RFC 989 (rfc989) - Page 1 of 23
Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures
Alternative Format: Original Text Document
Network Working Group John Linn (BBNCC)
Request for Comments: 989 IAB Privacy Task Force
February 1987
Privacy Enhancement for Internet Electronic Mail:
Part I: Message Encipherment and Authentication Procedures
STATUS OF THIS MEMO
This RFC suggests a proposed protocol for the Internet community and
requests discussion and suggestions for improvements. Distribution
of this memo is unlimited.
ACKNOWLEDGMENT
This RFC is the outgrowth of a series of IAB Privacy Task Force
meetings and of internal working papers distributed for those
meetings. I would like to thank the following Privacy Task Force
members and meeting guests for their comments and contributions at
the meetings which led to the preparation of this RFC: David
Balenson, Matt Bishop, Danny Cohen, Tom Daniel, Charles Fox, Morrie
Gasser, Steve Kent (chairman), John Laws, Steve Lipner, Dan Nessett,
Mike Padlipsky, Rob Shirey, Miles Smid, Steve Walker, and Steve
Wilbur.
1 Executive Summary
This RFC defines message encipherment and authentication procedures,
as the initial phase of an effort to provide privacy enhancement
services for electronic mail transfer in the Internet. Detailed key
management mechanisms to support these procedures will be defined in
a subsequent RFC. As a goal of this initial phase, it is intended
that the procedures defined here be compatible with a wide range of
key management approaches, including both conventional (symmetric)
and public-key (asymmetric) approaches for encryption of data
encrypting keys. Use of conventional cryptography for message text
encryption and/or authentication is anticipated.
Privacy enhancement services (confidentiality, authentication, and
message integrity assurance) are offered through the use of end-to-
end cryptography between originator and recipient User Agent
processes, with no special processing requirements imposed on the
Message Transfer System at endpoints or at intermediate relay sites.
This approach allows privacy enhancement facilities to be
incorporated on a site-by-site or user-by-user basis without impact
on other Internet entities. Interoperability among heterogeneous
components and mail transport facilities is supported.
Linn, Privacy Task Force