[Docs] [txt|pdf|xml|html] [Tracker] [Email] [Nits]

Versions: 00 01

Internet Engineering Task Force                      V. Moscaritolo, Ed.
Internet-Draft                         PGP, part of Symantec Corporation
Intended status: Informational                            March 11, 2011
Expires: September 12, 2011


               MIME media type literal packet in OpenPGP
                  draft-moscaritolo-openpgp-literal-00

Abstract

   This document describes an extension to the OpenPGP Message Format
   that allows a Multipurpose Internet Mail Extension (MIME) Media
   Typeto be associated with the encoded content.  By providing more
   information beyond the existing binary and text formats this
   extension and can enable the automated selection of an appropriate
   media viewer for the decoded content.

Status of this Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on September 12, 2011.

Copyright Notice

   Copyright (c) 2011 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as



Moscaritolo            Expires September 12, 2011               [Page 1]


Internet-Draft              Abbreviated Title                 March 2011


   described in the Simplified BSD License.


Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . . . 3
   2.  Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
   3.  Literal Data packet . . . . . . . . . . . . . . . . . . . . . . 3
   4.  Example of literal packet taged with a MIME media type  . . . . 4
   5.  OpenPGP Implementation Considerations.  . . . . . . . . . . . . 4
   6.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . . . 5
   7.  Contributors  . . . . . . . . . . . . . . . . . . . . . . . . . 5
   8.  IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 5
   9.  Security Considerations . . . . . . . . . . . . . . . . . . . . 5
   10. References  . . . . . . . . . . . . . . . . . . . . . . . . . . 5
     10.1.  Normative References . . . . . . . . . . . . . . . . . . . 5
     10.2.  Informative References . . . . . . . . . . . . . . . . . . 6
   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . . . 6

































Moscaritolo            Expires September 12, 2011               [Page 2]


Internet-Draft              Abbreviated Title                 March 2011


1.  Introduction

   This document describes an extension to the OpenPGP Message Format
   that allows a Multipurpose Internet Mail Extension (MIME) Media Type
   (aka Intenet Media type) to be associated with the encoded content.
   By providing more information beyond the existing binary and text
   formats this extension and can enable the automated selection of an
   appropriate media viewer for the decoded content.


2.  Terms

   o  OpenPGP - This is a term for security software that uses PGP 5.x
      as a basis, formalized in RFC 4880 [RFC4880].

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].


3.  Literal Data packet

   The OpenPGP RFC 4880 [RFC4880] currently specifies only a few formats
   for encoded content: text, binary and UTF-8.  The format itself of
   the content is specified in section 5.9 as part of the Literal Data
   packet (Tag 11).  In addition to the body of the message being
   encoded, this packet also contains a one-octet field that describes
   how the data is formatted.

   The current choices are 'b' (0x62), in which case the Literal packet
   contains binary data and 't' (0x74) which describes text data and 'u'
   (0x75) for UTF-8 Data.

   This field is followed by a file name as a string (one-octet length,
   followed by a file name).  While not detailed in the RFC, most
   implementations of PGP also add a trailing null at the end of the
   file name but use the string length to skip to the next field.

   We propose to add a new formatting type of 'm' (0x6d) to describe
   that there is a RFC 2046 [RFC2046] MIME media type associated with
   the literal data.  In the case of a 'm' format type, the MIME media
   type is appended to the end of the null terminated file name, while
   extending the file name length byte to accommodate this additional
   information.







Moscaritolo            Expires September 12, 2011               [Page 3]


Internet-Draft              Abbreviated Title                 March 2011


4.  Example of literal packet taged with a MIME media type

   The following is an example of a Literal Data packet (Tag 11) that
   specifies the MIME media type format image/jpeg for a file named
   'somedata.jpg'


 0000 6d 17 73 6f 6d 65 64 61 74 61 2e 6a 70 67 00 69 |m.somedata.jpg.i|
 0010 6d 61 67 65 2f 6a 70 65 67                      |mage/jpeg       |


5.  OpenPGP Implementation Considerations.

   OpenPGP implementations supporting the MIME literal data packet
   format SHOULD use the MIME media type string to select the
   appropriate viewer for the encoded content.  Implementations should
   consider the following possibilities:

   o  As with the existing file name field, the string length can be
      zero bytes long, indicating that there is no file name or MIME
      media type specified.

   o  There might be no null byte at the end of the file name, or no
      additional bytes specified in the file name string length,
      indicating that there is no MIME media type specified.

   o  The file string could have bytes specified but start with a null
      byte, this indicates that no file name is specified but that this
      is a MIME media type associated with the content.

   o  The MIME media type MAY have an OPTIONAL null byte termination.
      Any data that follows such a null byte should be discarded and not
      considered part of the MIME media type.

   o  While the one-octet length of the file name field does limit the
      combined length of suggested file name and MIME media type, it
      does allow for some reasonable usage.  In the case of combined
      length of suggested file name and MIME type string that exceeds
      255 bytes, priority should be given to the MIME type string, and
      truncation of the filename is suggested. if such truncation should
      occur it is suggested that the file name extension be preserved.

   In the long run, a more correct method of associated MIME media type
   with content might employ one of the experimental tags mentioned in
   RFC 4880 [RFC4880] section 13.10.






Moscaritolo            Expires September 12, 2011               [Page 4]


Internet-Draft              Abbreviated Title                 March 2011


6.  Acknowledgements

   The author would like to acknowledge the help of many individuals who
   helped in particular Derek Atkins, Jon Callas, Damon Cokenias, David
   Finkelstein, Hal Finney and Will Price.


7.  Contributors

   Damon Cokenias, Derek Atkins and Jon Callas provided important
   criticism on compliance with OpenPGP RFC 4880 [RFC4880].


8.  IANA Considerations

   This memo includes no request to IANA.


9.  Security Considerations

   o  The addition of a MIME type string increases the possibility of
      truncation of a large file name field in the Literal Packet.

   o  The addition of MIME type string after the file name string null
      termination does not add any hidden channels that didn't
      potentially exist in the OpenPGP protocol.

   o  In order to prevent modification of the MIME type, encapsulating
      the Literal Data packet using the Symmetrically Encrypted
      Integrity Protected Data Packet (Tag 18) as specified in OpenPGP
      RFC 4880 [RFC4880] is highly recommended.


10.  References

10.1.  Normative References

   [RFC2046]  Freed, N. and N. Borenstein, "Multipurpose Internet Mail
              Extensions (MIME) Part Two: Media Types", RFC 2046,
              November 1996.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

   [RFC4880]  Callas, J., Donnerhacke, L., Finney, H., Shaw, D., and R.
              Thayer, "OpenPGP Message Format", RFC 4880, November 2007.





Moscaritolo            Expires September 12, 2011               [Page 5]


Internet-Draft              Abbreviated Title                 March 2011


10.2.  Informative References

   [I-D.narten-iana-considerations-rfc2434bis]
              Narten, T. and H. Alvestrand, "Guidelines for Writing an
              IANA Considerations Section in RFCs",
              draft-narten-iana-considerations-rfc2434bis-09 (work in
              progress), March 2008.

   [RFC2629]  Rose, M., "Writing I-Ds and RFCs using XML", RFC 2629,
              June 1999.

   [RFC3552]  Rescorla, E. and B. Korver, "Guidelines for Writing RFC
              Text on Security Considerations", BCP 72, RFC 3552,
              July 2003.


Author's Address

   Vinnie Moscaritolo (editor)
   PGP, part of Symantec Corporation
   Mountain View, CA
   US

   Email: vinnie@pgp.com



























Moscaritolo            Expires September 12, 2011               [Page 6]


Html markup produced by rfcmarkup 1.129c, available from https://tools.ietf.org/tools/rfcmarkup/