During Work

Hi there, I hate to be the one but when people continue to talk about your weight issue, we'll it just disgusts me. Whether you know it by now, people are always chattering about one another at work but you come up more than enough. I wasn't the happiest or best fit up until a year ago or so but that changed. Thanks to my dam brother-in-law. Anyhow, it was for the best. What I am saying is you need to do something and I was saved a year ago and maybe I can make the same difference. Try this stuff out, I took it on the idea it's just more junk but it worked great. I see more positive reviews on it nowadays and makes me feel even better. So, I am encouraging a change, not only in the chatter around here but in you personally.

-Anonymous for now (using an anonymous email website to send this btw)
When it helps/works just send a memo with the name "Angel" in it. Then you can take me out to lunch to thank you.

WebSite---celefbriingo.com

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1QNdYJP012908 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 26 Feb 2007 16:39:34 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1QNdYR5012907; Mon, 26 Feb 2007 16:39:34 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from ns3.neustar.com (ns3.neustar.com [156.154.24.138]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1QNdVFo012900 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Mon, 26 Feb 2007 16:39:34 -0700 (MST) (envelope-from ietf@ietf.org)
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns3.neustar.com (Postfix) with ESMTP id 00151175EB; Mon, 26 Feb 2007 23:39:30 +0000 (GMT)
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HLpRK-0008Mo-Np; Mon, 26 Feb 2007 18:39:30 -0500
X-test-idtracker: no
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>, smime mailing list <ietf-smime@imc.org>, smime chair <smime-chairs@tools.ietf.org>
Subject: Protocol Action: 'Cryptographic Message Syntax (CMS)  Multiple Signer Clarification' to Proposed Standard 
Message-Id: <E1HLpRK-0008Mo-Np@stiedprstage1.ietf.org>
Date: Mon, 26 Feb 2007 18:39:30 -0500
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

The IESG has approved the following document:

- 'Cryptographic Message Syntax (CMS) Multiple Signer Clarification '
   <draft-ietf-smime-cms-mult-sign-03.txt> as a Proposed Standard

This document is the product of the S/MIME Mail Security Working Group. 

The IESG contact persons are Sam Hartman and Russ Housley.

A URL of this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt

Technical Summary

   This document clarifies the proper recipient handling of the
   SignedData content type when more than one digital signature is
   present. This draft updates RFC 3852.

Working Group Summary

   There was consensus to publish this within the WG.  One person
   raised two last call comments in IETF last call.  The first issue
   concerned how to handle signatures from different signers.  This
   issue was addressed.  The second issue proposed expanding the scope
   of the document to give more guidance on verifying signatures.
   This was discussed by the WG before the document was forwarded;
   there was no consensus to expand the scope in this way.

Protocol Quality

   This document has been reviewed by Sam Hartman for the IESG.

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1FHnqIg074182 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Feb 2007 10:49:52 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1FHnq8p074181; Thu, 15 Feb 2007 10:49:52 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp101.biz.mail.re2.yahoo.com (smtp101.biz.mail.re2.yahoo.com [68.142.229.215]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1FHnoaV074167 for <ietf-smime@imc.org>; Thu, 15 Feb 2007 10:49:50 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 9559 invoked from network); 15 Feb 2007 17:49:46 -0000
Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.96.134 with login) by smtp101.biz.mail.re2.yahoo.com with SMTP; 15 Feb 2007 17:49:46 -0000
X-YMail-OSG: w8Rs7fsVM1nHy6xOsKBlKvgYbeEDlIafzBirU0vMLdf2dZ70bkwiRuQpn0iAectSHP6QnnrOscR3P98dwMMMjzLE_7z.ATtTEHKve2NwKklV08nXoLT5tx2WPhDMBImSUkbIDLR3lT7Piw--
Reply-To: <turners@ieca.com>
From: "Turner, Sean P." <turners@ieca.com>
To: <ietf-smime@imc.org>
Subject: IETF 68 Agenda Topics
Date: Thu, 15 Feb 2007 12:49:27 -0500
Organization: IECA, Inc.
Message-ID: <002501c75129$a345d440$0301a8c0@Wylie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: AcdRKaL3jLA+kak8RBisLj3y5fPIWw==
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

All,

We've got a one hour slot scheduled and here is a proposed agenda.  If
anybody has any ideas for topics to add please let me know:

Agenda Bashing (All)
WG Status (Sean)
 symkeydist
 esscertid
 cmsmultisign
 IBE drafts
Authenticated Enveloped Data (Russ)
AES-CCM and AES-GCM (Russ)
Multiple Signatures (Jim/Sean)
Wrap Up (Sean)

spt

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1F144A7000973 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 18:04:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1F144X4000972; Wed, 14 Feb 2007 18:04:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp106.biz.mail.re2.yahoo.com (smtp106.biz.mail.re2.yahoo.com [206.190.52.175]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1F142PE000957 for <ietf-smime@imc.org>; Wed, 14 Feb 2007 18:04:03 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 99585 invoked from network); 15 Feb 2007 01:03:57 -0000
Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.96.134 with login) by smtp106.biz.mail.re2.yahoo.com with SMTP; 15 Feb 2007 01:03:56 -0000
X-YMail-OSG: 14_ffrYVM1k10mu_v7qSW2CYOjmZfYeuN3YtIFVeJlTD7Hae5j.j3uXLqMRuxG8xzUr6Yqy3_J1sqY8_hXuPutAQnay3w44JYijLKppfCX7xBvwrmzhviF2x1R0xWDFH8aQbN4FMBdHldHI-
Reply-To: <turners@ieca.com>
From: "Turner, Sean P." <turners@ieca.com>
To: <ietf-smime@imc.org>
Subject: draft-ietf-smime-cms-mult-sign-03.txt 
Date: Wed, 14 Feb 2007 20:03:45 -0500
Organization: IECA, Inc.
Message-ID: <009c01c7509d$2460a6f0$0301a8c0@Wylie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
Thread-Index: AcdQebwTG54GZrLfRiCq6V3n2qBojQAAxuFw
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

All,

A new version of the CMS Multiple Signer Clarification ID has been posted to
address a comment raised during IETF Last Call.  Please review and provide
any comments by 20 Feb 5pm EST.

The new draft can be found at:

http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt

spt

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo5XH084046 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 13:50:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1EKo56v084044; Wed, 14 Feb 2007 13:50:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from ns1.neustar.com (ns1.neustar.com [156.154.16.138]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo33Q084025 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 13:50:05 -0700 (MST) (envelope-from ietf@ietf.org)
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns1.neustar.com (Postfix) with ESMTP id 1C9C926F10; Wed, 14 Feb 2007 20:50:03 +0000 (GMT)
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HHR4k-0004Kx-Ip; Wed, 14 Feb 2007 15:50:02 -0500
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ietf-smime@imc.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-02.txt 
Message-Id: <E1HHR4k-0004Kx-Ip@stiedprstage1.ietf.org>
Date: Wed, 14 Feb 2007 15:50:02 -0500
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

--NextPart

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the S/MIME Mail Security Working Group of the IETF.

	Title		: Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type
	Author(s)	: R. Housley
	Filename	: draft-ietf-smime-cms-auth-enveloped-02.txt
	Pages		: 10
	Date		: 2007-2-14

This document describes an additional content type for the
   Cryptographic Message Syntax (CMS).  The authenticated-enveloped-data
   content type is intended for use with authenticated encryption modes.
   All of the various key management techniques that are supported in
   the CMS enveloped-data content type are also supported by the CMS
   authenticated-enveloped-data content type.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-auth-enveloped-02.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request@ietf.org with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then 
"get draft-ietf-smime-cms-auth-enveloped-02.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
	mailserv@ietf.org.
In the body type:
	"FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-02.txt".

NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"

--OtherAccess
Content-Type: Message/External-body;
	access-type="mail-server";
	server="mailserv@ietf.org"

Content-Type: text/plain
Content-ID:	<2007-2-14134555.I-D@ietf.org>

ENCODING mime
FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-02.txt

--OtherAccess
Content-Type: Message/External-body;
	name="draft-ietf-smime-cms-auth-enveloped-02.txt";
	site="ftp.ietf.org";
	access-type="anon-ftp";
	directory="internet-drafts"

Content-Type: text/plain
Content-ID:	<2007-2-14134555.I-D@ietf.org>

--OtherAccess--

--NextPart--

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo4Kg084032 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 13:50:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1EKo4Oj084031; Wed, 14 Feb 2007 13:50:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from ns0.neustar.com (ns0.neustar.com [156.154.16.158]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo2eH084024 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 13:50:03 -0700 (MST) (envelope-from ietf@ietf.org)
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns0.neustar.com (Postfix) with ESMTP id A39A532925; Wed, 14 Feb 2007 20:50:02 +0000 (GMT)
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HHR4k-0004Kq-HL; Wed, 14 Feb 2007 15:50:02 -0500
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
Cc: ietf-smime@imc.org
From: Internet-Drafts@ietf.org
Subject: I-D ACTION:draft-ietf-smime-cms-mult-sign-03.txt 
Message-Id: <E1HHR4k-0004Kq-HL@stiedprstage1.ietf.org>
Date: Wed, 14 Feb 2007 15:50:02 -0500
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

--NextPart

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the S/MIME Mail Security Working Group of the IETF.

	Title		: Cryptographic Message Syntax (CMS) Multiple Signer Clarification
	Author(s)	: R. Housley
	Filename	: draft-ietf-smime-cms-mult-sign-03.txt
	Pages		: 5
	Date		: 2007-2-14

This document updates the Cryptographic Message Syntax (CMS), which
   is published in RFC 3852.  This document clarifies the proper
   handling of the SignedData protected content type when more than one
   digital signature is present.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request@ietf.org with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then 
"get draft-ietf-smime-cms-mult-sign-03.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
	mailserv@ietf.org.
In the body type:
	"FILE /internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt".

NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"

--OtherAccess
Content-Type: Message/External-body;
	access-type="mail-server";
	server="mailserv@ietf.org"

Content-Type: text/plain
Content-ID:	<2007-2-14133704.I-D@ietf.org>

ENCODING mime
FILE /internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt

--OtherAccess
Content-Type: Message/External-body;
	name="draft-ietf-smime-cms-mult-sign-03.txt";
	site="ftp.ietf.org";
	access-type="anon-ftp";
	directory="internet-drafts"

Content-Type: text/plain
Content-ID:	<2007-2-14133704.I-D@ietf.org>

--OtherAccess--

--NextPart--

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EB9dTj031534 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 04:09:39 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1EB9dki031533; Wed, 14 Feb 2007 04:09:39 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from foon.sendmail.com (smtp-out.sendmail.com [209.246.26.45]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EB9bYZ031526 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 04:09:38 -0700 (MST) (envelope-from blake@sendmail.com)
Received: from [192.168.0.4] (gtec136-m.isomedia.com [207.115.67.136] (may be forged)) (authenticated bits=0) by foon.sendmail.com (Switch-3.2.5/Switch-3.2.0) with ESMTP id l1EB9SFR005156 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 03:09:34 -0800
X-DKIM: Sendmail DKIM Filter v0.5.1 foon.sendmail.com l1EB9SFR005156
DKIM-Signature: a=rsa-sha1; c=relaxed/simple; d=sendmail.com; s=tls.dkim; t=1171451375; bh=Y/1i71/fHHQbQGlVVeK/rGo6DH4=; h=X-DomainKeys: DomainKey-Signature:Message-ID:Date:From:User-Agent:MIME-Version: To:Subject:Content-Type:Content-Transfer-Encoding; b=hBI4Bp+dkTS52+ 2PwEVwewaRZnvjegXDf2mBN/+vH2joTtncQghybHbXmiDZMgrHkfhHlIuU+Sbf2C6nG l6BIfkqseqHo9N0S+huos3RCfxFP5Y8pq1yIzgV+Oc1DLKOhfM1zcw3z6jsdeCmrg4Z 0rg7YicVu6p8eUswCNk6OYY=
X-DomainKeys: Sendmail DomainKeys Filter v0.4.1 foon.sendmail.com l1EB9SFR005156
DomainKey-Signature: a=rsa-sha1; s=tls; d=sendmail.com; c=nofws; q=dns; h=message-id:date:from:user-agent:mime-version:to:subject: content-type:content-transfer-encoding; b=a4RCDE5H1O7mgvK0hVaVrxxPuH3yb8m8vtRyBVu5URvi+cCdnATEBFEFpdvwXHddH HG1j6KRoCZj08S2y2OqRebBnETMvP73XM5i+xuMdwDgpY8WmnHo4XaDvDpQntHtDREa 94SwyfijDPdUDjfMTBFkoIHCGAZJPG0eK9fv6iU=
Message-ID: <45D2EDE6.20206@sendmail.com>
Date: Wed, 14 Feb 2007 03:09:26 -0800
From: Blake Ramsdell <blake@sendmail.com>
User-Agent: Thunderbird 1.5.0.9 (Macintosh/20061207)
MIME-Version: 1.0
To: ietf-smime@imc.org
Subject: IBE drafts WG last call extended to 2/16
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

I'm extending the WG last call for draft-ietf-smime-bfibecms and 
draft-ietf-smime-ibearch until Friday, 2/16, due to the unfortunate 
collision with the RSA conference.

I'm a little nervous that there hasn't been any discussion about these 
during last call. I explained to Mark that this either represents a) 
perfection, or b) a lack of review. I'm all for a), but I fear it's b).

Can I get some amount of noise from anyone who has done a review of 
these drafts? I know we took a poll at the WG meeting in San Diego, and 
there were several people who intended to take a look. Just a "hey, I 
took a look, and these are the nicest drafts I've ever seen" would 
certainly make me feel better.

And certainly if you intended to look at the drafts, you've got some 
extra time now.

Blake
-- 
Blake Ramsdell | Sendmail, Inc. | http://www.sendmail.com

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DLi2jO075823 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 14:44:02 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DLi26w075822; Tue, 13 Feb 2007 14:44:02 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from woodstock.binhost.com (woodstock.binhost.com [66.150.120.2]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DLi0Nh075802 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 14:44:01 -0700 (MST) (envelope-from housley@vigilsec.com)
Message-Id: <200702132144.l1DLi0Nh075802@balder-227.proper.com>
Received: (qmail 17221 invoked by uid 0); 13 Feb 2007 21:43:54 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.224.157) by woodstock.binhost.com with SMTP; 13 Feb 2007 21:43:54 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 13 Feb 2007 16:43:57 -0500
To: turners@ieca.com
From: Russ Housley <housley@vigilsec.com>
Subject: RE: I-D ACTION:draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt 
Cc: ietf-smime@imc.org
In-Reply-To: <00a401c74fad$781c8520$0301a8c0@Wylie>
References: <E1H9677-00081i-UI@stiedprstage1.ietf.org> <00a401c74fad$781c8520$0301a8c0@Wylie>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Sean:

>Minor nits (and maybe showing my lack of understanding):
>
>Sections 1.4 and 1.5 refer to the outputs as a ciphertext and an
>authentication tag.  Can we add the following parenthetical to the 1st
>sentence of the last para in 3 to tie the two paras together?: ... "for the
>AuthEnvelopedData mac field (i.e., the authentication tag)."  The
>authentication tag is referred to in AuthEnvelopedData ID.

I changed the algorithm descriptions in 1.4 and 1.5 to provide the 
linkage.   It now says:

AES-CCM/AES-GCM generates two outputs: a ciphertext and message 
authentication code (also called an authentication tag).

>Also 1.4 and 1.5 say there are four inputs to the process and the last para
>of 2.2 of the AuthEvelopedData ID says there's 3.  There's no reference to
>the nonce. Is the nonce just part of the random content encryption key?

AES-CCM and AES-GCM require a nonce.  This is carried in an algorithm 
parameter, so it is not really described in the AuthEnvelopedData 
document.  If one was to turn AES Key Wrap into an authenticated 
encryption mode, it would not need such a nonce.

I have added the missing piece of information to the 3rd paragraph of 
sections 1.4 and 1.5, which now read:

The nonce is generated by the party performing the authenticated 
encryption operation.  Within the scope of any 
authenticated-encryption key, the nonce value MUST be unique.  That 
is, the set of nonce values used with any given key MUST NOT contain 
any duplicate values.  Using the same nonce for two different 
messages encrypted with the same key destroys the security properties.

Russ

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DKSLjS070474 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 13:28:21 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DKSLxf070473; Tue, 13 Feb 2007 13:28:21 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp101.biz.mail.re2.yahoo.com (smtp101.biz.mail.re2.yahoo.com [68.142.229.215]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DKSI8t070466 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 13:28:20 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 21723 invoked from network); 13 Feb 2007 20:28:16 -0000
Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.70.186 with login) by smtp101.biz.mail.re2.yahoo.com with SMTP; 13 Feb 2007 20:28:16 -0000
X-YMail-OSG: rjtnoRoVM1kCBCuM3u2wDCmCT4H2FwmDVAGO5rCrih0hzfkRoFs5l3pzBMa32Hl.sLrmprTVTxbM1bXh0u2l4W03yvvowP4KzoyUyQ5wPuwTDNdbJ8xaxf16YboRp8h.ooBqTOmcSgQbcMtGPRtZQSOIS6CQPAQH5brkJTZr.u3FBn.dS1f.d1M9jJK_
Reply-To: <turners@ieca.com>
From: "Turner, Sean P." <turners@ieca.com>
To: <ietf-smime@imc.org>
Subject: RE: I-D ACTION:draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt 
Date: Tue, 13 Feb 2007 15:28:03 -0500
Organization: IECA, Inc.
Message-ID: <00a401c74fad$781c8520$0301a8c0@Wylie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <E1H9677-00081i-UI@stiedprstage1.ietf.org>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
Thread-Index: Acc+asB5PqHi4E4WRaaJfzrNJrw8SgRPeo8w
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Russ,

Minor nits (and maybe showing my lack of understanding):

Sections 1.4 and 1.5 refer to the outputs as a ciphertext and an
authentication tag.  Can we add the following parenthetical to the 1st
sentence of the last para in 3 to tie the two paras together?: ... "for the
AuthEnvelopedData mac field (i.e., the authentication tag)."  The
authentication tag is referred to in AuthEnvelopedData ID.

Also 1.4 and 1.5 say there are four inputs to the process and the last para
of 2.2 of the AuthEvelopedData ID says there's 3.  There's no reference to
the nonce. Is the nonce just part of the random content encryption key?

spt

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DJi5PA067416 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 12:44:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DJi5gX067415; Tue, 13 Feb 2007 12:44:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp105.biz.mail.re2.yahoo.com (smtp105.biz.mail.re2.yahoo.com [206.190.52.174]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DJi3vg067409 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 12:44:04 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 81903 invoked from network); 13 Feb 2007 19:43:59 -0000
Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.70.186 with login) by smtp105.biz.mail.re2.yahoo.com with SMTP; 13 Feb 2007 19:43:59 -0000
X-YMail-OSG: n3cGdhwVM1nIKrCTXCDiWMg.UjzsAorzMtH5Ta2vU5ZjfqhFY5j4alMBqgytqujdK589B6G2i5IhoKnuItBeyFkwgPzjVwEAQ1BjhuvqvHtpKLgOo8tn0dc3mG.HxyPTsx72XC.W_M3dmcMm7YYEMF6n8VU_6MGLcIuK08isBGilpWA7sgzHqzohAJt6
Reply-To: <turners@ieca.com>
From: "Turner, Sean P." <turners@ieca.com>
To: "'Russ Housley'" <housley@vigilsec.com>
Cc: <ietf-smime@imc.org>
Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt 
Date: Tue, 13 Feb 2007 14:43:48 -0500
Organization: IECA, Inc.
Message-ID: <009201c74fa7$4803f4a0$0301a8c0@Wylie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
In-Reply-To: <200702131755.l1DHtmor059985@balder-227.proper.com>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
Thread-Index: AcdPm/Orl1DYqQ5OSoqCK/RZTG6FbgACeKCg
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Okay the oid in AuthEnvelopedData EncryptedContentInfo
contentEncryptionAlgorithm field is all encompassing.

> -----Original Message-----
> From: owner-ietf-smime@mail.imc.org 
> [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Russ Housley
> Sent: Tuesday, February 13, 2007 12:56 PM
> To: turners@ieca.com
> Cc: ietf-smime@imc.org
> Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt 
> 
> 
> Sean:
> 
> >Two comments/questions:
> >
> >Sec 2.1: Don't we need an algorithm identifier for the mac algorithm?
> 
> No.  Authenticated encryption provides both.  Please see 
> draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt to see two examples.
> 
> >Sec 2.1: Since the mac description says a digest is not used 
> should we 
> >say in the authAttrs description that the message digest 
> attribute must 
> >not be included if authenticated attributes are included 
> (9.1 requires 
> >message digest if authenticated attributes are used)?
> 
> Yes.  That is a good improvement.
> 
> Russ
> 
> 

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DHtoM5059992 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 10:55:50 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DHtoBc059991; Tue, 13 Feb 2007 10:55:50 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from woodstock.binhost.com (woodstock.binhost.com [66.150.120.2]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DHtmor059985 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 10:55:49 -0700 (MST) (envelope-from housley@vigilsec.com)
Message-Id: <200702131755.l1DHtmor059985@balder-227.proper.com>
Received: (qmail 23747 invoked by uid 0); 13 Feb 2007 17:55:39 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.224.157) by woodstock.binhost.com with SMTP; 13 Feb 2007 17:55:39 -0000
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Tue, 13 Feb 2007 12:55:40 -0500
To: turners@ieca.com
From: Russ Housley <housley@vigilsec.com>
Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt 
Cc: ietf-smime@imc.org
In-Reply-To: <000001c74f16$40a071c0$0301a8c0@Wylie>
References: <E1HBzvW-0008He-45@stiedprstage1.ietf.org> <000001c74f16$40a071c0$0301a8c0@Wylie>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Sean:

>Two comments/questions:
>
>Sec 2.1: Don't we need an algorithm identifier for the mac algorithm?

No.  Authenticated encryption provides both.  Please see
draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt to see two examples.

>Sec 2.1: Since the mac description says a digest is not used should we say
>in the authAttrs description that the message digest attribute must not be
>included if authenticated attributes are included (9.1 requires message
>digest if authenticated attributes are used)?

Yes.  That is a good improvement.

Russ

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1D2PpaY090380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Feb 2007 19:25:51 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1D2Pp62090378; Mon, 12 Feb 2007 19:25:51 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp106.biz.mail.re2.yahoo.com (smtp106.biz.mail.re2.yahoo.com [206.190.52.175]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1D2PoUu090371 for <ietf-smime@imc.org>; Mon, 12 Feb 2007 19:25:51 -0700 (MST) (envelope-from turners@ieca.com)
Received: (qmail 21490 invoked from network); 13 Feb 2007 02:25:46 -0000
Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.70.186 with login) by smtp106.biz.mail.re2.yahoo.com with SMTP; 13 Feb 2007 02:25:45 -0000
X-YMail-OSG: 6Y2Mpv8VM1mo7SzfrnInHA7cusH1KzEtTWGTwhQiyoR2Dmz6S0n1lXw1lPuV_azeh.RUNIGzsmMGvoPxzuowckaCz1XyLOYQGctnUQbdFlOvKlAiNrxAaLxcBYJ2pviu7P4vu.2RTJvdwkGmco1sAQqk8Qe5YtCjXqKBFOhkroF1MJLvKvDHraG80gTP
Reply-To: <turners@ieca.com>
From: "Turner, Sean P." <turners@ieca.com>
To: <ietf-smime@imc.org>
Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt 
Date: Mon, 12 Feb 2007 21:25:38 -0500
Organization: IECA, Inc.
Message-ID: <000001c74f16$40a071c0$0301a8c0@Wylie>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Office Outlook 11
Thread-Index: AcdHqP9/SKfR5V3+QgGo2OZNcH9z+QHa7qhg
In-Reply-To: <E1HBzvW-0008He-45@stiedprstage1.ietf.org>
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Russ,

Two comments/questions:

Sec 2.1: Don't we need an algorithm identifier for the mac algorithm?

Sec 2.1: Since the mac description says a digest is not used should we say
in the authAttrs description that the message digest attribute must not be
included if authenticated attributes are included (9.1 requires message
digest if authenticated attributes are used)?

spt

-----Original Message-----
From: owner-ietf-smime@mail.imc.org [mailto:owner-ietf-smime@mail.imc.org]
On Behalf Of Internet-Drafts@ietf.org
Sent: Tuesday, January 30, 2007 3:50 PM
To: i-d-announce@ietf.org
Cc: ietf-smime@imc.org
Subject: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt 

A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the S/MIME Mail Security Working Group of the
IETF.

	Title		: The CMS AuthEnvelopedData Content Type
	Author(s)	: R. Housley
	Filename	: draft-ietf-smime-cms-auth-enveloped-01.txt
	Pages		: 10
	Date		: 2007-1-30

This document describes an additional content type for the
   Cryptographic Message Syntax (CMS).  The authenticated-enveloped-data
   content type is intended for use with authenticated encryption modes.
   All of the various key management techniques that are supported in
   the CMS enveloped-data content type are also supported by the CMS
   authenticated-enveloped-data content type.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.t
xt

To remove yourself from the I-D Announcement list, send a message to
i-d-announce-request@ietf.org with the word unsubscribe in the body of the
message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the username
"anonymous" and a password of your e-mail address. After logging in, type
"cd internet-drafts" and then "get
draft-ietf-smime-cms-auth-enveloped-01.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
	mailserv@ietf.org.
In the body type:
	"FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt".

NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l13F5bHb016872 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 3 Feb 2007 08:05:37 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l13F5bSS016871; Sat, 3 Feb 2007 08:05:37 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from people.com.cn ([202.99.23.227]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l13F5ZTh016863 for <ietf-smime@imc.org>; Sat, 3 Feb 2007 08:05:36 -0700 (MST) (envelope-from Internet-Drafts@ietf.org)
Received: from people.com.cn([127.0.0.1]) by people.com.cn(AIMC 2.9.5.8) with SMTP id jm445c4ed0f; Sat, 03 Feb 2007 23:15:42 +0800
Received: from people.com.cn([127.0.0.1]) by people.com.cn(AIMC 2.9.5.8) with SMTP id jmd45c007bc; Wed, 31 Jan 2007 05:14:52 +0800
Received: from megatron.ietf.org([127.0.0.1]) by people.com.cn(AIMC 2.9.5.8) with SMTP id jm2345bff5e5; Wed, 31 Jan 2007 05:14:49 +0800
Received: from megatron.ietf.org([156.154.16.145]) by people.com.cn(AIMC 2.9.5.8) with SMTP id AISP action; Wed, 31 Jan 2007 05:14:49 +0800
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBzva-000346-4V; Tue, 30 Jan 2007 15:50:06 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBzvW-00033r-Pv for i-d-announce@ietf.org; Tue, 30 Jan 2007 15:50:02 -0500
Received: from ns1.neustar.com ([2001:503:c779:1a::9c9a:108a]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HBzvW-0006c2-Fl for i-d-announce@ietf.org; Tue, 30 Jan 2007 15:50:02 -0500
Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns1.neustar.com (Postfix) with ESMTP id 3AF1126E69; Tue, 30 Jan 2007 20:50:02 +0000 (GMT)
Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HBzvW-0008He-45; Tue, 30 Jan 2007 15:50:02 -0500
Content-Type: Multipart/Mixed; Boundary="NextPart"
Mime-Version: 1.0
To: i-d-announce@ietf.org
From: Internet-Drafts@ietf.org
Message-Id: <E1HBzvW-0008He-45@stiedprstage1.ietf.org>
Date: Tue, 30 Jan 2007 15:50:02 -0500
X-Spam-Score: -2.5 (--)
X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b
Cc: ietf-smime@imc.org
Subject: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt 
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.5
Reply-To: internet-drafts@ietf.org
List-Id: i-d-announce.ietf.org
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/i-d-announce>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-AIMC-AUTH: (null)
X-AIMC-MAILFROM: i-d-announce-bounces@ietf.org
X-AIMC-AUTH: (null)
X-AIMC-MAILFROM: i-d-announce-bounces@ietf.org
X-AIMC-AUTH: (null)
X-AIMC-MAILFROM: Internet-Drafts@ietf.org
X-Auto-Forward: jaglee@people.com.cn jag@kw.com.cn
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

--NextPart

A New Internet-Draft is available from the on-line Internet-Drafts 
directories.
This draft is a work item of the S/MIME Mail Security Working Group of the IETF.

	Title		: The CMS AuthEnvelopedData Content Type
	Author(s)	: R. Housley
	Filename	: draft-ietf-smime-cms-auth-enveloped-01.txt
	Pages		: 10
	Date		: 2007-1-30

This document describes an additional content type for the
   Cryptographic Message Syntax (CMS).  The authenticated-enveloped-data
   content type is intended for use with authenticated encryption modes.
   All of the various key management techniques that are supported in
   the CMS enveloped-data content type are also supported by the CMS
   authenticated-enveloped-data content type.

A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt

To remove yourself from the I-D Announcement list, send a message to 
i-d-announce-request@ietf.org with the word unsubscribe in the body of 
the message. 
You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce 
to change your subscription settings.

Internet-Drafts are also available by anonymous FTP. Login with the 
username "anonymous" and a password of your e-mail address. After 
logging in, type "cd internet-drafts" and then 
"get draft-ietf-smime-cms-auth-enveloped-01.txt".

A list of Internet-Drafts directories can be found in
http://www.ietf.org/shadow.html 
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt

Internet-Drafts can also be obtained by e-mail.

Send a message to:
	mailserv@ietf.org.
In the body type:
	"FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt".

NOTE:	The mail server at ietf.org can return the document in
	MIME-encoded form by using the "mpack" utility.  To use this
	feature, insert the command "ENCODING mime" before the "FILE"
	command.  To decode the response(s), you will need "munpack" or
	a MIME-compliant mail reader.  Different MIME-compliant mail readers
	exhibit different behavior, especially when dealing with
	"multipart" MIME messages (i.e. documents which have been split
	up into multiple messages), so check your local documentation on
	how to manipulate these messages.

Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.

--NextPart
Content-Type: Multipart/Alternative; Boundary="OtherAccess"

--OtherAccess
Content-Type: Message/External-body; access-type="mail-server";
	server="mailserv@ietf.org"

Content-Type: text/plain
Content-ID: <2007-1-30102244.I-D@ietf.org>

ENCODING mime
FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt

--OtherAccess
Content-Type: Message/External-body;
	name="draft-ietf-smime-cms-auth-enveloped-01.txt";
	site="ftp.ietf.org"; access-type="anon-ftp";
	directory="internet-drafts"

Content-Type: text/plain
Content-ID: <2007-1-30102244.I-D@ietf.org>

--OtherAccess--

--NextPart
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
I-D-Announce mailing list
I-D-Announce@ietf.org
https://www1.ietf.org/mailman/listinfo/i-d-announce

--NextPart--

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1223rl8054779 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Feb 2007 19:03:53 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1223r0E054778; Thu, 1 Feb 2007 19:03:53 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from smtp02.bis.eu.blackberry.com (smtp02.bis.eu.blackberry.com [216.9.253.49]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1223pnh054765 for <ietf-smime@imc.org>; Thu, 1 Feb 2007 19:03:52 -0700 (MST) (envelope-from christinekarman@mobileemail.vodafone.nl)
Message-ID: <11606577-1170381830-cardhu_blackberry.rim.net-12810-@engine40-cell01.bwc.produk.on.blackberry>
Reply-To: christine@izecom.com
References: <198A730C2044DE4A96749D13E167AD37010D3989@MOU1WNEXMB04.vcorp.ad.vrsn.com> <008901c7462e$5b2834b0$82c5a8c0@arport2v>
In-Reply-To: <008901c7462e$5b2834b0$82c5a8c0@arport2v>
Sensitivity: Normal
Importance: Normal
To: "Anders Rundgren" <anders.rundgren@telia.com>, owner-ietf-smime@mail.imc.org, "Hallam-Baker, Phillip" <pbaker@verisign.com>, ietf-smime@imc.org
Subject: Re: Goal for S/MIME 2007?
From: "Christine Karman" <christine@izecom.com>
Date: Fri, 2 Feb 2007 02:03:11 +0000 GMT
Content-type: text/plain
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from base64 to 8bit by balder-227.proper.com id l1223qnh054768
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

Anders,
For secure portable storage of your keys, you can use a USB token. We use them, works very well. For public keys there are other solutions that work.

Christine

---
www.izecom.com

-----Original Message-----
From: "Anders Rundgren" <anders.rundgren@telia.com>
Date: Thu, 1 Feb 2007 19:25:29 
To:"Hallam-Baker, Phillip" <pbaker@verisign.com>, <ietf-smime@imc.org>
Subject: Re: Goal for S/MIME 2007?

"If we can persuade the people deploying DKIM at the client"

Putting DKIM in the client is IMHO not the right medicine.  Any scheme that
requires locally stored keys essentially suffer from the same basic problem;
that we [still] have no [reasonable] mechanism for carrying such keys.

"dependable transactional signatures"

Transactions are typically performed by transaction systems.  Due to this, I
cannot really see that S/MIME will play an important role in a future IT
landscape.

"I don't want to make S/MIME looser"

Neithe do I but  it is enough that a message from john@example.com
is really coming from the example.com domain and is encrypted during its
transport to the reveiver domain.  Well, this probably only caters for some
99.9% of all use-cases, but for most people that is "good-enough".  If a
0.1% "market-share" will keep S/MIME alive and kicking is yet to see.
I would not bet on it at least.

Anders R

----- Original Message -----
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: "Anders Rundgren" <anders.rundgren@telia.com>; <ietf-smime@imc.org>
Sent: Friday, January 26, 2007 03:52
Subject: RE: Goal for S/MIME 2007?

I think that in order to address that particular market we would have to spend a lot of time re-engineering S/MIME to be less
strict.

I don't want to make S/MIME looser. I want to work out a way to get people signing and encrypting their email. I don't particularly
care what technology they use to do that.

S/MIME implementations lack a small amount of glue to make them more usable. If we can persuade the people deploying DKIM at the
client end to add those small necessary pieces of glue to make the user experience seamless we end up with the best of both worlds,
ubiquitous lightweight signatures, dependable transactional signatures and message encryption.

> -----Original Message-----
> From: owner-ietf-smime@mail.imc.org
> [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Anders Rundgren
> Sent: Thursday, January 25, 2007 4:31 PM
> To: ietf-smime@imc.org
> Subject: Re: Goal for S/MIME 2007?
>
>
> In theory S/MIME could be one "cure" against spam, viruses
> and phishing.
>
> There are at least two things making this stay as "theory".
>
> 1.
> There is no S/MIME trust structure that works except rather
> locally, effectively making every person on the net a "PKI
> trust administrator".
> Although the DoD have a solution (
> http://www.certipath.com/services.htm ), few other
> organizations can spend huge amounts of tax-payer money just
> to prove that "it can be done", but are rather evaluating
> other options.
>
> 2.
> The unavailability of a cheap, mobile, secure and fully
> standardized container makes the certificate requirement a
> much too high bar.  That not even the financial sector have
> managed to deploy such schemes to more than 1-2% in spite of
> 10+ years of on-line banking is in my opinion good enough as
> a proof.  The virtual explosion of Web-mail and mobile phone
> mail, actually makes the S/MIME-card-everywhere-vision more
> distant than ever.  Well, the DoD have no problems [of
> course],
> http://www.karbonsystems.com/BlackBerry-SMIME-CAC-products_det
ail-83.html
> but who else would buy $200+ card-readers?
>
>
> It might be interesting knowing that some governments have indeed
> removed S/MIME from their C2G (Citizen-to-Government) PKI
> schemes since they have noted that the web is a more powerful way
> of delivering services as well as offering encryption for free.
>
> Regarding the failed DOMSEC experimental RFC, I believe that it
> [partly] failed because the authors did not realize that
> there already was
> a globally working PKI they should have hooked into; the web-server
> SSL PKI.  Imagine, securing an entire e-mail domain for a measly $100-
> $200 annually!  Too simple, too obvious, and too commercial I guess.
>
> AR
>
>

Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l11IQ8Qe020459 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Feb 2007 11:26:08 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l11IQ8bL020458; Thu, 1 Feb 2007 11:26:08 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f
Received: from pne-smtpout2-sn1.fre.skanova.net (pne-smtpout2-sn1.fre.skanova.net [81.228.11.159]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l11IQ7rr020452 for <ietf-smime@imc.org>; Thu, 1 Feb 2007 11:26:08 -0700 (MST) (envelope-from anders.rundgren@telia.com)
Received: from arport2v (81.233.229.21) by pne-smtpout2-sn1.fre.skanova.net (7.2.075) (authenticated as u18116613) id 45AE1F440040E0B1; Thu, 1 Feb 2007 19:25:41 +0100
Message-ID: <008901c7462e$5b2834b0$82c5a8c0@arport2v>
From: "Anders Rundgren" <anders.rundgren@telia.com>
To: "Hallam-Baker, Phillip" <pbaker@verisign.com>, <ietf-smime@imc.org>
References: <198A730C2044DE4A96749D13E167AD37010D3989@MOU1WNEXMB04.vcorp.ad.vrsn.com>
Subject: Re: Goal for S/MIME 2007?
Date: Thu, 1 Feb 2007 19:25:29 +0100
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2800.1106
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106
Sender: owner-ietf-smime@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-ID: <ietf-smime.imc.org>
List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>

"If we can persuade the people deploying DKIM at the client"

Putting DKIM in the client is IMHO not the right medicine.  Any scheme that
requires locally stored keys essentially suffer from the same basic problem;
that we [still] have no [reasonable] mechanism for carrying such keys.

"dependable transactional signatures"

Transactions are typically performed by transaction systems.  Due to this, I
cannot really see that S/MIME will play an important role in a future IT
landscape.

"I don't want to make S/MIME looser"

Neithe do I but  it is enough that a message from john@example.com
is really coming from the example.com domain and is encrypted during its
transport to the reveiver domain.  Well, this probably only caters for some
99.9% of all use-cases, but for most people that is "good-enough".  If a
0.1% "market-share" will keep S/MIME alive and kicking is yet to see.
I would not bet on it at least.

Anders R

----- Original Message -----
From: "Hallam-Baker, Phillip" <pbaker@verisign.com>
To: "Anders Rundgren" <anders.rundgren@telia.com>; <ietf-smime@imc.org>
Sent: Friday, January 26, 2007 03:52
Subject: RE: Goal for S/MIME 2007?

I think that in order to address that particular market we would have to spend a lot of time re-engineering S/MIME to be less
strict.

I don't want to make S/MIME looser. I want to work out a way to get people signing and encrypting their email. I don't particularly
care what technology they use to do that.

S/MIME implementations lack a small amount of glue to make them more usable. If we can persuade the people deploying DKIM at the
client end to add those small necessary pieces of glue to make the user experience seamless we end up with the best of both worlds,
ubiquitous lightweight signatures, dependable transactional signatures and message encryption.

> -----Original Message-----
> From: owner-ietf-smime@mail.imc.org
> [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Anders Rundgren
> Sent: Thursday, January 25, 2007 4:31 PM
> To: ietf-smime@imc.org
> Subject: Re: Goal for S/MIME 2007?
>
>
> In theory S/MIME could be one "cure" against spam, viruses
> and phishing.
>
> There are at least two things making this stay as "theory".
>
> 1.
> There is no S/MIME trust structure that works except rather
> locally, effectively making every person on the net a "PKI
> trust administrator".
> Although the DoD have a solution (
> http://www.certipath.com/services.htm ), few other
> organizations can spend huge amounts of tax-payer money just
> to prove that "it can be done", but are rather evaluating
> other options.
>
> 2.
> The unavailability of a cheap, mobile, secure and fully
> standardized container makes the certificate requirement a
> much too high bar.  That not even the financial sector have
> managed to deploy such schemes to more than 1-2% in spite of
> 10+ years of on-line banking is in my opinion good enough as
> a proof.  The virtual explosion of Web-mail and mobile phone
> mail, actually makes the S/MIME-card-everywhere-vision more
> distant than ever.  Well, the DoD have no problems [of
> course],
> http://www.karbonsystems.com/BlackBerry-SMIME-CAC-products_det
ail-83.html
> but who else would buy $200+ card-readers?
>
>
> It might be interesting knowing that some governments have indeed
> removed S/MIME from their C2G (Citizen-to-Government) PKI
> schemes since they have noted that the web is a more powerful way
> of delivering services as well as offering encryption for free.
>
> Regarding the failed DOMSEC experimental RFC, I believe that it
> [partly] failed because the authors did not realize that
> there already was
> a globally working PKI they should have hooked into; the web-server
> SSL PKI.  Imagine, securing an entire e-mail domain for a measly $100-
> $200 annually!  Too simple, too obvious, and too commercial I guess.
>
> AR
>
>