RFC 1421 (rfc1421) - Page 3 of 42
Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures
Alternative Format: Original Text Document
RFC 1421 Privacy Enhancement for Electronic Mail February 1993
3. Services, Constraints, and Implications
This RFC defines mechanisms to enhance privacy for electronic mail
transferred in the Internet. The facilities discussed in this RFC
provide privacy enhancement services on an end-to-end basis between
originator and recipient processes residing at the UA level or above.
No privacy enhancements are offered for message fields which are
added or transformed by intermediate relay points between PEM
processing components.
If an originator elects to perform PEM processing on an outbound
message, all PEM-provided security services are applied to the PEM
message's body in its entirety; selective application to portions of
a PEM message is not supported. Authentication, integrity, and (when
asymmetric key management is employed) non-repudiation of origin
services are applied to all PEM messages; confidentiality services
are optionally selectable.
In keeping with the Internet's heterogeneous constituencies and usage
modes, the measures defined here are applicable to a broad range of
Internet hosts and usage paradigms. In particular, it is worth
noting the following attributes:
1. The mechanisms defined in this RFC are not restricted to a
particular host or operating system, but rather allow
interoperability among a broad range of systems. All
privacy enhancements are implemented at the application
layer, and are not dependent on any privacy features at
lower protocol layers.
2. The defined mechanisms are compatible with non-enhanced
Internet components. Privacy enhancements are implemented
in an end-to-end fashion which does not impact mail
processing by intermediate relay hosts which do not
incorporate privacy enhancement facilities. It is
necessary, however, for a message's originator to be
cognizant of whether a message's intended recipient
implements privacy enhancements, in order that encoding and
possible encryption will not be performed on a message whose
destination is not equipped to perform corresponding inverse
transformations. (Section 4.6.1.1.3 of this RFC describes a
PEM message type ("MIC-CLEAR") which represents a signed,
unencrypted PEM message in a form readable without PEM
processing capabilities yet validatable by PEM-equipped
recipients.)
3. The defined mechanisms are compatible with a range of mail
transport facilities (MTAs). Within the Internet,
Linn