Browse Prior Art Database

Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures (RFC1040) Disclosure Number: IPCOM000001846D
Original Publication Date: 1988-Jan-01
Included in the Prior Art Database: 2000-Sep-12
Document File: 25 page(s) / 70K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People




This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 4% of the total text.

Network Working Group J. Linn (BBNCC)

Request for Comments: 1040 IAB Privacy Task Force

Obsoletes RFCs: 989 January 1988

Privacy Enhancement for Internet Electronic Mail:

Part I: Message Encipherment and Authentication Procedures


This RFC suggests a proposed protocol for the Internet community, and

requests discussion and suggestions for improvements. Distribution

of this memo is unlimited.


This RFC is the outgrowth of a series of IAB Privacy Task Force

meetings and of internal working papers distributed for those

meetings. I would like to thank the following Privacy Task Force

members and meeting guests for their comments and contributions at

the meetings which led to the preparation of this RFC: David

Balenson, Curt Barker, Matt Bishop, Danny Cohen, Tom Daniel, Charles

Fox, Morrie Gasser, Steve Kent (chairman), John Laws, Steve Lipner,

Dan Nessett, Mike Padlipsky, Rob Shirey, Miles Smid, Steve Walker,

and Steve Wilbur.

1. Executive Summary

This RFC defines message encipherment and authentication procedures,

as the initial phase of an effort to provide privacy enhancement

services for electronic mail transfer in the Internet. Detailed key

management mechanisms to support these procedures will be defined in

a subsequent RFC. As a goal of this initial phase, it is intended

that the procedures defined here be compatible with a wide range of

key management approaches, including both conventional (symmetric)

and public-key (asymmetric) approaches for encryption of data

encrypting keys. Use of conventional cryptography for message text

encryption and/or integrity check computation is anticipated.

Privacy enhancement services (confidentiality, authentication, and

message integrity assurance) are offered through the use of

end-to-end cryptography between originator and recipient User Agent

processes, with no special processing requirements imposed on the

Message Transfer System at endpoints or at intermediate relay

sites. This approach allows privacy enhancement facilities to be

incorporated on a site-by-site or user-by-user basis without impact

on other Internet entities. Interoperability among heterogeneous

components and mail transport facilities is supported.

2. Terminology

For descriptive purposes, this RFC uses some terms defined in the OSI

X.400 Message Handling System Model per the 1984 CCITT

Recommendations. This section replicates a portion of X.400's

Section 2.2.1, "Description of the MHS...