During Work
"Tyler.Thurman" <Diane_Laird@metro.net> Thu, 01 March 2007 01:03 UTC
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HMZhK-0000NN-Jy; Wed, 28 Feb 2007 20:03:06 -0500
Received: from [125.36.106.52] (helo=11763540) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1HMZeB-0005cg-8p; Wed, 28 Feb 2007 19:59:52 -0500
Received: from smtp.x066.net (helo=smtp.talon.net) by smtp2talon.nl with lsmtp (Exim 3.35 #2 (Debian)) id 1AGZO1-0000d1-00
Date: Wed, 28 Feb 2007 16:58:34 -0800
From: "Tyler.Thurman" <Diane_Laird@metro.net>
Message-Id: <7501232155.ZM374728@sgaxaf.harvard.edu>
To: uri-review-web-archive@ietf.org
Subject: During Work
In-Reply-To: "Diane_Laird@metro.net" <Diane_Laird@metro.net>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed
Hi there, I hate to be the one but when people continue to talk about your weight issue, we'll it just disgusts me. Whether you know it by now, people are always chattering about one another at work but you come up more than enough. I wasn't the happiest or best fit up until a year ago or so but that changed. Thanks to my dam brother-in-law. Anyhow, it was for the best. What I am saying is you need to do something and I was saved a year ago and maybe I can make the same difference. Try this stuff out, I took it on the idea it's just more junk but it worked great. I see more positive reviews on it nowadays and makes me feel even better. So, I am encouraging a change, not only in the chatter around here but in you personally. -Anonymous for now (using an anonymous email website to send this btw) When it helps/works just send a memo with the name "Angel" in it. Then you can take me out to lunch to thank you. WebSite---celefbriingo.com Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1QNdYJP012908 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 26 Feb 2007 16:39:34 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1QNdYR5012907; Mon, 26 Feb 2007 16:39:34 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from ns3.neustar.com (ns3.neustar.com [156.154.24.138]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1QNdVFo012900 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Mon, 26 Feb 2007 16:39:34 -0700 (MST) (envelope-from ietf@ietf.org) Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns3.neustar.com (Postfix) with ESMTP id 00151175EB; Mon, 26 Feb 2007 23:39:30 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HLpRK-0008Mo-Np; Mon, 26 Feb 2007 18:39:30 -0500 X-test-idtracker: no From: The IESG <iesg-secretary@ietf.org> To: IETF-Announce <ietf-announce@ietf.org> Cc: Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>, smime mailing list <ietf-smime@imc.org>, smime chair <smime-chairs@tools.ietf.org> Subject: Protocol Action: 'Cryptographic Message Syntax (CMS) Multiple Signer Clarification' to Proposed Standard Message-Id: <E1HLpRK-0008Mo-Np@stiedprstage1.ietf.org> Date: Mon, 26 Feb 2007 18:39:30 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> The IESG has approved the following document: - 'Cryptographic Message Syntax (CMS) Multiple Signer Clarification ' <draft-ietf-smime-cms-mult-sign-03.txt> as a Proposed Standard This document is the product of the S/MIME Mail Security Working Group. The IESG contact persons are Sam Hartman and Russ Housley. A URL of this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt Technical Summary This document clarifies the proper recipient handling of the SignedData content type when more than one digital signature is present. This draft updates RFC 3852. Working Group Summary There was consensus to publish this within the WG. One person raised two last call comments in IETF last call. The first issue concerned how to handle signatures from different signers. This issue was addressed. The second issue proposed expanding the scope of the document to give more guidance on verifying signatures. This was discussed by the WG before the document was forwarded; there was no consensus to expand the scope in this way. Protocol Quality This document has been reviewed by Sam Hartman for the IESG. Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1FHnqIg074182 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 15 Feb 2007 10:49:52 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1FHnq8p074181; Thu, 15 Feb 2007 10:49:52 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from smtp101.biz.mail.re2.yahoo.com (smtp101.biz.mail.re2.yahoo.com [68.142.229.215]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1FHnoaV074167 for <ietf-smime@imc.org>; Thu, 15 Feb 2007 10:49:50 -0700 (MST) (envelope-from turners@ieca.com) Received: (qmail 9559 invoked from network); 15 Feb 2007 17:49:46 -0000 Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.96.134 with login) by smtp101.biz.mail.re2.yahoo.com with SMTP; 15 Feb 2007 17:49:46 -0000 X-YMail-OSG: w8Rs7fsVM1nHy6xOsKBlKvgYbeEDlIafzBirU0vMLdf2dZ70bkwiRuQpn0iAectSHP6QnnrOscR3P98dwMMMjzLE_7z.ATtTEHKve2NwKklV08nXoLT5tx2WPhDMBImSUkbIDLR3lT7Piw-- Reply-To: <turners@ieca.com> From: "Turner, Sean P." <turners@ieca.com> To: <ietf-smime@imc.org> Subject: IETF 68 Agenda Topics Date: Thu, 15 Feb 2007 12:49:27 -0500 Organization: IECA, Inc. Message-ID: <002501c75129$a345d440$0301a8c0@Wylie> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcdRKaL3jLA+kak8RBisLj3y5fPIWw== X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> All, We've got a one hour slot scheduled and here is a proposed agenda. If anybody has any ideas for topics to add please let me know: Agenda Bashing (All) WG Status (Sean) symkeydist esscertid cmsmultisign IBE drafts Authenticated Enveloped Data (Russ) AES-CCM and AES-GCM (Russ) Multiple Signatures (Jim/Sean) Wrap Up (Sean) spt Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1F144A7000973 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 18:04:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1F144X4000972; Wed, 14 Feb 2007 18:04:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from smtp106.biz.mail.re2.yahoo.com (smtp106.biz.mail.re2.yahoo.com [206.190.52.175]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1F142PE000957 for <ietf-smime@imc.org>; Wed, 14 Feb 2007 18:04:03 -0700 (MST) (envelope-from turners@ieca.com) Received: (qmail 99585 invoked from network); 15 Feb 2007 01:03:57 -0000 Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.96.134 with login) by smtp106.biz.mail.re2.yahoo.com with SMTP; 15 Feb 2007 01:03:56 -0000 X-YMail-OSG: 14_ffrYVM1k10mu_v7qSW2CYOjmZfYeuN3YtIFVeJlTD7Hae5j.j3uXLqMRuxG8xzUr6Yqy3_J1sqY8_hXuPutAQnay3w44JYijLKppfCX7xBvwrmzhviF2x1R0xWDFH8aQbN4FMBdHldHI- Reply-To: <turners@ieca.com> From: "Turner, Sean P." <turners@ieca.com> To: <ietf-smime@imc.org> Subject: draft-ietf-smime-cms-mult-sign-03.txt Date: Wed, 14 Feb 2007 20:03:45 -0500 Organization: IECA, Inc. Message-ID: <009c01c7509d$2460a6f0$0301a8c0@Wylie> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Thread-Index: AcdQebwTG54GZrLfRiCq6V3n2qBojQAAxuFw Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> All, A new version of the CMS Multiple Signer Clarification ID has been posted to address a comment raised during IETF Last Call. Please review and provide any comments by 20 Feb 5pm EST. The new draft can be found at: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt spt Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo5XH084046 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 13:50:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1EKo56v084044; Wed, 14 Feb 2007 13:50:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from ns1.neustar.com (ns1.neustar.com [156.154.16.138]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo33Q084025 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 13:50:05 -0700 (MST) (envelope-from ietf@ietf.org) Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns1.neustar.com (Postfix) with ESMTP id 1C9C926F10; Wed, 14 Feb 2007 20:50:03 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HHR4k-0004Kx-Ip; Wed, 14 Feb 2007 15:50:02 -0500 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-02.txt Message-Id: <E1HHR4k-0004Kx-Ip@stiedprstage1.ietf.org> Date: Wed, 14 Feb 2007 15:50:02 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Cryptographic Message Syntax (CMS) Authenticated-Enveloped-Data Content Type Author(s) : R. Housley Filename : draft-ietf-smime-cms-auth-enveloped-02.txt Pages : 10 Date : 2007-2-14 This document describes an additional content type for the Cryptographic Message Syntax (CMS). The authenticated-enveloped-data content type is intended for use with authenticated encryption modes. All of the various key management techniques that are supported in the CMS enveloped-data content type are also supported by the CMS authenticated-enveloped-data content type. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-auth-enveloped-02.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cms-auth-enveloped-02.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-02.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2007-2-14134555.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-02.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-cms-auth-enveloped-02.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2007-2-14134555.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo4Kg084032 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 13:50:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1EKo4Oj084031; Wed, 14 Feb 2007 13:50:04 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from ns0.neustar.com (ns0.neustar.com [156.154.16.158]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EKo2eH084024 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 13:50:03 -0700 (MST) (envelope-from ietf@ietf.org) Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns0.neustar.com (Postfix) with ESMTP id A39A532925; Wed, 14 Feb 2007 20:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HHR4k-0004Kq-HL; Wed, 14 Feb 2007 15:50:02 -0500 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: ietf-smime@imc.org From: Internet-Drafts@ietf.org Subject: I-D ACTION:draft-ietf-smime-cms-mult-sign-03.txt Message-Id: <E1HHR4k-0004Kq-HL@stiedprstage1.ietf.org> Date: Wed, 14 Feb 2007 15:50:02 -0500 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : Cryptographic Message Syntax (CMS) Multiple Signer Clarification Author(s) : R. Housley Filename : draft-ietf-smime-cms-mult-sign-03.txt Pages : 5 Date : 2007-2-14 This document updates the Cryptographic Message Syntax (CMS), which is published in RFC 3852. This document clarifies the proper handling of the SignedData protected content type when more than one digital signature is present. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cms-mult-sign-03.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2007-2-14133704.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-cms-mult-sign-03.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-cms-mult-sign-03.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2007-2-14133704.I-D@ietf.org> --OtherAccess-- --NextPart-- Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EB9dTj031534 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 14 Feb 2007 04:09:39 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1EB9dki031533; Wed, 14 Feb 2007 04:09:39 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from foon.sendmail.com (smtp-out.sendmail.com [209.246.26.45]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1EB9bYZ031526 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 04:09:38 -0700 (MST) (envelope-from blake@sendmail.com) Received: from [192.168.0.4] (gtec136-m.isomedia.com [207.115.67.136] (may be forged)) (authenticated bits=0) by foon.sendmail.com (Switch-3.2.5/Switch-3.2.0) with ESMTP id l1EB9SFR005156 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK) for <ietf-smime@imc.org>; Wed, 14 Feb 2007 03:09:34 -0800 X-DKIM: Sendmail DKIM Filter v0.5.1 foon.sendmail.com l1EB9SFR005156 DKIM-Signature: a=rsa-sha1; c=relaxed/simple; d=sendmail.com; s=tls.dkim; t=1171451375; bh=Y/1i71/fHHQbQGlVVeK/rGo6DH4=; h=X-DomainKeys: DomainKey-Signature:Message-ID:Date:From:User-Agent:MIME-Version: To:Subject:Content-Type:Content-Transfer-Encoding; b=hBI4Bp+dkTS52+ 2PwEVwewaRZnvjegXDf2mBN/+vH2joTtncQghybHbXmiDZMgrHkfhHlIuU+Sbf2C6nG l6BIfkqseqHo9N0S+huos3RCfxFP5Y8pq1yIzgV+Oc1DLKOhfM1zcw3z6jsdeCmrg4Z 0rg7YicVu6p8eUswCNk6OYY= X-DomainKeys: Sendmail DomainKeys Filter v0.4.1 foon.sendmail.com l1EB9SFR005156 DomainKey-Signature: a=rsa-sha1; s=tls; d=sendmail.com; c=nofws; q=dns; h=message-id:date:from:user-agent:mime-version:to:subject: content-type:content-transfer-encoding; b=a4RCDE5H1O7mgvK0hVaVrxxPuH3yb8m8vtRyBVu5URvi+cCdnATEBFEFpdvwXHddH HG1j6KRoCZj08S2y2OqRebBnETMvP73XM5i+xuMdwDgpY8WmnHo4XaDvDpQntHtDREa 94SwyfijDPdUDjfMTBFkoIHCGAZJPG0eK9fv6iU= Message-ID: <45D2EDE6.20206@sendmail.com> Date: Wed, 14 Feb 2007 03:09:26 -0800 From: Blake Ramsdell <blake@sendmail.com> User-Agent: Thunderbird 1.5.0.9 (Macintosh/20061207) MIME-Version: 1.0 To: ietf-smime@imc.org Subject: IBE drafts WG last call extended to 2/16 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> I'm extending the WG last call for draft-ietf-smime-bfibecms and draft-ietf-smime-ibearch until Friday, 2/16, due to the unfortunate collision with the RSA conference. I'm a little nervous that there hasn't been any discussion about these during last call. I explained to Mark that this either represents a) perfection, or b) a lack of review. I'm all for a), but I fear it's b). Can I get some amount of noise from anyone who has done a review of these drafts? I know we took a poll at the WG meeting in San Diego, and there were several people who intended to take a look. Just a "hey, I took a look, and these are the nicest drafts I've ever seen" would certainly make me feel better. And certainly if you intended to look at the drafts, you've got some extra time now. Blake -- Blake Ramsdell | Sendmail, Inc. | http://www.sendmail.com Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DLi2jO075823 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 14:44:02 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DLi26w075822; Tue, 13 Feb 2007 14:44:02 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from woodstock.binhost.com (woodstock.binhost.com [66.150.120.2]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DLi0Nh075802 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 14:44:01 -0700 (MST) (envelope-from housley@vigilsec.com) Message-Id: <200702132144.l1DLi0Nh075802@balder-227.proper.com> Received: (qmail 17221 invoked by uid 0); 13 Feb 2007 21:43:54 -0000 Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.224.157) by woodstock.binhost.com with SMTP; 13 Feb 2007 21:43:54 -0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Tue, 13 Feb 2007 16:43:57 -0500 To: turners@ieca.com From: Russ Housley <housley@vigilsec.com> Subject: RE: I-D ACTION:draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt Cc: ietf-smime@imc.org In-Reply-To: <00a401c74fad$781c8520$0301a8c0@Wylie> References: <E1H9677-00081i-UI@stiedprstage1.ietf.org> <00a401c74fad$781c8520$0301a8c0@Wylie> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Sean: >Minor nits (and maybe showing my lack of understanding): > >Sections 1.4 and 1.5 refer to the outputs as a ciphertext and an >authentication tag. Can we add the following parenthetical to the 1st >sentence of the last para in 3 to tie the two paras together?: ... "for the >AuthEnvelopedData mac field (i.e., the authentication tag)." The >authentication tag is referred to in AuthEnvelopedData ID. I changed the algorithm descriptions in 1.4 and 1.5 to provide the linkage. It now says: AES-CCM/AES-GCM generates two outputs: a ciphertext and message authentication code (also called an authentication tag). >Also 1.4 and 1.5 say there are four inputs to the process and the last para >of 2.2 of the AuthEvelopedData ID says there's 3. There's no reference to >the nonce. Is the nonce just part of the random content encryption key? AES-CCM and AES-GCM require a nonce. This is carried in an algorithm parameter, so it is not really described in the AuthEnvelopedData document. If one was to turn AES Key Wrap into an authenticated encryption mode, it would not need such a nonce. I have added the missing piece of information to the 3rd paragraph of sections 1.4 and 1.5, which now read: The nonce is generated by the party performing the authenticated encryption operation. Within the scope of any authenticated-encryption key, the nonce value MUST be unique. That is, the set of nonce values used with any given key MUST NOT contain any duplicate values. Using the same nonce for two different messages encrypted with the same key destroys the security properties. Russ Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DKSLjS070474 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 13:28:21 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DKSLxf070473; Tue, 13 Feb 2007 13:28:21 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from smtp101.biz.mail.re2.yahoo.com (smtp101.biz.mail.re2.yahoo.com [68.142.229.215]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DKSI8t070466 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 13:28:20 -0700 (MST) (envelope-from turners@ieca.com) Received: (qmail 21723 invoked from network); 13 Feb 2007 20:28:16 -0000 Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.70.186 with login) by smtp101.biz.mail.re2.yahoo.com with SMTP; 13 Feb 2007 20:28:16 -0000 X-YMail-OSG: rjtnoRoVM1kCBCuM3u2wDCmCT4H2FwmDVAGO5rCrih0hzfkRoFs5l3pzBMa32Hl.sLrmprTVTxbM1bXh0u2l4W03yvvowP4KzoyUyQ5wPuwTDNdbJ8xaxf16YboRp8h.ooBqTOmcSgQbcMtGPRtZQSOIS6CQPAQH5brkJTZr.u3FBn.dS1f.d1M9jJK_ Reply-To: <turners@ieca.com> From: "Turner, Sean P." <turners@ieca.com> To: <ietf-smime@imc.org> Subject: RE: I-D ACTION:draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt Date: Tue, 13 Feb 2007 15:28:03 -0500 Organization: IECA, Inc. Message-ID: <00a401c74fad$781c8520$0301a8c0@Wylie> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-Reply-To: <E1H9677-00081i-UI@stiedprstage1.ietf.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Thread-Index: Acc+asB5PqHi4E4WRaaJfzrNJrw8SgRPeo8w Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Russ, Minor nits (and maybe showing my lack of understanding): Sections 1.4 and 1.5 refer to the outputs as a ciphertext and an authentication tag. Can we add the following parenthetical to the 1st sentence of the last para in 3 to tie the two paras together?: ... "for the AuthEnvelopedData mac field (i.e., the authentication tag)." The authentication tag is referred to in AuthEnvelopedData ID. Also 1.4 and 1.5 say there are four inputs to the process and the last para of 2.2 of the AuthEvelopedData ID says there's 3. There's no reference to the nonce. Is the nonce just part of the random content encryption key? spt Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DJi5PA067416 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 12:44:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DJi5gX067415; Tue, 13 Feb 2007 12:44:05 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from smtp105.biz.mail.re2.yahoo.com (smtp105.biz.mail.re2.yahoo.com [206.190.52.174]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DJi3vg067409 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 12:44:04 -0700 (MST) (envelope-from turners@ieca.com) Received: (qmail 81903 invoked from network); 13 Feb 2007 19:43:59 -0000 Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.70.186 with login) by smtp105.biz.mail.re2.yahoo.com with SMTP; 13 Feb 2007 19:43:59 -0000 X-YMail-OSG: n3cGdhwVM1nIKrCTXCDiWMg.UjzsAorzMtH5Ta2vU5ZjfqhFY5j4alMBqgytqujdK589B6G2i5IhoKnuItBeyFkwgPzjVwEAQ1BjhuvqvHtpKLgOo8tn0dc3mG.HxyPTsx72XC.W_M3dmcMm7YYEMF6n8VU_6MGLcIuK08isBGilpWA7sgzHqzohAJt6 Reply-To: <turners@ieca.com> From: "Turner, Sean P." <turners@ieca.com> To: "'Russ Housley'" <housley@vigilsec.com> Cc: <ietf-smime@imc.org> Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt Date: Tue, 13 Feb 2007 14:43:48 -0500 Organization: IECA, Inc. Message-ID: <009201c74fa7$4803f4a0$0301a8c0@Wylie> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 In-Reply-To: <200702131755.l1DHtmor059985@balder-227.proper.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Thread-Index: AcdPm/Orl1DYqQ5OSoqCK/RZTG6FbgACeKCg Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Okay the oid in AuthEnvelopedData EncryptedContentInfo contentEncryptionAlgorithm field is all encompassing. > -----Original Message----- > From: owner-ietf-smime@mail.imc.org > [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Russ Housley > Sent: Tuesday, February 13, 2007 12:56 PM > To: turners@ieca.com > Cc: ietf-smime@imc.org > Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt > > > Sean: > > >Two comments/questions: > > > >Sec 2.1: Don't we need an algorithm identifier for the mac algorithm? > > No. Authenticated encryption provides both. Please see > draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt to see two examples. > > >Sec 2.1: Since the mac description says a digest is not used > should we > >say in the authAttrs description that the message digest > attribute must > >not be included if authenticated attributes are included > (9.1 requires > >message digest if authenticated attributes are used)? > > Yes. That is a good improvement. > > Russ > > Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1DHtoM5059992 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 13 Feb 2007 10:55:50 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1DHtoBc059991; Tue, 13 Feb 2007 10:55:50 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from woodstock.binhost.com (woodstock.binhost.com [66.150.120.2]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1DHtmor059985 for <ietf-smime@imc.org>; Tue, 13 Feb 2007 10:55:49 -0700 (MST) (envelope-from housley@vigilsec.com) Message-Id: <200702131755.l1DHtmor059985@balder-227.proper.com> Received: (qmail 23747 invoked by uid 0); 13 Feb 2007 17:55:39 -0000 Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.224.157) by woodstock.binhost.com with SMTP; 13 Feb 2007 17:55:39 -0000 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Tue, 13 Feb 2007 12:55:40 -0500 To: turners@ieca.com From: Russ Housley <housley@vigilsec.com> Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt Cc: ietf-smime@imc.org In-Reply-To: <000001c74f16$40a071c0$0301a8c0@Wylie> References: <E1HBzvW-0008He-45@stiedprstage1.ietf.org> <000001c74f16$40a071c0$0301a8c0@Wylie> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Sean: >Two comments/questions: > >Sec 2.1: Don't we need an algorithm identifier for the mac algorithm? No. Authenticated encryption provides both. Please see draft-ietf-smime-cms-aes-ccm-and-gcm-00.txt to see two examples. >Sec 2.1: Since the mac description says a digest is not used should we say >in the authAttrs description that the message digest attribute must not be >included if authenticated attributes are included (9.1 requires message >digest if authenticated attributes are used)? Yes. That is a good improvement. Russ Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1D2PpaY090380 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Mon, 12 Feb 2007 19:25:51 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1D2Pp62090378; Mon, 12 Feb 2007 19:25:51 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from smtp106.biz.mail.re2.yahoo.com (smtp106.biz.mail.re2.yahoo.com [206.190.52.175]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l1D2PoUu090371 for <ietf-smime@imc.org>; Mon, 12 Feb 2007 19:25:51 -0700 (MST) (envelope-from turners@ieca.com) Received: (qmail 21490 invoked from network); 13 Feb 2007 02:25:46 -0000 Received: from unknown (HELO Wylie) (turners@ieca.com@70.17.70.186 with login) by smtp106.biz.mail.re2.yahoo.com with SMTP; 13 Feb 2007 02:25:45 -0000 X-YMail-OSG: 6Y2Mpv8VM1mo7SzfrnInHA7cusH1KzEtTWGTwhQiyoR2Dmz6S0n1lXw1lPuV_azeh.RUNIGzsmMGvoPxzuowckaCz1XyLOYQGctnUQbdFlOvKlAiNrxAaLxcBYJ2pviu7P4vu.2RTJvdwkGmco1sAQqk8Qe5YtCjXqKBFOhkroF1MJLvKvDHraG80gTP Reply-To: <turners@ieca.com> From: "Turner, Sean P." <turners@ieca.com> To: <ietf-smime@imc.org> Subject: RE: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt Date: Mon, 12 Feb 2007 21:25:38 -0500 Organization: IECA, Inc. Message-ID: <000001c74f16$40a071c0$0301a8c0@Wylie> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Office Outlook 11 Thread-Index: AcdHqP9/SKfR5V3+QgGo2OZNcH9z+QHa7qhg In-Reply-To: <E1HBzvW-0008He-45@stiedprstage1.ietf.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Russ, Two comments/questions: Sec 2.1: Don't we need an algorithm identifier for the mac algorithm? Sec 2.1: Since the mac description says a digest is not used should we say in the authAttrs description that the message digest attribute must not be included if authenticated attributes are included (9.1 requires message digest if authenticated attributes are used)? spt -----Original Message----- From: owner-ietf-smime@mail.imc.org [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Internet-Drafts@ietf.org Sent: Tuesday, January 30, 2007 3:50 PM To: i-d-announce@ietf.org Cc: ietf-smime@imc.org Subject: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : The CMS AuthEnvelopedData Content Type Author(s) : R. Housley Filename : draft-ietf-smime-cms-auth-enveloped-01.txt Pages : 10 Date : 2007-1-30 This document describes an additional content type for the Cryptographic Message Syntax (CMS). The authenticated-enveloped-data content type is intended for use with authenticated encryption modes. All of the various key management techniques that are supported in the CMS enveloped-data content type are also supported by the CMS authenticated-enveloped-data content type. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.t xt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cms-auth-enveloped-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l13F5bHb016872 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sat, 3 Feb 2007 08:05:37 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l13F5bSS016871; Sat, 3 Feb 2007 08:05:37 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from people.com.cn ([202.99.23.227]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id l13F5ZTh016863 for <ietf-smime@imc.org>; Sat, 3 Feb 2007 08:05:36 -0700 (MST) (envelope-from Internet-Drafts@ietf.org) Received: from people.com.cn([127.0.0.1]) by people.com.cn(AIMC 2.9.5.8) with SMTP id jm445c4ed0f; Sat, 03 Feb 2007 23:15:42 +0800 Received: from people.com.cn([127.0.0.1]) by people.com.cn(AIMC 2.9.5.8) with SMTP id jmd45c007bc; Wed, 31 Jan 2007 05:14:52 +0800 Received: from megatron.ietf.org([127.0.0.1]) by people.com.cn(AIMC 2.9.5.8) with SMTP id jm2345bff5e5; Wed, 31 Jan 2007 05:14:49 +0800 Received: from megatron.ietf.org([156.154.16.145]) by people.com.cn(AIMC 2.9.5.8) with SMTP id AISP action; Wed, 31 Jan 2007 05:14:49 +0800 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBzva-000346-4V; Tue, 30 Jan 2007 15:50:06 -0500 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBzvW-00033r-Pv for i-d-announce@ietf.org; Tue, 30 Jan 2007 15:50:02 -0500 Received: from ns1.neustar.com ([2001:503:c779:1a::9c9a:108a]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HBzvW-0006c2-Fl for i-d-announce@ietf.org; Tue, 30 Jan 2007 15:50:02 -0500 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by ns1.neustar.com (Postfix) with ESMTP id 3AF1126E69; Tue, 30 Jan 2007 20:50:02 +0000 (GMT) Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1HBzvW-0008He-45; Tue, 30 Jan 2007 15:50:02 -0500 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org From: Internet-Drafts@ietf.org Message-Id: <E1HBzvW-0008He-45@stiedprstage1.ietf.org> Date: Tue, 30 Jan 2007 15:50:02 -0500 X-Spam-Score: -2.5 (--) X-Scan-Signature: c3a18ef96977fc9bcc21a621cbf1174b Cc: ietf-smime@imc.org Subject: I-D ACTION:draft-ietf-smime-cms-auth-enveloped-01.txt X-BeenThere: i-d-announce@ietf.org X-Mailman-Version: 2.1.5 Reply-To: internet-drafts@ietf.org List-Id: i-d-announce.ietf.org List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe> List-Archive: <http://www1.ietf.org/pipermail/i-d-announce> List-Post: <mailto:i-d-announce@ietf.org> List-Help: <mailto:i-d-announce-request@ietf.org?subject=help> List-Subscribe: <https://www1.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe> X-AIMC-AUTH: (null) X-AIMC-MAILFROM: i-d-announce-bounces@ietf.org X-AIMC-AUTH: (null) X-AIMC-MAILFROM: i-d-announce-bounces@ietf.org X-AIMC-AUTH: (null) X-AIMC-MAILFROM: Internet-Drafts@ietf.org X-Auto-Forward: jaglee@people.com.cn jag@kw.com.cn Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> --NextPart A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the S/MIME Mail Security Working Group of the IETF. Title : The CMS AuthEnvelopedData Content Type Author(s) : R. Housley Filename : draft-ietf-smime-cms-auth-enveloped-01.txt Pages : 10 Date : 2007-1-30 This document describes an additional content type for the Cryptographic Message Syntax (CMS). The authenticated-enveloped-data content type is intended for use with authenticated encryption modes. All of the various key management techniques that are supported in the CMS enveloped-data content type are also supported by the CMS authenticated-enveloped-data content type. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-ietf-smime-cms-auth-enveloped-01.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2007-1-30102244.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-ietf-smime-cms-auth-enveloped-01.txt --OtherAccess Content-Type: Message/External-body; name="draft-ietf-smime-cms-auth-enveloped-01.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2007-1-30102244.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/i-d-announce --NextPart-- Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1223rl8054779 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Feb 2007 19:03:53 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l1223r0E054778; Thu, 1 Feb 2007 19:03:53 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from smtp02.bis.eu.blackberry.com (smtp02.bis.eu.blackberry.com [216.9.253.49]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l1223pnh054765 for <ietf-smime@imc.org>; Thu, 1 Feb 2007 19:03:52 -0700 (MST) (envelope-from christinekarman@mobileemail.vodafone.nl) Message-ID: <11606577-1170381830-cardhu_blackberry.rim.net-12810-@engine40-cell01.bwc.produk.on.blackberry> Reply-To: christine@izecom.com References: <198A730C2044DE4A96749D13E167AD37010D3989@MOU1WNEXMB04.vcorp.ad.vrsn.com> <008901c7462e$5b2834b0$82c5a8c0@arport2v> In-Reply-To: <008901c7462e$5b2834b0$82c5a8c0@arport2v> Sensitivity: Normal Importance: Normal To: "Anders Rundgren" <anders.rundgren@telia.com>, owner-ietf-smime@mail.imc.org, "Hallam-Baker, Phillip" <pbaker@verisign.com>, ietf-smime@imc.org Subject: Re: Goal for S/MIME 2007? From: "Christine Karman" <christine@izecom.com> Date: Fri, 2 Feb 2007 02:03:11 +0000 GMT Content-type: text/plain MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from base64 to 8bit by balder-227.proper.com id l1223qnh054768 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> Anders, For secure portable storage of your keys, you can use a USB token. We use them, works very well. For public keys there are other solutions that work. Christine --- www.izecom.com -----Original Message----- From: "Anders Rundgren" <anders.rundgren@telia.com> Date: Thu, 1 Feb 2007 19:25:29 To:"Hallam-Baker, Phillip" <pbaker@verisign.com>, <ietf-smime@imc.org> Subject: Re: Goal for S/MIME 2007? "If we can persuade the people deploying DKIM at the client" Putting DKIM in the client is IMHO not the right medicine. Any scheme that requires locally stored keys essentially suffer from the same basic problem; that we [still] have no [reasonable] mechanism for carrying such keys. "dependable transactional signatures" Transactions are typically performed by transaction systems. Due to this, I cannot really see that S/MIME will play an important role in a future IT landscape. "I don't want to make S/MIME looser" Neithe do I but it is enough that a message from john@example.com is really coming from the example.com domain and is encrypted during its transport to the reveiver domain. Well, this probably only caters for some 99.9% of all use-cases, but for most people that is "good-enough". If a 0.1% "market-share" will keep S/MIME alive and kicking is yet to see. I would not bet on it at least. Anders R ----- Original Message ----- From: "Hallam-Baker, Phillip" <pbaker@verisign.com> To: "Anders Rundgren" <anders.rundgren@telia.com>; <ietf-smime@imc.org> Sent: Friday, January 26, 2007 03:52 Subject: RE: Goal for S/MIME 2007? I think that in order to address that particular market we would have to spend a lot of time re-engineering S/MIME to be less strict. I don't want to make S/MIME looser. I want to work out a way to get people signing and encrypting their email. I don't particularly care what technology they use to do that. S/MIME implementations lack a small amount of glue to make them more usable. If we can persuade the people deploying DKIM at the client end to add those small necessary pieces of glue to make the user experience seamless we end up with the best of both worlds, ubiquitous lightweight signatures, dependable transactional signatures and message encryption. > -----Original Message----- > From: owner-ietf-smime@mail.imc.org > [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Anders Rundgren > Sent: Thursday, January 25, 2007 4:31 PM > To: ietf-smime@imc.org > Subject: Re: Goal for S/MIME 2007? > > > In theory S/MIME could be one "cure" against spam, viruses > and phishing. > > There are at least two things making this stay as "theory". > > 1. > There is no S/MIME trust structure that works except rather > locally, effectively making every person on the net a "PKI > trust administrator". > Although the DoD have a solution ( > http://www.certipath.com/services.htm ), few other > organizations can spend huge amounts of tax-payer money just > to prove that "it can be done", but are rather evaluating > other options. > > 2. > The unavailability of a cheap, mobile, secure and fully > standardized container makes the certificate requirement a > much too high bar. That not even the financial sector have > managed to deploy such schemes to more than 1-2% in spite of > 10+ years of on-line banking is in my opinion good enough as > a proof. The virtual explosion of Web-mail and mobile phone > mail, actually makes the S/MIME-card-everywhere-vision more > distant than ever. Well, the DoD have no problems [of > course], > http://www.karbonsystems.com/BlackBerry-SMIME-CAC-products_det ail-83.html > but who else would buy $200+ card-readers? > > > It might be interesting knowing that some governments have indeed > removed S/MIME from their C2G (Citizen-to-Government) PKI > schemes since they have noted that the web is a more powerful way > of delivering services as well as offering encryption for free. > > Regarding the failed DOMSEC experimental RFC, I believe that it > [partly] failed because the authors did not realize that > there already was > a globally working PKI they should have hooked into; the web-server > SSL PKI. Imagine, securing an entire e-mail domain for a measly $100- > $200 annually! Too simple, too obvious, and too commercial I guess. > > AR > > Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l11IQ8Qe020459 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Feb 2007 11:26:08 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id l11IQ8bL020458; Thu, 1 Feb 2007 11:26:08 -0700 (MST) (envelope-from owner-ietf-smime@mail.imc.org) X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-smime@mail.imc.org using -f Received: from pne-smtpout2-sn1.fre.skanova.net (pne-smtpout2-sn1.fre.skanova.net [81.228.11.159]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id l11IQ7rr020452 for <ietf-smime@imc.org>; Thu, 1 Feb 2007 11:26:08 -0700 (MST) (envelope-from anders.rundgren@telia.com) Received: from arport2v (81.233.229.21) by pne-smtpout2-sn1.fre.skanova.net (7.2.075) (authenticated as u18116613) id 45AE1F440040E0B1; Thu, 1 Feb 2007 19:25:41 +0100 Message-ID: <008901c7462e$5b2834b0$82c5a8c0@arport2v> From: "Anders Rundgren" <anders.rundgren@telia.com> To: "Hallam-Baker, Phillip" <pbaker@verisign.com>, <ietf-smime@imc.org> References: <198A730C2044DE4A96749D13E167AD37010D3989@MOU1WNEXMB04.vcorp.ad.vrsn.com> Subject: Re: Goal for S/MIME 2007? Date: Thu, 1 Feb 2007 19:25:29 +0100 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Sender: owner-ietf-smime@mail.imc.org Precedence: bulk List-Archive: <http://www.imc.org/ietf-smime/mail-archive/> List-ID: <ietf-smime.imc.org> List-Unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe> "If we can persuade the people deploying DKIM at the client" Putting DKIM in the client is IMHO not the right medicine. Any scheme that requires locally stored keys essentially suffer from the same basic problem; that we [still] have no [reasonable] mechanism for carrying such keys. "dependable transactional signatures" Transactions are typically performed by transaction systems. Due to this, I cannot really see that S/MIME will play an important role in a future IT landscape. "I don't want to make S/MIME looser" Neithe do I but it is enough that a message from john@example.com is really coming from the example.com domain and is encrypted during its transport to the reveiver domain. Well, this probably only caters for some 99.9% of all use-cases, but for most people that is "good-enough". If a 0.1% "market-share" will keep S/MIME alive and kicking is yet to see. I would not bet on it at least. Anders R ----- Original Message ----- From: "Hallam-Baker, Phillip" <pbaker@verisign.com> To: "Anders Rundgren" <anders.rundgren@telia.com>; <ietf-smime@imc.org> Sent: Friday, January 26, 2007 03:52 Subject: RE: Goal for S/MIME 2007? I think that in order to address that particular market we would have to spend a lot of time re-engineering S/MIME to be less strict. I don't want to make S/MIME looser. I want to work out a way to get people signing and encrypting their email. I don't particularly care what technology they use to do that. S/MIME implementations lack a small amount of glue to make them more usable. If we can persuade the people deploying DKIM at the client end to add those small necessary pieces of glue to make the user experience seamless we end up with the best of both worlds, ubiquitous lightweight signatures, dependable transactional signatures and message encryption. > -----Original Message----- > From: owner-ietf-smime@mail.imc.org > [mailto:owner-ietf-smime@mail.imc.org] On Behalf Of Anders Rundgren > Sent: Thursday, January 25, 2007 4:31 PM > To: ietf-smime@imc.org > Subject: Re: Goal for S/MIME 2007? > > > In theory S/MIME could be one "cure" against spam, viruses > and phishing. > > There are at least two things making this stay as "theory". > > 1. > There is no S/MIME trust structure that works except rather > locally, effectively making every person on the net a "PKI > trust administrator". > Although the DoD have a solution ( > http://www.certipath.com/services.htm ), few other > organizations can spend huge amounts of tax-payer money just > to prove that "it can be done", but are rather evaluating > other options. > > 2. > The unavailability of a cheap, mobile, secure and fully > standardized container makes the certificate requirement a > much too high bar. That not even the financial sector have > managed to deploy such schemes to more than 1-2% in spite of > 10+ years of on-line banking is in my opinion good enough as > a proof. The virtual explosion of Web-mail and mobile phone > mail, actually makes the S/MIME-card-everywhere-vision more > distant than ever. Well, the DoD have no problems [of > course], > http://www.karbonsystems.com/BlackBerry-SMIME-CAC-products_det ail-83.html > but who else would buy $200+ card-readers? > > > It might be interesting knowing that some governments have indeed > removed S/MIME from their C2G (Citizen-to-Government) PKI > schemes since they have noted that the web is a more powerful way > of delivering services as well as offering encryption for free. > > Regarding the failed DOMSEC experimental RFC, I believe that it > [partly] failed because the authors did not realize that > there already was > a globally working PKI they should have hooked into; the web-server > SSL PKI. Imagine, securing an entire e-mail domain for a measly $100- > $200 annually! Too simple, too obvious, and too commercial I guess. > > AR > >
- During Work Tyler.Thurman