RFC 1848 (rfc1848) - Page 1 of 48
MIME Object Security Services
Alternative Format: Original Text Document
Network Working Group S. Crocker
Request For Comments: 1848 CyberCash, Inc.
Category: Standards Track N. Freed
Innosoft International, Inc.
J. Galvin
S. Murphy
Trusted Information Systems
October 1995
MIME Object Security Services
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Abstract
This document defines MIME Object Security Services (MOSS), a
protocol that uses the multipart/signed and multipart/encrypted
framework [7] to apply digital signature and encryption services to
MIME objects. The services are offered through the use of end-to-end
cryptography between an originator and a recipient at the application
layer. Asymmetric (public key) cryptography is used in support of
the digital signature service and encryption key management.
Symmetric (secret key) cryptography is used in support of the
encryption service. The procedures are intended to be compatible
with a wide range of public key management approaches, including both
ad hoc and certificate-based schemes. Mechanisms are provided to
support many public key management approaches.
Table of Contents
1. Introduction ............................................. 3
2. Applying MIME Object Security Services ................... 4
2.1 Digital Signature Service ............................... 4
2.1.1 Canonicalization ...................................... 5
2.1.2 Digital Signature Control Information ................. 7
2.1.2.1 Version: ............................................ 8
2.1.2.2 Originator-ID: ...................................... 8
2.1.2.3 MIC-Info: ........................................... 8
2.1.3 application/moss-signature Content Type Definition .... 9
2.1.4 Use of multipart/signed Content Type .................. 10
2.2 Encryption Service ...................................... 11
Crocker, et al Standards Track