draft-ietf-lamps-header-protection-04.txt   draft-ietf-lamps-header-protection-05.txt 
LAMPS Working Group D.K. Gillmor LAMPS Working Group D.K. Gillmor
Internet-Draft American Civil Liberties Union Internet-Draft American Civil Liberties Union
Intended status: Standards Track B. Hoeneisen Intended status: Standards Track B. Hoeneisen
Expires: 21 November 2021 pEp Foundation Expires: 28 November 2021 pEp Foundation
A. Melnikov A. Melnikov
Isode Ltd Isode Ltd
20 May 2021 27 May 2021
Header Protection for S/MIME Header Protection for S/MIME
draft-ietf-lamps-header-protection-04 draft-ietf-lamps-header-protection-05
Abstract Abstract
S/MIME version 3.1 has introduced a feasible standardized option to S/MIME version 3.1 has introduced a feasible standardized option to
accomplish Header Protection. However, few implementations generate accomplish Header Protection. However, few implementations generate
messages using this structure, and several legacy and non-legacy messages using this structure, and several legacy and non-legacy
implementations have revealed rendering issues at the receiving side. implementations have revealed rendering issues at the receiving side.
Clearer specifications regarding message processing, particularly Clearer specifications regarding message processing, particularly
with respect to header sections, are needed in order to resolve these with respect to header sections, are needed in order to resolve these
rendering issues. Some mail user agents are also sending and rendering issues. Some mail user agents are also sending and
skipping to change at page 1, line 46 skipping to change at page 1, line 46
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 21 November 2021. This Internet-Draft will expire on 28 November 2021.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 58, line 9 skipping to change at page 58, line 9
8QkoZTYaZxxodvRZMA0GCSqGSIb3DQEBDQUAA4IBAQBziaI2p86poGkjd/4KkkOH 8QkoZTYaZxxodvRZMA0GCSqGSIb3DQEBDQUAA4IBAQBziaI2p86poGkjd/4KkkOH
G25nY/0eNARD6/oF0/sYonX2doizcGMk53riugAocCn5zbzhW/JVdYn30UxfyrZl G25nY/0eNARD6/oF0/sYonX2doizcGMk53riugAocCn5zbzhW/JVdYn30UxfyrZl
RAzEf7GHqgB/NyjOad3pdpVYeDh4ciNKjbs+aEoTWgAkoqENt1sRxlcvb7HVX524 RAzEf7GHqgB/NyjOad3pdpVYeDh4ciNKjbs+aEoTWgAkoqENt1sRxlcvb7HVX524
bKZa1oPTUNlm6QpivtqDIdqGJdGf8L1zLfXBuo2zL3HR+M9CDr4Opq2JCkzP0Qhp bKZa1oPTUNlm6QpivtqDIdqGJdGf8L1zLfXBuo2zL3HR+M9CDr4Opq2JCkzP0Qhp
7poIccGE6I9Tsg+RrOA9iCQsPn1+Tg8YedjGzUWF07rNmT0TzPCVzUAuBlr+JJtz 7poIccGE6I9Tsg+RrOA9iCQsPn1+Tg8YedjGzUWF07rNmT0TzPCVzUAuBlr+JJtz
OKypyQ3eoZ6EPazXqMyHAVcsm0GI364IOA0b8PSrJNtjh+AqJ5QfH+0e7NSzNnEm OKypyQ3eoZ6EPazXqMyHAVcsm0GI364IOA0b8PSrJNtjh+AqJ5QfH+0e7NSzNnEm
MYICADCCAfwCAQEwbDBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBX MYICADCCAfwCAQEwbDBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBX
RzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhv RzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhv
cml0eQITN0EFee11f0Kpolw69Phqzpqp1zALBglghkgBZQMEAgGgaTAYBgkqhkiG cml0eQITN0EFee11f0Kpolw69Phqzpqp1zALBglghkgBZQMEAgGgaTAYBgkqhkiG
9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTAyMjAxNTA1MDJa 9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTAyMjAxNTA1MDJa
MC8GCSqGSIb3DQEJBDEiBCAFeROUUFydTkv9BzCYqvcfCJJbB+VZNk+SH9uvl/MN MC8GCSqGSIb3DQEJBDEiBCCcDIxr7wd3VCCz1VBG9nySvUJ/Fhzo26f78El/UUbj
fDANBgkqhkiG9w0BAQEFAASCAQA9qySzpCRsqdnJMDIP1oTsPBkHnSpqQ0/wm6/v jTANBgkqhkiG9w0BAQEFAASCAQBUmMGL40IZQmt3Nad/ymEUOLu3Dgfd/nYKuj6P
CstcO2XzeW0q1D0JHlYp1FHdz1fdJuEhpYdfGwoEPme/bItTYrXQWARZKdAMgZNg fjKYJFb9UhwtufZK9/WyVtytLsFJMYHZgUSWU3VbHk1L/cO0469Rbqo6CqlLRJPK
TRVS5iBkSRqRD+WAi9rk87rKQmdVv4kMtWHoaA4AVecyAnACYUS7B+gjQmpxhCXb uN2Eul2UCa+3ovMIQ8g0NBflXrdfR0OVRqvfO91hLFkTxLfCDUG8ziRWOLWucgZg
rmM0507xLdXOScFyXPzz2NU77yHeu2AhWbLteuSWh07jGP6gOnD4uzYcoF2kHOEh zkVXqEzvFyOtsSbr3GAY817wWgl1+PTFchO4XF+rg7cNysKqGLtjxP9lN3PcURYv
4nvEd6KZLwefp9jRxI6u1GWstrdUkOSYDr6nLFNZuUa82pRLBclGz/OvHnbY2Xv1 TmooTPY46kheab7ZAzKqQI6go7somKmMqD7UsctMLSVZo+EX5/N9vq5znv7bfpoE
1K3AEOrZvnudTWhf/1m+Rnl6pSyab6PhlfwJreF3UbQnY3CK Rgd+NZNQD+VYDIOU1FI5ZjyjHpRmcFpywjvHNbTBGlYhv3q4
--20c-- --20c--
A.2.3. S/MIME signed-only signedData over a simple message, Injected A.2.3. S/MIME signed-only signedData over a simple message, Injected
Headers Headers
This is a signed-only S/MIME message via PKCS#7 signedData. The This is a signed-only S/MIME message via PKCS#7 signedData. The
payload is a text/plain message. It uses the Injected Headers header payload is a text/plain message. It uses the Injected Headers header
protection scheme. protection scheme.
skipping to change at page 67, line 35 skipping to change at page 67, line 35
8QkoZTYaZxxodvRZMA0GCSqGSIb3DQEBDQUAA4IBAQBziaI2p86poGkjd/4KkkOH 8QkoZTYaZxxodvRZMA0GCSqGSIb3DQEBDQUAA4IBAQBziaI2p86poGkjd/4KkkOH
G25nY/0eNARD6/oF0/sYonX2doizcGMk53riugAocCn5zbzhW/JVdYn30UxfyrZl G25nY/0eNARD6/oF0/sYonX2doizcGMk53riugAocCn5zbzhW/JVdYn30UxfyrZl
RAzEf7GHqgB/NyjOad3pdpVYeDh4ciNKjbs+aEoTWgAkoqENt1sRxlcvb7HVX524 RAzEf7GHqgB/NyjOad3pdpVYeDh4ciNKjbs+aEoTWgAkoqENt1sRxlcvb7HVX524
bKZa1oPTUNlm6QpivtqDIdqGJdGf8L1zLfXBuo2zL3HR+M9CDr4Opq2JCkzP0Qhp bKZa1oPTUNlm6QpivtqDIdqGJdGf8L1zLfXBuo2zL3HR+M9CDr4Opq2JCkzP0Qhp
7poIccGE6I9Tsg+RrOA9iCQsPn1+Tg8YedjGzUWF07rNmT0TzPCVzUAuBlr+JJtz 7poIccGE6I9Tsg+RrOA9iCQsPn1+Tg8YedjGzUWF07rNmT0TzPCVzUAuBlr+JJtz
OKypyQ3eoZ6EPazXqMyHAVcsm0GI364IOA0b8PSrJNtjh+AqJ5QfH+0e7NSzNnEm OKypyQ3eoZ6EPazXqMyHAVcsm0GI364IOA0b8PSrJNtjh+AqJ5QfH+0e7NSzNnEm
MYICADCCAfwCAQEwbDBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBX MYICADCCAfwCAQEwbDBVMQ0wCwYDVQQKEwRJRVRGMREwDwYDVQQLEwhMQU1QUyBX
RzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhv RzExMC8GA1UEAxMoU2FtcGxlIExBTVBTIFJTQSBDZXJ0aWZpY2F0aW9uIEF1dGhv
cml0eQITN0EFee11f0Kpolw69Phqzpqp1zALBglghkgBZQMEAgGgaTAYBgkqhkiG cml0eQITN0EFee11f0Kpolw69Phqzpqp1zALBglghkgBZQMEAgGgaTAYBgkqhkiG
9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTAyMjAxNzA1MDJa 9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0yMTAyMjAxNzA1MDJa
MC8GCSqGSIb3DQEJBDEiBCCV9xSB/IVw/tBS3A32iIL4hLUx22Ane+7Zjas34KM6 MC8GCSqGSIb3DQEJBDEiBCAqHXFyYQoKOPnaQ8OYqY4ornV0eciFU8bWD8ky9iEo
yzANBgkqhkiG9w0BAQEFAASCAQB7m9+tvuIXlRpTmHv+V9XCZbYbMFSE9YU9DBzA CjANBgkqhkiG9w0BAQEFAASCAQAPH0Gm13RZy3gpCgSpM94kN7gG0Qz7gYXsP10Y
GYf9GYckf113NWwg75oi7MA/VHSDMhVkd1mBIN/Te+3mcnhda+KkoDIChzPJ3k7N +A4JB3xAPM1deb6TWBBbmoX8KktiMIIQQz+im/6ab96G5VlvSXpaAsHjTg8pkvMS
4baRLQi8S+a+JEQxj8/lUp2Dd0giwO9J8E7uHAzYu9MEAxKRS0Z9F8BudabXg+tr K220ePIQLYGMgbf/h/CDO6kXr4D74QPwhaRzo/DKErgwlvY+osiwrC/srFXyv6M8
8K7fQ/0WpjAs4HkSRZaX5eve9U1Qf99+oCyYvRmv+BZhTCbaic/8ZJuN0elYjbB/ 673VBGD5XXq8d8LSYQjiSpAQjyGu6Ddo4hZdRNzDQU6a6HRD6qYmaYszb9z6HMHL
IRmiN0dV4O1L4EpNacsFUYLpWqwUsMGrIJ4+b/xwqEUkmLnh41XKh1/OBp1natYs AR28J5t4YynW2Hr8/4HSZ5YMt+sXjm1nsGGqLsOdxo6VmgKSiC2nhx7QbJhqevQL
3PP7EUNBBJebAPyo1ifT3LFR4qsa5QRu20X0JhajvnlQkWs9 CJWufMVWkvIX74TyfK6W0hl1x/pw0YfHnZMimppl69rRSEsF
--932-- --932--
A.2.7. S/MIME signed-only signedData over a complex message, Injected A.2.7. S/MIME signed-only signedData over a complex message, Injected
Headers Headers
This is a signed-only S/MIME message via PKCS#7 signedData. The This is a signed-only S/MIME message via PKCS#7 signedData. The
payload is a multipart/alternative message with an inline image/png payload is a multipart/alternative message with an inline image/png
attachment. It uses the Injected Headers header protection scheme. attachment. It uses the Injected Headers header protection scheme.
skipping to change at page 166, line 14 skipping to change at page 166, line 14
While minor editorial suggestions and nit-picks can be made as merge While minor editorial suggestions and nit-picks can be made as merge
requests (https://gitlab.com/dkg/lamps-header-protection), please requests (https://gitlab.com/dkg/lamps-header-protection), please
direct all substantive discussion to the LAMPS mailing list direct all substantive discussion to the LAMPS mailing list
(https://www.ietf.org/mailman/listinfo/spasm) at "spasm@ietf.org". (https://www.ietf.org/mailman/listinfo/spasm) at "spasm@ietf.org".
Appendix E. Document Changelog Appendix E. Document Changelog
[[ RFC Editor: This section is to be removed before publication ]] [[ RFC Editor: This section is to be removed before publication ]]
* draft-ietf-lamps-header-protection-05
- fix multipart/signed wrapped test vectors
* draft-ietf-lamps-header-protection-04 * draft-ietf-lamps-header-protection-04
- add test vectors - add test vectors
- add "problems with Injected Messages" subsection - add "problems with Injected Messages" subsection
* draft-ietf-lamps-header-protection-03 * draft-ietf-lamps-header-protection-03
- dkg takes over from Bernie as primary author - dkg takes over from Bernie as primary author
 End of changes. 7 change blocks. 
18 lines changed or deleted 22 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/