Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management (RFC1422)
Original Publication Date: 1993-Feb-01
Included in the Prior Art Database: 2000-Sep-12
Internet Society Requests For Comment (RFCs)
and standardization of procedures and conventions that are outside the scope of X.509.
Network Working Group S. Kent
Request for Comments: 1422 BBN
Obsoletes: 1114 IAB IRTF PSRG, IETF PEM
Privacy Enhancement for Internet Electronic Mail:
Part II: Certificate-Based Key Management
Status of this Memo
This RFC specifies an IAB standards track protocol for the Internet
community, and requests discussion and suggestions for improvements.
Please refer to the current edition of the "IAB Official Protocol
Standards" for the standardization state and status of this protocol.
Distribution of this memo is unlimited.
This memo is the outgrowth of a series of meetings of the Privacy and
Security Research Group of the Internet Research Task Force (IRTF)
and the Privacy-Enhanced Electronic Mail Working Group of the
Internet Engineering Task Force (IETF). I would like to thank the
members of the PSRG and the PEM WG for their comments and
contributions at the meetings which led to the preparation of this
document. I also would like to thank contributors to the PEM-DEV
mailing list who have provided valuable input which is reflected in
1. Executive Summary
This is one of a series of documents defining privacy enhancement
mechanisms for electronic mail transferred using Internet mail
protocols. RFC 1421  prescribes protocol extensions and
processing procedures for RFC-822 mail messages, given that suitable
cryptographic keys are held by originators and recipients as a
necessary precondition. RFC 1423  specifies algorithms, modes and
associated identifiers for use in processing privacy-enhanced
messages, as called for in RFC 1421 and this document. This document
defines a supporting key management architecture and infrastructure,
based on public-key certificate techniques, to provide keying
information to message originators and recipients. RFC 1424 
provides additional specifications for services in conjunction with
the key management infrastructure described herein.
The key management architecture described in this document is
compatible with the authentication framework described in CCITT 1988
X.509 . This document goes beyond X.509 by establishing
procedures and conventions for a key management infrastructure for
use with Privacy Enhanced Mail (PEM) and with other protocols, from
both the TCP/IP and OSI suites, in the future. There are several
motivations for establishing these procedures and convent...