[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: I-D Action:draft-ietf-smime-multisig-04.txt
This version incorporates changes to address WG LC comments, ID nits, and
fixing some ASN.1 bugs to make the module compile. We'll forward this
version along to the Security AD.
spt
>-----Original Message-----
>From: Internet-Drafts@xxxxxxxx [mailto:Internet-Drafts@xxxxxxxx]
>Sent: Tuesday, January 22, 2008 2:50 PM
>To: i-d-announce@xxxxxxxx
>Cc: ietf-smime@xxxxxxx
>Subject: I-D Action:draft-ietf-smime-multisig-04.txt
>
>A New Internet-Draft is available from the on-line
>Internet-Drafts directories.
>This draft is a work item of the S/MIME Mail Security Working
>Group of the IETF.
>
>
> Title : Multiple Signatures in S/MIME
> Author(s) : S. Turner, J. Schaad
> Filename : draft-ietf-smime-multisig-04.txt
> Pages : 20
> Date : 2008-01-22
>
>CMS SignedData includes the SignerInfo structure to convey
>per-signer information. SignedData supports multiple signers
>and multiple signature algorithms per-signer with multiple
>SignerInfo structures.
>If a signer attaches more than one SignerInfo, there are
>concerns that an attacker could perform a downgrade attack by
>removing the
>SignerInfo(s) with the 'strong' algorithm(s). This document defines
>
>
> the multiple-signatures attribute, its generation rules, and
>its processing rules to allow signers to convey multiple
>SignerInfo while protecting against downgrade attacks.
>Additionally, this attribute may assist during periods of
>algorithm migration.
>
>Conventions used in this document
>
>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
>NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
>"OPTIONAL" in this document are to be interpreted as described
>in [RFC2119].
>
>Discussion
>
>This draft is being discussed on the 'ietf-smime' mailing
>list. To subscribe, send a message to
>ietf-smime-request@xxxxxxx with the single word subscribe in
>the body of the message. There is a Web site for the mailing
>list at <http://www.imc.org/ietf-smime/>.
>
>A URL for this Internet-Draft is:
>http://www.ietf.org/internet-drafts/draft-ietf-smime-multisig-04.txt
>
>To remove yourself from the I-D Announcement list, send a
>message to i-d-announce-request@xxxxxxxx with the word
>unsubscribe in the body of the message.
>You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce
>to change your subscription settings.
>
>Internet-Drafts are also available by anonymous FTP. Login
>with the username "anonymous" and a password of your e-mail
>address. After logging in, type "cd internet-drafts" and then
> "get draft-ietf-smime-multisig-04.txt".
>
>A list of Internet-Drafts directories can be found in
>http://www.ietf.org/shadow.html or
>ftp://ftp.ietf.org/ietf/1shadow-sites.txt
>
>Internet-Drafts can also be obtained by e-mail.
>
>Send a message to:
> mailserv@xxxxxxxxx
>In the body type:
> "FILE /internet-drafts/draft-ietf-smime-multisig-04.txt".
>
>NOTE: The mail server at ietf.org can return the document in
> MIME-encoded form by using the "mpack" utility. To use this
> feature, insert the command "ENCODING mime" before the "FILE"
> command. To decode the response(s), you will need "munpack" or
> a MIME-compliant mail reader. Different MIME-compliant
>mail readers
> exhibit different behavior, especially when dealing with
> "multipart" MIME messages (i.e. documents which have been split
> up into multiple messages), so check your local documentation on
> how to manipulate these messages.
>
>Below is the data which will enable a MIME compliant mail
>reader implementation to automatically retrieve the ASCII
>version of the Internet-Draft.
>