RE: Determining if a message has multiple layers without processi ng any of them
Darrell Dykstra <Darrell.Dykstra@entrust.com> Thu, 11 September 2003 03:01 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id XAA27684 for <smime-archive@lists.ietf.org>; Wed, 10 Sep 2003 23:01:33 -0400 (EDT)
Received: from above.proper.com (localhost [127.0.0.1]) by above.proper.com (8.12.9/8.12.8) with ESMTP id h8B2bBeo064001 for <ietf-smime-bks@above.proper.com>; Wed, 10 Sep 2003 19:37:11 -0700 (PDT) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.9/8.12.9/Submit) id h8B2bBsm064000 for ietf-smime-bks; Wed, 10 Sep 2003 19:37:11 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from sottmxssm.entrust.com (sottmxssm.entrust.com [216.191.252.10]) by above.proper.com (8.12.9/8.12.8) with ESMTP id h8B2bAeo063987 for <ietf-smime@imc.org>; Wed, 10 Sep 2003 19:37:11 -0700 (PDT) (envelope-from Darrell.Dykstra@entrust.com)
Received: from sottguard01.entrust.com (sottguard01.entrust.com [10.4.61.249]) by sottmxssm.entrust.com (Switch-2.2.6/Switch-2.2.4) with SMTP id V8B20X9U05053 for <ietf-smime@imc.org>; Wed, 10 Sep 2003 22:33:09 -0400
Received: (qmail 23371 invoked by uid 64014); 11 Sep 2003 02:28:24 -0000
Received: from Darrell.Dykstra@entrust.com by sottguard01.entrust.com with AmikaGuardian-Server-1.1.2 (Processed in 0.41397 secs); 11 Sep 2003 02:28:24 -0000
Received: from unknown (HELO SOTTMXS01.entrust.com) (10.4.61.7) by sottguard01.entrust.com with SMTP; 11 Sep 2003 02:28:23 -0000
Received: by sottmxs01.entrust.com with Internet Mail Service (5.5.2656.59) id <SSY4JYLL>; Wed, 10 Sep 2003 22:37:06 -0400
Message-ID: <BFB44293CE13C9419B7AFE7CBC35B939042B8420@sottmxs08.entrust.com>
From: Darrell Dykstra <Darrell.Dykstra@entrust.com>
To: 'Russ Housley' <housley@vigilsec.com>, ietf-smime@imc.org
Subject: RE: Determining if a message has multiple layers without processi ng any of them
Date: Wed, 10 Sep 2003 22:37:06 -0400
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2656.59)
Content-Type: text/plain
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
Russ, Any reply helps, as it opens up valuable discussion on how various implementers use the standard. In my case, I was looking for a MIME parameter to identify cryptographic message construction beyond the outermost layer. Such a mechanism would permit software to distinguish, for example, encrypted messages from signed then encrypted messages, without having to do any expensive cryptographic processing (and without having to transfer the cryptographic attachment from a remote folder). I guess what I was hoping for was an smime-type value that could represent multiple S/MIME layers. ContentHint doesn't meet the requirements as it is a signedAttribute and would require at least some cryptographic processing to obtain. Furthermore, a signedAttribute does not help in the case where the outer layer is an encryption layer. Adding an extra outer signature layer for the sake of including a ContentHint may be prohibitive with respect to overall message size. I do appreciate the response. Thank you. Darrell -----Original Message----- From: Russ Housley [mailto:housley@vigilsec.com] Sent: Wednesday, September 10, 2003 4:38 PM To: Darrell.Dykstra@entrust.com; ietf-smime@imc.org Subject: RE: Determining if a message has multiple layers without processing any of them Darrell: Please take a look at RFC 2634, section 2.9. The outer-most CMS wrapper should tell what content type is contained in the inner-most wrapper. Does this help, even though it is much delayed? Russ -----Original Message----- From: owner-ietf-smime@mail.imc.org [mailto:owner-ietf-smime@mail.imc.org] Sent: Saturday, June 14, 2003 7:43 AM To: 'ietf-smime@imc.org' Subject: Determining if a message has multiple layers without processing any of them Hello, I am currently attempting to determine if there is anything in the S/MIME standard that would allow me to determine if a message was, for example, signed then encrypted, without processing any of the security layers. My understanding of the smime-type parameter is that it only applies to the current layer of security, so for example, a message that was signed and then encrypted will have an outer smime-type of enveloped-data with no clue that there is a signature layer within. Any insight into this is much appreciated. Thanks, Darrell
- RE: Determining if a message has multiple layers … Darrell Dykstra