S/MIME Mail Security (smime)
----------------------------

 Charter
 Last Modified: 2008-04-23

 Current Status: Active Working Group

 Chair(s):
     Sean Turner  <turners@ieca.com>
     Blake Ramsdell  <blake@sendmail.com>

 Security Area Director(s):
     Tim Polk  <tim.polk@nist.gov>
     Pasi Eronen  <pasi.eronen@nokia.com>

 Security Area Advisor:
     Tim Polk  <tim.polk@nist.gov>

 Mailing Lists: 
     General Discussion:ietf-smime@imc.org
     To Subscribe:      ietf-smime-request@imc.org
     Archive:           http://www.imc.org/ietf-smime/

Description of Working Group:

The S/MIME Working Group has completed a series of Proposed Standards
that comprise the S/MIME version 3.1 specification. As part of the
specification update, a new suite of "mandatory to implement" 
algorithms
was be selected. Current efforts update and build upon these base
specifications.

The Cryptographic Message Syntax (CMS) (RFC 3852) is cryptographic
algorithm independent, yet there is always more than one way to use any
algorithm. To ensure interoperability, each algorithm should have a
specification that describes its use with CMS. Specifications for the
use of additional cryptographic algorithms will be developed.

CMS, as well as S/MIME version 3 and later, permit the use of 
previously
distributed symmetric key-encryption keys. Specifications for the
distribution of symmetric key-encryption keys to multiple message
recipients will be developed. Mail List Agents (MLAs) are one use of
symmetric key-encryption keys. The specification will be algorithm
independent.

To aid initial determination of recipient's cryptographic capabilities 
a
specification will be developed allowing S/MIME capabilities to be
stored and asserted in X.509 certificates based on the X.509 
certificate
and CRL profile developed by the PKIX Working Group.

The working group will perform necessary interoperability testing to
progress the CMS and S/MIME specifications to Draft Standard. The CMS
specification depends on the RFC 3280, which was developed by the PKIX
working group. This profile must progress to Draft Standard before CMS
and the other S/MIME specifications can progress to Draft Standard.
Assuming timely progress by the PKIX Working Group, the S/MIME
specification can start progressing to Draft Standard in 2005.

 Goals and Milestones:

   Done         First draft of security label usage specification. 

   Done         First draft of CMS RecipientInfo extension. 

   Done         Last call on KEA and SKIPJACK algorithm specification. 

   Done         Last call on small subgroup attack avoidance 

   Done         First draft of CAST algorithm specification. 

   Done         Last call on certificate distribution specification. 

   Done         First draft of mail list key distribution. 

   Done         Submit KEA and SKIPJACK algorithm specification as 
                Informational RFC. 

   Done         Submit small subgroup attack avoidance as Informational RFC 

   Done         Last call on CAST algorithm specification. 

   Done         Updated draft of domain security services document. 

   Done         Last call on security label usage specification. 

   Done         Last call on IDEA algorithm specification. 

   Done         Last call on CMS RecipientInfo extension. 

   Done         Last call on mail list key distribution. 

   Done         Submit CAST algorithm specification as Informational RFC. 

   Done         Submit security label usage specification as Informational RFC. 

   Done         Submit IDEA algorithm specification as Informational RFC. 

   Done         Submit CMS RecipientInfo extension to IESG for consideration as 
                a Proposed Standard. 

   Done         Last call on domain security services document. 

   Done         Submit domain security services as Experimental RFC. 

   Done         Submit mail list key distribution as a Proposed Standard 

   Done         Submit X.400 CMS wrapper specification as a Proposed Standard 

   Done         Submit HMAC key wrap description as Proposed Standard 

   Done         Submit RSA OAEP algorithm specification as Proposed Standard 

   Done         Sumbit AES algorithm specification as Proposed Standard 

   Done         Submit X.400 transport as a Proposed Standard 

   Done         Last call on CMS and ESS examples document 

   Done         First draft of RSA KEM algorithm specification 

   Done         Submit update to MSG as Proposed Standard 

   Done         Submit update to CERT as Proposed Standard 

   Done         Last call on RSA PSS algorithm specification 

   Done         Submit RSA PSS algorithm specification as Proposed Standard 

   Done         First draft of S/MIME Capabilities Certificate Extension 

   Done         Working Group Last Call for S/MIME Capabilities Certificate 
                Extension 

   Done         Submit S/MIME Capabilities Certificate Extension as 
                Informational RFC 

   Dec 2007       Submit SHA-2 algorithms with CMS as Proposed Standard 

   Dec 2007       Submit S/MIME Certificate Handling as Proposed Standard 

   Dec 2007       Submit S/MIME Message Specification as Proposed Standard 

   Dec 2008       Submit CMS as Draft Standard 

   Dec 2008       Submit necessary algorithms documents* as Draft Standard 

   Dec 2008       Submit Enhanced Security Services as Draft Standard 

   Dec 2008       Submit S/MIME Message Specification as Draft Standard 

   Dec 2008       Submit S/MIME Certificate Handling as Draft Standard 


 Internet-Drafts:

Posted Revised         I-D Title   <Filename>
------ ------- --------------------------------------------
May 2003 Oct 2007   <draft-ietf-smime-cms-rsa-kem-05.txt>
                Use of the RSA-KEM Key Transport Algorithm in CMS 

Jun 2006 Aug 2008   <draft-ietf-smime-ibearch-07.txt>
                Identity-based Encryption Architecture and Supporting Data 
                Structures 

Jun 2006 Aug 2008   <draft-ietf-smime-bfibecms-10.txt>
                Using the Boneh-Franklin and Boneh-Boyen identity-based 
                Encryption Algorithms with the Cryptographic Message Syntax 
                (CMS) 

Dec 2006 Mar 2008   <draft-ietf-smime-multisig-05.txt>
                Multiple Signatures in S/MIME 

May 2007 Apr 2008   <draft-ietf-smime-sha2-05.txt>
                Using SHA2 Algorithms with Cryptographic Message Syntax 

Nov 2007 Jul 2008   <draft-ietf-smime-3851bis-04.txt>
                Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 
                3.2 Message Specification 

Nov 2007 Jun 2008   <draft-ietf-smime-3850bis-04.txt>
                Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 
                3.2 Certificate Handling 

Dec 2007 Jul 2008   <draft-ietf-smime-new-asn1-01.txt>
                New ASN.1 Modules for CMS and S/MIME 

Feb 2008 May 2008   <draft-ietf-smime-rfc3278-update-04.txt>
                Update to Use of Elliptic Curve Cryptography (ECC) Algorithms 
                in Cryptographic Message Syntax (CMS) 

Jun 2008 Jul 2008   <draft-ietf-smime-3278bis-01.txt>
                Use of Elliptic Curve Cryptography (ECC) Algorithms in 
                Cryptographic Message Syntax (CMS) 

 Request For Comments:

  RFC   Stat Published     Title
------- -- ----------- ------------------------------------
RFC2311 I    Mar 1998    S/MIME Version 2 Message Specification 

RFC2312 I    Mar 1998    S/MIME Version 2 Certificate Handling 

RFC2634 PS   Jul 1999    Enhanced Security Services for S/MIME 

RFC2633 PS   Jul 1999    S/MIME Version 3 Message Specification 

RFC2632 PS   Jul 1999    S/MIME Version 3 Certificate Handling 

RFC2631 PS   Jul 1999    Diffie-Hellman Key Agreement Method 

RFC2630 PS   Jul 1999    Cryptographic Message Syntax 

RFC2785 I    Mar 2000    Methods for Avoiding the 'Small-Subgroup' Attacks on the 
                       Diffie-Hellman Key Agreement Method for S/MIME 

RFC2876 I    Jul 2000    Use of the KEA and SKIPJACK Algorithms in CMS 

RFC2984 PS   Oct 2000    Use of the CAST-128 Encryption Algorithm in CMS 

RFC3058 I    Feb 2001    Use of the IDEA Encryption Algorithm in CMS 

RFC3125 E    Sep 2001    Electronic Signature Policies 

RFC3183 E    Oct 2001    Domain Security Services using S/MIME 

RFC3126 I    Oct 2001    Electronic Signature Formats for long term electronic 
                       signatures 

RFC3185 PS   Oct 2001    Reuse of CMS Content Encryption Keys 

RFC3217 I    Dec 2001    Triple-DES and RC2 Key Wrapping 

RFC3211 PS   Dec 2001    Password-based Encryption for SMS 

RFC3218 I    Jan 2002    Preventing the Million Message Attack on CMS 

RFC3278 I    May 2002    Use of ECC Algorithms in CMS 

RFC3274 PS   Jun 2002    Compressed Data Content Type for Cryptographic Message 
                       Syntax (CMS) 

RFC3369 PS   Sep 2002    Cryptographic Message Syntax 

RFC3370 PS   Sep 2002    Cryptographic Message Syntax (CMS) Algorithms 

RFC3394 I    Oct 2002    Advanced Encryption Standard (AES) Key Wrap Algorithm 

RFC3114 I    Jan 2003    Implementing Company Classification Policy with the 
                       S/MIME Security Label 

RFC3537 PS   Jun 2003    Wrapping a Hashed Message Authentication Code (HMAC) key 
                       with a Triple-Data Encryption Standard (DES) Key or an 
                       Advanced Encryption Standard (AES)Key 

RFC3560 PS   Jul 2003    Use of the RSAES-OAEP Key Transport Algorithm in 
                       Cryptographic Message Syntax (CMS) 

RFC3565 PS   Jul 2003    Use of the Advanced Encryption Standard (AES)Encryption 
                       Algorithm in Cryptographic Message Syntax (CMS) 

RFC3657Standard  Jan 2004    Use of the Camellia Encryption Algorithm in CMS 

RFC3851Standard  Jul 2004    S/MIME Version 3.1 Message Specification 

RFC3850Standard  Jul 2004    S/MIME Version 3.1 Certificate Handling 

RFC3852Standard  Jul 2004    Cryptographic Message Syntax (CMS) 

RFC3854Standard  Aug 2004    Securing X.400 Content with S/MIME 

RFC3855Standard  Aug 2004    Transporting S/MIME Objects in X.400 

RFC4010Standard  Feb 2005    Use of the SEED Encryption Algorithm in Cryptographic 
                       Message Syntax (CMS) 

RFC4056Standard  Jun 2005    Use of the RSASSA-PSS Signature Algorithm in 
                       Cryptographic Message Syntax (CMS) 

RFC4134 I    Jul 2005    Examples of S/MIME Messages 

RFC4262Standard  Dec 2005    X.509 Certificate Extension for Secure/Multipurpose 
                       Internet Mail Extensions (S/MIME) Capabilities 

RFC4490 PS   May 2006    Using the GOST 28147-89, GOST R 34.11-94, GOST R 
                       34.10-94 and GOST R 34.10-2001 Algorithms with the 
                       Cryptographic Message Syntax (CMS) 

RFC4853 PS   Apr 2007    Cryptographic Message Syntax (CMS) Multiple Signer 
                       Clarification 

RFC5035 PS   Aug 2007    Enhanced Security Services (ESS) Update: Adding CertID 
                       Algorithm Agility 

RFC5084 PS   Nov 2007    Using AES-CCM and AES-GCM Authenticated Encryption in 
                       the Cryptographic Message Syntax (CMS) 

RFC5083 PS   Nov 2007    Cryptographic Message Syntax (CMS) 
                       Authenticated-Enveloped-Data Content Type 

RFC5126 I    Mar 2008    CMS Advanced Electronic Signatures (CAdES) 

RFC5275 PS   Jun 2008    CMS Symmetric Key Management and Distribution