On Thu, Feb 10, 2000 at 02:44:31PM -0500, Adam Sherman wrote:
On Thu, Feb 10, 2000 at 06:57:32AM -0800, Claus Assmann wrote:
On Thu, Feb 10, 2000, Thomas Roessler wrote:
On 2000-02-09 18:15:03 -0500, Adam Sherman wrote:
Would it be possible to use Mutt with S/MIME cryptography?
It wouldn't be difficult to add support for this to mutt, once you
have a command-line based tool with the cryptographic functionality.
openssl has this for some time now, but it's just in the snapshots,
not yet released. I tried to verify some signatures and it works
fine.
This sounds good, I will try to build a list of commands and I'll send
to the list.
I found the attached document in the docs/apps directory of the
latest OpenSSL SNAPSHOT. It describes the command syntaxe of the smime
openssl command. Also attached is the appropriate rfc (2632).
I'm not a C programmer, and I don't know where to start with regards
to implementing this. Any pointers?
Thanks,
A.
--
Adam Sherman
[EMAIL PROTECTED]
+1 (613) 223-5746
Network Working Group B. Ramsdell, Editor
Request for Comments: 2632Worldtalk
Category: Standards Track June 1999
S/MIME Version 3 Certificate Handling
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
1. Overview
S/MIME (Secure/Multipurpose Internet Mail Extensions), described in
[SMIME-MSG], provides a method to send and receive secure MIME
messages. Before using a public key to provide security services, the
S/MIME agent MUST certify that the public key is valid. S/MIME agents
MUST use PKIX certificates to validate public keys as described in
the Internet X.509 Public Key Infrastructure (PKIX) Certificate and
CRL Profile [KEYM]. S/MIME agents MUST meet the certificate
processing requirements documented in this document in addition to
those stated in [KEYM].
This specification is compatible with the Cryptographic Message
Syntax [CMS] in that it uses the data types defined by CMS. It also
inherits all the varieties of architectures for certificate-based key
management supported by CMS.
1.1 Definitions
For the purposes of this memo, the following definitions apply.
ASN.1: Abstract Syntax Notation One, as defined in ITU-T X.680-689.
Attribute Certificate (AC): An X.509 AC is a separate structure from
a subject's public key X.509 Certificate. A subject may have
multiple X.509 ACs associated with each of its public key X.509
Certificates. Each X.509 AC binds one or more Attributes with one of
the subject's public key X.509 Certificates. The X.509 AC syntax is
defined in [X.509]
RamsdellStandards Track [Page 1]
�
RFC 2632 S/MIME Version 3 Certificate Handling June 1999
BER: Basic Encoding Rules for ASN.1, as defined in ITU-T X.690.
Certificate: A type that binds an entity's distinguished name to a
public key with a digital signature. This type is defined in the
Internet X.509 Public Key Infrastructure (PKIX) Certificate and CRL
Profile [KEYM]. This type also contains the distinguished name of the
certificate issuer (the signer), an issuer-specific serial number,
the issuer's signature algorithm identifier, a validity period, and
extensions also defined in that document.
Certificate Revocation List (CRL): A type that contains information
about certificates whose validity an issuer has prematurely revoked.
The information consists of an issuer name, the time of issue, the
next scheduled time of issue, a list of certificate serial numbers
and their associated revocation times, and extensions as defined in
[KEYM]. The CRL is signed by the issuer. The type intended by this
specification is the one defined in [KEYM].
DER: Distinguished Encoding Rules for ASN.1, as defined in ITU-T
X.690.
Receiving agent: software that interprets and processes S/MIME CMS
objects, MIME body parts that contain CMS objects, or both.
Sending agent: software that creates S/MIME CMS objects, MIME body
parts that contain CMS objects, or both.
S/MIME agent: user software that is a receiving agent, a sending
agent, or both.
1.2 Compatibility with Prior Practice of S/MIME
S/MIME version 3 agents should attempt to have the greatest
interoperability possible with S/MIME version 2 agents. S/MIME
version 2 is described in RFC 2311 through RFC 2315, inclusive. RFC
2311
