[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: v1.5 SFL Freely Available to All!!

To: "Pawling, John" <John.Pawling@xxxxxxxx>
Subject: Re: v1.5 SFL Freely Available to All!!
From: Guang Yee <gyee@xxxxxxxxxxxxx>
Date: Thu, 23 Mar 2000 11:43:06 -0800
Cc: "'SMIME WG'" <ietf-smime@xxxxxxx>
List-archive: <http://www.imc.org/ietf-smime/mail-archive/>
List-id: <ietf-smime.imc.org>
List-unsubscribe: <mailto:ietf-smime-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-smime@xxxxxxxxxxxx

John,

Is SFL v1.5 currently available on HP? If not, when will SFL v1.5 be ported to
HP?

Thanks,

Guang

"Pawling, John" wrote:

> All,
>
> J.G. Van Dyke and Associates (VDA), a Wang Government Services Company, has
> delivered Version 1.5 of the S/MIME Freeware Library (SFL) source code and
> Application Programming Interface (API).  The SFL source code files are
> freely available to everyone from the Fortezza Developer's S/MIME Page
> <http://www.armadillo.huntsville.al.us/software/smime> (with no password
> control).  On 14 January 2000, the U.S. Department of Commerce, Bureau of
> Export Administration published a new regulation implementing an update to
> the U.S. Government's encryption export policy
> <http://www.bxa.doc.gov/Encryption/Default.htm>.  In accordance with the
> revisions to the Export Administration Regulations (EAR) of 14 Jan 2000,
> the downloading of the SFL source code is no longer password controlled.
>
> The SFL implements the IETF S/MIME v3 RFC 2630 Cryptographic Message
> Syntax (CMS) and RFC 2634 Enhanced Security Services (ESS) specifications.
> It also implements portions of the RFC 2633 Message Specification and
> RFC 2632 Certificate Handling document.  When used in conjunction with
> the Crypto++ freeware library, the SFL implements the RFC 2631
> Diffie-Hellman (D-H) Key Agreement Method specification.  It has been
> successfully tested using the MS Windows NT/95/98 and Solaris 2.7 operating
> systems.  Further enhancements, ports and testing of the SFL are still in
> process.  Further releases of the SFL will be provided as significant
> capabilities are added.
>
> The SFL has been successfully used to sign, verify, encrypt and decrypt
> CMS/ESS
> objects using: S/MIME v3 mandatory-to-implement algorithms (DSA, E-S D-H,
> 3DES)
> provided by the Crypto++ 3.1 library; RSA suite of algorithms provided by
> the
> RSA BSAFE v4.2 and Crypto++ 3.1 libraries; and Fortezza suite of algorithms
> provided by the Fortezza Crypto Card.  The SFL uses the VDA-enhanced SNACC
> v1.3
> ASN.1 Library to encode/decode objects. The v1.5 SFL release includes: SFL
> High-
> level library; Free (a.k.a. Crypto++) Crypto Token Interface Library (CTIL);
>
> BSAFE CTIL; Fortezza CTIL; SPEX/ CTIL; PKCS #11 CTIL (still being tested);
> VDA-
> enhanced GNU SNACC v1.3 rev 0.07 ASN.1 Compiler and Library; test utilities;
>
> test drivers and test data.  All CTILs were tested as Dynamically Linked
> Libraries (DLL) using MS Windows.  The Fortezza, BSAFE and Crypto++ CTILs
> were
> tested with the respective security libraries as shared objects using
> Solaris 2.7.
>
> The SFL has been successfully used to exchange signedData and envelopedData
> messages with the Microsoft (MS) Internet Explorer Outlook Express v4.01 and
>
> Netscape Communicator 4.X S/MIME v2 products.  Signed messages have been
> exchanged with the RSA S/MAIL, WorldTalk and Entrust S/MIME v2 products.
>
> The SFL has also been used to perform S/MIME v3 interoperability testing
> with
> Microsoft that exercised the majority of the features specified by RFCs
> 2630,
> 2631 and 2634.  This testing included the RSA, mandatory S/MIME V3 and
> Fortezza
> suites of algorithms.  We have also performed limited S/MIME v3 testing with
>
> Baltimore and Entrust.  We are also participating in the IETF S/MIME WG
> interoperability testing documented in the "Examples of S/MIME Messages"
> document.  We have used the SFL to successfully process all of the correct
> signedData and envelopedData messages included in the document.  We are
> continuing to set up test config files to use the SFL to test the other
> cases
> included in the document such as signed receipts.  We also plan to provide
> sample messages for inclusion in the document.
>
> The following enhancements are included in the v1.5 SFL release (compared
> with
> the v1.4 release):
>
> 1) SNACC: Fixed ASN.1 INTEGER bug in which one-byte values were improperly
> processed.
>
> 2) Fixed many memory leaks;
>
> 3) Full CounterSignature test suite (autohiAllSFLd.cfg);
>
> 4) CertificateBuilder utility generates private/public key pairs and
> certificates (there is a "README.txt" file in the root directory regarding
> this
> utility).
>
> 5) PKCS #11 CTIL project (SFL integrators need to separately obtain a PKCS
> #11
> crypto library, but this project provides a good template for PKCS #11).  We
>
> are still testing the PKCS #11 CTIL.
>
> 6) Developed new test code and configuration files to implement test cases;
> and
>
> 7) Performed regression testing to ensure that aforementioned enhancements
> did
> not break existing SFL functionality.
>
> We are still in the process of enhancing and testing the SFL.  Future
> releases
> will include: completion of PKCS #11 CTIL testing; SPEX/ CTIL
> encrypt/decrypt/ESDH capabilities; finish CertificateBuilder command line
> utility; modify PKCS #12 code in test utilities to provide interoperable key
>
> storage; add "Certificate Management Messages over CMS" ASN.1 encode/decode
> functions; add enhanced test routines; bug fixes; support for other crypto
> APIs
> (possible); and support for other operating systems.
>
> The SFL is developed to maximize portability to 32-bit operating
> systems.  In addition to testing on MS Windows and Solaris 2.7, we plan to
> port
> the SFL to the following operating systems: Linux, HP/UX 11, IBM AIX 3.2
> (possibly), SCO 5.0 (possibly) and Macintosh (possibly).
>
> The following SFL files are available from the Fortezza Developer's S/MIME
> Page:
>
> 1) SFL Documents: Fact Sheet, Software Design Description, API, CTIL API,
> Software Test Description, Implementers Guide, Overview Briefing and Public
> License.
>
> 2) snacc1_5VDA.zip: Zip file containing SNACC v1.3 rev 0.07 ASN.1 Compiler
> and
> Library source code compilable for Unix and MS Windows NT/95/98 that has
> been
> enhanced by VDA to implement the Distinguished Encoding Rules.  Project
> files
> and makefiles are included.  This file includes a sample test project
> demonstrating the use of the SNACC classes.
>
> 3) smimeR15.zip:  Zip file containing all SFL source code including:
> SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source
> code; project files.  This file also contains test driver source code,
> sample CMS/ESS test data and test X.509 Certificates.  This file also
> includes test utilities to create X.509 Certificates that each include
> a D-H, DSA or RSA public key.  SNACC release and debug libraries
> are compiled for MS Windows NT/95/98. MS Windows NT/95/98
> project files and Unix makefiles are included for the SNACC code and
> Crypto++.
>
> 4) smR15CTI.zip:  Source code for the following CTILs: Test (no crypto),
> Crypto++, BSAFE, Fortezza, SPEX/ and PKCS #11.  The Win95/98/NT projects are
>
> also included.  (NOTE: The Free (a.k.a. Crypto++) CTIL includes
> VDA-developed
> source code to use the RSA public key algorithm implemented within the
> external
> Crypto++ library.  As with all of the external crypto token libraries, the
> Crypto++ library is not distributed as part of the SFL source code.
> To use the Crypto++ library with the SFL, the application developer must
> independently obtain the Crypto++ library from the Crypto++ Web Page
> <http://www.eskimo.com/~weidai/cryptlib.html> and then compile it with
> the VDA-developed Crypto++ CTIL source code.  The RSA public key
> algorithm is covered by U.S. Patent 4,405,829 "Cryptographic Communication
> System and Method".  Within the U.S., users of the RSA public key algorithm
> provided by the external Crypto++ library must obtain a license from RSA
> granting them permission to use the RSA algorithm.)
>
> 5) csmime.mdl contains SFL Class diagrams created using Microsoft
> Visual Modeler (comes with MS Visual Studio 6.0, Enterprise Tools).
> The file can also be viewed using Rational Rose C++ Demo 4.0
> 45 day evaluation copy which can be obtained from
> <http://www.rational.com/uml/resources/practice_uml/index.jtmpl>.
> Not all classes are documented in the MDL file at this time.
>
> All source code for the SFL is being provided at no cost and with no
> financial limitations regarding its use and distribution.
> Organizations can use the SFL without paying any royalties or
> licensing fees.  VDA is developing the SFL under contract to the U.S.
> Government.  The U.S. Government is furnishing the SFL source code at no
> cost to the vendor subject to the conditions of the "SFL Public
> License" available from the VDA SFL Page and Fortezza Developer's
> S/MIME Page.
>
> The SFL is composed of a high-level library that performs generic CMS
> and ESS processing independent of the crypto algorithms used to
> protect a specific object.  The SFL high-level library makes calls to
> an algorithm-independent CTIL API.  The underlying, external crypto
> token libraries are not distributed as part of the SFL
> source code. The application developer must independently obtain these
> libraries and then link them with the SFL.  For example, the SFL uses
> the freeware Crypto++ library to obtain 3DES, D-H and DSA.  To use
> the SFL with Crypto++ the vendor must download the Crypto++ freeware
> library from the Crypto++ Web Page and then compile it with the
> VDA-developed Crypto++ CTIL source code.
>
> The Internet Mail Consortium (IMC) has established an SFL web page
> <http://www.imc.org/imc-sfl>.  The IMC has also established an SFL
> mail list which is used to: distribute information regarding SFL
> releases; discuss SFL-related issues; and provide a means for SFL
> users to provide feedback, comments, bug reports, etc.  Subscription
> information for the imc-sfl mailing list is at the IMC web site
> listed above.
>
> The SFL documents and VDA-enhanced SNACC source code are also
> available from the VDA SFL Web Page
> <http://www.jgvandyke.com/services/infosec/sfl.htm>.
>
> All comments regarding the SFL source code and documents are welcome.
> We recommend that comments should be sent to the imc-sfl mail list.
> We will respond to all messages on that list.
>
> ============================================
> John Pawling, Director - Systems Engineering
> J.G. Van Dyke & Associates, Inc;
> a Wang Government Services Company
> john.pawling@xxxxxxxx
> ============================================

begin:vcard 
n:Yee;Guang
tel;work:(650)633-6338
x-mozilla-html:FALSE
url:messaging.us.oracle.com
org:Oracle;Email Server
version:2.1
email;internet:gyee@xxxxxxxxxxxxx
title:Senior Member of Technical Staff
adr;quoted-printable:;;600 Oracle Parkway=0D=0AM/S: 6op3;Redwood Shores;CA;94065;U.S.A
fn:Guang Yee
end:vcard

References:
- v1.5 SFL Freely Available to All!!
  - From: Pawling, John

Prev by Date: draft-ietf-smime-seclabel-00.txt
Next by Date: Get Ready For Some Mail That You Like
Previous by thread: v1.5 SFL Freely Available to All!!
Next by thread: cryptographic accelerators
Index(es):
- Date
- Thread