RFC 1422 (rfc1422) - Page 1 of 32

Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management

Alternative Format: Original Text Document

Network Working Group                                            S. Kent
Request for Comments: 1422                                           BBN
Obsoletes: 1114                                  IAB IRTF PSRG, IETF PEM
                                                           February 1993


           Privacy Enhancement for Internet Electronic Mail:
               Part II: Certificate-Based Key Management

Status of this Memo

   This RFC specifies an IAB standards track protocol for the Internet
   community, and requests discussion and suggestions for improvements.
   Please refer to the current edition of the "IAB Official Protocol
   Standards" for the standardization state and status of this protocol.
   Distribution of this memo is unlimited.

Acknowledgements

   This memo is the outgrowth of a series of meetings of the Privacy and
   Security Research Group of the Internet Research Task Force (IRTF)
   and the Privacy-Enhanced Electronic Mail Working Group of the
   Internet Engineering Task Force (IETF).  I would like to thank the
   members of the PSRG and the PEM WG for their comments and
   contributions at the meetings which led to the preparation of this
   document.  I also would like to thank contributors to the PEM-DEV
   mailing list who have provided valuable input which is reflected in
   this memo.

1.  Executive Summary

   This is one of a series of documents defining privacy enhancement
   mechanisms for electronic mail transferred using Internet mail
   protocols.  RFC 1421 [6] prescribes protocol extensions and
   processing procedures for RFC-822 mail messages, given that suitable
   cryptographic keys are held by originators and recipients as a
   necessary precondition.  RFC 1423 [7] specifies algorithms, modes and
   associated identifiers for use in processing privacy-enhanced
   messages, as called for in RFC 1421 and this document.  This document
   defines a supporting key management architecture and infrastructure,
   based on public-key certificate techniques, to provide keying
   information to message originators and recipients.  RFC 1424 [8]
   provides additional specifications for services in conjunction with
   the key management infrastructure described herein.

   The key management architecture described in this document is
   compatible with the authentication framework described in CCITT 1988
   X.509 [2].  This document goes beyond X.509 by establishing



Kent

Web Standards & Support: