RFC 1848 (rfc1848) - Page 1 of 48


MIME Object Security Services



Alternative Format: Original Text Document



Network Working Group                                         S. Crocker
Request For Comments: 1848                               CyberCash, Inc.
Category: Standards Track                                       N. Freed
                                            Innosoft International, Inc.
                                                               J. Galvin
                                                               S. Murphy
                                             Trusted Information Systems
                                                            October 1995


                     MIME Object Security Services

Status of this Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Abstract

   This document defines MIME Object Security Services (MOSS), a
   protocol that uses the multipart/signed and multipart/encrypted
   framework [7] to apply digital signature and encryption services to
   MIME objects.  The services are offered through the use of end-to-end
   cryptography between an originator and a recipient at the application
   layer.  Asymmetric (public key) cryptography is used in support of
   the digital signature service and encryption key management.
   Symmetric (secret key) cryptography is used in support of the
   encryption service.  The procedures are intended to be compatible
   with a wide range of public key management approaches, including both
   ad hoc and certificate-based schemes.  Mechanisms are provided to
   support many public key management approaches.

Table of Contents

   1.  Introduction .............................................    3
   2.  Applying MIME Object Security Services ...................    4
   2.1  Digital Signature Service ...............................    4
   2.1.1  Canonicalization ......................................    5
   2.1.2  Digital Signature Control Information .................    7
   2.1.2.1  Version: ............................................    8
   2.1.2.2  Originator-ID: ......................................    8
   2.1.2.3  MIC-Info: ...........................................    8
   2.1.3  application/moss-signature Content Type Definition ....    9
   2.1.4  Use of multipart/signed Content Type ..................   10
   2.2  Encryption Service ......................................   11



Crocker, et al              Standards Track