Browse Prior Art Database

S/MIME Version 3 Message Specification (RFC2633)

IP.com Disclosure Number: IPCOM000003221D
Original Publication Date: 1999-Jun-01
Included in the Prior Art Database: 2000-Sep-13
Document File: 26 page(s) / 63K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

B. Ramsdell: AUTHOR [+2]

Abstract

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a consistent way to send and receive secure MIME data. Based on the popular Internet MIME standard, S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures) and privacy and data security (using encryption).

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 5% of the total text.

Network Working Group B. Ramsdell, Editor

Request for Comments: 2633 Worldtalk

Category: Standards Track June 1999

S/MIME Version 3 Message Specification

Status of this Memo

This document specifies an Internet standards track protocol for the

Internet community, and requests discussion and suggestions for

improvements. Please refer to the current edition of the "Internet

Official Protocol Standards" (STD 1) for the standardization state

and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.

1. Introduction

S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a

consistent way to send and receive secure MIME data. Based on the

popular Internet MIME standard, S/MIME provides the following

cryptographic security services for electronic messaging

applications: authentication, message integrity and non-repudiation

of origin (using digital signatures) and privacy and data security

(using encryption).

S/MIME can be used by traditional mail user agents (MUAs) to add

cryptographic security services to mail that is sent, and to

interpret cryptographic security services in mail that is received.

However, S/MIME is not restricted to mail; it can be used with any

transport mechanism that transports MIME data, such as HTTP. As such,

S/MIME takes advantage of the object-based features of MIME and

allows secure messages to be exchanged in mixed-transport systems.

Further, S/MIME can be used in automated message transfer agents that

use cryptographic security services that do not require any human

intervention, such as the signing of software-generated documents and

the encryption of FAX messages sent over the Internet.

1.1 Specification Overview

This document describes a protocol for adding cryptographic signature

and encryption services to MIME data. The MIME standard [MIME-SPEC]

provides a general structure for the content type of Internet

messages and allows extensions for new content type applications.

This memo defines how to create a MIME body part that has been

cryptographically enhanced according to CMS [CMS], which is derived

from PKCS #7 [PKCS-7]. This memo also defines the application/pkcs7-

mime MIME type that can be used to transport those body parts.

This memo also discusses how to use the multipart/signed MIME type

defined in [MIME-SECURE] to transport S/MIME signed messages. This

memo also defines the application/pkcs7-signature MIME type, which is

also used to transport S/MIME signed messages.

In order to create S/MIME messages, an S/MIME agent has to follow

specifications in this memo, as well as the specifications listed in

the Cryptographic Message Syntax [CMS].

Throughout this memo, there are requirements and recommendations made

for how receivin...