Internet Draft                                 Author:  Blake Ramsdell,
draft-ramsdell-smime31-msg-01.txt              Tumbleweed Communications
July 14, 2000                                  
Expires January 14, 2001                       

                                   
           S/MIME Version 3.1 Message Specification Addendum

Status of this memo

This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time.  It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.


1. Introduction

In light of the expiration of the primary RSA patent, it is proposed
that the RSA algorithm replace the DSS and Diffie-Hellman as the MUST
implement algorithms in the S/MIME profile. This draft will describe
only the proposed changes to the S/MIME Version 3 Message
Specification RFC [SMIMEV3MSG], and the rest of that RFC will remain
identical.


1.1 Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [MUSTSHOULD].


1.2 Discussion of This Draft

This draft is being discussed on the "ietf-smime" mailing list.  To
subscribe, send a message to:

ietf-smime-request@imc.org

with the single word

     subscribe

in the body of the message. There is a Web site for the mailing list
at <http://www.imc.org/ietf-smime/>.


2. Changes to the S/MIME Version 3 Message Specification RFC

The following changes are proposed to [SMIMEV3MSG]:

1. Section 2.2 is replaced with the following:

     2.2 SignatureAlgorithmIdentifier
     
     Sending and receiving agents MUST support rsaEncryption,
     defined in [PKCS-1].
     
     Sending and receiving agents MAY support id-dsa defined in
     [DSS].  The algorithm parameters MUST be absent (not encoded
     as NULL).
     
     Note that S/MIME v3 clients might only implement signing or
     signature verification using DSS.  Also note that S/MIME v2
     clients are only capable of verifying digital signatures
     using the rsaEncryption algorithm.


2. Section 2.3 is replaced with the following:

     2.3 KeyEncryptionAlgorithmIdentifier
     
     Sending and receiving agents MUST support rsaEncryption,
     defined in [PKCS-1].
     
     Sending and receiving agents MAY support Diffie-Hellman
     defined in [DH].
     
     Note that S/MIME v3 clients might only implement key
     encryption and decryption using the Diffie-Hellman
     algorithm.  Also note that S/MIME v2 clients are only
     capable of decrypting content encryption keys using the
     rsaEncryption algorithm.


3. Security Considerations

The security considerations are the same as for [SMIMEV3MSG].


A. References

[DH] "Diffie-Hellman Key Agreement Method", RFC 2631

[DSS] NIST FIPS PUB 186, "Digital Signature Standard", 18 May 1994.

[MUSTSHOULD] "Key words for use in RFCs to Indicate Requirement
Levels", RFC 2119

[PKCS-1] "PKCS #1: RSA Encryption Version 1.5", RFC 2313

[SMIMEV3MSG] "S/MIME Version 3 Message Specification", RFC 2633.


B. Acknowledgements

<tbd>


C. Changes from last draft

Initial revision.


D. AuthorĘs address

Blake Ramsdell
Tumbleweed Communications
17720 NE 65th St Ste 201
Redmond, WA 98052
+1 425 376 0225
blake.ramsdell@tumbleweed.com