Browse Prior Art Database

CMS Symmetric Key Management and Distribution (RFC5275)

IP.com Disclosure Number: IPCOM000171507D
Original Publication Date: 2008-Jun-01
Included in the Prior Art Database: 2008-Jun-12

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Turner: AUTHOR

Abstract

This document describes a mechanism to manage (i.e., set up, distribute, and rekey) keys used with symmetric cryptographic algorithms. Also defined herein is a mechanism to organize users into groups to support distribution of encrypted content using symmetric cryptographic algorithms. The mechanism uses the Cryptographic Message Syntax (CMS) protocol and Certificate Management over CMS (CMC) protocol to manage the symmetric keys. Any member of the group can then later use this distributed shared key to decrypt other CMS encrypted objects with the symmetric key. This mechanism has been developed to support Secure/Multipurpose Internet Mail Extensions (S/MIME) Mail List Agents (MLAs).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 1% of the total text.

Network Working Group                                          S. Turner Request for Comments: 5275                                          IECA Category: Standards Track                                      June 2008

              CMS Symmetric Key Management and Distribution

Status of This Memo

   This document specifies an Internet standards track protocol for the    Internet community, and requests discussion and suggestions for    improvements.  Please refer to the current edition of the "Internet    Official Protocol Standards" (STD 1) for the standardization state    and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   This document describes a mechanism to manage (i.e., set up,    distribute, and rekey) keys used with symmetric cryptographic    algorithms.  Also defined herein is a mechanism to organize users    into groups to support distribution of encrypted content using    symmetric cryptographic algorithms.  The mechanism uses the    Cryptographic Message Syntax (CMS) protocol and Certificate    Management over CMS (CMC) protocol to manage the symmetric keys.  Any    member of the group can then later use this distributed shared key to    decrypt other CMS encrypted objects with the symmetric key.  This    mechanism has been developed to support Secure/Multipurpose Internet    Mail Extensions (S/MIME) Mail List Agents (MLAs).

Turner                      Standards Track                     [Page 1]
 RFC 5275                     CMS SymKeyDist                    June 2008

 Table of Contents

   1. Introduction ....................................................4

      1.1. Conventions Used in This Document ..........................4

      1.2. Applicability to E-mail ....................................5

      1.3. Applicability to Repositories ..............................5

      1.4. Using the Group Key ........................................5

   2. Architecture ....................................................6

   3. Protocol Interactions ...........................................7

      3.1. Control Attributes .........................................8

           3.1.1. GL Use KEK .........................................10

           3.1.2. Delete GL ..........................................14

           3.1.3. Add GL Member ......................................14

           3.1.4. Delete GL Member ...................................15

           3.1.5. Rekey GL ...........................................16

           3.1.6. Add GL Owner .......................................16

      ...