Browse Prior Art Database

Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Certificate Handling (RFC3850)

IP.com Disclosure Number: IPCOM000029950D
Original Publication Date: 2004-Jul-01
Included in the Prior Art Database: 2004-Jul-20
Document File: 17 page(s) / 37K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

B. Ramsdell: AUTHOR [+2]

Abstract

This document specifies conventions for X.509 certificate usage by Secure/Multipurpose Internet Mail Extensions (S/MIME) agents. S/MIME provides a method to send and receive secure MIME messages, and certificates are an integral part of S/MIME agent processing. S/MIME agents validate certificates as described in RFC 3280, the Internet X.509 Public Key Infrastructure Certificate and CRL Profile. S/MIME agents must meet the certificate processing requirements in this document as well as those in RFC 3280.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 8% of the total text.

Network Working Group                                B. Ramsdell, Editor

Request for Comments: 3850                                Sendmail, Inc.

Obsoletes: 2632                                                July 2004

Category: Standards Track

   Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1

                          Certificate Handling

Status of this Memo

   This document specifies an Internet standards track protocol for the

   Internet community, and requests discussion and suggestions for

   improvements.  Please refer to the current edition of the "Internet

   Official Protocol Standards" (STD 1) for the standardization state

   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2004).

Abstract

   This document specifies conventions for X.509 certificate usage by

   Secure/Multipurpose Internet Mail Extensions (S/MIME) agents.  S/MIME

   provides a method to send and receive secure MIME messages, and

   certificates are an integral part of S/MIME agent processing.  S/MIME

   agents validate certificates as described in RFC 3280, the Internet

   X.509 Public Key Infrastructure Certificate and CRL Profile.  S/MIME

   agents must meet the certificate processing requirements in this

   document as well as those in RFC 3280.

Table of Contents

   1.  Overview . . . . . . . . . . . . . . . . . . . . . . . . . . .  2

       1.1.  Definitions. . . . . . . . . . . . . . . . . . . . . . .  2

       1.2.  Compatibility with Prior Practice of S/MIME. . . . . . .  3

       1.3.  Terminology. . . . . . . . . . . . . . . . . . . . . . .  3

       1.4.  Changes Since S/MIME v3 (RFC 2632) . . . . . . . . . . .  3

   2.  CMS Options. . . . . . . . . . . . . . . . . . . . . . . . . .  4

       2.1 . CertificateRevocationLists . . . . . . . . . . . . . . .  4

       2.2.  CertificateChoices . . . . . . . . . . . . . . . . . . .  4

       2.3.  CertificateSet . . . . . . . . . . . . . . . . . . . . .  5

   3. Using Distinguished Names for Internet Mail . . . . . . . . . .  6

   4.  Certificate Processing . . . . . . . . . . . . . . . . . . . .  7

       4.1.  Certificate Revocation Lists . . . . . . . . . . . . . .  8

       4.2.  Certification Path Validation. . . . . . . . . . . . . .  8

       4.3.  Certificate and CRL Signing Algorithms . . . . . . . . .  9

Ramsdell                    Standards Track                     [Page 1]

RFC 3850            S/MIME 3.1 Certificate Handling            July 2004

       4.4.  PKIX Certificate Extensions. . . . . . . . . . . . . . .  9

   5.  Security Considerations. . . . . . . . . . . . . . ....