RE: AS2-SMIME : has the certificate to be included inside the signature?

To: <lstoeckle@xxxxxxxxxxxxxxxx>, <ietf-ediint@xxxxxxxxxxxxxxxx>

Subject: RE: AS2-SMIME : has the certificate to be included inside the signature?

From: "Dale Moberg" <dmoberg@xxxxxxxxxxxxxxxxxxx>

Date: Thu, 5 Jun 2003 08:29:06 -0700

List-archive: <http://www.imc.org/ietf-ediint/mail-archive/>

List-id: <ietf-ediint.imc.org>

List-unsubscribe: <mailto:ietf-ediint-request@imc.org?body=unsubscribe>

Sender: owner-ietf-ediint@xxxxxxxxxxxx

Thread-index: AcMrZkBuv3kLcbQqSu24Ch0CzBjO9gADKt1A

Thread-topic: AS2-SMIME : has the certificate to be included inside the signature?

Title: Message

PKCS7/CMS always has a the issuer serial number to identify and retrieve a certificate (from a local store or whatever) so that it is not essential to include a certificate or certificate chain.

While it is normal to check or verify signer certificate validity with respect to a site's trusted roots no matter how a certificate is retrieved (so including or not including a certificate is not a security gap), two considerations point to opposite conclusions on including the certificate/certificate chain. First, saving bandwidth favors omitting the certificate and chain. Second, having the certificates in the message may for some implementations speed up some message processing operations.

An application should be able to deal with either case.

RFC 2633 is the operative RFC that is cited in AS2 and should also be consulted.

See for example section 3.7 which says:

A sending agent that signs messages MUST have a certificate for the
   signature so that a receiving agent can verify the signature. There
   are many ways of getting certificates, such as through an exchange
   with a certificate authority, through a hardware token or diskette,
   and so on.

   S/MIME v2 [SMIMEV2] specified a method for "registering" public keys
   with certificate authorities using an application/pkcs10 body part.
   The IETF's PKIX Working Group is preparing another method for
   requesting certificates; however, that work was not finished at the
   time of this memo. S/MIME v3 does not specify how to request a

   certificate, but instead mandates that every sending agent already
   has a certificate. Standardization of certificate management is being
   pursued separately in the IETF.

And between 1999, when that was published, and now, the situation remains about the same on PKI setup, alignment, and maintenance.

So, if you are an implementer, do not depend on receiving a cert chain in the message whose signature you will be checking.

As far as sending certificates, implementers might be well advised to be able to configure their software to either include or omit.

The choice of a default behavior is not specified in AS2. But the motto "Be conservative in what you send, liberal in what you can receive"

probably favors including the cert chain, and then allowing an optimization to omit for bandwidth conservation where it is not necessary.

-----Original Message-----
From: lstoeckle@xxxxxxxxxxxxxxxx [mailto:lstoeckle@xxxxxxxxxxxxxxxx]
Sent: Thursday, June 05, 2003 6:58 AM
To: ietf-ediint@xxxxxxxxxxxxxxxx
Subject: AS2-SMIME : has the certificate to be included inside the signature?

Hello,

I am new on this list - and I need your help.

AS2: when sending a signed message (the original message which can also be signed, or a signed MDN), has the signer's certificate to be included inside of the signature MIME part?

Is it mandatory or should AS2 compliant products accept both? (signed messages containing the cert, or not containing it, in which case they would try to find a certificate on the local key store etc.)

Regards,

-----------------------------------------
Ludan STOECKLE
DSI Groupe Casino - Etudes

04 77 45 48 01

lstoeckle@xxxxxxxxxxxxxxxx
-----------------------------------------