Browse Prior Art Database

Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services (RFC1424) Disclosure Number: IPCOM000002251D
Original Publication Date: 1993-Feb-01
Included in the Prior Art Database: 2000-Sep-12
Document File: 7 page(s) / 16K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

B. Kaliski: AUTHOR


Status of this Memo

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 17% of the total text.

Network Working Group B. Kaliski

Request for Comments: 1424 RSA Laboratories

February 1993

Privacy Enhancement for Internet Electronic Mail:

Part IV: Key Certification and Related Services

Status of this Memo

This RFC specifies an IAB standards track protocol for the Internet

community, and requests discussion and suggestions for improvements.

Please refer to the current edition of the "IAB Official Protocol

Standards" for the standardization state and status of this protocol.

Distribution of this memo is unlimited.


This document is the product of many discussions at RSA Data

Security, at Trusted Information Systems, and on the> mailing list. Contributors include Dave Balenson, Jim

Bidzos, Pat Cain, Vint Cerf, Pam Cochrane, Steve Dusse, Jeff Fassett,

Craig Finseth, Jim Galvin, Mike Indovina, Bob Jueneman, Steve Kent,

John Lowry, Paul McKenney, Jeff Thompson, and Charles Wu. This

document is the product of the Privacy-Enhanced Electronic Mail

Working Group.

1. Executive Summary

This document describes three types of service in support of Internet

Privacy-Enhanced Mail (PEM) [1-3]: key certification, certificate-

revocation list (CRL) storage, and CRL retrieval. Such services are

among those required of an RFC 1422 [2] certification authority.

Other services such as certificate revocation and certificate

retrieval are left to the certification authority to define, although

they may be based on the services described in this document.

Each service involves an electronic-mail request and an electronic-

mail reply. The request is either an RFC 1421 [1] privacy-enhanced

message or a message with a new syntax defined in this document. The

new syntax follows the general RFC 1421 syntax but has a different

process type, thereby distinguishing it from ordinary privacy-

enhanced messages. The reply is either an RFC 1421 privacy-enhanced

message, or an ordinary unstructured message.

Replies that are privacy-enhanced messages can be processed like any

other privacy-enhanced message, so that the new certificate or the

retrieved CRLs can be inserted into the requestor's database during

normal privacy-enhanced mail processing.

Certification authorities may also require non-electronic forms of

request and may return non-electronic replies. It is expected that

descriptions of such forms, which are outside the scope of this

document, will be available through a certification authority's