The IESG has approved the following document: - 'S/MIME Version 3.1 Certificate Handling ' <draft-ietf-smime-rfc2632bis-07.txt> as a Proposed Standard This document is the product of the S/MIME Mail Security Working Group. The IESG contact persons are Russ Housley and Steve Bellovin. Technical Summary This document specifies conventions for X.509 certificate usage by S/MIME (Secure/Multipurpose Internet Mail Extensions) agents. S/MIME provides a method to send and receive secure MIME messages, and certificates are an integral part of S/MIME agent processing. S/MIME agents validate certificates as described in RFC 3280, the Internet X.509 Public Key Infrastructure Certificate and CRL Profile. S/MIME agents must meet the certificate processing requirements in this document as well as those in RFC 3280. Working Group Summary The S/MIME Working Group came to rough consensus on this document. Protocol Quality This document was reviewed by Russ Housley for the IESG. RFC Editor Note Please make the following changes in order to insert an appropriate reference to the ASN.1 specification. Also, the definitions of BER and DER are deleted since they are not used in the body of the text. Finally, the [SMIME-MSG] reference is changed to point to the most current specification, which is already in the RFC Editor queue. 1. Please add a reference to the definition of ASN.1. OLD: ASN.1: Abstract Syntax Notation One, as defined in ITU-T X.208. NEW: ASN.1: Abstract Syntax Notation One, as defined in ITU-T X.208 [X.208-88]. 2. Please delete the definition of BER and DER. OLD: BER: Basic Encoding Rules for ASN.1, as defined in ITU-T X.209. Certificate: A type that binds an entity's name to a public key with a digital signature. This type is defined in the Internet X.509 Public Key Infrastructure (PKIX) Certificate and CRL Profile [KEYM]. This type also contains the distinguished name of the certificate issuer (the signer), an issuer-specific serial number, the issuer's signature algorithm identifier, a validity period, and extensions also defined in that document. Certificate Revocation List (CRL): A type that contains information about certificates whose validity an issuer has prematurely revoked. The information consists of an issuer name, the time of issue, the next scheduled time of issue, a list of certificate serial numbers and their associated revocation times, and extensions as defined in [KEYM]. The CRL is signed by the issuer. The type intended by this specification is the one defined in [KEYM]. DER: Distinguished Encoding Rules for ASN.1, as defined in ITU-T X.690. NEW: Certificate: A type that binds an entity's name to a public key with a digital signature. This type is defined in the Internet X.509 Public Key Infrastructure (PKIX) Certificate and CRL Profile [KEYM]. This type also contains the distinguished name of the certificate issuer (the signer), an issuer-specific serial number, the issuer's signature algorithm identifier, a validity period, and extensions also defined in that document. Certificate Revocation List (CRL): A type that contains information about certificates whose validity an issuer has prematurely revoked. The information consists of an issuer name, the time of issue, the next scheduled time of issue, a list of certificate serial numbers and their associated revocation times, and extensions as defined in [KEYM]. The CRL is signed by the issuer. The type intended by this specification is the one defined in [KEYM]. 3. Please insert a normative reference to the ASN.1 specification. OLD: [SMIME-MSG] "S/MIME Version 3 Message Specification ", Internet Draft draft-ietf-smime-msg NEW: [SMIME-MSG] "S/MIME Version 3.1 Message Specification ", Internet Draft draft-ietf-smime-rfc2633bis-09 [X.208-88] ITU-T. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988. _______________________________________________ IETF-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/ietf-announce
