RFC 2480 (rfc2480) - Page 1 of 6
Gateways and MIME Security Multiparts
Alternative Format: Original Text Document
Network Working Group N. Freed
Request for Comments: 2480 Innosoft International, Inc.
Category: Standards Track January 1999
Gateways and MIME Security Multiparts
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
1. Abstract
This document examines the problems associated with use of MIME
security multiparts and gateways to non-MIME environments. A set of
requirements for gateway behavior are defined which provide
facilities necessary to properly accomodate the transfer of security
multiparts through gateways.
2. Requirements Notation
This document occasionally uses terms that appear in capital letters.
When the terms "MUST", "MUST NOT", "SHOULD", "SHOULD NOT", and "MAY"
appear capitalized, they are being used to indicate particular
requirements of this specification. A discussion of the meanings of
the terms "MUST", "SHOULD", and "MAY" appears in RFC 1123 [2]; the
terms "MUST NOT" and "SHOULD NOT" are logical extensions of this
usage.
3. The Problem
Security multiparts [RFC-1847] provide an effective way to add
integrity and confidentiality services to protocols that employ MIME
objects [RFC-2045, RFC-2046]. Difficulties arise, however, in
heterogeneous environments involving gateways to environments that
don't support MIME. Specifically:
(1) Security services have to be applied to MIME objects in
their entirety. Failure to do so can lead to security
exposures.
Freed Standards Track