: pgut001@cs.aucKland.ac.nz CC: Jim Schaad <jimsch@nwlink.com>, ietf-smime@imc.org Subject: Re: Comments on draft-ietf-smime-compression-00.txt References: <NDBBJGDMMGBPBDENLEIHOEJLCAAA.jimsch@nwlink.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> I agree with Jim. Let's do it. spt Jim Schaad wrote: > My personal opinion is that we have given the MIME people a lot of time to > work on this issue. They have not gotten anyplace that I am aware of so I > think that we need to do it. If we end up with two ways of doing this then > the S/MIME draft could always say what is to be used for that application. > > jim > > -----Original Message----- > From: owner-ietf-smime@mail.imc.org > [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Peter Gutmann > Sent: Wednesday, March 29, 2000 3:15 PM > To: ietf-smime@imc.org > Subject: Comments on draft-ietf-smime-compression-00.txt > > Does anyone have any further thoughts on compression as a CMS content type > vs a MIME type? I think this was more or less beaten to death (and > beyond :-) the last time it came up, but if anyone has any further thoughts > please post them. > > (The password issues are being worked on offline, I'll post an update in a > day or two). > > Peter. Received: by ns.secondary.com (8.9.3/8.9.3) id QAA00524 for ietf-smime-bks; Thu, 30 Mar 2000 16:34:34 -0800 (PST) Received: from ozspyrusmail.spyrus.com.au (fwuser@[203.46.55.130]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id QAA00516 for <ietf-smime@imc.org>; Thu, 30 Mar 2000 16:34:31 -0800 (PST) Message-Id: <4.2.0.58.20000330065250.00a41c40@mail.spyrus.com> Date: Thu, 30 Mar 2000 06:54:16 -0500 To: "Jim Schaad" <jimsch@nwlink.com> From: Russ Housley <housley@spyrus.com> Subject: Re: Comments on the RSAES-OAEP draft Cc: "Ietf-Smime" <ietf-smime@imc.org> In-Reply-To: <NDBBJGDMMGBPBDENLEIHAEJICAAA.jimsch@nwlink.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Jim: 1. Agree. 2. I cut-and-pasted it from RFC 2630, the place were I made the original mistake. Thanks, Russ At 01:06 PM 03/29/2000 +0930, Jim Schaad wrote: >1. Given that the question has been raised on at least one IETF mailing >list, it might be advisable to state that the public key algorithm for rsa >in a certificate is the same for v1.5 and v2.0. > >2. You have consistantly gotten the RFC number for the v2.0 draft >incorrect. It is 2437 not 2347. > > >jim Received: by ns.secondary.com (8.9.3/8.9.3) id QAA00127 for ietf-smime-bks; Thu, 30 Mar 2000 16:13:48 -0800 (PST) Received: from mail.iagu.net (ns.iagu.net [203.32.153.69]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id QAA00120 for <ietf-smime@imc.org>; Thu, 30 Mar 2000 16:13:43 -0800 (PST) Received: from dhcp-32-60.ietf.connect.com.au [169.208.32.60] by mail.iagu.net (8.8.5/AndrewR-19990125) with SMTP id JAA13779 return <jimsch@nwlink.com>; Fri, 31 Mar 2000 09:46:14 +0930 (CST) From: "Jim Schaad" <jimsch@nwlink.com> To: <weston.nicolls@ey.com>, "Ietf-Smime" <ietf-smime@imc.org> Subject: RE: Comments on SecLabel draft Date: Fri, 31 Mar 2000 09:45:47 +0930 Message-ID: <NDBBJGDMMGBPBDENLEIHOEJPCAAA.jimsch@nwlink.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: <38e20272.3756.0@nwlink.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> -----Original Message----- From: owner-ietf-smime@mail.imc.org [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Jim Schaad Sent: Wednesday, March 29, 2000 6:48 AM To: "ietf-smime@imc.org;weston.nicolls"@ey.com;;;; Subject: Comments on SecLabel draft SecLabel 1. Section 1 P2 - Security labels cannot be bound to an encrypted body, only to a signed message. 2. Please give more text explaining the difference between rank and role based security. From the current description they look like the same to me. 3. The Amoco policy description is not clear. From the text I assumed that the confidentiality and integrity were orthogonal axis for make decisions (thus leading to 9 items). Based on the conversation with you this is not true as the policy is choose one of the axis and then the point on the axis. The text should be clarified as to which is correct. 4. Typo - Section 1.2 last para - "while he outer signature" should be "while the". 5. Section 2.2.1.3 -- I don't think that one should provide a syntax for the privacy marks. However giving a couple of the privacy marks or guidelines from the policy on writting them might be useful. Given that a privacy mark is a UTF8 string in the syntax, no addtional ASN syntax is really possible. 6. You say that categories are used informally, however without knowning how they would be used or specified I cannot even hope to offer syntax suggestions. Given that they are informal why would they not be marked as privacy labels. If they are categories then I would expect the policy module to do enforcement thus being informal would cause some difficulties. 7. I suggest that you name Clearance in the ASN sections to be XxxxSection. and the same for the other top level items. http://www.nwlink.com Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id JAA23163 for ietf-smime-bks; Thu, 30 Mar 2000 09:20:21 -0800 (PST) Received: from eagle.verisign.com ([208.206.241.105]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id JAA23158 for <ietf-smime@imc.org>; Thu, 30 Mar 2000 09:20:19 -0800 (PST) Received: from postal-gw1.verisign.com (mailhost1.verisign.com [208.206.241.101]) by eagle.verisign.com (8.9.3/BCH1.7.1) with ESMTP id JAA18941; Thu, 30 Mar 2000 09:19:46 -0800 (PST) Received: by postal-gw1.verisign.com with Internet Mail Service (5.5.2650.21) id <H1VZF18G>; Thu, 30 Mar 2000 09:18:58 -0800 Message-ID: <2F3EC696EAEED311BB2D009027C3F4F408EA60@vhqpostal.verisign.com> From: Philip Hallam-Baker <pbaker@verisign.com> To: "'Jim Schaad'" <jimsch@nwlink.com>, pgut001@cs.aucKland.ac.nz, ietf-smime@imc.org Subject: RE: Comments on draft-ietf-smime-compression-00.txt Date: Thu, 30 Mar 2000 09:18:58 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=SHA1; boundary="----=_NextPart_000_0036_01BF9A42.458A3DF0"; protocol="application/x-pkcs7-signature" X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2314.1300 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> This is a multi-part message in MIME format. ------=_NextPart_000_0036_01BF9A42.458A3DF0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit I think that the real issue is getting a compression algorithm out there, any algorithm will do IMHO. Implementing two sets of switching logic to turn on the compression is not going to be a killer. In fact I think it is likely to be the best solution. Not supporting compression in the base web specs was the biggest mistake we made. We could have made 14K modems look like 28.8 modems if the early browsers had linked to gnuzip. The piece that is currently missing is the means of advertising the capabilities of the client. The biggest problem with messaging is that the 1% of users with ASCII based clients stop the rest of the email population using features like MIME, HTML, S/MIME etc. I can see that we might have problems if we were using a framework like RDF to address this issue and the mechanism did not account for the fact that clients might be able to do compressin in S/MIME but not in MIME (or vice versa). Perhaps the real solution to this problem is to approach it from another direction entirely. Rather than the RDF piecemeal description of supported features maybe we should define client profiles specifying feature sets that make sense. Then we could distribute client capability info with a single certificate attribute. Phill -----Original Message----- From: Jim Schaad [mailto:jimsch@nwlink.com] Sent: Thursday, March 30, 2000 1:57 AM To: pgut001@cs.aucKland.ac.nz; ietf-smime@imc.org Subject: RE: Comments on draft-ietf-smime-compression-00.txt My personal opinion is that we have given the MIME people a lot of time to work on this issue. They have not gotten anyplace that I am aware of so I think that we need to do it. If we end up with two ways of doing this then the S/MIME draft could always say what is to be used for that application. jim -----Original Message----- From: owner-ietf-smime@mail.imc.org [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Peter Gutmann Sent: Wednesday, March 29, 2000 3:15 PM To: ietf-smime@imc.org Subject: Comments on draft-ietf-smime-compression-00.txt Does anyone have any further thoughts on compression as a CMS content type vs a MIME type? I think this was more or less beaten to death (and beyond :-) the last time it came up, but if anyone has any further thoughts please post them. (The password issues are being worked on offline, I'll post an update in a day or two). Peter. ------=_NextPart_000_0036_01BF9A42.458A3DF0 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIILJzCCA0Mw ggKsoAMCAQICEB9+X+cD0eC/mSDca4kNSwQwDQYJKoZIhvcNAQEEBQAwXzELMAkGA1UEBhMCVVMx FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMTcwNQYDVQQLEy5DbGFzcyAyIFB1YmxpYyBQcmltYXJ5 IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTk5MDIyNTAwMDAwMFoXDTA0MDEwNTIzNTk1OVow ga0xFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3 b3JrMUkwRwYDVQQLE0BVc2UgaXMgc3ViamVjdCB0byB0ZXJtcyBhdCBodHRwczovL3d3dy52ZXJp c2lnbi5jb20vcnBhLWtyIChjKTk5MSYwJAYDVQQDEx1WZXJpU2lnbiBDbGFzcyAyIFBlcnNvbm5l bCBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApwRsD6Jyt0oGLvjXKSw0nYK8SJFKx6z5 6fy5WXixVcBTWLHPbxY7wUnVy/RuzOHMy7XHLk6IqjTpttBbfD4VVzThGLz/3fWvZ1kgCuU96oiK QNKaiRMpqbbV26d+4ec3JJP9lHRNeuQybUzoXBaXr92S2WaKFGbk6loDqD1f+wsCAwEAAaOBsDCB rTAxBgNVHR8EKjAoMCagJKAihiBodHRwOi8vY3JsLnZlcmlzaWduLmNvbS9wY2EyLmNybDARBglg hkgBhvhCAQEEBAMCAQYwRwYDVR0gBEAwPjA8BgtghkgBhvhFAQcBATAtMCsGCCsGAQUFBwIBFh9o dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyMA8GA1UdEwQIMAYBAf8CAQEwCwYDVR0PBAQD AgEGMA0GCSqGSIb3DQEBBAUAA4GBAHn3Fc3oaFFZa/yppr3gHvu89D+Q3+f67eRU92E9VIsGupcy Wh6rLO6vc6vHXdM/j/TOy05IYKKoYLY43qCm948p6BGszDl2UDzdOWwL8Vr9CFR23RZs9zFwuL8I 98kmBo7fuy8Zsba4tOg8SOgnsZcpIFcDnJtn+n1AxDh/GKqaMIIDxDCCAy2gAwIBAgIRAITO8g4A ObV1VdoZh49S7YkwDQYJKoZIhvcNAQEEBQAwga0xFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8w HQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUkwRwYDVQQLE0BVc2UgaXMgc3ViamVjdCB0 byB0ZXJtcyBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyIChjKTk5MSYwJAYDVQQD Ex1WZXJpU2lnbiBDbGFzcyAyIFBlcnNvbm5lbCBDQTAeFw05OTAyMjUwMDAwMDBaFw0wNDAxMDQy MzU5NTlaMIGsMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1 c3QgTmV0d29yazFJMEcGA1UECxNAVXNlIGlzIHN1YmplY3QgdG8gdGVybXMgYXQgaHR0cHM6Ly93 d3cudmVyaXNpZ24uY29tL3JwYS1rciAoYyk5OTElMCMGA1UEAxMcVmVyaVNpZ24gQ2xhc3MgMiBF bXBsb3llZSBDQTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwIrRh2Gi6jADVWsINvCX+hpU NSQf6H2dyMNz09hG9ZEt2TjtlNewJnMq3pdQTf8iHL1wAJgMWCqxpHKPpbn3LXxg47Xf6X1OISFh 1fw7VMmkCZy7IvmiunBhT4ZGov0FZOwKP6ZYdle7FnNEfPClDZfAbKbxYwglsQQXlaCN/n8CAwEA AaOB4jCB3zApBgNVHREEIjAgpB4wHDEaMBgGA1UEAxMRUHJpdmF0ZUxhYmVsMS0xMTgwOAYDVR0f BDEwLzAtoCugKYYnaHR0cDovL2NybC52ZXJpc2lnbi5jb20vVlNDbGFzczJJbnQuY3JsMBEGCWCG SAGG+EIBAQQEAwIBBjBHBgNVHSAEQDA+MDwGC2CGSAGG+EUBBwEBMC0wKwYIKwYBBQUHAgEWH2h0 dHBzOi8vd3d3LnZlcmlzaWduLmNvbS9ycGEta3IwDwYDVR0TBAgwBgEB/wIBADALBgNVHQ8EBAMC AQYwDQYJKoZIhvcNAQEEBQADgYEAGUbO1GtwjlhciEI1rRZ9pQksqFOQ8fY9htfwznIUPSK88sMz 7dT8BZrgYyB1oxvvVRkPBnMhAmGupp5RK3jcW8iEi9XXts/V+D6XmLFEi6OYjqBL9pgxk7PwDN1R dsqX5FZExvuUoUh9IkPMoMZceVX1Z4EbaJg0JESxmME6KF4wggQUMIIDfaADAgECAhADFO6qthx6 xbyOlTK51nT8MA0GCSqGSIb3DQEBBAUAMIGsMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5jLjEfMB0G A1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFJMEcGA1UECxNAVXNlIGlzIHN1YmplY3QgdG8g dGVybXMgYXQgaHR0cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYS1rciAoYyk5OTElMCMGA1UEAxMc VmVyaVNpZ24gQ2xhc3MgMiBFbXBsb3llZSBDQTAeFw05OTEyMjAwMDAwMDBaFw0wMDEyMTkyMzU5 NTlaMGwxETAPBgNVBAoTCFZFUklTSUdOMQswCQYDVQQLEwJIUTETMBEGA1UEAxMKUmVjaXBpZW50 czE1MDMGA1UEAxMscGJha2VyIChQaGlsaXAgSGFsbGFtLUJha2VyLCBWZXJpU2lnbiwgSW5jLikw gZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBALd/SREjLYBTlweF+dTC4d5wU2rp2d//Cy/FL//g 23ysWCvYp29ARMppDrAaXqZWKMHq51lb11QpWgTWWe7YwxwiG0Avf5DZ2yvGWtMid+o8oB3G78W9 vifdjREi1b3OHUzMVZnxD3Pp4XYe4HAboA19HN8mCKuifJ+1tuK1HJrFAgMBAAGjggF0MIIBcDAJ BgNVHRMEAjAAMFUGA1UdHwROMEwwSqBIoEaGRGh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29t L1ZlcmlTaWduSW5jRXhjaGFuZ2VFbXBsb3llZXMvTGF0ZXN0Q1JMMAsGA1UdDwQEAwIFoDAeBgNV HREEFzAVgRNwYmFrZXJAdmVyaXNpZ24uY29tMIGsBgNVHSAEgaQwgaEwgZ4GC2CGSAGG+EUBBwEB MIGOMCgGCCsGAQUFBwIBFhxodHRwczovL3d3dy52ZXJpc2lnbi5jb20vQ1BTMGIGCCsGAQUFBwIC MFYwFRYOVmVyaVNpZ24sIEluYy4wAwIBARo9VmVyaVNpZ24ncyBDUFMgaW5jb3JwLiBieSByZWZl cmVuY2UgbGlhYi4gbHRkLiAoYyk5NyBWZXJpU2lnbjARBglghkgBhvhCAQEEBAMCB4AwHQYDVR0l BBYwFAYIKwYBBQUHAwQGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBAUAA4GBABpQCkFcKNyY8Tl0U8eV BWXif1ag5TsATjzvHELu9xHUwOEXyn/QYy7rM7Jl70IVVo6d1pgJGC/r2opNWgA2awwX94WxCf8d qhcTP6Mc82BZw/IG7d26M72zY8tBu4FcTeshoOJXJN+1WCg287R9ySdKU05bGoe9tof1Fi+EyCGS MYIC+DCCAvQCAQEwgcEwgawxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJp U2lnbiBUcnVzdCBOZXR3b3JrMUkwRwYDVQQLE0BVc2UgaXMgc3ViamVjdCB0byB0ZXJtcyBhdCBo dHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyIChjKTk5MSUwIwYDVQQDExxWZXJpU2lnbiBD bGFzcyAyIEVtcGxveWVlIENBAhADFO6qthx6xbyOlTK51nT8MAkGBSsOAwIaBQCgggGMMBgGCSqG SIb3DQEJAzELBgkqhkiG9w0BBwEwHAYJKoZIhvcNAQkFMQ8XDTAwMDMzMDE3MjAwMVowIwYJKoZI hvcNAQkEMRYEFNtrg7xlSFOO+5ET2XW+udhAHWytMFgGCSqGSIb3DQEJDzFLMEkwCgYIKoZIhvcN AwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIHMA0GCCqGSIb3DQMCAgEoMAcGBSsOAwIaMAoGCCqG SIb3DQIFMIHSBgkrBgEEAYI3EAQxgcQwgcEwgawxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8w HQYDVQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUkwRwYDVQQLE0BVc2UgaXMgc3ViamVjdCB0 byB0ZXJtcyBhdCBodHRwczovL3d3dy52ZXJpc2lnbi5jb20vcnBhLWtyIChjKTk5MSUwIwYDVQQD ExxWZXJpU2lnbiBDbGFzcyAyIEVtcGxveWVlIENBAhADFO6qthx6xbyOlTK51nT8MA0GCSqGSIb3 DQEBAQUABIGArMO1lXHcf2Zuiwq902kkZDe2efqSt/hWy8y30z3+GuP2Kj0HPhmfPjwREWVttTOJ jc+6tO4NxVQoldB4ftd7ItnM6JxKSu8JpWU3gkC7YkmwTQ13p0p4xRJIYx4igGCz9x/0Tr+kO3v3 N82/G0/3ce9qBHNkP3yqv8msK5F/xycAAAAAAAA= ------=_NextPart_000_0036_01BF9A42.458A3DF0-- Received: by ns.secondary.com (8.9.3/8.9.3) id WAA28437 for ietf-smime-bks; Wed, 29 Mar 2000 22:55:39 -0800 (PST) Received: from mail.iagu.net (ns.iagu.net [203.32.153.69]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id WAA28432 for <ietf-smime@imc.org>; Wed, 29 Mar 2000 22:55:36 -0800 (PST) Received: from dhcp-32-60.ietf.connect.com.au [169.208.32.60] by mail.iagu.net (8.8.5/AndrewR-19990125) with SMTP id QAA10863 return <jimsch@nwlink.com>; Thu, 30 Mar 2000 16:27:22 +0930 (CST) From: "Jim Schaad" <jimsch@nwlink.com> To: <pgut001@cs.aucKland.ac.nz>, <ietf-smime@imc.org> Subject: RE: Comments on draft-ietf-smime-compression-00.txt Date: Thu, 30 Mar 2000 16:26:54 +0930 Message-ID: <NDBBJGDMMGBPBDENLEIHOEJLCAAA.jimsch@nwlink.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 In-reply-to: <95429970802782@kahu.cs.auckland.ac.nz> Importance: Normal Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> My personal opinion is that we have given the MIME people a lot of time to work on this issue. They have not gotten anyplace that I am aware of so I think that we need to do it. If we end up with two ways of doing this then the S/MIME draft could always say what is to be used for that application. jim -----Original Message----- From: owner-ietf-smime@mail.imc.org [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Peter Gutmann Sent: Wednesday, March 29, 2000 3:15 PM To: ietf-smime@imc.org Subject: Comments on draft-ietf-smime-compression-00.txt Does anyone have any further thoughts on compression as a CMS content type vs a MIME type? I think this was more or less beaten to death (and beyond :-) the last time it came up, but if anyone has any further thoughts please post them. (The password issues are being worked on offline, I'll post an update in a day or two). Peter. Received: by ns.secondary.com (8.9.3/8.9.3) id HAA00524 for ietf-smime-bks; Wed, 29 Mar 2000 07:53:54 -0800 (PST) Received: from mail.ec.auckland.ac.nz (mail.student.auckland.ac.nz [130.216.35.201]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id HAA00520 for <ietf-smime@imc.org>; Wed, 29 Mar 2000 07:53:51 -0800 (PST) Received: from kahu.cs.auckland.ac.nz (pgut001@kahu.cs.auckland.ac.nz [130.216.36.13]) by mail.ec.auckland.ac.nz (8.9.3/8.8.6/cs-master) with SMTP id DAA09426; Thu, 30 Mar 2000 03:56:15 +1200 (NZST) (sender pgut001@cs.auckland.ac.nz) Received: by kahu.cs.auckland.ac.nz (relaymail v0.9) id <95434537508482>; Thu, 30 Mar 2000 03:56:15 (NZST) From: pgut001@cs.aucKland.ac.nz (Peter Gutmann) To: ietf-smime@imc.org, max@ritlabs.com Subject: Re: Compressed Data Content Type for S/MIME Reply-To: pgut001@cs.aucKland.ac.nz X-Charge-To: pgut001 X-Authenticated: relaymail v0.9 on kahu.cs.auckland.ac.nz Date: Thu, 30 Mar 2000 03:56:15 (NZST) Message-ID: <95434537508482@kahu.cs.auckland.ac.nz> Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Maxim Masiutin <max@ritlabs.com> writes: >There is "PasswordRecipientInfo" defined in "Appendix A: ASN.1 Module" of >ietf-smime-compression-00.txt > >There are no references to PasswordRecipientInfo. How should we handle it? By replacing it with "CompressedDataContent" :-). I copied the OID across from another draft and the text came with it. Also it's listed as (n+1) (equivalent to the '?' or 'TBA' from other CMS drafts) where n currently appears to be 6 (id-mod-ets-eSignature-97), does anyone have any objections to id-mod-compression being 7? In addition it looks like the listed value for id-ct-compressedData has been overtaken by newer drafts, since the highest one listed is id-ct-contentInfo(6) are there any problems with id-ct-compressedData being 7 as well? (Before anyone points this out, I need to update the [CMS] reference as well, I know... draft-00 goes back awhile). Peter. Received: by ns.secondary.com (8.9.3/8.9.3) id FAA27516 for ietf-smime-bks; Wed, 29 Mar 2000 05:15:12 -0800 (PST) Received: from smtp.nwlink.com (smtp.nwlink.com [209.20.130.57]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id FAA27512 for <ietf-smime@imc.org>; Wed, 29 Mar 2000 05:15:11 -0800 (PST) Received: from nwlink.com (listserv.nwlink.com [209.20.130.70]) by smtp.nwlink.com (8.9.3/8.9.3) with SMTP id FAA24625; Wed, 29 Mar 2000 05:17:38 -0800 (PST) From: "Jim Schaad" <jimsch@nwlink.com> Reply-to: jimsch@nwlink.com To: ietf-smime@imc.org;weston.nicolls@ey.com;;; Date: Wed, 29 Mar 2000 05:17:38 +0800 Subject: Comments on SecLabel draft Message-id: <38e20272.3756.0@nwlink.com> X-User-Info: 208.212.202.133 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> SecLabel 1. Section 1 P2 - Security labels cannot be bound to an encrypted body, only to a signed message. 2. Please give more text explaining the difference between rank and role based security. From the current description they look like the same to me. 3. The Amoco policy description is not clear. From the text I assumed that the confidentiality and integrity were orthogonal axis for make decisions (thus leading to 9 items). Based on the conversation with you this is not true as the policy is choose one of the axis and then the point on the axis. The text should be clarified as to which is correct. 4. Typo - Section 1.2 last para - "while he outer signature" should be "while the". 5. Section 2.2.1.3 -- I don't think that one should provide a syntax for the privacy marks. However giving a couple of the privacy marks or guidelines from the policy on writting them might be useful. Given that a privacy mark is a UTF8 string in the syntax, no addtional ASN syntax is really possible. 6. You say that categories are used informally, however without knowning how they would be used or specified I cannot even hope to offer syntax suggestions. Given that they are informal why would they not be marked as privacy labels. If they are categories then I would expect the policy module to do enforcement thus being informal would cause some difficulties. 7. I suggest that you name Clearance in the ASN sections to be XxxxSection. and the same for the other top level items. http://www.nwlink.com Received: by ns.secondary.com (8.9.3/8.9.3) id EAA26315 for ietf-smime-bks; Wed, 29 Mar 2000 04:19:27 -0800 (PST) Received: from gate.ritlabs.com (IDENT:root@gw-ritlabs.mldnet.com [212.56.195.233]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id EAA26311 for <ietf-smime@imc.org>; Wed, 29 Mar 2000 04:19:22 -0800 (PST) Received: from ritlabs250.mldnet.com (max [212.56.194.250]) by gate.ritlabs.com (8.8.8/8.8.8) with ESMTP id PAA23567 for <ietf-smime@imc.org>; Wed, 29 Mar 2000 15:24:11 +0300 Date: Wed, 29 Mar 2000 15:21:25 +0300 From: Maxim Masiutin <max@ritlabs.com> X-Mailer: The Bat! (v1.42 Beta/9) Organization: RIT Research Labs X-Priority: 3 (Normal) Message-ID: <90159940140.20000329@ritlabs.com> To: Peter Gutmann <ietf-smime@imc.org> Subject: Compressed Data Content Type for S/MIME Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Hello Peter! There is "PasswordRecipientInfo" defined in "Appendix A: ASN.1 Module" of ietf-smime-compression-00.txt There are no references to PasswordRecipientInfo. How should we handle it? -- Max Masyutin, Software Engineer RIT Research Labs http://www.ritlabs.com/ Received: by ns.secondary.com (8.9.3/8.9.3) id TAA23578 for ietf-smime-bks; Tue, 28 Mar 2000 19:34:36 -0800 (PST) Received: from mail.iagu.net (ns.iagu.net [203.32.153.69]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id TAA23566 for <ietf-smime@imc.org>; Tue, 28 Mar 2000 19:34:33 -0800 (PST) Received: from dhcp-32-60.ietf.connect.com.au [169.208.32.60] by mail.iagu.net (8.8.5/AndrewR-19990125) with SMTP id NAA06036 return <jimsch@nwlink.com>; Wed, 29 Mar 2000 13:06:43 +0930 (CST) From: "Jim Schaad" <jimsch@nwlink.com> To: "Ietf-Smime" <ietf-smime@imc.org> Cc: "Russ Housley" <housley@spyrus.com> Subject: Comments on the RSAES-OAEP draft Date: Wed, 29 Mar 2000 13:06:15 +0930 Message-ID: <NDBBJGDMMGBPBDENLEIHAEJICAAA.jimsch@nwlink.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> 1. Given that the question has been raised on at least one IETF mailing list, it might be advisable to state that the public key algorithm for rsa in a certificate is the same for v1.5 and v2.0. 2. You have consistantly gotten the RFC number for the v2.0 draft incorrect. It is 2437 not 2347. jim Received: by ns.secondary.com (8.9.3/8.9.3) id TAA21828 for ietf-smime-bks; Tue, 28 Mar 2000 19:13:02 -0800 (PST) Received: from mail.ec.auckland.ac.nz (mail.student.auckland.ac.nz [130.216.35.201]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id TAA21824 for <ietf-smime@imc.org>; Tue, 28 Mar 2000 19:12:59 -0800 (PST) Received: from kahu.cs.auckland.ac.nz (pgut001@kahu.cs.auckland.ac.nz [130.216.36.13]) by mail.ec.auckland.ac.nz (8.9.3/8.8.6/cs-master) with SMTP id PAA15104 for <ietf-smime@imc.org>; Wed, 29 Mar 2000 15:15:08 +1200 (NZST) (sender pgut001@cs.auckland.ac.nz) Received: by kahu.cs.auckland.ac.nz (relaymail v0.9) id <95429970802782>; Wed, 29 Mar 2000 15:15:08 (NZST) From: pgut001@cs.aucKland.ac.nz (Peter Gutmann) To: ietf-smime@imc.org Subject: Comments on draft-ietf-smime-compression-00.txt Reply-To: pgut001@cs.aucKland.ac.nz X-Charge-To: pgut001 X-Authenticated: relaymail v0.9 on kahu.cs.auckland.ac.nz Date: Wed, 29 Mar 2000 15:15:08 (NZST) Message-ID: <95429970802782@kahu.cs.auckland.ac.nz> Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Does anyone have any further thoughts on compression as a CMS content type vs a MIME type? I think this was more or less beaten to death (and beyond :-) the last time it came up, but if anyone has any further thoughts please post them. (The password issues are being worked on offline, I'll post an update in a day or two). Peter. Received: by ns.secondary.com (8.9.3/8.9.3) id TAA28083 for ietf-smime-bks; Mon, 27 Mar 2000 19:06:49 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id TAA28079 for <ietf-smime@imc.org>; Mon, 27 Mar 2000 19:06:48 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <GFRJLAC1>; Mon, 27 Mar 2000 22:08:40 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF31965C42@wfhqex01.wangfed.com> From: =?UTF-8?B?UGF3bGluZywgSm9obg==?= <John.Pawling@wang.com> To: =?UTF-8?B?J0ppbSBTY2hhYWQgJw==?= <jimsch@nwlink.com>, =?UTF-8?B?J0NhbWVyb24gU3RpbGxpb24gJw==?= <camerost@microsoft.com>, =?UTF-8?B?J2lldGYtc21pbWVAaW1jLm9yZyAn?= <ietf-smime@imc.org> Cc: =?UTF-8?B?J0JyeWFuIFN0YWF0cyAn?= <bryansta@microsoft.com> Subject: =?UTF-8?B?UkU6IEVTUyA6IFNlY3VyZSBSZWNlaXB0IGVuY29kaW5nIHdpdGhp?= =?UTF-8?B?biBFbmNhcHN1bGF0ZWRDb250ZW50SW5mbw==?= Date: Mon, 27 Mar 2000 22:08:34 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Content-Type: text/plain; charset="UTF-8" Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Jim, I agree with all of your statements except for bullet #3. You stated that the OCTET wrapping can be omitted if an ESS receipt content-type is encapsulated within a PKCS#7 signedData. This would cause severe interoperability problems with an RFC 2630/RFC 2634 (a.k.a. CMS/ESS) implementation such as the S/MIME Freeware Library. RFC 2630 (CMS) defines EncapsulatedContentInfo as follows: EncapsulatedContentInfo ::= SEQUENCE { eContentType ContentType, eContent [0] EXPLICIT OCTET STRING OPTIONAL } If the eContent field is present, then the OCTET STRING tag and length octets must be present in the encoding of the signedData. RFC 2634 (ESS), Section 2.4, bullet 9 states: "The ASN.1 DER encoded Receipt content MUST be directly encoded within the signedData encapContentInfo eContent OCTET STRING defined in [CMS]." Notice the text "defined in [CMS]". A valid encoding of an ESS signed receipt MUST contain the signedData encapContentInfo eContent OCTET STRING tag and length octets. If the eContent OCTET STRING tag and length octets are omitted (as you suggest in your message), then a CMS/ESS implementation cannot decode the message. There is no text in ESS that addresses the inclusion of a receipt content in a PKCS #7 signedData. If there was such text, it would need to state that the ASN.1 DER encoded Receipt content MUST be directly encoded within an OCTET STRING within the PKCS #7 signedData contentInfo content defined in PKCS #7. This is the only way (without changing the CMS encapContentInfo eContent syntax) that signed receipt interoperability can be achieved between CMS/ESS and PKCS #7/ESS implementations. If you believe that there will be PKCS #7/ESS implementations that are sending signed receipts, then the aforementioned text needs to be included in RFC 2634. Thank you for your feedback, -John Pawling Received: by ns.secondary.com (8.9.3/8.9.3) id CAA28531 for ietf-smime-bks; Mon, 27 Mar 2000 02:50:33 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id CAA28526 for <ietf-smime@imc.org>; Mon, 27 Mar 2000 02:50:32 -0800 (PST) Received: from rhousley_laptop.spyrus.com (dhcp-193-54.ietf.connect.com.au [169.208.193.54]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id CAA21399; Mon, 27 Mar 2000 02:51:38 -0800 (PST) Message-Id: <4.2.0.58.20000327052814.00a7f950@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Mon, 27 Mar 2000 05:32:42 -0500 To: pgut001@cs.aucKland.ac.nz From: Russ Housley <housley@spyrus.com> Subject: RE: LAST CALL:draft-ietf-smime-password-02.txt Cc: ietf-smime@imc.org In-Reply-To: <NDBBJGDMMGBPBDENLEIHEEIPCAAA.jimsch@nwlink.com> References: <4.2.0.58.20000313151245.0095c7c0@mail.spyrus.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Peter: One of the first decisions that the S/MIME working group made was to use 1988 ASN.1. This decision was made for several reasons, including the availability of compilers. So, if you want this to move forward as part of the S/MIME Standards Track document series, then you will have to reverse port the ASN.1. Russ Received: by ns.secondary.com (8.9.3/8.9.3) id XAA23685 for ietf-smime-bks; Sun, 26 Mar 2000 23:31:57 -0800 (PST) Received: from mail.iagu.net (ns.iagu.net [203.32.153.69]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id XAA23678 for <ietf-smime@imc.org>; Sun, 26 Mar 2000 23:31:54 -0800 (PST) Received: from dhcp-32-60.ietf.connect.com.au [169.208.32.60] by mail.iagu.net (8.8.5/AndrewR-19990125) with SMTP id RAA32662 return <jimsch@nwlink.com>; Mon, 27 Mar 2000 17:04:04 +0930 (CST) From: "Jim Schaad" <jimsch@nwlink.com> To: <ietf-smime@imc.org> Cc: <pgut001@cs.aucKland.ac.nz> Subject: RE: LAST CALL:draft-ietf-smime-password-02.txt Date: Mon, 27 Mar 2000 17:03:35 +0930 Message-ID: <NDBBJGDMMGBPBDENLEIHEEIPCAAA.jimsch@nwlink.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: <4.2.0.58.20000313151245.0095c7c0@mail.spyrus.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Here are the set of last call comments that I have for this draft. 1. You still have a reference to PKCS #5 v2 in the document. (PKCS#5 v2 is not an information or other RFC.) If you want this document to be on standards track rather than informational then this issue needs to be resolved. 2. Section 2.1. The S/MIME working group is using 88 ASN syntax. The syntax in this section is not. Please correct. <previous response from peter> PKCS #5 uses current ASN.1 syntax and not the 1988 version, the ASN.1 used is taken straight from the standard. 3. Section 2.1 Why is there ASN here that does not actually provide any useful information. What are the parameters. What is the OID associated with this set of parameters. This is an issue for both the fact that PKCS#5 is not an RFC and the ASN.1 is not 1988. <previous response from peter> It's copied from PKCS #5 for completeness, I didn't want to include the whole thing verbatim but did want to include enough information that readers wouldn't have to keep flipping back and forth between the two. 4. Section 2.3.1 - I will raise the issue of the fact that the key wrap algorithm is not the same as CMS even though the CMS version is a MUST implement. At a minimum you should make the CMS version the MUST and the version you have in your document an optional version to have. 5. Based on a past email with Carlisle Adams, I think that changing title to "Password-based Encryption for CMS" is a reasonable thing to do. 6. Why does a version with keyDerivation optional exist in this draft? It appears to me that this is exactly the same thing as is done by kekRecipientInfo (i.e. an existing KEK key is used to wrap a CEK key). I would not be in favor of having two different methods for doing this. 7. I don't understand why onlyi the first 3 bytes of the CEK are used for the checksum. What is the problem with using the first 3 bytes of a SHA1 hash. I don't think the performance difference is going to be significant. 8. The test vectors should be modified to use one of the standard CMS algorithms if they are going to be present in the draft. Blowfish is not an algorithm that one should expect most CMS developers to have implemented. RC2 and 3DES are. jim Received: by ns.secondary.com (8.9.3/8.9.3) id WAA23065 for ietf-smime-bks; Sun, 26 Mar 2000 22:59:27 -0800 (PST) Received: from mail.iagu.net (ns.iagu.net [203.32.153.69]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id WAA23060 for <ietf-smime@imc.org>; Sun, 26 Mar 2000 22:59:24 -0800 (PST) Received: from dhcp-32-60.ietf.connect.com.au [169.208.32.60] by mail.iagu.net (8.8.5/AndrewR-19990125) with SMTP id QAA32577 return <jimsch@nwlink.com>; Mon, 27 Mar 2000 16:31:35 +0930 (CST) From: "Jim Schaad" <jimsch@nwlink.com> To: <ietf-smime@imc.org> Cc: "Carlisle Adams" <carlisle.adams@entrust.com> Subject: RE: LAST CALL: draft-ietf-smime-cast-128-01.txt Date: Mon, 27 Mar 2000 16:31:06 +0930 Message-ID: <NDBBJGDMMGBPBDENLEIHEEIOCAAA.jimsch@nwlink.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Importance: Normal In-Reply-To: <4.2.0.58.20000309113750.00a61330@mail.spyrus.com> X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2615.200 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> I have the following comments on the draft at this stage. I am sorry for being late, but I have been on holidays. 1. In section 3 paragraph 1 -- The size needs to be required for an SMimeCapablity and cannot be MAY. We do binary comparisions to see if the algorithms are the same so there can be no MAY fields. 2. In section 3 -- Again I ask that you include the actual list of bytes that are to be used for the SMimeCaps fields. For an example of what I am looking for you can look at section 7 of CMSKEA. Due to the fact that a binary comparision is being done, it is best to allow for no errors in the encoding of this field. Jim Schaad Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id QAA09139 for ietf-smime-bks; Sun, 26 Mar 2000 16:24:21 -0800 (PST) Received: from mail.iagu.net (ns.iagu.net [203.32.153.69]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id QAA09135 for <ietf-smime@imc.org>; Sun, 26 Mar 2000 16:24:17 -0800 (PST) Received: from dhcp-32-60.ietf.connect.com.au [169.208.32.60] by mail.iagu.net (8.8.5/AndrewR-19990125) with SMTP id JAA31448 return <jimsch@nwlink.com>; Mon, 27 Mar 2000 09:56:11 +0930 (CST) From: "Jim Schaad" <jimsch@nwlink.com> To: "Cameron Stillion" <camerost@microsoft.com>, <ietf-smime@imc.org> Cc: "Bryan Staats" <bryansta@microsoft.com> Subject: RE: ESS : Secure Receipt encoding within EncapsulatedContentInfo Date: Mon, 27 Mar 2000 09:55:42 +0930 Message-ID: <NDBBJGDMMGBPBDENLEIHGEINCAAA.jimsch@nwlink.com> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_0004_01BF97D2.9CF82E20" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) In-Reply-To: <E46F2E74BFC4CF119A8B00805FCCAB2708DC73E2@RENCHOW> X-Mimeole: Produced By Microsoft MimeOLE V5.00.2615.200 Importance: Normal X-MS-TNEF-Correlator: <NDBBJGDMMGBPBDENLEIHGEINCAAA.jimsch@nwlink.com> Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> This is a multi-part message in MIME format. ------=_NextPart_000_0004_01BF97D2.9CF82E20 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Just to be a little more clare abouit this. My response would be as follows: 1. It is stated that the reciept must be DER encoded. 2. The directly statement is made with respect to the lack of a MIME = layer being inserted between the receipt content and the surrounding = SignedData ASN construct (i.e. the MIME layer is omitted unlike what is done in wrapping a signed message in an encrypted message). 3. The OCTET wrapping or lack of is addressed by either PKCS#7 or CMS drafts. It is present for CMS and omitted for PKCS#7. jim -----Original Message----- From: owner-ietf-smime@mail.imc.org = [mailto:owner-ietf-smime@mail.imc.org]On Behalf Of Cameron Stillion Sent: Friday, March 10, 2000 11:45 AM To: 'ietf-smime@imc.org' Cc: 'phoffman@imc.org'; Bryan Staats Subject: ESS : Secure Receipt encoding within EncapsulatedContentInfo ... and now for something completely different: =20 According to the ESS RFC on page 16, step 9: =20 9. The ASN.1 DER encoded Receipt content MUST be directly encoded = within the signedData encapContentInfo eContent OCTET STRING defined in [CMS]. Should eContent be a DER-encoding of the receipt? or Should eContent be a DER-encoding of an OCTET STRING containing the DER-encoding of the receipt? =20 The word "directly" seems to indicate that the former is the correct = one. Just tell me I'm not crazy. =20 Cameron Stillion ------=_NextPart_000_0004_01BF97D2.9CF82E20 Content-Type: application/ms-tnef; name="winmail.dat" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="winmail.dat" eJ8+IioAAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEIgAcAGAAAAElQTS5NaWNy b3NvZnQgTWFpbC5Ob3RlADEIAQ2ABAACAAAAAgACAAEGgAMADgAAANAHAwAbAAkANQAAAAEANAEB A5AGAGgJAAApAAAACwACAAEAAAALACMAAAAAAAMAJgAAAAAACwApAAAAAAADAC4AAAAAAAIBMQAB AAAARgAAAAAAAABMoh5f/LnPEZlLAAAAAAABBwAu/QEUBSTPEZkQAKoAbIDRAAAAvtAzAADkby50 v8TPEZqLAIBfzKsnAAAIzl1/AAAAAAMANgAAAAAAHgBwAAEAAAA9AAAARVNTIDogU2VjdXJlIFJl Y2VpcHQgZW5jb2Rpbmcgd2l0aGluIEVuY2Fwc3VsYXRlZENvbnRlbnRJbmZvAAAAAAIBcQABAAAA GwAAAAG/igJBXPhvcFf1zBHThDoAYLDsDf8DX0OOIAACAR0MAQAAABcAAABTTVRQOkpJTVNDSEBO V0xJTksuQ09NAAALAAEOAAAAAEAABg4ACn+bgpe/AQIBCg4BAAAAGAAAAAAAAADGH5V+7uPTEZY8 AACGM1pkwoAAAAsAHw4BAAAAAgEJEAEAAABKBAAARgQAAOQGAABMWkZ1x40WzgMACgByY3BnMTI1 4jIDQ3RleAVBAQMB9/8KgAKkA+QHEwKAD/MAUARWPwhVB7IRJQ5RAwECAGNo4QrAc2V0MgYABsMR JfYzBEYTtzASLBEzCO8J97Y7GB8OMDURIgxgYwBQMwsJAWQzNhZQC6YgSgR1cwVAdG8gYmWgIGEg bGkCQGwdgPMEYBggIGMLYB5RAaAIYEsd0B0waAQALiAF0HkyIBggc3ACIBQQIHe5CGBsZB1jBCAC EGwXsLh3czoKogqECoAxH5HWSQVABAAgHRBhDrAgwN8fUCNAH0EdgBggYwiQBTGGbR0CHXFERVIg CfBTBaABAGQuIcQyH5FU+SPxZGkkIR3wH9AjIweAvwIwIuIAwAEAIHAd0Ggf4w8m8R0yI+ILYGNr IG9CZh2RTUlNRSmhefcSgR1wC4BnIuAgQQAgI2H5HXB0dwnhI9YrEAUxBaDfAjAnsgBwI3IdgHMI cANghnUtwCsiU2lnbgmAxkQjQB2gQVNOLSIdEIZyGtAFQChpLmUfkP8j4ipZIvEDcB3RI2EugB3A 7msgYSOiIvFkAiAdgAuA4SBwcmFwcCsiHaAAkMcvEh4gB5BzYWczowORWSVhcnkFMDToKSXVM8Em VU9DVEVUM+gFsfcptiLxKDBkH/EUECDBH9AHKxAj4QXAUEtDUyPaNzjiQwXhOfBhAYAfgv0ixHAf 8SeyAhA7lC2yMgZvPWI7FCXVIcRqB3Ahyi31QQJPBRBnC4AHQAXQNSSrQQMhxEYDYTop8HcvIMxy LQiQADAtczIQB4CWQADAAxAuB3BjLgWwbStAW0RyHUA6Q29Eel1STwOgQmUT4GwqEE85KhBDYQeA A2ADoFN0/wMQHcACICHEBmACMENAQwB0aWQqsCwF0ArAE9AgPDEwSpAB0EtgSwAxOlQ0NRDATSHE VEWgIJYnRilExSchxENjTKG8cGgqAARQAHBNdztHwFc2IAORSPBhI0BzSXV1zGJqJvFDQEVTBfBD QO0GYGMIcB2AUizFJWMrIvsocjPBRSVwNBAuMAtgI1FzCFAtU0luAhAhyiHELttWcC2jbiGAPVNz A3AUILdToStABaBtC1AUIGUnIX8mwAEgBJBJ4iHECuMKgEEeYwWhLqMpRVGSUkZDzynwA6AKsDVh MTZKkB0QaSRgIDlZXDkmVS+hLo4xJRpSVy02TVVTOED/HXEmx17mU3Ut8y8IJWE0EB9UqSVQVKU3 9WCAUklOvkcmsAEQC4AjYTPBWzux+l0/S1NOwCCiZGcdcyUh7i1S5yoBLHk/WWVrAQWw/2c/aE9p VwORZPstMgtxWpN/I/Fo72n/WcUmgiCACyAg2iImxiIjEAngbQQgHUH/C4AmwFQADrAjiD1hSJEi 4v8j4gWhJuJbsTCxHOVYgAMgcweAIrAnbVbhLRE0AHpeeSXVWcVIfyHTfXswAAAeAEIQAQAAADMA AAA8RTQ2RjJFNzRCRkM0Q0YxMTlBOEIwMDgwNUZDQ0FCMjcwOERDNzNFMkBSRU5DSE9XPgAAAwAA gAggBgAAAAAAwAAAAAAAAEYAAAAAEIUAAAAAAAADAAOACCAGAAAAAADAAAAAAAAARgAAAABShQAA J2oBAB4ABIAIIAYAAAAAAMAAAAAAAABGAAAAAFSFAAABAAAABAAAADkuMAALAAWACCAGAAAAAADA AAAAAAAARgAAAAAGhQAAAAAAAAMABoAIIAYAAAAAAMAAAAAAAABGAAAAAAGFAAAAAAAACwAHgAgg BgAAAAAAwAAAAAAAAEYAAAAAA4UAAAAAAAALAAiACCAGAAAAAADAAAAAAAAARgAAAAAOhQAAAAAA AAMACYAIIAYAAAAAAMAAAAAAAABGAAAAABGFAAAAAAAAAwAKgAggBgAAAAAAwAAAAAAAAEYAAAAA GIUAAAAAAAAeAAuACCAGAAAAAADAAAAAAAAARgAAAAA2hQAAAQAAAAEAAAAAAAAAHgAMgAggBgAA AAAAwAAAAAAAAEYAAAAAN4UAAAEAAAABAAAAAAAAAB4ADYAIIAYAAAAAAMAAAAAAAABGAAAAADiF AAABAAAAAQAAAAAAAAAeABCACCAGAAAAAADAAAAAAAAARgAAAACDhQAAAQAAABMAAAAyMDAyNDU5 MjMtMjYwMzIwMDAAAAsAFoAIIAYAAAAAAMAAAAAAAABGAAAAAIKFAAABAAAAAgH4DwEAAAAQAAAA xh+Vfu7j0xGWPAAAhjNaZAIB+g8BAAAAEAAAAMYflX7u49MRljwAAIYzWmQCAfsPAQAAAE0AAAAA AAAAOKG7EAXlEBqhuwgAKypWwgAAUFNUUFJYLkRMTAAAAAAAAAAATklUQfm/uAEAqgA32W4AAABD OlxtYWlsXGN1cnJlbnQucHN0AAAAAAMA/g8FAAAAAwANNP03AAACAX8AAQAAADEAAAA8TkRCQkpH RE1NR0JQQkRFTkxFSUhHRUlOQ0FBQS5qaW1zY2hAbndsaW5rLmNvbT4AAAAAAwAGEHUgb7MDAAcQ RgQAAAMAEBAAAAAAAwAREAAAAAAeAAgQAQAAAGUAAABKVVNUVE9CRUFMSVRUTEVNT1JFQ0xBUkVB Qk9VSVRUSElTTVlSRVNQT05TRVdPVUxEQkVBU0ZPTExPV1M6MUlUSVNTVEFURURUSEFUVEhFUkVD SUVQVE1VU1RCRURFUkVOQ09EAAAAABpD ------=_NextPart_000_0004_01BF97D2.9CF82E20-- Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id LAA04882 for ietf-smime-bks; Sun, 26 Mar 2000 11:08:54 -0800 (PST) Received: from mail.harrassowitz.de (intergw.harrassowitz.de [193.97.189.19]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id LAA04878 for <ietf-smime@mail.proper.com>; Sun, 26 Mar 2000 11:08:51 -0800 (PST) Message-Id: <0003261735.AA17824@mail.harrassowitz.de> Received: from cranston-ip-2-123.dynamic.ziplink.net by mail.harrassowitz.de with SMTP (AIX 4.1/UCB 5.64/GEN-1.2.0) via EUnet for mail.proper.com id AA17824; Sun, 26 Mar 2000 19:35:02 +0200 From: "Owen" <drtp@newmail.net> Subject: Get Ready For Some Mail That You Like To: see39s@harrassowitz.de X-Mailer: Microsoft Outlook Express 4.72.1712.3 X-Mimeole: Produced By Microsoft MimeOLE V(null).1712.3 Mime-Version: 1.0 Date: Sun, 26 Mar 2000 14:37:15 -0500 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by ns.secondary.com id LAA04879 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Hi, Perhaps this might be of interest to you. HERE IS YOUR REQUESTED INFORMATION!: Fellow entrepreneur: Don't knock it until you at least read this. For the first time ever, I have received a piece of email that actually delivered more than just empty promises! 5LIST! = $$$$$ IN THE BANK! Perhaps this might be of interest to you? GET PAID $5 PER SIGNUP TO BUILD YOUR OWN MAIL LIST! .......why do it for free?? (Example: you get 10 they get 10ea.=100 they get 10 ea.=1000 WOW!~Each sending $5 to you=WOW!) If you need to make a few thousand dollars REALLY FAST, then please, take a moment to read this simple program I am sharing with you. You DO NOT have to send $5 to five people, buy their reports, or recipes, or anything like that. Nor will you have to invest more money later to get things going. THIS IS THE FASTEST, EASIEST PROGRAM YOU WILL EVER DO. Complete it in one hour, and you will never forget the day you first received it. The following is a plan to benefit you and your future. $$$$$ BE PREPARED TO GET EXCITED...YOU WON'T BE DISAPPOINTED!!! Read the following and you will agree this is a very exciting opportunity. Only invest a little bit of time, and your reward could mean thousands of dollars! Good luck! ********************************************************************* ************ “IT'S OUTRAGEOUS!!! With two hours of work I have made over US $11,000 In the last three weeks…..and my investment was just $5!!! I LOVE IT! Thank you 11,000 x's!” -Julie M. St. Louis ********************************************************************* *********** ARE YOU IN NEED OF MONEY RIGHT NOW? HOW DOES $10,000 IN TWO WEEKS SOUND? Don't laugh! Try this, for a change, while you wait for the others to start working. One hour of work to get started and no mailing lists! ********************************************************************* ****** Esquire Marketing Newsletter Gift Club. This service is 100% legal (Refer to US Postal and Lottery Laws, Title18, Section 1302 and 1341, or Title 18, Section 3005 in the US code, also in the code of federal regulations, Volume 16, Sections 255 and 436, which state "a product or service must be exchanged for money received") ********************************************************************* ********** Here's How It Works: Unlike many other programs, this three level program is more realistic and much, much faster. Because it is so easy, the response rate for this program is VERY HIGH AND VERY FAST, and you will see results in two weeks or less! Just in time for next month's bills! You only mail out 20 copies (not 200 or more as in other programs). You should also send them to people who send you their programs, because they know these programs work and they are already believers in the system! Besides, this program is MUCH, MUCH FASTER and has a HIGHER RESPONSE RATE! Even if you are already in a program, stay with it, but do yourself a favor and DO THIS ONE as well. START RIGHT NOW! It's simple and takes a very small investment. It will pay off long before other letters even begin to trickle in! $$$$$ Just give ONE person a $5 gift. That's all! $$$$$ Follow the simple instructions and in two weeks you will have US$10,0 00 in your bank account! Because of the LOW INVESTMENT, SPEED, and HIGH PROFIT POTENTIAL, this program has a VERY HIGH RESPONSE RATE! Just one (1) US $5 bill. That's your investment!!! ********************************************************************* ********** Follow These Simple Instructions: 1) On a blank sheet of paper write "Please add me to your mailing list." Write your name and address clearly and include your email address for future mailings and courtesy follow ups. Fold it around a US $5 and send it to the FIRST name on the list (#1) . Only the first person on the list gets your name and a five dollar gift. 2) Retype only the list, removing the FIRST (#1) NAME FROM THE LIST . Move the other two names UP and ADD YOUR NAME to the list in the THIRD (#3) position. 3) Send out 20 copies of this letter. NOTE: by sending this letter via EMAIL, The response time is much faster, and you save the expenses of envelopes,stamps, and copying services Consider this; MILLIONS of people "surf the Internet"everyday, all day, all over the world! Fifty thousand new people get on the Internet every month! An excellent source of names are the people who send you other programs and the names listed onthe letter they send you. Your contact source is UNLIMITED! It boggles my mind to think of all the possibilities! Mail, or should I say Email, your letter TODAY! It's so easy. One hour of your time. THAT'S IT! To send your newsletter by Email: 1) Go to "edit" and "select all" 2) Go to "edit" and "copy" 3) Start (compose) a new Email message 4) Address your Email and Subject blocks 5) Go to "edit" and "paste". After you have pasted this article to your new Email, delete the old header and footer (Subject, Date, To, From, Etc.) Now you can edit the names and addresses with ease. I recommend deleting the top name, adding your name and address to the bottom of the list, then simply changing the numbers. THERE'S NOTHING MORE TO DO. When your name reaches the first position in a few days, it will be your turn to collect your gifts. The gifts will be sent to you by 1,500 to 2,000 people like yourself, who are willing to invest US $5 and one hour to receive US $10,000 in cash. That's all! There will be a total of US$10,000 in US$5 bills in your mailbox in two weeks. US$10,000 for one hour’s work! I think it's WORTH IT, don't you? GO AHEAD...TRY IT. IT'S US$5!... EVEN IF YOU MAKE JUST 3 OR 4 THOUSAND, WOULDN'T THAT BE NICE? IF YOU TRY IT, IT WILL PAY! ********************************************************************* *********** TRUE STORY Cindy Allen writes: “I ran this gift summation four times last year. The first time I received over $7,000 in cash in less than two weeks and over $10,000 in cash in the next three times I ran it. I can't begin to tell you how great it feels Not to have to worry about money anymore! I thank God for the day I received this letter! It has truly changed my life! Don't be afraid to make gifts to strangers, they'll come back to you in ten-fold. So, let's keep it going and help each other out in these "tough and uncertain times." ********************************************************************* *********** CAN I DO IT AGAIN? OF COURSE YOU CAN this plan is structured for everyone to send only 20 letters each. However, you are certainly not limited to 20. Mail out as many as you can. Every 20 letters you send has a return of $10,000 or more. If you can mail forty, sixty, eighty, or whatever, GO FOR IT! THE MORE YOU PUT INTO IT, THE MORE YOU GET OUT OF IT Each time you run this program, just follow steps 1 thru 3 and everyone on your gift list benefits! Simple enough? You bet it is! Besides, there are no mailing lists to buy,(and wait for), and trips to the printer or copier, and you can do it again and again, with your regular groups or gifters, or start up a new group. Why not? It beats working! Each time you receive an MLM offer, Respond with this letter! Your name will climb to the number one position at dizzying rates Follow the simple instructions, and above all, PLEASE PLAY FAIR. That's the key to this program’s success. Your name must run the full gamut on the list to produce the end results. Sneaking your name higher up on the list WILL NOT produce the results as you think, and it only cheats the other people who have worked hard and have earned the right to be there. So please, play by the rules and the $$$ will come to you! ********************************************************************* *********** MAIL YOUR LETTERS OUT TODAY! $$$ Together we will prosper! $$$ GOOD LUCK!!! ********************************************************************* ************ 1. Bonnie Mallalieu MC Box 5179 Clinton, MS 39058 2. FWM Marketing 1602 N Maryland Ave Plant City, Fl 33556 3. Paul D. Gram 16277 NW 20th St Pembroke Pines, Fl. 33028 ********************************************************************* ********** Wishing you the best in all you do! You probably don't believe this will work, but if you don't try it, you will never know. That's the way I felt. Try it. You won't be sorry. Paul Gram For support and to Maximize your success Email me with "5list"in subject heading along with a copy of your re-done list ********************************************************************* ************ IMPORTANT: This is a one and only email, if you do not join, if you are not interested or even if you are interested, you will not get any more email regarding this from me. It is up to you now. ********************************************************************* *********** WISHING YOU THE BEST LIFE HAS TO OFFER! ********************************************************************* *************** Please Remove at: mailto:george4343@yahoo.com?subject=remove ********************************************************************* *************** Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id LAA15606 for ietf-smime-bks; Thu, 23 Mar 2000 11:33:20 -0800 (PST) Received: from inet-smtp3.oracle.com (inet-smtp3.us.oracle.com [205.227.43.23]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id LAA15602 for <ietf-smime@imc.org>; Thu, 23 Mar 2000 11:33:19 -0800 (PST) Received: from mailsun3.us.oracle.com (mailsun3.us.oracle.com [130.35.62.244]) by inet-smtp3.oracle.com (8.9.3/8.9.3) with ESMTP id LAA28332; Thu, 23 Mar 2000 11:35:17 -0800 (PST) Received: from us.oracle.com by mailsun3.us.oracle.com with ESMTP (8.8.8+Sun/37.9) id LAA25741; Thu, 23 Mar 2000 11:35:17 -0800 (PST) Message-ID: <38DA73CA.4A3F1648@us.oracle.com> Date: Thu, 23 Mar 2000 11:43:06 -0800 From: Guang Yee <gyee@us.oracle.com> X-Mailer: Mozilla 4.7 [en] (WinNT; U) X-Accept-Language: en MIME-Version: 1.0 To: "Pawling, John" <John.Pawling@wang.com> CC: "'SMIME WG'" <ietf-smime@imc.org> Subject: Re: v1.5 SFL Freely Available to All!! References: <33BD629222C0D211B6DB0060085ACF31965980@wfhqex03.wang.com> Content-Type: multipart/mixed; boundary="------------8B518FEC5C6CAE5D1E8289D6" Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> This is a multi-part message in MIME format. --------------8B518FEC5C6CAE5D1E8289D6 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit John, Is SFL v1.5 currently available on HP? If not, when will SFL v1.5 be ported to HP? Thanks, Guang "Pawling, John" wrote: > All, > > J.G. Van Dyke and Associates (VDA), a Wang Government Services Company, has > delivered Version 1.5 of the S/MIME Freeware Library (SFL) source code and > Application Programming Interface (API). The SFL source code files are > freely available to everyone from the Fortezza Developer's S/MIME Page > <http://www.armadillo.huntsville.al.us/software/smime> (with no password > control). On 14 January 2000, the U.S. Department of Commerce, Bureau of > Export Administration published a new regulation implementing an update to > the U.S. Government's encryption export policy > <http://www.bxa.doc.gov/Encryption/Default.htm>. In accordance with the > revisions to the Export Administration Regulations (EAR) of 14 Jan 2000, > the downloading of the SFL source code is no longer password controlled. > > The SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message > Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications. > It also implements portions of the RFC 2633 Message Specification and > RFC 2632 Certificate Handling document. When used in conjunction with > the Crypto++ freeware library, the SFL implements the RFC 2631 > Diffie-Hellman (D-H) Key Agreement Method specification. It has been > successfully tested using the MS Windows NT/95/98 and Solaris 2.7 operating > systems. Further enhancements, ports and testing of the SFL are still in > process. Further releases of the SFL will be provided as significant > capabilities are added. > > The SFL has been successfully used to sign, verify, encrypt and decrypt > CMS/ESS > objects using: S/MIME v3 mandatory-to-implement algorithms (DSA, E-S D-H, > 3DES) > provided by the Crypto++ 3.1 library; RSA suite of algorithms provided by > the > RSA BSAFE v4.2 and Crypto++ 3.1 libraries; and Fortezza suite of algorithms > provided by the Fortezza Crypto Card. The SFL uses the VDA-enhanced SNACC > v1.3 > ASN.1 Library to encode/decode objects. The v1.5 SFL release includes: SFL > High- > level library; Free (a.k.a. Crypto++) Crypto Token Interface Library (CTIL); > > BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; PKCS #11 CTIL (still being tested); > VDA- > enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test utilities; > > test drivers and test data. All CTILs were tested as Dynamically Linked > Libraries (DLL) using MS Windows. The Fortezza, BSAFE and Crypto++ CTILs > were > tested with the respective security libraries as shared objects using > Solaris 2.7. > > The SFL has been successfully used to exchange signedData and envelopedData > messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and > > Netscape Communicator 4.X S/MIME v2 products. Signed messages have been > exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products. > > The SFL has also been used to perform S/MIME v3 interoperability testing > with > Microsoft that exercised the majority of the features specified by RFCs > 2630, > 2631 and 2634. This testing included the RSA, mandatory S/MIME V3 and > Fortezza > suites of algorithms. We have also performed limited S/MIME v3 testing with > > Baltimore and Entrust. We are also participating in the IETF S/MIME WG > interoperability testing documented in the "Examples of S/MIME Messages" > document. We have used the SFL to successfully process all of the correct > signedData and envelopedData messages included in the document. We are > continuing to set up test config files to use the SFL to test the other > cases > included in the document such as signed receipts. We also plan to provide > sample messages for inclusion in the document. > > The following enhancements are included in the v1.5 SFL release (compared > with > the v1.4 release): > > 1) SNACC: Fixed ASN.1 INTEGER bug in which one-byte values were improperly > processed. > > 2) Fixed many memory leaks; > > 3) Full CounterSignature test suite (autohiAllSFLd.cfg); > > 4) CertificateBuilder utility generates private/public key pairs and > certificates (there is a "README.txt" file in the root directory regarding > this > utility). > > 5) PKCS #11 CTIL project (SFL integrators need to separately obtain a PKCS > #11 > crypto library, but this project provides a good template for PKCS #11). We > > are still testing the PKCS #11 CTIL. > > 6) Developed new test code and configuration files to implement test cases; > and > > 7) Performed regression testing to ensure that aforementioned enhancements > did > not break existing SFL functionality. > > We are still in the process of enhancing and testing the SFL. Future > releases > will include: completion of PKCS #11 CTIL testing; SPEX/ CTIL > encrypt/decrypt/ESDH capabilities; finish CertificateBuilder command line > utility; modify PKCS #12 code in test utilities to provide interoperable key > > storage; add "Certificate Management Messages over CMS" ASN.1 encode/decode > functions; add enhanced test routines; bug fixes; support for other crypto > APIs > (possible); and support for other operating systems. > > The SFL is developed to maximize portability to 32-bit operating > systems. In addition to testing on MS Windows and Solaris 2.7, we plan to > port > the SFL to the following operating systems: Linux, HP/UX 11, IBM AIX 3.2 > (possibly), SCO 5.0 (possibly) and Macintosh (possibly). > > The following SFL files are available from the Fortezza Developer's S/MIME > Page: > > 1) SFL Documents: Fact Sheet, Software Design Description, API, CTIL API, > Software Test Description, Implementers Guide, Overview Briefing and Public > License. > > 2) snacc1_5VDA.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler > and > Library source code compilable for Unix and MS Windows NT/95/98 that has > been > enhanced by VDA to implement the Distinguished Encoding Rules. Project > files > and makefiles are included. This file includes a sample test project > demonstrating the use of the SNACC classes. > > 3) smimeR15.zip: Zip file containing all SFL source code including: > SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source > code; project files. This file also contains test driver source code, > sample CMS/ESS test data and test X.509 Certificates. This file also > includes test utilities to create X.509 Certificates that each include > a D-H, DSA or RSA public key. SNACC release and debug libraries > are compiled for MS Windows NT/95/98. MS Windows NT/95/98 > project files and Unix makefiles are included for the SNACC code and > Crypto++. > > 4) smR15CTI.zip: Source code for the following CTILs: Test (no crypto), > Crypto++, BSAFE, Fortezza, SPEX/ and PKCS #11. The Win95/98/NT projects are > > also included. (NOTE: The Free (a.k.a. Crypto++) CTIL includes > VDA-developed > source code to use the RSA public key algorithm implemented within the > external > Crypto++ library. As with all of the external crypto token libraries, the > Crypto++ library is not distributed as part of the SFL source code. > To use the Crypto++ library with the SFL, the application developer must > independently obtain the Crypto++ library from the Crypto++ Web Page > <http://www.eskimo.com/~weidai/cryptlib.html> and then compile it with > the VDA-developed Crypto++ CTIL source code. The RSA public key > algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication > System and Method". Within the U.S., users of the RSA public key algorithm > provided by the external Crypto++ library must obtain a license from RSA > granting them permission to use the RSA algorithm.) > > 5) csmime.mdl contains SFL Class diagrams created using Microsoft > Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools). > The file can also be viewed using Rational Rose C++ Demo 4.0 > 45 day evaluation copy which can be obtained from > <http://www.rational.com/uml/resources/practice_uml/index.jtmpl>. > Not all classes are documented in the MDL file at this time. > > All source code for the SFL is being provided at no cost and with no > financial limitations regarding its use and distribution. > Organizations can use the SFL without paying any royalties or > licensing fees. VDA is developing the SFL under contract to the U.S. > Government. The U.S. Government is furnishing the SFL source code at no > cost to the vendor subject to the conditions of the "SFL Public > License" available from the VDA SFL Page and Fortezza Developer's > S/MIME Page. > > The SFL is composed of a high-level library that performs generic CMS > and ESS processing independent of the crypto algorithms used to > protect a specific object. The SFL high-level library makes calls to > an algorithm-independent CTIL API. The underlying, external crypto > token libraries are not distributed as part of the SFL > source code. The application developer must independently obtain these > libraries and then link them with the SFL. For example, the SFL uses > the freeware Crypto++ library to obtain 3DES, D-H and DSA. To use > the SFL with Crypto++ the vendor must download the Crypto++ freeware > library from the Crypto++ Web Page and then compile it with the > VDA-developed Crypto++ CTIL source code. > > The Internet Mail Consortium (IMC) has established an SFL web page > <http://www.imc.org/imc-sfl>. The IMC has also established an SFL > mail list which is used to: distribute information regarding SFL > releases; discuss SFL-related issues; and provide a means for SFL > users to provide feedback, comments, bug reports, etc. Subscription > information for the imc-sfl mailing list is at the IMC web site > listed above. > > The SFL documents and VDA-enhanced SNACC source code are also > available from the VDA SFL Web Page > <http://www.jgvandyke.com/services/infosec/sfl.htm>. > > All comments regarding the SFL source code and documents are welcome. > We recommend that comments should be sent to the imc-sfl mail list. > We will respond to all messages on that list. > > ============================================ > John Pawling, Director - Systems Engineering > J.G. Van Dyke & Associates, Inc; > a Wang Government Services Company > john.pawling@wang.com > ============================================ --------------8B518FEC5C6CAE5D1E8289D6 Content-Type: text/x-vcard; charset=us-ascii; name="gyee.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Guang Yee Content-Disposition: attachment; filename="gyee.vcf" begin:vcard n:Yee;Guang tel;work:(650)633-6338 x-mozilla-html:FALSE url:messaging.us.oracle.com org:Oracle;Email Server version:2.1 email;internet:gyee@us.oracle.com title:Senior Member of Technical Staff adr;quoted-printable:;;600 Oracle Parkway=0D=0AM/S: 6op3;Redwood Shores;CA;94065;U.S.A fn:Guang Yee end:vcard --------------8B518FEC5C6CAE5D1E8289D6-- Received: by ns.secondary.com (8.9.3/8.9.3) id SAA02547 for ietf-smime-bks; Wed, 22 Mar 2000 18:08:08 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id SAA02540 for <ietf-smime@imc.org>; Wed, 22 Mar 2000 18:08:07 -0800 (PST) Received: from rhousley_laptop.spyrus.com (dial02.spyrus.com [207.212.34.122]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id SAA15724; Wed, 22 Mar 2000 18:09:25 -0800 (PST) Message-Id: <4.2.0.58.20000321103332.00a4c580@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Tue, 21 Mar 2000 11:18:41 -0500 To: Weston.Nicolls@ey.com From: Russ Housley <housley@spyrus.com> Subject: draft-ietf-smime-seclabel-00.txt Cc: ietf-smime@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Weston: I have two questions about the Internet-Draft. QUESTION 1. The Amoco policy defines confidentiality hierarchy and an integrity hierarchy. In practice, is a piece of information marked with a confidentiality value, an integrity value, or both? The ASN.1 defined in the document leads me to believe that a particular piece of information has either a confidentiality value or an integrity value, but never both. You included the following ASN.1: Amoco-SecurityClassification ::= { amoco general (6), amoco confidential (7), amoco highly confidential (8), amoco minimum (9), amoco medium (10), amoco maximum (11) } Since the classification in the ESS security label is a single INTEGER, only one of these values may be present in a particular instance of a security label. Is the integrity value ever used to make an access control decision? If not, then perhaps the integrity value should be carried in the privacy mark. QUESTION 2. In the Whirlpool section, you say: For WHIRLPOOL INTERNAL, additional markings or caveats are option at the discretion of the information owner. For WHIRLPOOL CONFIDENTIAL, add additional marking or caveats as necessary to comply with regulatory or heightened security requirements. Examples: MAKE NO COPIES, THIRD PARTY CONFIDENTIAL, ATTORNEY-CLIENT PRIVILEGED DOCUMENT, DISTRIBUTION LIMITED TO ____, COVERED BY A NON-ANALYSIS AGREEMENT. The examples listed can be characterized as guidance to the information recipient about how the needs to be handled. Mostly, guidance is provided about the redistribution of the information. Since these are examples, I wonder if there is a example of a caveat on which one might expect automated access control. Russ Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id IAA16941 for ietf-smime-bks; Fri, 17 Mar 2000 08:31:03 -0800 (PST) Received: from prv-mail20.provo.novell.com (prv-mail20.provo.novell.com [137.65.81.122]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id IAA16937 for <ietf-smime@imc.org>; Fri, 17 Mar 2000 08:31:02 -0800 (PST) Received: from INET-PRV-Message_Server by prv-mail20.provo.novell.com with Novell_GroupWise; Fri, 17 Mar 2000 09:31:53 -0700 Message-Id: <s8d1fb89.020@prv-mail20.provo.novell.com> X-Mailer: Novell GroupWise Internet Agent 5.5.3.1 Date: Fri, 17 Mar 2000 09:31:43 -0700 From: "Bob Jueneman" <BJUENEMAN@novell.com> To: <housley@spyrus.com>, <John.Pawling@wang.com> Cc: <ietf-smime@imc.org> Subject: Re: S/MIME v3 Interoperability Testing (was RE: S/MIMEexamples draft ) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Disposition: inline Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by ns.secondary.com id IAA16938 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> It occurs to me that this effort would be extremely useful in trying to further the interoperability testing that the PKI Forum is being set up to do. What would be really great would be if we could go beyond examples, and try to develop actual test cases. Or maybe contribute test cases that we have developed internally. As an example of the kind of obscure things that can bite you, I recently tried to gather up an entire set of encrypted correspondence by sending a encrypted message to myself with 30 or so encrypted attachments that I dragged on to the attachment window. Didn't work. Only one message showed up in the attachments. So there's one bug to more to fix. Why would you want to do such a thing? For compactness and archiving , and perhaps to hide the plaintext headers that show who you were communicating with. Bob >>> Russ Housley <housley@spyrus.com> 03/15/00 12:06PM >>> John: John, as S/MIME WG chairman, I greatly appreciate your commitment. I hope that other implementors will join in this effort. Collecting this data is essential for the specifications to progress from Proposed Standard to Draft Standard, so we might as well help implementors that come behind us. Russ At 09:45 AM 03/14/2000 -0500, Pawling, John wrote: >Paul (and friends), > >We believe that the "Examples of S/MIME Messages" document should be >enhanced and maintained. We believe that it is extremely valuable to have a >set of properly formatted sample S/MIME messages which can be used to test >S/MIME implementations. We have used the S/MIME Freeware Library (SFL) to >successfully process (i.e. decode, verify, decrypt) the majority of the >samples in the document. I use the term "the majority" because the SFL does >not support every S/MIME v3 optional feature. For example, the SFL does not >support the CMS authenticatedData content type. We have also used the SFL >to construct sample data (such as signed receipts) to be added to the >document. We have automated this SFL testing (through the use or test >drivers and configuration files) so that it can be easily repeated and >modified by us or independently by a third party (we provide all source >code, unencumbered). We are willing to spend time providing sample data to >be included in the Examples document and to provide support when there are >questions regarding the validity of the sample data. We are also willing to >participate in interoperability testing with others. > >We apologize for not providing feedback and submitting sample data sooner. >We have been using the SFL to perform S/MIME v3 interoperability testing >with Microsoft that has exercised the majority of the features specified by >RFCs 2630 (CMS), 2631 (D-H) and 2634 (ESS). This testing has included the >RSA, mandatory S/MIME V3 and Fortezza suites of algorithms. We were waiting >until we finished interoperability testing with Microsoft to submit the >SFL-produced sample data. Yesterday (3/13/00) we successfully completed RFC >2634 (ESS) signed receipt interoperability testing between the SFL and >Microsoft. This was the last major S/MIME v3 item that needed to be tested >between the SFL and Microsoft. We plan to provide sample signed receipts >for inclusion in the Examples document. We have also performed limited >S/MIME v3 testing with Baltimore and Entrust. > >We still need to perform countersignature interoperability testing. We plan >to pursue this testing with Microsoft. If anybody else can process >countersignatures, please let us know. We are not going to wait until this >testing is done before submitting SFL-produced sample data for inclusion in >the Examples document. > >As many of you know, Jim Schaad created a detailed set of matrices to >document the interoperabilty testing performed between various >implementations. There is a matrix for each S/MIME v3 specification. These >matrices are much more detailed than the "Examples of S/MIME Messages" >document. We have verified that the SFL can produce and process the >majority of the features documented in the compliance matrices. Again, I >use the term "the majority" because the SFL does not support every S/MIME v3 >optional feature. We have automated this SFL testing so that it can be >easily repeated and modified by us or independently by a third party. We >have developed sample objects that illustrate each feature in the matrix >that the SFL supports. > >Please note that Jim Schaad's matrices are a superset of the Examples >document. Does the group want to include all of Jim's tests in the Examples >document? If so, we can provide the sample data to illustrate each feature >in the matrix that the SFL supports. Please note that this document would >be huge, but it would provide a comprehensive set of test data. What do >others think? > >We will have the SFL-produced test data ready for distribution by 24 March >2000 at the latest. > >============================================ >John Pawling, Director - Systems Engineering >J.G. Van Dyke & Associates, Inc; >a Wang Government Services Company >john.pawling@wang.com >============================================ > Received: by ns.secondary.com (8.9.3/8.9.3) id KAA15767 for ietf-smime-bks; Thu, 16 Mar 2000 10:40:30 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id KAA15762; Thu, 16 Mar 2000 10:40:27 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <GFRJJ57H>; Thu, 16 Mar 2000 13:41:22 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF31965BC2@wfhqex01.wangfed.com> From: =?UTF-8?B?UGF3bGluZywgSm9obg==?= <John.Pawling@wang.com> To: =?UTF-8?B?J0NhbWVyb24gU3RpbGxpb24n?= <camerost@EXCHANGE.MICROSOFT.com>, =?UTF-8?B?J2lldGYtc21pbWVAaW1jLm9yZyc=?= <ietf-smime@imc.org> Cc: =?UTF-8?B?J3Bob2ZmbWFuQGltYy5vcmcn?= <phoffman@imc.org>, =?UTF-8?B?QnJ5YW4gU3RhYXRz?= <bryansta@EXCHANGE.MICROSOFT.com> Subject: =?UTF-8?B?UkU6IEVTUyA6IFNlY3VyZSBSZWNlaXB0IGVuY29kaW5nIHdpdGhp?= =?UTF-8?B?biBFbmNhcHN1bGF0ZWRDb250ZW50SW5mbw==?= Date: Thu, 16 Mar 2000 13:41:23 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="UTF-8" Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Cameron, The signedData encapContentInfo eContent field is defined as an OCTET STRING in RFC 2630 (CMS). If the eContent field is present, then the OCTET STRING tag and length octets must be present in the encoding of the signedData. RFC 2630 Section 2 states: "As a general design philosophy, each content type permits single pass processing using indefinite-length Basic Encoding Rules (BER) encoding." and "Signed attributes and authenticated attributes are the only CMS data types that require DER encoding." Therefore, the signedData content type (including the encapContentInfo eContent OCTET STRING tag and length octets) does not need to be DER-encoded. As you correctly point out, RFC 2634 (ESS) requires that the Receipt content type must be DER-encoded within the signedData encapContentInfo eContent OCTET STRING. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com <mailto:john.pawling@wang.com> ============================================ -----Original Message----- From: Cameron Stillion [ mailto:camerost@EXCHANGE.MICROSOFT.com <mailto:camerost@EXCHANGE.MICROSOFT.com> ] Sent: Thursday, March 09, 2000 9:15 PM To: 'ietf-smime@imc.org' <mailto:'ietf-smime@imc.org'> Cc: 'phoffman@imc.org'; Bryan Staats Subject: ESS : Secure Receipt encoding within EncapsulatedContentInfo ... and now for something completely different: According to the ESS RFC on page 16, step 9: 9. The ASN.1 DER encoded Receipt content MUST be directly encoded within the signedData encapContentInfo eContent OCTET STRING defined in [CMS]. Should eContent be a DER-encoding of the receipt? or Should eContent be a DER-encoding of an OCTET STRING containing the DER-encoding of the receipt? The word "directly" seems to indicate that the former is the correct one. Just tell me I'm not crazy. Cameron Stillion Received: by ns.secondary.com (8.9.3/8.9.3) id EAA02297 for ietf-smime-bks; Thu, 16 Mar 2000 04:00:33 -0800 (PST) Received: from mailserver.ipf.net (smtp.itl-online.de [195.211.211.86]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id EAA02292 for <ietf-smime@mail.proper.com>; Thu, 16 Mar 2000 04:00:31 -0800 (PST) Message-Id: <200003161200.EAA02292@ns.secondary.com> Received: (qmail 21084 invoked from network); 16 Mar 2000 11:52:23 -0000 Received: from dialin-194-29-49-241.hannover.gigabell.net (HELO localhost) (194.29.49.241) by mail.okay.net with SMTP; 16 Mar 2000 11:52:23 -0000 From: "Alexander" <Eugen@okay.net> To: "A good opportunity for u" <Eugen@okay.net> Date: Thu, 16 Mar 2000 12:51:29 +0100 Subject: Surfingprize brand new Get-paid-programm (very good) Reply-To: Eugen@okay.net MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit X-Priority: 1 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> SurfingPrizes: A viewBar type that: The referral structure is 5 levels deep: For your surfing time, you'll receive $0.20 per hour; for your direct referrals, you'll earn $0.04/hour; and for your indirect referrals you'll earn $0.02/hour. For 5 levels deep! ViewBar Ver 1.0 Avalible for Win 95,98,NT Site is well laid out and snappy. I'm only number 786 in this one. Sign-up Here: http://www.surfingprizes.com/r/?100786 Thanks for sign-up under me Alexander Eugen@okay.net Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id AAA20381 for ietf-smime-bks; Thu, 16 Mar 2000 00:41:01 -0800 (PST) Received: from dfssl.exchange.microsoft.com ([131.107.88.59]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id AAA20377 for <ietf-smime@imc.org>; Thu, 16 Mar 2000 00:41:00 -0800 (PST) Received: from 127.0.0.1 by dfssl.exchange.microsoft.com (InterScan E-Mail VirusWall NT); Thu, 16 Mar 2000 00:38:22 -0800 (Pacific Standard Time) Received: by dfssl with Internet Mail Service (5.5.2650.21) id <GRS23VXR>; Thu, 16 Mar 2000 00:38:22 -0800 Message-ID: <E46F2E74BFC4CF119A8B00805FCCAB2708DC73E2@RENCHOW> From: =?utf-8?B?Q2FtZXJvbiBTdGlsbGlvbg==?= <camerost@EXCHANGE.MICROSOFT.com> To: =?utf-8?B?J2lldGYtc21pbWVAaW1jLm9yZyc=?= <ietf-smime@imc.org> Cc: =?utf-8?B?J3Bob2ZmbWFuQGltYy5vcmcn?= <phoffman@imc.org>, =?utf-8?B?QnJ5YW4gU3RhYXRz?= <bryansta@EXCHANGE.MICROSOFT.com> Subject: =?utf-8?B?RVNTIDogU2VjdXJlIFJlY2VpcHQgZW5jb2Rpbmcgd2l0aGluIEVu?= =?utf-8?B?Y2Fwc3VsYXRlZENvbnRlbnRJbmZv?= Date: Thu, 9 Mar 2000 18:15:23 -0800 X-MS-TNEF-Correlator: <E46F2E74BFC4CF119A8B00805FCCAB2708DC73E2@RENCHOW> MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: multipart/mixed; boundary="----_=_NextPart_000_01BF8F22.FC7C8624" Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_000_01BF8F22.FC7C8624 Content-Type: text/plain; charset="utf-8" ... and now for something completely different: According to the ESS RFC on page 16, step 9: 9. The ASN.1 DER encoded Receipt content MUST be directly encoded within the signedData encapContentInfo eContent OCTET STRING defined in [CMS]. Should eContent be a DER-encoding of the receipt? or Should eContent be a DER-encoding of an OCTET STRING containing the DER-encoding of the receipt? The word "directly" seems to indicate that the former is the correct one. Just tell me I'm not crazy. Cameron Stillion ------_=_NextPart_000_01BF8F22.FC7C8624 Content-Type: application/ms-tnef Content-Transfer-Encoding: base64 eJ8+IhcIAQaQCAAEAAAAAAABAAEAAQeQBgAIAAAA5AQAAAAAAADoAAEFgAMADgAAANAHAwAJABIA DwAXAAQAHwEBCYABACEAAAA1RjJBNEIwNjhCRjVEMzExOUIzMjAwODA1RkQ0NTlGRQAsBwEggAMA DgAAANAHAwAQAAAAJgAVAAQAKQEBDYAEAAIAAAACAAIAAQOQBgDMDgAAOgAAAAsAAgABAAAAAgEx AAEAAABGAAAAAAAAAEyiHl/8uc8RmUsAAAAAAAEHAC79ARQFJM8RmRAAqgBsgNEAAAC+0DMAAORv LnS/xM8RmosAgF/MqycAAAjOXX8AAAAAQAA5AHA6yX02ir8BHwAxQAEAAAASAAAAQwBBAE0ARQBS AE8AUwBUAAAAAAADABpAAAAAAB8AMEABAAAAEgAAAEMAQQBNAEUAUgBPAFMAVAAAAAAAAwAZQAAA AAAfAEsAAQAAAAIAAAAAAAAAHwBwAAEAAAB6AAAARQBTAFMAIAA6ACAAUwBlAGMAdQByAGUAIABS AGUAYwBlAGkAcAB0ACAAZQBuAGMAbwBkAGkAbgBnACAAdwBpAHQAaABpAG4AIABFAG4AYwBhAHAA cwB1AGwAYQB0AGUAZABDAG8AbgB0AGUAbgB0AEkAbgBmAG8AAAAAAAIBcQABAAAAFgAAAAG/igJB XPhvcFf1zBHThDoAYLDsDf8AAAIBCRABAAAARQYAAEEGAAB3GwAATFpGdeotMT4DAAoAcmNwZzEy NYIyA0NodG1sMQMwPwEDAfcKgAKkA+MCAGNowQrAc2V0MCAHEwKA/xADAFAEVghVB7IR1Q5RAwHd ENcyBgAGwxHVMwRGENn5Eu9mNBBvEXYR4wjvCfe2Oxq/DjA1EdIMYGMAUDMLCQFkMzYRYAulNCBZ EAIqXA6yAZBnH2AzACA8IURPQ1RZAFBFIEhUTUwgAFBVQkxJQyAiQC0vL1czQyIgRCRURCE0NC4R YFRyOQBydGkCIAdAIiBFTnwiPhHjH9cggAqjJIwxPjkgkCFCJH4fcCbgRUG+RCR9DvElnymPJmQ2 DvDAPE1FVEEgBaACMLEJ8HQ9IgXgIUM1IzAQMC4yOSawLjYzMDA3IiAj8AeAPUeBJEBFUkFUT1Ik fXo0LFEvKG8gQSr/IDE1wRFgPEJPRFkkfR7hETJfZzk2IJBESVb3JHAf4wAhIAAANtURYB+5nDY0 Nr83wiXsNDggkMBGT05UIGYA0C8AvwcTNqsYMAMwOZ8gEzgoMXBTUEFOLMALYAQQPbEe0Dk1MzNw JrAtP6C8MDMB0C3wNq83sy5CEOogAHBkLsBvB+ACEAXA1nMDcBFAaAuAZx+MPREbNRMFoG0LUBFA ZWx5tCBkBpBmBJAtETo1bL8U8DDQPuJAuUDHOg41NkH+LztCR783vgHAQMcKokho+wqAJewwKDEi gDaLSG80f/81jzafS484v1CvOt877zz//z4PPx9AL1Y/Ro9Hn16fSb+DYK9avyZuYnNwAoDxXcdc J2EBQFRvTG9Nf/9Oj0+fZD9Rv1LPXe9U729v/1cPWB9ZL3IfW09cX11vb/ecQWMFoUWwQ4F0b3sg IGhlIEVTBfBSRt8h4AIgQ69tkwqwZ3uALDDGLEMALQBwIDlGT2AP/2vvYi+AD2cvaD9pT2pfgw// bH9tj26fb69wv3HPct9z7/90/48fdx94L4vvks9/b4hv/4GPgp+Zj2UfZi+D/4UPhh//hy+bz4lP il+Lb4x/jY+Wj/+Pr5C/kc+qv5PvlP+pr6iSPy5QnO+d/58KI1B7cUFT9E4uDvBEL1B8T6XjCfDX BaABAEJwUgWQZQUiLNXpBdBVU6xAYnuARbAawPxjdEWBuCYD8ENSe1MAkORnbgmARGEBkLbPt9bM YXAIUCzzSW4CELqgHb41ICDRLJAGAFRSSXxOR0WgARALgLhxu3Fb+kMF4F2y/JgvpA+aT5tf/6hf oF+hb6J/xZ/D36Wvpr//sd+o387/sw+0H58Px0/IX//Jb8p/0Z/Mn82v0N/Pz9zP/9nvq8+s363v rv+wD7Ef3Vr0U2gIYGxCcL73ufG8f9vbFLaRLbgjQ3Jv3UB7Yvu6QbjSP8Fvwn/jT8Sf7f//1M/V 39bv1//w/9of2y/cP//dT95f32/gf+GP4p/9D+S//+XP+/8Av9L/1A4FPwZPB1//CG8Jf7V26X/4 QkLg7I/tn/8KX++/EM/x3/Lv8//1DxPP//cv+D/5T/pf+28Eb/2P/p///68f3wHPAt8ez+fv6P/q D+/rGUJQv3y5ImHA0HrztgH/6s+2ASlfGxLsDw/vGO8SD/8THxQvFT8WTxdfGG8y3xqP/xufJr8d vz3/Ox8g7yH/Iw//JB8lLyY/QK8w/zn/SQ80L/9LHwsPDB/UXzafN684vznP/05vO+88/0gfPx9Z n0vvQk9/Q19Eb0V/Ro9Hn1xJtfJ3KXrBICK6JiJ+IGVl/G1zLs9X43sxwNB64L4AH7lQe1G8UHtT vsBybWV9WABpZmB7YnqxukJ8EWVnsv9P77UcSnV+MHsgZQhsbCBpUCBJJ204IG5vuYBmj1fyY3L4 YXp5wV9KX1Y/TH9yH/9Rf1KPU59Ur3UfVs9X31jv/1n/Ww9cH10vXj9fT4EvYW//Yn99/4TfcX96 f3OfdK+Ln/9rT2xfdg93H3gveT+N33tf/3xvfX9+j3+fiJ+Bv4LPg9+fnM+F/4cPm7+aokNhaVFH aoBu/5fzU3RpbiBp/2qAiW+Kf6AfjJ+ov5Gfkq//k7+Uz6u/lu+X/5kPmh+bL/+cP48/kE+1b61v rn+vj7CfCbe/ZzWd8S9CT0QmWZ8QsfsyN75BSFRUTUzBbTOy1X3EYAAAAAIBFDoBAAAAEAAAAF8q SwaL9dMRmzIAgF/UWf4DAN4/6f0AAAMAJgAAAAAAAwA2AAAAAAADAPE/CQQAAAMA/T/kBAAAAwAC WQAAFgADAAlZAwAAAAMAAW4gAgAACwAFgAggBgAAAAAAwAAAAAAAAEYAAAAADoUAAAAAAAADAACA CCAGAAAAAADAAAAAAAAARgAAAABShQAAHm4BAB8AAYAIIAYAAAAAAMAAAAAAAABGAAAAAFSFAAAB AAAACAAAADkALgAwAAAAAwADgAggBgAAAAAAwAAAAAAAAEYAAAAAAYUAAAAAAAALAASACCAGAAAA AADAAAAAAAAARgAAAAADhQAAAAAAAAMAB4AIIAYAAAAAAMAAAAAAAABGAAAAABGFAAAAAAAAAwAG gAggBgAAAAAAwAAAAAAAAEYAAAAAEIUAAAAAAAADAAiACCAGAAAAAADAAAAAAAAARgAAAAAYhQAA AAAAAAsAAoAIIAYAAAAAAMAAAAAAAABGAAAAAAaFAAAAAAAAHwAOgAggBgAAAAAAwAAAAAAAAEYA AAAAg4UAAAEAAAAmAAAANgAwADkANQAzADUAMAAxADkALQAwADkAMAAzADIAMAAwADAAAAAAAAMA gBD/////CwDyEAEAAAALAPQQAAAAAAsA9RAAAAAACwD2EAAAAAAfAPMQAQAAAIYAAABFAFMAUwAg ACUAMwBBACAAUwBlAGMAdQByAGUAIABSAGUAYwBlAGkAcAB0ACAAZQBuAGMAbwBkAGkAbgBnACAA dwBpAHQAaABpAG4AIABFAG4AYwBhAHAAcwB1AGwAYQB0AGUAZABDAG8AbgB0AGUAbgB0AEkAbgBm AG8ALgBFAE0ATAAAAAAAAgFHAAEAAAAyAAAAYz1VUzthPSA7cD1NaWNyb3NvZnQ7bD1SRU5DSE9X LTAwMDMxMDAyMTUyM1otMTA3OQAAAAIB+T8BAAAATQAAAAAAAADcp0DIwEIQGrS5CAArL+GCAQAA AAAAAAAvTz1NSUNST1NPRlQvT1U9T0ZGSUNFL0NOPVJFQ0lQSUVOVFMvQ049Q0FNRVJPU1QAAAAA HwD4PwEAAAA4AAAAQwBhAG0AZQByAG8AbgAgAFMAdABpAGwAbABpAG8AbgAgACgARQB4AGMAaABh AG4AZwBlACkAAAAfADhAAQAAABIAAABDAEEATQBFAFIATwBTAFQAAAAAAAIB+z8BAAAATQAAAAAA AADcp0DIwEIQGrS5CAArL+GCAQAAAAAAAAAvTz1NSUNST1NPRlQvT1U9T0ZGSUNFL0NOPVJFQ0lQ SUVOVFMvQ049Q0FNRVJPU1QAAAAAHwD6PwEAAAA4AAAAQwBhAG0AZQByAG8AbgAgAFMAdABpAGwA bABpAG8AbgAgACgARQB4AGMAaABhAG4AZwBlACkAAAAfADlAAQAAABIAAABDAEEATQBFAFIATwBT AFQAAAAAAEAABzDQM2Z5Noq/AUAACDAkhnz8Io+/AR8AGgABAAAAEgAAAEkAUABNAC4ATgBPAFQA RQAAAAAAHwA3AAEAAAB6AAAARQBTAFMAIAA6ACAAUwBlAGMAdQByAGUAIABSAGUAYwBlAGkAcAB0 ACAAZQBuAGMAbwBkAGkAbgBnACAAdwBpAHQAaABpAG4AIABFAG4AYwBhAHAAcwB1AGwAYQB0AGUA ZABDAG8AbgB0AGUAbgB0AEkAbgBmAG8AAAAAAB8APQABAAAAAgAAAAAAAAAfAB0OAQAAAHoAAABF AFMAUwAgADoAIABTAGUAYwB1AHIAZQAgAFIAZQBjAGUAaQBwAHQAIABlAG4AYwBvAGQAaQBuAGcA IAB3AGkAdABoAGkAbgAgAEUAbgBjAGEAcABzAHUAbABhAHQAZQBkAEMAbwBuAHQAZQBuAHQASQBu AGYAbwAAAAAAHwA1EAEAAABmAAAAPABFADQANgBGADIARQA3ADQAQgBGAEMANABDAEYAMQAxADkA QQA4AEIAMAAwADgAMAA1AEYAQwBDAEEAQgAyADcAMAA4AEQAQwA3ADMARQAyAEAAUgBFAE4AQwBI AE8AVwA+AAAAAAALACkAAAAAAAsAIwAAAAAAAwAGEMu/X3MDAAcQnQEAAAMAEBADAAAAAwAREAAA AAAeAAgQAQAAAGUAAABBTkROT1dGT1JTT01FVEhJTkdDT01QTEVURUxZRElGRkVSRU5UOkFDQ09S RElOR1RPVEhFRVNTUkZDT05QQUdFMTYsU1RFUDk6OVRIRUFTTjFERVJFTkNPREVEUkVDRUlQVENP AAAAAAIBfwABAAAAMwAAADxFNDZGMkU3NEJGQzRDRjExOUE4QjAwODA1RkNDQUIyNzA4REM3M0Uy QFJFTkNIT1c+AABkEQ== ------_=_NextPart_000_01BF8F22.FC7C8624-- Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id RAA22216 for ietf-smime-bks; Wed, 15 Mar 2000 17:17:03 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id RAA22201 for <ietf-smime@imc.org>; Wed, 15 Mar 2000 17:17:02 -0800 (PST) Received: from rhousley_laptop.spyrus.com (dial08.spyrus.com [207.212.34.128]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id RAA02559; Wed, 15 Mar 2000 17:17:39 -0800 (PST) Message-Id: <4.2.0.58.20000315140050.00a509a0@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Wed, 15 Mar 2000 14:06:49 -0500 To: "Pawling, John" <John.Pawling@wang.com> From: Russ Housley <housley@spyrus.com> Subject: Re: S/MIME v3 Interoperability Testing (was RE: S/MIME examples draft ) Cc: ietf-smime@imc.org In-Reply-To: <33BD629222C0D211B6DB0060085ACF31965BA2@wfhqex01.wangfed.co m> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> John: John, as S/MIME WG chairman, I greatly appreciate your commitment. I hope that other implementors will join in this effort. Collecting this data is essential for the specifications to progress from Proposed Standard to Draft Standard, so we might as well help implementors that come behind us. Russ At 09:45 AM 03/14/2000 -0500, Pawling, John wrote: >Paul (and friends), > >We believe that the "Examples of S/MIME Messages" document should be >enhanced and maintained. We believe that it is extremely valuable to have a >set of properly formatted sample S/MIME messages which can be used to test >S/MIME implementations. We have used the S/MIME Freeware Library (SFL) to >successfully process (i.e. decode, verify, decrypt) the majority of the >samples in the document. I use the term "the majority" because the SFL does >not support every S/MIME v3 optional feature. For example, the SFL does not >support the CMS authenticatedData content type. We have also used the SFL >to construct sample data (such as signed receipts) to be added to the >document. We have automated this SFL testing (through the use or test >drivers and configuration files) so that it can be easily repeated and >modified by us or independently by a third party (we provide all source >code, unencumbered). We are willing to spend time providing sample data to >be included in the Examples document and to provide support when there are >questions regarding the validity of the sample data. We are also willing to >participate in interoperability testing with others. > >We apologize for not providing feedback and submitting sample data sooner. >We have been using the SFL to perform S/MIME v3 interoperability testing >with Microsoft that has exercised the majority of the features specified by >RFCs 2630 (CMS), 2631 (D-H) and 2634 (ESS). This testing has included the >RSA, mandatory S/MIME V3 and Fortezza suites of algorithms. We were waiting >until we finished interoperability testing with Microsoft to submit the >SFL-produced sample data. Yesterday (3/13/00) we successfully completed RFC >2634 (ESS) signed receipt interoperability testing between the SFL and >Microsoft. This was the last major S/MIME v3 item that needed to be tested >between the SFL and Microsoft. We plan to provide sample signed receipts >for inclusion in the Examples document. We have also performed limited >S/MIME v3 testing with Baltimore and Entrust. > >We still need to perform countersignature interoperability testing. We plan >to pursue this testing with Microsoft. If anybody else can process >countersignatures, please let us know. We are not going to wait until this >testing is done before submitting SFL-produced sample data for inclusion in >the Examples document. > >As many of you know, Jim Schaad created a detailed set of matrices to >document the interoperabilty testing performed between various >implementations. There is a matrix for each S/MIME v3 specification. These >matrices are much more detailed than the "Examples of S/MIME Messages" >document. We have verified that the SFL can produce and process the >majority of the features documented in the compliance matrices. Again, I >use the term "the majority" because the SFL does not support every S/MIME v3 >optional feature. We have automated this SFL testing so that it can be >easily repeated and modified by us or independently by a third party. We >have developed sample objects that illustrate each feature in the matrix >that the SFL supports. > >Please note that Jim Schaad's matrices are a superset of the Examples >document. Does the group want to include all of Jim's tests in the Examples >document? If so, we can provide the sample data to illustrate each feature >in the matrix that the SFL supports. Please note that this document would >be huge, but it would provide a comprehensive set of test data. What do >others think? > >We will have the SFL-produced test data ready for distribution by 24 March >2000 at the latest. > >============================================ >John Pawling, Director - Systems Engineering >J.G. Van Dyke & Associates, Inc; >a Wang Government Services Company >john.pawling@wang.com >============================================ > Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id GAA10164 for ietf-smime-bks; Tue, 14 Mar 2000 06:44:58 -0800 (PST) Received: from wfhqex05.wangfed.com (netva01.wangfed.com [206.137.100.2]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA10160 for <ietf-smime@imc.org>; Tue, 14 Mar 2000 06:44:56 -0800 (PST) Received: by wfhqex05.wangfed.com with Internet Mail Service (5.5.2650.21) id <GFRJJP6V>; Tue, 14 Mar 2000 09:45:41 -0500 Message-ID: <33BD629222C0D211B6DB0060085ACF31965BA2@wfhqex01.wangfed.com> From: "Pawling, John" <John.Pawling@wang.com> To: ietf-smime@imc.org Subject: S/MIME v3 Interoperability Testing (was RE: S/MIME examples draft ) Date: Tue, 14 Mar 2000 09:45:34 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Paul (and friends), We believe that the "Examples of S/MIME Messages" document should be enhanced and maintained. We believe that it is extremely valuable to have a set of properly formatted sample S/MIME messages which can be used to test S/MIME implementations. We have used the S/MIME Freeware Library (SFL) to successfully process (i.e. decode, verify, decrypt) the majority of the samples in the document. I use the term "the majority" because the SFL does not support every S/MIME v3 optional feature. For example, the SFL does not support the CMS authenticatedData content type. We have also used the SFL to construct sample data (such as signed receipts) to be added to the document. We have automated this SFL testing (through the use or test drivers and configuration files) so that it can be easily repeated and modified by us or independently by a third party (we provide all source code, unencumbered). We are willing to spend time providing sample data to be included in the Examples document and to provide support when there are questions regarding the validity of the sample data. We are also willing to participate in interoperability testing with others. We apologize for not providing feedback and submitting sample data sooner. We have been using the SFL to perform S/MIME v3 interoperability testing with Microsoft that has exercised the majority of the features specified by RFCs 2630 (CMS), 2631 (D-H) and 2634 (ESS). This testing has included the RSA, mandatory S/MIME V3 and Fortezza suites of algorithms. We were waiting until we finished interoperability testing with Microsoft to submit the SFL-produced sample data. Yesterday (3/13/00) we successfully completed RFC 2634 (ESS) signed receipt interoperability testing between the SFL and Microsoft. This was the last major S/MIME v3 item that needed to be tested between the SFL and Microsoft. We plan to provide sample signed receipts for inclusion in the Examples document. We have also performed limited S/MIME v3 testing with Baltimore and Entrust. We still need to perform countersignature interoperability testing. We plan to pursue this testing with Microsoft. If anybody else can process countersignatures, please let us know. We are not going to wait until this testing is done before submitting SFL-produced sample data for inclusion in the Examples document. As many of you know, Jim Schaad created a detailed set of matrices to document the interoperabilty testing performed between various implementations. There is a matrix for each S/MIME v3 specification. These matrices are much more detailed than the "Examples of S/MIME Messages" document. We have verified that the SFL can produce and process the majority of the features documented in the compliance matrices. Again, I use the term "the majority" because the SFL does not support every S/MIME v3 optional feature. We have automated this SFL testing so that it can be easily repeated and modified by us or independently by a third party. We have developed sample objects that illustrate each feature in the matrix that the SFL supports. Please note that Jim Schaad's matrices are a superset of the Examples document. Does the group want to include all of Jim's tests in the Examples document? If so, we can provide the sample data to illustrate each feature in the matrix that the SFL supports. Please note that this document would be huge, but it would provide a comprehensive set of test data. What do others think? We will have the SFL-produced test data ready for distribution by 24 March 2000 at the latest. ============================================ John Pawling, Director - Systems Engineering J.G. Van Dyke & Associates, Inc; a Wang Government Services Company john.pawling@wang.com ============================================ Received: by ns.secondary.com (8.9.3/8.9.3) id UAA09781 for ietf-smime-bks; Mon, 13 Mar 2000 20:19:21 -0800 (PST) Received: from laptop.imc.org (ip12.proper.com [165.227.249.12]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id UAA09774 for <ietf-smime@imc.org>; Mon, 13 Mar 2000 20:19:19 -0800 (PST) Message-Id: <4.3.2.20000313201754.05633800@not-real.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Mon, 13 Mar 2000 20:20:38 -0800 To: ietf-smime@imc.org From: Paul Hoffman / IMC <phoffman@imc.org> Subject: S/MIME examples draft Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> There has been essentially no input to this draft in a very long time. The vast majority of the input came from Jim Schaad, who is no longer in the S/MIME world. Thus, I believe that the draft is probably dead. If other S/MIME developers want to contribute examples where there are holes and comments for the examples that are there, I'm happy to continue the draft, but otherwise we might just let this go away. --Paul Hoffman, Director --Internet Mail Consortium Received: by ns.secondary.com (8.9.3/8.9.3) id OAA26275 for ietf-smime-bks; Mon, 13 Mar 2000 14:37:03 -0800 (PST) Received: from laptop.imc.org (ip12.proper.com [165.227.249.12]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id OAA26038; Mon, 13 Mar 2000 14:32:32 -0800 (PST) Message-Id: <4.3.2.20000313143129.00d4e100@not-real.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Version 4.3 Date: Mon, 13 Mar 2000 14:33:51 -0800 To: ietf-pkix@imc.org, ietf-smime@imc.org From: Paul Hoffman / IMC <phoffman@imc.org> Subject: New draft on ASN.1 pitfalls Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Timing is everything. Just as the PKIX mailing list starts to talk about ASN.1 again, a new draft comes out that does a good job of listing some of the ASN.1 gotchas to look out for, as well as why ASN.1 isn't necessarily a great format to use (although it's a tad too late for that now...). Anyhow, take a look at <http://www.ietf.org/internet-drafts/draft-yu-asn1-pitfalls-00.txt>. The author said he's open to adding any PKIX-specific and S/MIME-specific warnings to the document. --Paul Hoffman, Director --Internet Mail Consortium Received: by ns.secondary.com (8.9.3/8.9.3) id MAA22696 for ietf-smime-bks; Mon, 13 Mar 2000 12:18:54 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id MAA22692 for <ietf-smime@imc.org>; Mon, 13 Mar 2000 12:18:53 -0800 (PST) Received: from rhousley_laptop.spyrus.com ([209.172.119.101]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id MAA02350 for <ietf-smime@imc.org>; Mon, 13 Mar 2000 12:19:27 -0800 (PST) Message-Id: <4.2.0.58.20000313151245.0095c7c0@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Mon, 13 Mar 2000 15:15:34 -0500 To: ietf-smime@imc.org From: Russ Housley <housley@spyrus.com> Subject: LAST CALL:draft-ietf-smime-password-02.txt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> The Password-based Encryption for S/MIME specification is ready for Working Group Last Call. Please post comments to the ietf-smime mail list before 27 March 2000. Russ = = = = = = = = = = Title : Password-based Encryption for S/MIME Author(s) : P. Gutmann Filename : draft-ietf-smime-password-02.txt Pages : 9 Date : 10-Mar-00 The Cryptographic Message Syntax data format doesn't currently contain any provisions for password-based data encryption. This document provides a method of encrypting data using user-supplied passwords and, by extension, any form of variable-length keying material which isn't necessarily an algorithm-specific fixed-format key. Received: by ns.secondary.com (8.9.3/8.9.3) id HAA16323 for ietf-smime-bks; Mon, 13 Mar 2000 07:45:56 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id HAA16319 for <ietf-smime@imc.org>; Mon, 13 Mar 2000 07:45:55 -0800 (PST) Received: from rhousley_laptop.spyrus.com ([209.172.119.101]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id HAA28672; Mon, 13 Mar 2000 07:45:58 -0800 (PST) Message-Id: <4.2.0.58.20000313103421.00a71e60@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Mon, 13 Mar 2000 10:43:16 -0500 To: agenda@ietf.org From: Russ Housley <housley@spyrus.com> Subject: S/MIME WG Agenda Cc: ietf-smime@imc.org Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> S/MIME Mail Security WG Agenda Introductions Russ Housley Working Group Status Russ Housley Security Policies and Labels Russ Housley CERTDIST Draft Discussion Jim Schaad Symmetric Key Distribution Sean Turner DOMSEC Draft Discussion Bill Ottaway Interoperability Matrix Jim Schaad CMS/ESS Examples Paul Hoffman Crypto Algorithm Documents Russ Housley E-mail Addresses & Certificates Greg Colla S/MIME Freeware Library John Pawling Electronic Signature Formats Denis Pinkas Wrap up Russ Housley Received: by ns.secondary.com (8.9.3/8.9.3) id DAA09568 for ietf-smime-bks; Mon, 13 Mar 2000 03:18:36 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id DAA09563 for <ietf-smime@imc.org>; Mon, 13 Mar 2000 03:18:35 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA15402; Mon, 13 Mar 2000 06:19:39 -0500 (EST) Message-Id: <200003131119.GAA15402@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-password-02.txt Date: Mon, 13 Mar 2000 06:19:38 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Password-based Encryption for S/MIME Author(s) : P. Gutmann Filename : draft-ietf-smime-password-02.txt Pages : 9 Date : 10-Mar-00 The Cryptographic Message Syntax data format doesn't currently contain any provisions for password-based data encryption. This document provides a method of encrypting data using user-supplied passwords and, by extension, any form of variable-length keying material which isn't necessarily an algorithm-specific fixed-format key. This draft is being discussed on the 'ietf-smime' mailing list. To join the list, send a message to <ietf-smime-request@imc.org> with the single word 'subscribe' in the body of the message. Also, there is a Web site for the mailing list at <http://www.imc.org/ietf-smime>. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-password-02.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-password-02.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-password-02.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000310135126.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-password-02.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-password-02.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000310135126.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: by ns.secondary.com (8.9.3/8.9.3) id DAA09560 for ietf-smime-bks; Mon, 13 Mar 2000 03:18:31 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id DAA09556 for <ietf-smime@imc.org>; Mon, 13 Mar 2000 03:18:30 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA15379; Mon, 13 Mar 2000 06:19:34 -0500 (EST) Message-Id: <200003131119.GAA15379@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-cms-rsaes-oaep-00.txt Date: Mon, 13 Mar 2000 06:19:33 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : CMS RSAES-OAEP Conventions Author(s) : R. Housley Filename : draft-ietf-smime-cms-rsaes-oaep-00.txt Pages : 8 Date : 10-Mar-00 This document describes the use of the RSAES-OAEP key transport method of key management within the Cryptographic Message Syntax [CMS]. This draft is being discussed on the 'ietf-smime' mailing list. To join the list, send a message to <ietf-smime-request@imc.org> with the single word 'subscribe' in the body of the message. Also, there is a Web site for the mailing list at <http://www.imc.org/ietf- smime/>. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-rsaes-oaep-00.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cms-rsaes-oaep-00.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cms-rsaes-oaep-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000310135116.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-cms-rsaes-oaep-00.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-cms-rsaes-oaep-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000310135116.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: by ns.secondary.com (8.9.3/8.9.3) id DAA12943 for ietf-smime-bks; Fri, 10 Mar 2000 03:29:40 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id DAA12938 for <ietf-smime@imc.org>; Fri, 10 Mar 2000 03:29:39 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA29584; Fri, 10 Mar 2000 06:30:29 -0500 (EST) Message-Id: <200003101130.GAA29584@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-esformats-00.txt Date: Fri, 10 Mar 2000 06:30:29 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Electronic Signature Formats for long term electronic signature Author(s) : J. Ross, D. Pinkas, N. Pope Filename : draft-ietf-smime-esformats-00.txt Pages : 106 Date : 09-Mar-00 The informational RFC defines the format of an electronic signature that can remain valid over long periods. This includes evidence as to its validity even if the signer or verifying party later attempts to deny (repudiates) the validity of the signature. The contents of this Informational RFC is technically equivalent to ETSI ES 201 733 V.1.1.1 Copyright (C). Individual copies of this ETSI deliverable can be downloaded from http://www.etsi.org A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-esformats-00.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-esformats-00.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-esformats-00.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000309140444.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-esformats-00.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-esformats-00.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000309140444.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: by ns.secondary.com (8.9.3/8.9.3) id XAA29228 for ietf-smime-bks; Thu, 9 Mar 2000 23:17:41 -0800 (PST) Received: from smtp.nwlink.com (smtp.nwlink.com [209.20.130.57]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id XAA29224 for <ietf-smime@imc.org>; Thu, 9 Mar 2000 23:17:40 -0800 (PST) Received: from nwlink.com (listserv.nwlink.com [209.20.130.70]) by smtp.nwlink.com (8.9.3/8.9.3) with SMTP id XAA10087; Thu, 9 Mar 2000 23:18:26 -0800 (PST) From: "Jim Schaad" <jimsch@nwlink.com> Reply-to: jimsch@nwlink.com To: Aram Perez <aperez@syndata.com>, ietf-smime@imc.org Date: Thu, 9 Mar 2000 23:18:29 +0800 Subject: RE: Triple Wrapping Survey Message-id: <38c8a1c5.105d5.0@nwlink.com> X-User-Info: 210.55.166.93 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> >Hi Russ, > >I agree that S/MIMEv3 should minimize Base64 encoding when possible. As I >understand MIME, all implementations should handle binary as this is the >default unless otherwise specified. There are some known existing implemenations which cannot correctly handle the binary versions. I do not know any longer how wide spread these versions are. jim > >Regards, >Aram Perez > >-----Original Message----- >From: Russ Housley [mailto:housley@spyrus.com] >Sent: Monday, March 06, 2000 7:21 PM >To: ietf-smime@imc.org >Subject: Triple Wrapping Survey > > >I have a few questions for implementors. First some background, then the >questions. > >The use of S/MIMEv3 Triple Wrapping leads to the incorporation of four MIME >encodings. If each of these encodings uses Base64, then the overhead is >huge. I am interested in ways to reduce the overhead, hopefully without >hurting IMAP usability. > >1. Can your implementation handle > MIME( SignedData (EnvelopedData (SignedData ( MIME ))) ? > >The outer SignedData has the OID for EnvelopedData in the content type, not >id-data. >The EnvelopedData has the OID for SignedData in the content type, not >id-data. >The inner Signed Data has the id-data OID in the content type. > >2. Can your implementation handle MIME without Base64 encoding? I am >interested in using "binary" instead of Base64 to reduce the overhead. > >Russ > > http://www.nwlink.com Received: by ns.secondary.com (8.9.3/8.9.3) id XAA29161 for ietf-smime-bks; Thu, 9 Mar 2000 23:15:57 -0800 (PST) Received: from smtp.nwlink.com (smtp.nwlink.com [209.20.130.57]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id XAA29154 for <ietf-smime@imc.org>; Thu, 9 Mar 2000 23:15:56 -0800 (PST) Received: from nwlink.com (listserv.nwlink.com [209.20.130.70]) by smtp.nwlink.com (8.9.3/8.9.3) with SMTP id XAA09953; Thu, 9 Mar 2000 23:16:43 -0800 (PST) From: "Jim Schaad" <jimsch@nwlink.com> Reply-to: jimsch@nwlink.com To: Russ Housley <housley@spyrus.com>, ietf-smime@imc.org Date: Thu, 9 Mar 2000 23:16:43 +0800 Subject: Re: Triple Wrapping Survey Message-id: <38c8a15b.105cb.0@nwlink.com> X-User-Info: 210.55.166.93 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Msft versions cannot handle case #1 (I think). Msft versions can handle case #2 without any problems. jim schaad >I have a few questions for implementors. First some background, then the >questions. > >The use of S/MIMEv3 Triple Wrapping leads to the incorporation of four MIME >encodings. If each of these encodings uses Base64, then the overhead is >huge. I am interested in ways to reduce the overhead, hopefully without >hurting IMAP usability. > >1. Can your implementation handle > MIME( SignedData (EnvelopedData (SignedData ( MIME ))) ? > >The outer SignedData has the OID for EnvelopedData in the content type, not >id-data. >The EnvelopedData has the OID for SignedData in the content type, not id-data. >The inner Signed Data has the id-data OID in the content type. > >2. Can your implementation handle MIME without Base64 encoding? I am >interested in using "binary" instead of Base64 to reduce the overhead. > >Russ > > http://www.nwlink.com Received: by ns.secondary.com (8.9.3/8.9.3) id IAA05059 for ietf-smime-bks; Thu, 9 Mar 2000 08:42:53 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id IAA05054 for <ietf-smime@imc.org>; Thu, 9 Mar 2000 08:42:52 -0800 (PST) Received: from rhousley_laptop.spyrus.com (rhousley-pc.spyrus.com [207.212.34.221]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id IAA23349 for <ietf-smime@imc.org>; Thu, 9 Mar 2000 08:43:03 -0800 (PST) Message-Id: <4.2.0.58.20000309113750.00a61330@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Thu, 09 Mar 2000 11:39:31 -0500 To: ietf-smime@imc.org From: Russ Housley <housley@spyrus.com> Subject: LAST CALL: draft-ietf-smime-cast-128-01.txt Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> The CAST-128 algorithm specification is ready for Working Group Last Call. Please post comments to the ietf-smime mail list before 23 March 2000. Russ = = = = = = = = = = A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Use of the CAST-128 Encryption Algorithm in CMS Author(s) : C. Adams Filename : draft-ietf-smime-cast-128-01.txt Pages : 6 Date : 03-Mar-00 This document specifies how to incorporate CAST-128 [RFC2144] into the S/MIME Cryptographic Message Syntax (CMS) as an additional algorithm for symmetric encryption. The relevant OIDs and processing steps are provided so that CAST-128 may be included in the CMS specification [RFC2630] for symmetric content and key encryption. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cast-128-01.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cast-128-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cast-128-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. Content-Type: text/plain Content-ID: <20000303085824.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-cast-128-01.txt <ftp://ftp.ietf.org/internet-drafts/draft-ietf-smime-cast-128-01.txt> Received: by ns.secondary.com (8.9.3/8.9.3) id DAA26215 for ietf-smime-bks; Thu, 9 Mar 2000 03:29:25 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id DAA26203 for <ietf-smime@imc.org>; Thu, 9 Mar 2000 03:29:23 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA25296; Thu, 9 Mar 2000 06:30:08 -0500 (EST) Message-Id: <200003091130.GAA25296@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-domsec-04.txt Date: Thu, 09 Mar 2000 06:30:08 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Domain Security Services using S/MIME Author(s) : T. Dean, W. Ottaway Filename : draft-ietf-smime-domsec-04.txt Pages : 8 Date : 08-Mar-00 This document describes how the S/MIME protocol can be processed and generated by a number of components of a communication system, such as message transfer agents, guards and gateways to deliver security services. These services are collectively referred to as 'Domain Security Services'. The mechanisms described in this document are designed to solve a number of interoperability problems and technical limitations that arise when different security domains wish to communicate securely - for example when two domains use incompatible messaging technologies such as X.400 and SMTP/MIME. This document is also applicable to organisations and enterprises that have internal PKIs which are not accessible by the outside world, but wish to interoperate securely using the S/MIME protocol. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-domsec-04.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-domsec-04.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-domsec-04.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000308132005.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-domsec-04.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-domsec-04.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000308132005.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: by ns.secondary.com (8.9.3/8.9.3) id PAA25393 for ietf-smime-bks; Tue, 7 Mar 2000 15:26:27 -0800 (PST) Received: from boreas.isi.edu (boreas.isi.edu [128.9.160.161]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id PAA25389 for <ietf-smime@imc.org>; Tue, 7 Mar 2000 15:26:26 -0800 (PST) Received: from ISI.EDU (jet.isi.edu [128.9.160.87]) by boreas.isi.edu (8.8.7/8.8.6) with ESMTP id PAA29064; Tue, 7 Mar 2000 15:26:53 -0800 (PST) Message-Id: <200003072326.PAA29064@boreas.isi.edu> To: IETF-Announce: ; Subject: RFC 2785 on Methods for Avoiding "Small-Subgroup" Attacks Cc: rfc-ed@ISI.EDU, ietf-smime@imc.org Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary=NextPart Date: Tue, 07 Mar 2000 15:26:53 -0800 From: RFC Editor <rfc-ed@ISI.EDU> Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A new Request for Comments is now available in online RFC libraries. RFC 2785 Title: Methods for Avoiding the "Small-Subgroup" Attacks on the Diffie-Hellman Key Agreement Method for S/MIME Author(s): R. Zuccherato Status: Informational Date: March 2000 Mailbox: robert.zuccherato@entrust.com Pages: 11 Characters: 24415 Updates/Obsoletes/SeeAlso: None I-D Tag: draft-ietf-smime-small-subgroup-03.txt URL: ftp://ftp.isi.edu/in-notes/rfc2785.txt In some circumstances the use of the Diffie-Hellman key agreement scheme in a prime order subgroup of a large prime p is vulnerable to certain attacks known as "small-subgroup" attacks. Methods exist, however, to prevent these attacks. This document will describe the situations relevant to implementations of S/MIME version 3 in which protection is necessary and the methods that can be used to prevent these attacks. This document is a product of the S/MIME Mail Security Working Group of the IETF. This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. This announcement is sent to the IETF list and the RFC-DIST list. Requests to be added to or deleted from the IETF distribution list should be sent to IETF-REQUEST@IETF.ORG. Requests to be added to or deleted from the RFC-DIST distribution list should be sent to RFC-DIST-REQUEST@RFC-EDITOR.ORG. Details on obtaining RFCs via FTP or EMAIL may be obtained by sending an EMAIL message to rfc-info@RFC-EDITOR.ORG with the message body help: ways_to_get_rfcs. For example: To: rfc-info@RFC-EDITOR.ORG Subject: getting rfcs help: ways_to_get_rfcs Requests for special distribution should be addressed to either the author of the RFC in question, or to RFC-Manager@RFC-EDITOR.ORG. Unless specifically noted otherwise on the RFC itself, all RFCs are for unlimited distribution.echo Submissions for Requests for Comments should be sent to RFC-EDITOR@RFC-EDITOR.ORG. Please consult RFC 2223, Instructions to RFC Authors, for further information. Joyce K. Reynolds and Sandy Ginoza USC/Information Sciences Institute ... Below is the data which will enable a MIME compliant Mail Reader implementation to automatically retrieve the ASCII version of the RFCs. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="RFC-INFO@RFC-EDITOR.ORG" Content-Type: text/plain Content-ID: <000307151835.RFC@RFC-EDITOR.ORG> RETRIEVE: rfc DOC-ID: rfc2785 --OtherAccess Content-Type: Message/External-body; name="rfc2785.txt"; site="ftp.isi.edu"; access-type="anon-ftp"; directory="in-notes" Content-Type: text/plain Content-ID: <000307151835.RFC@RFC-EDITOR.ORG> --OtherAccess-- --NextPart-- Received: by ns.secondary.com (8.9.3/8.9.3) id MAA21856 for ietf-smime-bks; Tue, 7 Mar 2000 12:27:00 -0800 (PST) Received: from cane.deming.com (mail.deming.com [208.236.41.137]) by ns.secondary.com (8.9.3/8.9.3) with SMTP id MAA21852 for <ietf-smime@imc.org>; Tue, 7 Mar 2000 12:26:59 -0800 (PST) Received: from 208.236.41.137 by cane.deming.com with ESMTP (WorldSecure Server SMTP Relay(WSS) v4.3); Tue, 07 Mar 00 12:27:06 -0800 X-Server-Uuid: 1a012586-24e9-11d1-adae-00a024bc53c5 Received: by mail.deming.com with Internet Mail Service (5.5.2650.21) id <FMV7Q9Q2>; Tue, 7 Mar 2000 12:27:06 -0800 Message-ID: <01FF24001403D011AD7B00A024BC53C594F827@mail.deming.com> From: "Blake Ramsdell" <blake.ramsdell@tumbleweed.com> To: "'Aram Perez'" <aperez@syndata.com>, ietf-smime@imc.org Subject: RE: Triple Wrapping Survey Date: Tue, 7 Mar 2000 12:26:58 -0800 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) X-WSS-ID: 14DBB99082655-01-01 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> I think that the point Russ was making is "can you handle nesting of CMS objects" not "can you handle nesting of MIME wrapped CMS objects". In our case, we can only do MIME wrapped CMS objects, but we can handle binary encoding of those objects. Blake -----Original Message----- From: Aram Perez [mailto:aperez@syndata.com] Sent: Tuesday, March 07, 2000 6:30 AM To: ietf-smime@imc.org Subject: RE: Triple Wrapping Survey Hi Russ, I agree that S/MIMEv3 should minimize Base64 encoding when possible. As I understand MIME, all implementations should handle binary as this is the default unless otherwise specified. Regards, Aram Perez -----Original Message----- From: Russ Housley [mailto:housley@spyrus.com] Sent: Monday, March 06, 2000 7:21 PM To: ietf-smime@imc.org Subject: Triple Wrapping Survey I have a few questions for implementors. First some background, then the questions. The use of S/MIMEv3 Triple Wrapping leads to the incorporation of four MIME encodings. If each of these encodings uses Base64, then the overhead is huge. I am interested in ways to reduce the overhead, hopefully without hurting IMAP usability. 1. Can your implementation handle MIME( SignedData (EnvelopedData (SignedData ( MIME ))) ? The outer SignedData has the OID for EnvelopedData in the content type, not id-data. The EnvelopedData has the OID for SignedData in the content type, not id-data. The inner Signed Data has the id-data OID in the content type. 2. Can your implementation handle MIME without Base64 encoding? I am interested in using "binary" instead of Base64 to reduce the overhead. Russ Received: by ns.secondary.com (8.9.3/8.9.3) id GAA15136 for ietf-smime-bks; Tue, 7 Mar 2000 06:29:18 -0800 (PST) Received: from mars.syndata.com ([208.195.248.153]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA15131 for <ietf-smime@imc.org>; Tue, 7 Mar 2000 06:29:16 -0800 (PST) Received: by MARS with Internet Mail Service (5.5.2650.21) id <F3J9JYG8>; Tue, 7 Mar 2000 09:29:40 -0500 Message-ID: <D92EE22C97C3D311855E005004E0CBF003362C@MARS> From: Aram Perez <aperez@syndata.com> To: ietf-smime@imc.org Subject: RE: Triple Wrapping Survey Date: Tue, 7 Mar 2000 09:29:31 -0500 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2650.21) Content-Type: text/plain; charset="iso-8859-1" Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Hi Russ, I agree that S/MIMEv3 should minimize Base64 encoding when possible. As I understand MIME, all implementations should handle binary as this is the default unless otherwise specified. Regards, Aram Perez -----Original Message----- From: Russ Housley [mailto:housley@spyrus.com] Sent: Monday, March 06, 2000 7:21 PM To: ietf-smime@imc.org Subject: Triple Wrapping Survey I have a few questions for implementors. First some background, then the questions. The use of S/MIMEv3 Triple Wrapping leads to the incorporation of four MIME encodings. If each of these encodings uses Base64, then the overhead is huge. I am interested in ways to reduce the overhead, hopefully without hurting IMAP usability. 1. Can your implementation handle MIME( SignedData (EnvelopedData (SignedData ( MIME ))) ? The outer SignedData has the OID for EnvelopedData in the content type, not id-data. The EnvelopedData has the OID for SignedData in the content type, not id-data. The inner Signed Data has the id-data OID in the content type. 2. Can your implementation handle MIME without Base64 encoding? I am interested in using "binary" instead of Base64 to reduce the overhead. Russ Received: by ns.secondary.com (8.9.3/8.9.3) id QAA10154 for ietf-smime-bks; Mon, 6 Mar 2000 16:21:36 -0800 (PST) Received: from mail.spyrus.com (mail.spyrus.com [207.212.34.20]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id QAA10150 for <ietf-smime@imc.org>; Mon, 6 Mar 2000 16:21:35 -0800 (PST) Received: from rhousley_laptop.spyrus.com (rhousley-pc.spyrus.com [207.212.34.221]) by mail.spyrus.com (8.9.3/8.9.3) with ESMTP id QAA21276 for <ietf-smime@imc.org>; Mon, 6 Mar 2000 16:21:37 -0800 (PST) Message-Id: <4.2.0.58.20000306191221.00a44100@mail.spyrus.com> X-Sender: rhousley@mail.spyrus.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Mon, 06 Mar 2000 19:21:17 -0500 To: ietf-smime@imc.org From: Russ Housley <housley@spyrus.com> Subject: Triple Wrapping Survey Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> I have a few questions for implementors. First some background, then the questions. The use of S/MIMEv3 Triple Wrapping leads to the incorporation of four MIME encodings. If each of these encodings uses Base64, then the overhead is huge. I am interested in ways to reduce the overhead, hopefully without hurting IMAP usability. 1. Can your implementation handle MIME( SignedData (EnvelopedData (SignedData ( MIME ))) ? The outer SignedData has the OID for EnvelopedData in the content type, not id-data. The EnvelopedData has the OID for SignedData in the content type, not id-data. The inner Signed Data has the id-data OID in the content type. 2. Can your implementation handle MIME without Base64 encoding? I am interested in using "binary" instead of Base64 to reduce the overhead. Russ Received: by ns.secondary.com (8.9.3/8.9.3) id DAA27216 for ietf-smime-bks; Mon, 6 Mar 2000 03:56:21 -0800 (PST) Received: from ietf.org (odin.ietf.org [132.151.1.176]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id DAA27212 for <ietf-smime@imc.org>; Mon, 6 Mar 2000 03:56:19 -0800 (PST) Received: from CNRI.Reston.VA.US (localhost [127.0.0.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id GAA02352; Mon, 6 Mar 2000 06:56:49 -0500 (EST) Message-Id: <200003061156.GAA02352@ietf.org> Mime-Version: 1.0 Content-Type: Multipart/Mixed; Boundary="NextPart" To: IETF-Announce: ; Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Reply-to: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-cast-128-01.txt Date: Mon, 06 Mar 2000 06:56:48 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Use of the CAST-128 Encryption Algorithm in CMS Author(s) : C. Adams Filename : draft-ietf-smime-cast-128-01.txt Pages : 6 Date : 03-Mar-00 This document specifies how to incorporate CAST-128 [RFC2144] into the S/MIME Cryptographic Message Syntax (CMS) as an additional algorithm for symmetric encryption. The relevant OIDs and processing steps are provided so that CAST-128 may be included in the CMS specification [RFC2630] for symmetric content and key encryption. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cast-128-01.txt Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cast-128-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cast-128-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <20000303085824.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-cast-128-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-cast-128-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <20000303085824.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id JAA04623 for ietf-smime-bks; Fri, 3 Mar 2000 09:56:01 -0800 (PST) Received: from alpha.it-sec.com (dmz1.itsec.ch [195.141.254.202] (may be forged)) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id JAA04614 for <ietf-smime@imc.org>; Fri, 3 Mar 2000 09:55:58 -0800 (PST) Received: from svzh0004.itsec.ch (localhost [127.0.0.1]) by alpha.it-sec.com (8.9.3/8.9.3) with ESMTP id TAA18455; Fri, 3 Mar 2000 19:54:12 +0100 (MET) Received: by SVZH0004 with Internet Mail Service (5.5.2448.0) id <1PL1SM5Z>; Fri, 3 Mar 2000 18:53:49 +0100 Message-ID: <F5545CEFBE7CD31190C90004AC4C1B640D267D@SVZH0004> From: "Teiwes, Stephan (iT_SEC)" <stephan.teiwes@it-sec.com> To: "'Russ Housley'" <housley@spyrus.com>, ietf-smime@imc.org Subject: RE: draft-ietf-smime-idea Date: Fri, 3 Mar 2000 18:53:48 +0100 MIME-Version: 1.0 X-Mailer: Internet Mail Service (5.5.2448.0) Content-Type: text/plain; charset="windows-1252" Sender: owner-ietf-smime@imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Firstly, I would like to apologize for the delay of my response (I was busy on CeBIT). We highly respect all comments on the draft and would like to proceed in the following way: 1. we will submit an IPR statement to the IETF and this working group very soon 2. we will remove all sentences in the draft which could lead to the impression of marketing; it is not our intention to misuse the draft for marketing purposes I would like to remark that the sentence "Organization who make already use of IDEA for other applications also want to use IDEA in S/MIME." has been introduced for justification. We sent already an long list of IDEA users in industry to the SMIME working group (also Mr. Hoffman got this list, and thus he should not say that he has never heart of anyone wanting to use IDEA). We can proove that IDEA is widely used in Europe. According to our experience customers in industry often like to choose a symmetric cipher as a part of their security policy. This demand should be considered in SMIME, and that's why we wrote the draft. 3. The short statement and reference on the security of IDEA has been introduced in appendix B when Mr. Hoffman asked us to include such a statement (after submission of draft verion 0). Basically, we reacted on his doubts about the IDEA security. Anyway, we will remove the statement "Experts in cryptography consider IDEA to be a highly secure symmetric cipher [IDEA]" as it can be directly obtained from the stated literature. Despite different personal opinions about the use of IDEA, we believe, the customer's desires should be considered. We can proove that big European companies and banks are using it, and they want to use it in SMIME as well. Thanks a lot for your understanding and support. *Stephan Teiwes, iT_Security AG -----Original Message----- From: Russ Housley [mailto:housley@spyrus.com] Sent: Mittwoch, 23. Februar 2000 20:20 To: ietf-smime@imc.org Subject: Re: draft-ietf-smime-idea All: Paul raises some very important points. Let me share my view as the S/MIME Working Group Chair. 1. We must have an IPR statement for this document to progress to an RFC. 2. I do not mind some justification text. Something like: "Organization who make already use of IDEA for other applications also want to use IDEA in S/MIME." But, in my opinion, the marketing hype needs to be significantly reduced. The CAST-128 document does not try to convince anyone that CAST-128 is appropriate or inappropriate for any particular group of users. The IDEA document should have a similar tone. 3. I would like this document to become a Standards Track document. The document should state the one and only way that IDEA is used with CMS. Clearly, IDEA will not be mandatory to implement, but if IDEA is implemented, then it MUST be done in the manner specified in this document. I cannot recommend that this document become a Standards Track RFC until items 1 and 2 are repaired. Russ At 09:58 AM 02/23/2000 -0800, Paul Hoffman / IMC wrote: >There are a few things in this document that should raise concern. > >Appendix C states clearly that this is a patented algorithm for which >licensing is available. However, it appears that no one has let the IETF >Secretariat know that. Nothing about IDEA is listed on ><http://www.ietf.org/ipr.html>. This draft should not be considered until >there is a formal statement to the IETF. > >Parts of the document sounds like a marketing brochure. "Today, IDEA is >widely applied in electronic business applications." "Especially for those >organization who make already use of IDEA on a wide scale it is of high >interest that IDEA is also available in S/MIME." "Experts in cryptography >consider IDEA to be a highly secure symmetric cipher [IDEA]." And so on. > >These seem particularly inappropriate for an RFC. To be frank, I've never >heard of anyone wanting to use IDEA for anything other than old PGP. The >folks who wrote PGP had their reasons for choosing IDEA when they did, but >they dropped IDEA as a required algorithm for OpenPGP and that doesn't >appear to have negatively affected them. The IETF shouldn't codify this >kind of marketing hype, even in an Informational RFC. To move forwards >with this, it would be nice if the authors went through the draft and took >out the marketing fluff. > >--Paul Hoffman, Director >--Internet Mail Consortium Received: (from majordomo@localhost) by ns.secondary.com (8.9.3/8.9.3) id GAA19548 for ietf-smime-bks; Fri, 3 Mar 2000 06:36:02 -0800 (PST) Received: from iaik.tu-graz.ac.at (excalibur.iaik.tu-graz.ac.at [129.27.152.30]) by ns.secondary.com (8.9.3/8.9.3) with ESMTP id GAA19537 for <ietf-smime@imc.org>; Fri, 3 Mar 2000 06:35:58 -0800 (PST) Received: from PLIPP2 [129.27.152.34] by iaik.tu-graz.ac.at (SMTPD32-5.05) id ADDC18000FE; Fri, 03 Mar 2000 15:36:12 +0100 Received: from PLIPP2 [127.0.0.1] by PLIPP2 (IAIK S/MIME Mapper 2.0alpha3b 1/December/1999); Fr, 03 Mär 2000 15:36:36 +0100 From: "Peter Lipp" <Peter.Lipp@iaik.at> To: <ietf-smime@imc.org> Subject: AW: draft-ietf-smime-idea Date: Fri, 3 Mar 2000 15:36:36 +0100 Message-ID: <NDBBLDEHJKOODMJCNBNCIEEHDFAA.Peter.Lipp@iaik.at> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=sha1; boundary="--IAIK.SMIME.MAPPER.90086585--"; protocol="application/x-pkcs7-signature" X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Importance: Normal In-Reply-To: <s8b5bcf9.084@prv-mail20.provo.novell.com> Sender: owner-ietf-smime@imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> This is a multipart MIME message, it may require a MIME capable user agent. ----IAIK.SMIME.MAPPER.90086585-- Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > In fact, I think there are already FAR too many algorithms, > variations, etc., in the S/MIME standard as > it is, and to virtually no good purpose that I can see. Yes! As long as there is a strong enough free cipher in there, everybody should be happy. Maybe another one to choose from, and yes, as AES becomes a standard, there will be a need to add it(them). What do the ton's of ciphersuites in TLS buy us if there are major vendors only supporting the RSA ones and all the products need to be able to talk to them? Yes, we can say "all ciphersuites implemented in our toolkit"! Peter ______________________________________ Dr. Peter Lipp IAIK, TU Graz Inffeldgasse 16a, A-8010 Graz, Austria Tel: +43 316 873 5513 Fax: +43 316 873 5520 Web: www.iaik.at ----IAIK.SMIME.MAPPER.90086585-- Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAA oIIVIDCCBE0wggM5oAMCAQICAwGGrTAJBgUrDgMCHQUAMIIBEzELMAkGA1UEBhMC QVQxDzANBgNVBAgTBlN0eXJpYTENMAsGA1UEBxMER1JBWjEZMBcGA1UECRMQSW5m ZmVsZGdhc3NlIDE2YTEmMCQGA1UEChMdR1JBWiBVTklWRVJTSVRZIE9GIFRFQ0hO T0xPR1kxRzBFBgNVBAsTPkluc2l0dXRlIGZvciBBcHBsaWVkIEluZm9ybWF0aW9u IFByb2Nlc3NpbmcgYW5kIENvbW11bmljYXRpb25zMRkwFwYDVQQLExBJQUlLIElO VFJBTkVUIENBMRkwFwYDVQQDExBJQUlLIFRVLUdSQVogU0lHMSIwIAYDVQQMExlJ QUlLIGVsZWN0cm9uaWMgc2lnbmF0dXJlMB4XDTk5MTEyODIwMjIzOVoXDTAwMTEy ODIwMjIzOVowgZMxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJ VFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQg SW5mb3JtYXRpb24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxEzARBgNV BAMTClBldGVyIExpcHAwgZ0wDQYJKoZIhvcNAQEBBQADgYsAMIGHAoGBAM5s1aJQ xXxczmMNSJtL4cv9nhMA+dtbUN4+DA5qfZBqcwR2zWw2VulPyrAeZDA1HFP8zlpk PlC5C4hNnX+p7QdG8u0LMk45FwaatOm2r2gEmTYGH/znwQSrKTsZXi0d0VHZV0TX yU/I3SlYxSXfjFafAVE09KKa2m8jcUOhF97dAgEDo4G0MIGxMDgGA1UdHwQxMC8w LaAroCmkJzAlMRAwDgYDVQQKEwdpYWlrLmF0MREwDwYDVQQDEwhJQUlLQ1JMMTAR BglghkgBhvhCAQEEBAMCAKAwKAYJYIZIAYb4QgENBBsWGVVzZXItQ2VydGlmaWNh dGUgSU5UUkFORVQwDAYDVR0TBAUwAwEBADAdBgNVHREEFjAUgRJQZXRlci5MaXBw QGlhaWsuYXQwCwYDVR0PBAQDAgbAMAkGBSsOAwIdBQADggEBAA4r/qDOLW8ChbuC 2pGzcf74Uv190Q45aHj99lMgNhPQRIVaLLNXJH+NYJxEvIwmVOWIXjdA03TqkOOq FJ/tK31wV+RbrvaPaVUwRjPhC2f8rr+K6pp9mzUC1SolUEbRWVHgOZGsbnEJkTEr oJOelFdKr0coT+Xeje/fI5d50P3CwsJLR2PFkiswnOoWBINi2nq6MGZ7fwmzW8F9 ZVstrNMQYCeEj4V2SR/YIUrDxsdqMQyorBe/su3eab3fOpPlonb86KKWH6jLdgpi KGRoHGWeGgAWlMB0HdxaupX7Lm8LhVYZOdh9SpvO8AdhMyOXNHOKF6sMXCZvSEHy 2XUvbmAwggRUMIIDQKADAgECAgJOIDAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJB VDEmMCQGA1UEChMdR1JBWiBVTklWRVJTSVRZIE9GIFRFQ0hOT0xPR1kxRzBFBgNV BAsTPkluc2l0dXRlIGZvciBBcHBsaWVkIEluZm9ybWF0aW9uIFByb2Nlc3Npbmcg YW5kIENvbW11bmljYXRpb25zMRkwFwYDVQQDExBJQUlLIElOVFJBTkVUIENBMB4X DTk5MTExNDEyNTE0OVoXDTAyMTIzMTIyNTkzMFowggETMQswCQYDVQQGEwJBVDEP MA0GA1UECBMGU3R5cmlhMQ0wCwYDVQQHEwRHUkFaMRkwFwYDVQQJExBJbmZmZWxk Z2Fzc2UgMTZhMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5PTE9H WTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJv Y2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGTAXBgNVBAsTEElBSUsgSU5UUkFO RVQgQ0ExGTAXBgNVBAMTEElBSUsgVFUtR1JBWiBTSUcxIjAgBgNVBAwTGUlBSUsg ZWxlY3Ryb25pYyBzaWduYXR1cmUwggEgMA0GCSqGSIb3DQEBAQUAA4IBDQAwggEI AoIBAQDSyhKuZGsL1EPk5mOTG8RzhHS/Va+/WYjs7Zm91nwVHu1+XFLJeJ85AICk SQ7yq9lWa9ur34cywbNhl/9QxaOBOiHkMvAuXxs2Bq/uhe/hEb1T7XgO12ptG80q SOP8/nKxw1PXlbUkd1rD9727mO/5tpvagEQfz7CZQ5wI4HkrNw5uH/vsJ72wRcRT FzmHy/nOX3Y9sXLd/V7TG8j1x0oNWsR3b0tHEWM+Oc1Qq5FfCknoMMCitSD38cUL CCcLJtVxkOiapWaZrDXUAuhvshhsRPjkXh6IzpqsZEtRI64SurLoUUShPv108ELE 6rfQKtm9FNnlFRD954diwfFHko/lAgEFozMwMTARBglghkgBhvhCAQEEBAMCAAIw DwYDVR0TBAgwBgEB/wIBATALBgNVHQ8EBAMCAQYwCQYFKw4DAh0FAAOCAQEAc26n vl5jQspoqD0fzjpZkqGARmFVj9uHNqVoWttqw/y6t46OhJUcePEmXkKsFP4NuCFx 2MyvmbWb6R6QNQ5WfoarGWyQ382cQN6mccPS5weDjXAzYeGZUkx99K70ncVxkwq7 rINAhJtari2XSLxmfBJyTYrZuWEgd5C9NBuf2u3iZyArarOKPbrBjZxjmXwBbZ7t sfAhSVMGSr2ODgQcQjf7ZndNIsQZL75HkN21Pj+/x3wnMCAQF50+Pt8ioAgZ/SAu dxmdYNr2itI0vmsV/xjD1NQuwb6+HwmR2LxclhMzrT1VbtTDkRLD/h8LKC1OpKV8 lQlS7Ir+Od/XNafKJjCCA8owggKyoAMCAQICAQEwDQYJKoZIhvcNAQEEBQAwgZkx CzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5P TE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRpb24g UHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGTAXBgNVBAMTEElBSUsgSU5U UkFORVQgQ0EwHhcNOTkxMTE0MTIzMTU5WhcNMDIxMjMxMjI1OTMwWjCBmTELMAkG A1UEBhMCQVQxJjAkBgNVBAoTHUdSQVogVU5JVkVSU0lUWSBPRiBURUNITk9MT0dZ MUcwRQYDVQQLEz5JbnNpdHV0ZSBmb3IgQXBwbGllZCBJbmZvcm1hdGlvbiBQcm9j ZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczEZMBcGA1UEAxMQSUFJSyBJTlRSQU5F VCBDQTCCASAwDQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAMLr+IHe6qeAtYLk fvxyRI6ogrvBP5iKPEBZ7j3T1yVJL7CDPGH8hgPsI4qt6Fnzh2MuAq84JS58zX5x LqEUC/E5xw1xyAzorC6yWwxGRhb+fvTg4OlM2JVsTlyJO6F/BWlXuZU33lgGky/R X84sItXKhmhbUPscnHYBsVKcQO5rFcRrJK/5c1Mha/bcQNVDQaQw+HRCvr7T4mAV Yi+DVJv6jb393CoDBnffGP/mcIkFGFO5D6lyfP8QiSs06+0unIYWwUn1YzQI2RNB AjXrCuAJtlf4qYrGXC09Neg8ymoI2uOglo6scWiZXt/prxWoi+btPX8oWDl5+7DE tCf0rx8CAQejHTAbMAwGA1UdEwQFMAMBAf8wCwYDVR0PBAQDAgEGMA0GCSqGSIb3 DQEBBAUAA4IBAQAfdOMJ/ePlmrY0flkgiL6vyRDBuWGcIaB/oGofngJzbQLa7X2s hWzpIiVpvo64XcjIBuocpErhIQfc2UZTSqYYT7R2Uydh0wVeqScURuwuihFURPhI 7GWCSrNwym2lrwsva2Xh/MTyzhXs9vo29dP2djjelN8n347dXhKJOYJ0tsA583af EKmKvkfzAb+sQLxEmPyasQTCGJMec/iWjLTsEDRfCrROYVgDZ4NcCpiRSv9mWw6s PYB8Chf5fJq1waFzluFYSUkuF24NKVopr1E4dKt2Lc1zdMRGRztKQWeUiBLkqFCQ xsi6iZrl1nvMCdF+scuLj7G4lNshx6n1ZcabMIIETTCCAzmgAwIBAgIDAw1NMAkG BSsOAwIdBQAwggETMQswCQYDVQQGEwJBVDEPMA0GA1UECBMGU3R5cmlhMQ0wCwYD VQQHEwRHcmF6MRkwFwYDVQQJExBJbmZmZWxkZ2Fzc2UgMTZhMSYwJAYDVQQKEx1H UkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUg Zm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNh dGlvbnMxGTAXBgNVBAsTEElBSUsgSU5UUkFORVQgQ0ExGzAZBgNVBAMTEklBSUsg VFUtR1JBWiBDUllQVDEgMB4GA1UEDBMXSUFJSyBjb25maWRlbnRpYWxpdHkgQ0Ew HhcNOTkxMTI4MjAyMzM4WhcNMDAxMTI4MjAyMzM4WjCBkzELMAkGA1UEBhMCQVQx JjAkBgNVBAoTHUdSQVogVU5JVkVSU0lUWSBPRiBURUNITk9MT0dZMUcwRQYDVQQL Ez5JbnNpdHV0ZSBmb3IgQXBwbGllZCBJbmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFu ZCBDb21tdW5pY2F0aW9uczETMBEGA1UEAxMKUGV0ZXIgTGlwcDCBnTANBgkqhkiG 9w0BAQEFAAOBiwAwgYcCgYEAvQe3ZdxrE2Nv5z2ZLink1P2MFeQb5gYrS55w4jsX ZGD5v9Ajnv3w30Ajcn7jI+blIvYYpmNQV476+aUHNZFUML/KN5WGVXfdBOxb2n+6 Porez8KMnUlq3cCvAdhVdquFjwaRHO5k7gY80hNAfVker52A1aXbrT0TaWGlCl25 sq0CAQWjgbQwgbEwOAYDVR0fBDEwLzAtoCugKaQnMCUxEDAOBgNVBAoTB2lhaWsu YXQxETAPBgNVBAMTCElBSUtDUkwxMBEGCWCGSAGG+EIBAQQEAwIAoDAoBglghkgB hvhCAQ0EGxYZVXNlci1DZXJ0aWZpY2F0ZSBJTlRSQU5FVDAMBgNVHRMEBTADAQEA MB0GA1UdEQQWMBSBElBldGVyLkxpcHBAaWFpay5hdDALBgNVHQ8EBAMCA3gwCQYF Kw4DAh0FAAOCAQEAhvbZ0/1a47YqiCYjsnsqxWhFufL9oPQzzK9sBDjZZwbpPnhD ZN8PmBqWUXAo74a6oz7Q0W1QieAPCIGenFcVe5ui9m+9TDwtrQN1ECE5k3VuGlh9 l+1Sw5GjFEynARTDmaSRIc75EV/nx4a1LuHLkRYGC5Mg6LskWpIw7ShdPD54U/3Q 19iboaASh0ynfySjBsy1549hQcmi9UfMMX7u1QCCia2kd15u+YaVxtWoMHFB59q6 ELx+9XseEpEI/zBlvSwdyDTXWtnlxnzZjsyk0a/W+FpdeuZ7k2Dbf/Owx0nXS70M HrH/AErvvbhxJ1BaAPC6TAN6da4xPpwy5XSRfjCCBFQwggNAoAMCAQICAnUwMAkG BSsOAwIdBQAwgZkxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJ VFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQg SW5mb3JtYXRpb24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGTAXBgNV BAMTEElBSUsgSU5UUkFORVQgQ0EwHhcNOTkxMTE0MTI1NTM2WhcNMDIxMjMxMjI1 OTMwWjCCARMxCzAJBgNVBAYTAkFUMQ8wDQYDVQQIEwZTdHlyaWExDTALBgNVBAcT BEdyYXoxGTAXBgNVBAkTEEluZmZlbGRnYXNzZSAxNmExJjAkBgNVBAoTHUdSQVog VU5JVkVSU0lUWSBPRiBURUNITk9MT0dZMUcwRQYDVQQLEz5JbnNpdHV0ZSBmb3Ig QXBwbGllZCBJbmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9u czEZMBcGA1UECxMQSUFJSyBJTlRSQU5FVCBDQTEbMBkGA1UEAxMSSUFJSyBUVS1H UkFaIENSWVBUMSAwHgYDVQQMExdJQUlLIGNvbmZpZGVudGlhbGl0eSBDQTCCASAw DQYJKoZIhvcNAQEBBQADggENADCCAQgCggEBAMEnzjatic90xi5VRmr0i2O16Z1a SElQFZitoNvAzGw+KehOTuKeUr5ALHib9tGInNm+jPTWVGl/u5Hab1JRzXj0xAKy qvZ+KphGy6ag6VcCVySJmeY1AqTM0W78XdFQXnlZuciBv00Ktoulb/Ktgh6c0YNg o4UMVdxjGHJweibT1AGvlFe2BqulwtuwOLovMIuIyHHh+o6F2HXYKUB54GJpia1B 2IfmqcpBBFdYtDlHyrxugB5QhuhLo0BjD8jCe8B2gkQnI2wIeyfpLlH+u3/VQAl1 2cZKkqaqPpOgP/znsdh62QBSabrRluvCp9OQW9M8u+mJlrxIIVwtThfzIW0CAQWj MzAxMBEGCWCGSAGG+EIBAQQEAwIAAjAPBgNVHRMECDAGAQH/AgEBMAsGA1UdDwQE AwIBBjAJBgUrDgMCHQUAA4IBAQBa+v4JIzqbBydvFOaP/dA5D/GLWEWjPTF8tKcP hxlEYABH8dW5E2tk/nNE2CDyGjkJtR+o9kiCDCa4N/qlc2LepJpa0I28Hi4wCd0C uxSWpEuDHNDrW6Y/bU8gJ8DpskVl+lR0QFkqSCWAu3bY0e2VvUffk2ltrx1KvO64 vGX+ayZn2P7naGHPfYjCBWUKzW0zS8chVf0aehu/qXFuZDfy1MlDgEnPl1DQ1vSL CMmFEDc99iNzcCU7ILn+RgWPNYPVhCUqoDQ6buX00ohfNVS/OHgqkWpa1HLvLRXq E9NmYUJvfhE2zCY6w6bTME3IfDCXRat2Q3twP4/iP9xtsTbPMYICeDCCAnQCAQEw ggEcMIIBEzELMAkGA1UEBhMCQVQxDzANBgNVBAgTBlN0eXJpYTENMAsGA1UEBxME R1JBWjEZMBcGA1UECRMQSW5mZmVsZGdhc3NlIDE2YTEmMCQGA1UEChMdR1JBWiBV TklWRVJTSVRZIE9GIFRFQ0hOT0xPR1kxRzBFBgNVBAsTPkluc2l0dXRlIGZvciBB cHBsaWVkIEluZm9ybWF0aW9uIFByb2Nlc3NpbmcgYW5kIENvbW11bmljYXRpb25z MRkwFwYDVQQLExBJQUlLIElOVFJBTkVUIENBMRkwFwYDVQQDExBJQUlLIFRVLUdS QVogU0lHMSIwIAYDVQQMExlJQUlLIGVsZWN0cm9uaWMgc2lnbmF0dXJlAgMBhq0w CQYFKw4DAhoFAKCBsTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3 DQEJBTEPFw0wMDAzMDMxNDM2MzdaMCMGCSqGSIb3DQEJBDEWBBRHJkBl6UdH6FYn INN7etKR9xgX4zBSBgkqhkiG9w0BCQ8xRTBDMAoGCCqGSIb3DQMHMA4GCCqGSIb3 DQMCAgIAgDANBggqhkiG9w0DAgIBQDANBggqhkiG9w0DAgIBKDAHBgUrDgMCBzAN BgkqhkiG9w0BAQEFAASBgKKPYVH9JdFcbH9vNbHCubKRr7wA51fOms0eG4bKjFQT xozr9nqZRvfXWN9zwPm/pVM2OmXRFoBEGii8Xusbx5BhFtE9BCfI6P1rD7WdKtAT rBHdzSHWQkqEmQzUjsnOeMX/Siu10VKSdDYnysVr72VMQmfsLsygSzmv3AhsWSFn AAAAAAAA ----IAIK.SMIME.MAPPER.90086585----
- Comments on draft-ietf-smime-compression-00.txt Peter Gutmann
- RE: Comments on draft-ietf-smime-compression-00.t… Jim Schaad
- RE: Comments on draft-ietf-smime-compression-00.t… Philip Hallam-Baker
- Re: Comments on draft-ietf-smime-compression-00.t… Sean Turner