RFC 3183 (rfc3183) - Page 1 of 24
Domain Security Services using S/MIME
Alternative Format: Original Text Document
Network Working Group T. Dean
Request for Comments: 3183 W. Ottaway
Category: Experimental QinetiQ
October 2001
Domain Security Services using S/MIME
Status of this Memo
This memo defines an Experimental Protocol for the Internet
community. It does not specify an Internet standard of any kind.
Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (2001). All Rights Reserved.
Abstract
This document describes how the S/MIME (Secure/Multipurpose Internet
Mail Extensions) protocol can be processed and generated by a number
of components of a communication system, such as message transfer
agents, guards and gateways to deliver security services. These
services are collectively referred to as 'Domain Security Services'.
Acknowledgements
Significant comments were made by Luis Barriga, Greg Colla, Trevor
Freeman, Russ Housley, Dave Kemp, Jim Schaad and Michael Zolotarev.
1. Introduction
The S/MIME [1] series of standards define a data encapsulation format
for the provision of a number of security services including data
integrity, confidentiality, and authentication. S/MIME is designed
for use by messaging clients to deliver security services to
distributed messaging applications.
The mechanisms described in this document are designed to solve a
number of interoperability problems and technical limitations that
arise when different security domains wish to communicate securely,
for example when two domains use incompatible messaging technologies
such as the X.400 series and SMTP/MIME, or when a single domain
wishes to communicate securely with one of its members residing on an
untrusted domain. The scenarios covered by this document are
domain-to-domain, individual-to-domain and domain-to-individual
Dean & Ottaway Experimental
