Browse Prior Art Database

S/MIME Version 2 Certificate Handling (RFC2312)

IP.com Disclosure Number: IPCOM000002878D
Original Publication Date: 1998-Mar-01
Included in the Prior Art Database: 2019-Feb-15
Document File: 20 page(s) / 25K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Dusse: AUTHOR [+3]

Related Documents

10.17487/RFC2312: DOI

Abstract

This memo describes the mechanisms S/MIME uses to create and validate keys using certificates. This memo provides information for the Internet community. It does not specify an Internet standard of any kind.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 9% of the total text.

Network Working Group S. Dusse Request for Comments: 2312 RSA Data Security Category: Informational P. Hoffman Internet Mail Consortium B. Ramsdell Worldtalk J. Weinstein Netscape March 1998

S/MIME Version 2 Certificate Handling

Status of this Memo

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1998). All Rights Reserved.

1. Overview

S/MIME (Secure/Multipurpose Internet Mail Extensions), described in [SMIME-MSG], provides a method to send and receive secure MIME messages. In order to validate the keys of a message sent to it, an S/MIME agent needs to certify that the key is valid. This memo describes the mechanisms S/MIME uses to create and validate keys using certificates.

This specification is compatible with PKCS #7 in that it uses the data types defined by PKCS #7. It also inherits all the varieties of architectures for certificate-based key management supported by PKCS #7. Note that the method S/MIME messages make certificate requests is defined in [SMIME-MSG].

In order to handle S/MIME certificates, an agent has to follow specifications in this memo, as well as some of the specifications listed in the following documents:

- "PKCS #1: RSA Encryption", [PKCS-1]. - "PKCS #7: Cryptographic Message Syntax", [PKCS-7] - "PKCS #10: Certification Request Syntax", [PKCS-10].

Dusse, et. al. Informational [Page 1]

RFC 2312 S/MIME Version 2 Certificate Handling March 1998

Please note: The information in this document is historical material being published for the public record. It is not an IETF standard. The use of the word "standard" in this document indicates a standard for adopters of S/MIME version 2, not an IETF standard.

1.1 Definitions

For the purposes of this memo, the following definitions apply.

ASN.1: Abstract Syntax Notation One, as defined in CCITT X.208.

BER: Basic Encoding Rules for ASN.1, as defined in CCITT X.209.

Certificate: A type that binds an entity’s distinguished name to a public key with a digital signature. This type is defined in CCITT X.509 [X.509]. This type also contains the distinguished name of the certificate issuer (the signer), an issuer-specific serial number, the issuer’s signature algorithm identifier, and a validity period.

Certificate Revocation List (CRL): A type that contains information about certificates whose validity an issuer has prematurely revoked. The information consists of an issuer name, the time of issue, the next scheduled time of issue, and a list of certificate serial numbers and their associated revocation times. The CRL is signed by the issuer. The type intended by this specification is the one defined in [KEYM].

DER: Distinguished Encoding Rules for ASN.1, as defined in CCITT X.509.

1.2 Compatibility with Prior Practice of S/MIME

Appendix C contains important information about how S/MIME agents following this specification should act...

Processing...
Loading...