Done | | First draft of security label usage specification. |
Done | | First draft of CMS RecipientInfo extension. |
Done | | Last call on KEA and SKIPJACK algorithm specification. |
Done | | Last call on small subgroup attack avoidance |
Done | | First draft of CAST algorithm specification. |
Done | | Last call on certificate distribution specification. |
Done | | First draft of mail list key distribution. |
Done | | Submit KEA and SKIPJACK algorithm specification as
Informational RFC. |
Done | | Submit small subgroup attack avoidance as Informational RFC |
Done | | Last call on CAST algorithm specification. |
Done | | Updated draft of domain security services document. |
Done | | Last call on security label usage specification. |
Done | | Last call on IDEA algorithm specification. |
Done | | Last call on CMS RecipientInfo extension. |
Done | | Last call on mail list key distribution. |
Done | | Submit CAST algorithm specification as Informational RFC. |
Done | | Submit security label usage specification as Informational
RFC. |
Done | | Submit IDEA algorithm specification as Informational RFC. |
Done | | Submit CMS RecipientInfo extension to IESG for
consideration as a Proposed Standard. |
Done | | Last call on domain security services document. |
Done | | Submit domain security services as Experimental RFC. |
Mar 03 | | Submit X.400 CMS wrapper specification as a Proposed
Standard |
Mar 03 | | Submit X.400 transport as a Proposed Standard |
Done | | Submit mail list key distribution as a Proposed Standard |
Done | | Last call on CMS and ESS examples document |
Done | | Submit HMAC key wrap description as Proposed Standard |
Done | | Submit RSA OAEP algorithm specification as Proposed
Standard |
Done | | Sumbit AES algorithm specification as Proposed Standard |
Apr 03 | | Sumbit update to MSG as Proposed Standard |
Apr 03 | | Sumbit update to CERT as Proposed Standard |
Done | | First draft of RSA KEM algorithm specification |
May 03 | | Submit CMS and ESS examples document as Informational RFC |
Jun 03 | | Last call on RSA PSS algorithm specification |
Jul 03 | | Last call on RSA KEM algorithm specification |
Sep 03 | | Submit RSA PSS algorithm specification as Proposed Standard |
Oct 03 | | Submit RSA KEM algorithm specification as Proposed Standard |
Oct 03 | | Final S/MIME version 3.1 interoperability matrix |
Nov 03 | | Request advancement of CMS Algorithms to Draft Standard |
Nov 03 | | Request advancement of CMS to Draft Standard |
Dec 03 | | Request advancement of ESS to Draft Standard |
Dec 03 | | Request advancement of CERT to Draft Standard |
Dec 03 | | Request advancement of MSG to Draft Standard |
revision.Minutes for S/MIME Meeting
IETF 57
July 14, 2003
Agenda: Sean Turner covered the agenda for the meeting. No changes were
made.
Working Group Status: Sean Turner covered the status of the active
documents in the working group. The documents that have changed status
since the last meeting are:
Published as RFC:
- 3395 Implementing Company Classification Policy with S/MIME Security
Label.
- 3537 Wrapping a Hashed Message Authentication Code (HMAC) key with
Triple-Data Encryption Standard (DES) Key or an Advanced Encryption
Standard (AES) Keys.
RFC Editor Queue:
- aes-alg Use of the AES Encryption Algorithm in CMS.
- cms-rsaes-oaep Use of RSAE-OAEP Key Transport Algorithm in CMS.
With IESG:
- Camellia Use of Camellia Encryption Algorithm in CMS.
CMS and ESS Examples Draft: Paul Hoffman explained that new examples have
been added to the 11 draft, all of which need to be verified. After
verification by all, a new -12 will be issued and the ADs will be asked to
issue an IETF last call.
MSGbis and CERTbis: Sean Turner presented Blake Ramsdell's
presentation. In MSGbis minor edits were included, id-dsa was changed to
id-dsa-with-sha1, and AES was made a SHOULD. MSGbis is ready for an IETF
last call. In CERTbis text is still needed for acknowlegements and a
summary of changes to the draft. There was an issue as to whether
smime-types for every know CMS type should be included in the
document. It was decided that the smime-types currently in the draft will
remain but any new ones will be placed in new drafts so as to not hold up
MSGbis.
X400WRAP and X400TRANS: Chris Bonatti explained that changes similar to
those in MSGbis were also made to X400WRAP - id-dsa was changed to
id-dsa-with-sha1, and AES was made a SHOULD. In X400TRANS, the security
considerations section was updated, as a result of IESG comments, to
indicate that no new security concerns are added other than those in CMS or
S/MIME models. It is believed that both documents are now ready for IETF
last call.
Interoperability Matrix: Jim Schaad indicated that the tests for both
SignedData and EncryptedData are complete and that only the final
write-up is required. The only remaining issues are with the Key
Derivation Algorithm - PBKDF2 and the Message Authentication Code
Algorithm - HMAC with SHA-1 neither of which were tested will result in
blocking the draft.
RSA KEM: Jim Schaad presented an overview of the RSA KEM algorithm. The
remaining issues to complete the draft are defining matching rules for
usage, SMIMECapabilities attribute values, and a single ASN.1 module.
RSA PSS: Jim Schaad presented an overview of the RSA PSS algorithm. The
requirements for the parameters H1 (digest hash algorithm
parameters) and H2 (internal hash algorithm parameters) SHOULD be the
same, and H2 and H3 (message generation function hash algorithm
parameters) are RECOMMENDED to be the same. The resolved outstanding
issues are that the key identifier and signature identifier will be the
same OID and that PSS parameter comparison MUST be done if they are
present in the certificate. It is believed that his draft is ready for WG
last call.
ESSbis: Jim Schaad presented updates to ESS which included splitting the
MLExpansionHistory attribute in to two new attributes - Receipt
Behavior and ML Loop Detection. The work required to rewrite the
processing rules is proving more difficult that originally thought. Jim
also indicated that there were outstanding issues on the list that deal
with nested cases for receipt processing and MLA attribute
propagation.
GOST Algorithm: Grigory Chudov presented the Russian national
algorithm GOST and an individual submission explaining how CMS can be used
with GOST. The WG agreed to publish the draft under the WG banner.
OpenEvidence Project and ESS: Peter Sylvester explained a usage of the
technology developed in the OpenEvidence project, an open source
projects financed by the European commission and run by a small group of
European companies. A useful application of the technology addresses the
problem to make email more reliable by using a third party security
infrastructure to provide more traceability for users, service
providers, and organizations. The tools developed were based on
existing standards, i.e., SMIME signed receipts and RFC 3029. Two of the
outputs of the project are the realization that there are few toolkits to
provide support for ESS and that the ASN.1, which is 88 based, is
problematic for new compilers. (A more detailed presentation of
OpenEvidence project has been made in the PKIX wg).
NIST S/MIME Tester: Tim Polk discussed the NIST online S/MIME tester that is
intended to test the conformance of S/MIME implementations to the NIST
S/MIME profile. More information can be found at:
http://csrc.nist.gov/pki/smime/smtest.htm.
|