From owner-imc-sfl Tue Mar 24 18:54:34 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id SAA10222 for imc-sfl-bks; Tue, 24 Mar 1998 18:54:34 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id SAA10218 for ; Tue, 24 Mar 1998 18:54:33 -0800 (PST) Message-Id: <199803250254.SAA10218@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Tue, 24 Mar 1998 18:53:56 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Starting the imc-sfl mailing list Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk Greetings. As you know, this mailing list is for discussing the S/MIME Freeware Library from Van Dyke and Associates. If you're on this list, you've probably downloaded the Word files from . So, feel free to make comments. The list is open to any kind of discussion of the library. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Wed Mar 25 08:59:13 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id IAA29800 for imc-sfl-bks; Wed, 25 Mar 1998 08:59:13 -0800 (PST) Received: from netscape.com (h-205-217-237-47.netscape.com [205.217.237.47]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id IAA29796 for ; Wed, 25 Mar 1998 08:59:12 -0800 (PST) Received: from judge.mcom.com (judge.mcom.com [205.217.237.53]) by netscape.com (8.8.5/8.8.5) with ESMTP id IAA01949 for ; Wed, 25 Mar 1998 08:58:47 -0800 (PST) Received: from netscape.com ([205.217.232.77]) by judge.mcom.com (Netscape Messaging Server 3.5) with ESMTP id AAA32C2 for ; Wed, 25 Mar 1998 08:58:44 -0800 Message-ID: <351937C5.FCE10478@netscape.com> Date: Wed, 25 Mar 1998 11:58:45 -0500 From: hecker@netscape.com (Frank Hecker) Organization: Netscape Communications Corp. X-Mailer: Mozilla 4.04 [en] (Win95; U) MIME-Version: 1.0 To: imc-sfl@imc.org Subject: Format of published SFL documents Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk An initial request to the folks at JG Van Dyke and Associates and others: When you publish SFL documents for public comment, could you please publish them in HTML (or plain text) instead of or in addition to formats such as MS Word? The documents currently referenced appear to all be in Word97 format, and this imposes an extra burden on people who either don't have Word or have an earlier version. If for some reason the documents cannot be converted to HTML or would appear illegible in that format, it would be nice if they could at least be published in an earlier Word format (if Word97 can do this -- I'm not that familar with it). Thanks, Frank -- Frank Hecker Pre-sales support, Netscape government sales hecker@netscape.com http://people.netscape.com/hecker/ From owner-imc-sfl Thu Mar 26 13:41:54 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA26407 for imc-sfl-bks; Thu, 26 Mar 1998 13:41:54 -0800 (PST) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA26403 for ; Thu, 26 Mar 1998 13:41:53 -0800 (PST) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.0) id NAA23677; Thu, 26 Mar 1998 13:41:10 -0800 (PST) Received: from verisign.com by mentat.verisign.com (8.8.5/BCH1.0) id NAA04074; Thu, 26 Mar 1998 13:41:27 -0800 (PST) Message-ID: <351ACBDB.D1358E54@verisign.com> Date: Thu, 26 Mar 1998 13:42:51 -0800 From: Xinhong Yuan X-Mailer: Mozilla 4.04 [en] (WinNT; I) MIME-Version: 1.0 To: imc-sfl@imc.org Subject: question about using SFL Content-Type: multipart/mixed; boundary="------------2736FF50B4030161B0420831" Sender: owner-imc-sfl@imc.org Precedence: bulk This is a multi-part message in MIME format. --------------2736FF50B4030161B0420831 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, I am a new comer to this mailing list. my question is that if I use SFL only and I don't care about the lower level like cti or bsafe, do I still have to get those libraries besides sfl? --------------2736FF50B4030161B0420831 Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Xinhong Yuan Content-Disposition: attachment; filename="vcard.vcf" begin: vcard fn: Xinhong Yuan n: Yuan;Xinhong org: VeriSign Inc. adr: 1390 Shorebird Way;;;Mountain View;CA;94043;US email;internet: xyuan@verisign.com tel;work: 650-429-3308 tel;fax: 650-961-7300 tel;home: 408-730-2123 x-mozilla-cpt: ;0 x-mozilla-html: FALSE version: 2.1 end: vcard --------------2736FF50B4030161B0420831-- From owner-imc-sfl Thu Mar 26 14:49:30 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id OAA26875 for imc-sfl-bks; Thu, 26 Mar 1998 14:49:30 -0800 (PST) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id OAA26871 for ; Thu, 26 Mar 1998 14:49:29 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id WAA19144; Thu, 26 Mar 1998 22:49:25 GMT Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05096; Thu, 26 Mar 1998 17:50:37 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id RAA19646; Thu, 26 Mar 1998 17:50:36 -0500 Date: Thu, 26 Mar 1998 17:50:36 -0500 Message-Id: <199803262250.RAA19646@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: hecker@netscape.com (Frank Hecker), imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: Format of published SFL documents Sender: owner-imc-sfl@imc.org Precedence: bulk Frank, You make an excellent point. The SFL documents are currently available in Word 97. They contain diagrams created using Word 97 which did not survive a simple export of the documents from Word 97 as html files. How about if we create RTF versions?? This preserves the diagrams. Please let me know if RTF meets your requirements. ALL: If RTF is not satisfactory to anybody else, please let me know. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ At 11:58 AM 3/25/98 -0500, Frank Hecker wrote: >An initial request to the folks at JG Van Dyke and Associates and >others: When you publish SFL documents for public comment, could you >please publish them in HTML (or plain text) instead of or in addition to >formats such as MS Word? The documents currently referenced appear to >all be in Word97 format, and this imposes an extra burden on people who >either don't have Word or have an earlier version. > >If for some reason the documents cannot be converted to HTML or would >appear illegible in that format, it would be nice if they could at least >be published in an earlier Word format (if Word97 can do this -- I'm not >that familar with it). > >Thanks, > >Frank >-- >Frank Hecker Pre-sales support, Netscape government sales >hecker@netscape.com http://people.netscape.com/hecker/ > From owner-imc-sfl Thu Mar 26 15:41:40 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA27349 for imc-sfl-bks; Thu, 26 Mar 1998 15:41:40 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA27345 for ; Thu, 26 Mar 1998 15:41:37 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id XAA21354; Thu, 26 Mar 1998 23:41:48 GMT Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05349; Thu, 26 Mar 1998 18:43:03 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id SAA20773; Thu, 26 Mar 1998 18:43:04 -0500 Date: Thu, 26 Mar 1998 18:43:04 -0500 Message-Id: <199803262343.SAA20773@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Xinhong Yuan , imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: question about using SFL Sender: owner-imc-sfl@imc.org Precedence: bulk Xinhong, The SFL high-level library is not very useful without one or more accompanying low-level crypto token libraries. If you were to create a "stubbed out" SFL Crypto Token Interface Library (CTIL) that does not actually perform any crypto functions, then you could use the SFL high-level library in conjunction with the stubbed-out CTIL to build and process ASN.1 encoded CMS objects which include bogus signature values and which are not actually encrypted. This might be useful for laboratory test purposes, but obviously it doesn't provide useful security services. We are initially developing a SFL CTIL for the freeware Crypto++ library to provide 3DES, D-H and DSA. The vendor would need to download the Crypto++ freeware library from the Crypto++ Home Page (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the SFL source code that is obtained from us. This combination would provide useful security services. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ At 01:42 PM 3/26/98 -0800, Xinhong Yuan wrote: >Hi, >I am a new comer to this mailing list. my question is that if I use SFL >only and I don't care about the lower level like cti or bsafe, do I >still have to get those libraries besides sfl? > > > >Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" >Content-Transfer-Encoding: 7bit >Content-Description: Card for Xinhong Yuan >Content-Disposition: attachment; filename="vcard.vcf" > >Attachment Converted: C:\PCE\ATTACH\vcard.vcf > From owner-imc-sfl Thu Mar 26 15:51:05 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id PAA27488 for imc-sfl-bks; Thu, 26 Mar 1998 15:51:05 -0800 (PST) Received: from netscape.com (h-205-217-237-46.netscape.com [205.217.237.46]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id PAA27484 for ; Thu, 26 Mar 1998 15:51:04 -0800 (PST) Received: from judge.mcom.com (judge.mcom.com [205.217.237.53]) by netscape.com (8.8.5/8.8.5) with ESMTP id PAA19860 for ; Thu, 26 Mar 1998 15:50:42 -0800 (PST) Received: from netscape.com ([205.217.232.77]) by judge.mcom.com (Netscape Messaging Server 3.52) with ESMTP id AAA2EC0; Thu, 26 Mar 1998 15:50:41 -0800 Message-ID: <351AE9D0.12138C8B@netscape.com> Date: Thu, 26 Mar 1998 18:50:40 -0500 From: hecker@netscape.com (Frank Hecker) Organization: Netscape Communications Corp. X-Mailer: Mozilla 4.04 [en] (Win95; U) MIME-Version: 1.0 To: John Pawling CC: imc-sfl@imc.org Subject: Re: Format of published SFL documents References: <199803262250.RAA19646@ajsn101.jgvandyke.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk John Pawling wrote: > The SFL documents are currently available in Word 97. They contain > diagrams created using Word 97 which did not survive a simple export > of the documents from Word 97 as html files. How about if we create > RTF versions?? This preserves the diagrams. Please let me know > if RTF meets your requirements. It would meet my requirements; I can't speak for others. Frank -- Frank Hecker Pre-sales support, Netscape government sales hecker@netscape.com http://people.netscape.com/hecker/ From owner-imc-sfl Thu Mar 26 18:19:04 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id SAA29764 for imc-sfl-bks; Thu, 26 Mar 1998 18:19:04 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id SAA29759; Thu, 26 Mar 1998 18:19:00 -0800 (PST) Message-Id: <199803270219.SAA29759@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Thu, 26 Mar 1998 18:09:47 -0800 To: hecker@netscape.com (Frank Hecker), John Pawling From: Paul Hoffman / IMC Subject: Re: Format of published SFL documents Cc: imc-sfl@imc.org In-Reply-To: <351AE9D0.12138C8B@netscape.com> References: <199803262250.RAA19646@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk >It would meet my requirements; I can't speak for others. John: you can covert Word97 to HTML, and convert the art to JPEG or GIF by saving it into an art program like PaintShop. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri Mar 27 10:37:58 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id KAA22109 for imc-sfl-bks; Fri, 27 Mar 1998 10:37:58 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id KAA22105 for ; Fri, 27 Mar 1998 10:37:57 -0800 (PST) Message-Id: <199803271837.KAA22105@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Fri, 27 Mar 1998 10:38:04 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Windows 95 port Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk What will someone need to use the library with Win95? Which compilers and other toolkits? --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri Mar 27 11:05:29 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA22302 for imc-sfl-bks; Fri, 27 Mar 1998 11:05:29 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA22296 for ; Fri, 27 Mar 1998 11:05:00 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id OAA13826 for ; Fri, 27 Mar 1998 14:05:15 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA09078; Fri, 27 Mar 1998 14:06:31 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA03049; Fri, 27 Mar 1998 14:06:30 -0500 Date: Fri, 27 Mar 1998 14:06:30 -0500 Message-Id: <199803271906.OAA03049@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: Format of published SFL documents Sender: owner-imc-sfl@imc.org Precedence: bulk All, We plan to provide Word 97, PDF and text-only versions of the SFL documents in conjunction with the first release of the SFL software. We will send a message to the imc-sfl mail list announcing the availability of the SFL software. It may actually be Wed before it is available. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ >At 11:58 AM 3/25/98 -0500, Frank Hecker wrote: >>An initial request to the folks at JG Van Dyke and Associates and >>others: When you publish SFL documents for public comment, could you >>please publish them in HTML (or plain text) instead of or in addition to >>formats such as MS Word? The documents currently referenced appear to >>all be in Word97 format, and this imposes an extra burden on people who >>either don't have Word or have an earlier version. >> >>If for some reason the documents cannot be converted to HTML or would >>appear illegible in that format, it would be nice if they could at least >>be published in an earlier Word format (if Word97 can do this -- I'm not >>that familar with it). >> >>Thanks, >> >>Frank >>-- >>Frank Hecker Pre-sales support, Netscape government sales >>hecker@netscape.com http://people.netscape.com/hecker/ >> > > From owner-imc-sfl Fri Mar 27 11:21:37 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA22414 for imc-sfl-bks; Fri, 27 Mar 1998 11:21:37 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA22409 for ; Fri, 27 Mar 1998 11:21:26 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id OAA27848 for ; Fri, 27 Mar 1998 14:21:36 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA09162; Fri, 27 Mar 1998 14:22:51 -0500 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA03266; Fri, 27 Mar 1998 14:22:51 -0500 Date: Fri, 27 Mar 1998 14:22:51 -0500 Message-Id: <199803271922.OAA03266@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: Re: Windows 95 port Sender: owner-imc-sfl@imc.org Precedence: bulk All, Dave Harris, VDA, is one of the lead developers on the SFL project. Dave writes: >John, > I think the answer to this question depends partly on what the user >wants to do. If the user intends to use the source we provide with the >Crypto++ CTI, then that user would need Microsoft Visual C++ v5.0. The user >would use MSVC50 to build the Free CTI Library, the Crypto++ 2.3 library, >and the SFL. > In theory, the user could use another compiler (Borland, for example) to >build the library, however, we have not tried this. Also, because static >libraries are not the same between different compilers, a Borland user would >need to rebuild the SNACC library as well. > While we haven't packaged the snacc compiler for Windows, in theory a >user could use the snacc 1.3 baseline and our patches to generate the >compiler so they could compile asn files on Windows. This would require >flex and bison as snacc requires them. Again, I should emphasize that we >currently do our asn compiling on the sun. > So, to do what we've done (excluding ASN compiling), all you need is >MSVC50. >dave ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ At 10:38 AM 3/27/98 -0800, Paul Hoffman / IMC wrote: >What will someone need to use the library with Win95? Which compilers and >other toolkits? > >--Paul Hoffman, Director >--Internet Mail Consortium > From owner-imc-sfl Fri Mar 27 11:26:50 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA22456 for imc-sfl-bks; Fri, 27 Mar 1998 11:26:50 -0800 (PST) Received: from shell.wco.com (jefft@shell.wco.com [199.4.94.16]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA22452 for ; Fri, 27 Mar 1998 11:26:49 -0800 (PST) Received: (from jefft@localhost) by shell.wco.com (8.8.5/8.8.5/WCO-18jul97) id LAA02230; Fri, 27 Mar 1998 11:26:47 -0800 (PST) Date: Fri, 27 Mar 1998 11:26:47 -0800 (PST) Message-Id: <199803271926.LAA02230@shell.wco.com> From: Jeff Thompson To: jsp@jgvandyke.com CC: imc-sfl@imc.org In-reply-to: <199803271906.OAA03049@ajsn101.jgvandyke.com> (jsp@jgvandyke.com) Subject: Re: Format of published SFL documents Reply-to: Jeff Thompson References: <199803271906.OAA03049@ajsn101.jgvandyke.com> Sender: owner-imc-sfl@imc.org Precedence: bulk > We plan to provide Word 97, PDF and text-only versions of the SFL documents Remeber that PC users can also download the free Word 97 Viewer at http://www.microsoft.com/word/internet/viewer/viewer97/ From owner-imc-sfl Fri Mar 27 14:16:41 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id OAA23774 for imc-sfl-bks; Fri, 27 Mar 1998 14:16:41 -0800 (PST) Received: from om.proper.com (om.proper.com [165.227.249.115]) by mail.proper.com (8.8.8/8.7.3) with SMTP id OAA23770 for ; Fri, 27 Mar 1998 14:16:39 -0800 (PST) Message-Id: <199803272216.OAA23770@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.319 (Beta) Date: Fri, 27 Mar 1998 14:16:48 -0800 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Re: Windows 95 port In-Reply-To: <199803271922.OAA03266@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk >> I think the answer to this question depends partly on what the user >>wants to do. If the user intends to use the source we provide with the >>Crypto++ CTI, then that user would need Microsoft Visual C++ v5.0. The user >>would use MSVC50 to build the Free CTI Library, the Crypto++ 2.3 library, >>and the SFL. Here's the $375 question: can I use the Microsoft Visual C++ "Learning Edition" ($100) to do this, or do I need the "Professional Edition" ($475)? --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri Mar 27 14:32:32 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id OAA23843 for imc-sfl-bks; Fri, 27 Mar 1998 14:32:32 -0800 (PST) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id OAA23839 for ; Fri, 27 Mar 1998 14:32:29 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id RAA27058 for ; Fri, 27 Mar 1998 17:32:25 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA10121; Fri, 27 Mar 1998 17:33:42 -0500 Received: from hobbes by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id RAA06438; Fri, 27 Mar 1998 17:33:41 -0500 Message-Id: <00b201bd59cf$f2799ac0$2d02bd9e@hobbes.jgvandyke.com> From: "David M Harris" To: Subject: Re: Windows 95 port Date: Fri, 27 Mar 1998 17:30:27 -0500 Mime-Version: 1.0 Content-Type: multipart/signed; boundary="----=_NextPart_000_00AD_01BD59A6.08A95440"; protocol="application/x-pkcs7-signature"; micalg=SHA-1 X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-imc-sfl@imc.org Precedence: bulk This is a multi-part message in MIME format. ------=_NextPart_000_00AD_01BD59A6.08A95440 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit While we don't have a copy of Microsoft Visual C++ 5.0, Learning Edition, Microsoft says that the following features are not included in the Learning Edition at: http://www.microsoft.com/visualc/prodinfo/comparison/whnewln.htm * Static MFC Linkage * Code Optimization * Profiling * The RemoteData control and other data-bound controls We are not using MFC, optimization and profiling would be up to the user, and we do not use data-bound controls, therefore, the "Learning Edition" MSVC owner should be able to do what we do. dave harris -----Original Message----- From: Paul Hoffman / IMC To: imc-sfl@imc.org Date: Friday, March 27, 1998 5:18 PM Subject: Re: Windows 95 port >>> I think the answer to this question depends partly on what the user >>>wants to do. If the user intends to use the source we provide with the >>>Crypto++ CTI, then that user would need Microsoft Visual C++ v5.0. The user >>>would use MSVC50 to build the Free CTI Library, the Crypto++ 2.3 library, >>>and the SFL. > >Here's the $375 question: can I use the Microsoft Visual C++ "Learning >Edition" ($100) to do this, or do I need the "Professional Edition" ($475)? > > >--Paul Hoffman, Director >--Internet Mail Consortium ------=_NextPart_000_00AD_01BD59A6.08A95440 Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJDjCCAnww ggHloAMCAQICAghuMA0GCSqGSIb3DQEBBAUAMIG+MQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2Vz dGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0ZSBDb25zdWx0aW5n MSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMT4wPAYDVQQDEzVUaGF3 dGUgUGVyc29uYWwgRnJlZW1haWwgSXNzdWluZyBLZXkgMTk5Ny4wNi4yNCAwODoyNzAeFw05NzEw MTQxNzM1NDFaFw05ODEwMTQxNzM1NDFaMEcxHzAdBgNVBAMTFlRoYXd0ZSBGcmVlbWFpbCBNZW1i ZXIxJDAiBgkqhkiG9w0BCQEWFWRoYXJyaXNAamd2YW5keWtlLmNvbTBcMA0GCSqGSIb3DQEBAQUA A0sAMEgCQQCv8CdTXhFR3TGf4bbw6Wrax2iJfuUrqMRsy8MEVyJ1ufDcg/zhV4NIaTEylz3rjTMA wsavj1E9h7arHYH+jseZAgMBAAGjQzBBMA4GA1UdDwEB/wQEAwIFoDAhBgNVHSMEGjAYoBYEFMJx 0BEApfHbaQwXvIp8kgkAuLVZMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEEBQADgYEACLqliKOt ow0gGcg4f9AfAIojEZO2RsRg6zXass2CxC2869r9ZrgQOmJfosde3YCxHwQdEWyg0aaqod7KpKNX CdF+vpAsilat/oHec4u3oSpP88W96q+J8xc5pMmAqCfV3ZfgHWhiTNywgWzHIzXnxn337vALtJ94 rUHFRa+pJRYwggMtMIIClqADAgECAgEAMA0GCSqGSIb3DQEBBAUAMIHRMQswCQYDVQQGEwJaQTEV MBMGA1UECBMMV2VzdGVybiBDYXBlMRIwEAYDVQQHEwlDYXBlIFRvd24xGjAYBgNVBAoTEVRoYXd0 ZSBDb25zdWx0aW5nMSgwJgYDVQQLEx9DZXJ0aWZpY2F0aW9uIFNlcnZpY2VzIERpdmlzaW9uMSQw IgYDVQQDExtUaGF3dGUgUGVyc29uYWwgRnJlZW1haWwgQ0ExKzApBgkqhkiG9w0BCQEWHHBlcnNv bmFsLWZyZWVtYWlsQHRoYXd0ZS5jb20wHhcNOTYwMTAxMDAwMDAwWhcNMjAxMjMxMjM1OTU5WjCB 0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBUb3du MRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBTZXJ2 aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSswKQYJ KoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQDUadfUsJRkW3HpR9gMUbbqcpGwhF59LQ2PexLfhSV1KHQ6QixjJ5+Ve0vvfhmH HYbqo925zpZkGsIUbkSsfOaP6E0PcR9AOKYAo4d49vmUhl6t6sBeduvZFKNdbnp8DKVLVX8GGSl/ npom1Wq7OCQIapjHsdqjmJH9edvlWsQcuQIDAQABoxMwETAPBgNVHRMBAf8EBTADAQH/MA0GCSqG SIb3DQEBBAUAA4GBAMfskn5O+PWWpWdiKqTwTRFg0G+NYFhhrCa7UjVcCM8w+6hKloofYkIjjBcP 9LpknBesRynfnZhe0mxgcVyirNx54+duAEcftQ0o6AKd5Jr9E/Sm2Xyx+NxfIyYJkYBz0BQb3kOp gyXy5pwvFcr+pquKB3WLDN1RhGvk+NHOd6KBMIIDWTCCAsKgAwIBAgIBBTANBgkqhkiG9w0BAQQF ADCB0TELMAkGA1UEBhMCWkExFTATBgNVBAgTDFdlc3Rlcm4gQ2FwZTESMBAGA1UEBxMJQ2FwZSBU b3duMRowGAYDVQQKExFUaGF3dGUgQ29uc3VsdGluZzEoMCYGA1UECxMfQ2VydGlmaWNhdGlvbiBT ZXJ2aWNlcyBEaXZpc2lvbjEkMCIGA1UEAxMbVGhhd3RlIFBlcnNvbmFsIEZyZWVtYWlsIENBMSsw KQYJKoZIhvcNAQkBFhxwZXJzb25hbC1mcmVlbWFpbEB0aGF3dGUuY29tMB4XDTk3MDYyNDA4Mjkz M1oXDTk4MDYyNDA4MjkzM1owgb4xCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUx EjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsT H0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xPjA8BgNVBAMTNVRoYXd0ZSBQZXJzb25h bCBGcmVlbWFpbCBJc3N1aW5nIEtleSAxOTk3LjA2LjI0IDA4OjI3MIGfMA0GCSqGSIb3DQEBAQUA A4GNADCBiQKBgQCYGIhYVYgRjQqZW+ZiDmrlIHWfKABXsqFrf4jrIdZt/wKLdX7QKZirWRECuSAp wvc6lo5EokiXMrorZdNSaTLMihWagCd34YW529MRkKW+axh3WekHW8TMF/DJEmBj7M1yysWk5NMJ IxdrUhhjc+7gQKZTEWyS5fmXYCDFZj07PwIDAQABo1IwUDASBgNVHRMBAf8ECDAGAQH/AgEAMCQG A1UdIwEBAAQaMBigFgQUcknCczTGVfQLdnKBfnf0h+fGsg4wFAYJYIZIAYb4QgEBAQH/BAQDAgAH MA0GCSqGSIb3DQEBBAUAA4GBALCE32eyV+GGRKkNQ8OjyRLcGoBKTaLqkAyOL/CipY6P76XtIxKu gbfaNtsii9ufSU/nFgplY3UGSFgjGUe/Q90QLMdD8O0txmnebuRXdcCngzC6qQCbzMXnXu8uWgEj 6LJ9G9zabFp/stYUkpK6RRVTyEeXOhcz4Y8VWiDUzfs5MYIBijCCAYYCAQEwgcUwgb4xCzAJBgNV BAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UE ChMRVGhhd3RlIENvbnN1bHRpbmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2 aXNpb24xPjA8BgNVBAMTNVRoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBJc3N1aW5nIEtleSAxOTk3 LjA2LjI0IDA4OjI3AgIIbjAJBgUrDgMCGgUAoF0wGAYJKoZIhvcNAQkDMQsGCSqGSIb3DQEHATAc BgkqhkiG9w0BCQUxDxcNOTgwMzI3MTczMDI3WjAjBgkqhkiG9w0BCQQxFgQUixemkum7gnEAhf9G QH2YXnjjvnowDQYJKoZIhvcNAQEBBQAEQGXRB1OiBiTQo1FaMe4wX4QI/j4Zg6g4nmy+l3y+RQE3 kq7B6r5eekJp3NgApOM1ggWXb62fGfFBmBZ2w2KaRPkAAAAAAAA= ------=_NextPart_000_00AD_01BD59A6.08A95440-- From owner-imc-sfl Thu Apr 2 23:50:18 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id XAA19186 for imc-sfl-bks; Thu, 2 Apr 1998 23:50:18 -0800 (PST) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id XAA19182 for ; Thu, 2 Apr 1998 23:50:17 -0800 (PST) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id CAA18162 for ; Fri, 3 Apr 1998 02:50:36 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA11916; Fri, 3 Apr 1998 02:51:58 -0500 Received: by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id CAA24316; Fri, 3 Apr 1998 02:51:53 -0500 From: jsp@jgvandyke.com (John Pawling) Message-Id: <199804030751.CAA24316@ajsn101.jgvandyke.com> Subject: SFL Delivery Delayed To: imc-sfl@imc.org Date: Fri, 3 Apr 1998 02:51:53 -0500 (EST) Cc: jsp@jgvandyke.com X-Mailer: ELM [version 2.4 PL24] Content-Type: text Sender: owner-imc-sfl@imc.org Precedence: bulk All, The delivery of the SFL software has been delayed due to circumstances beyond our (VDA's) control. We will inform everyone as soon as the SFL SW is available. Hopefully, this will be early next week. John Pawling From owner-imc-sfl Tue Apr 7 12:07:45 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id MAA27478 for imc-sfl-bks; Tue, 7 Apr 1998 12:07:45 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id MAA27474 for ; Tue, 7 Apr 1998 12:07:44 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id OAA15800 for ; Tue, 7 Apr 1998 14:07:47 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05897; Tue, 7 Apr 1998 15:09:16 -0400 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id PAA05561; Tue, 7 Apr 1998 15:09:04 -0400 Date: Tue, 7 Apr 1998 15:09:04 -0400 Message-Id: <199804071909.PAA05561@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: SFL SW Now Available Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the first interim release of the S/MIME Freeware Library (SFL) for SunOS 4.1.3 and MS Windows NT/95. The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS I-Ds. This interim release of the SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. This process includes using the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. This interim release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Although we have made significant progress with the development of the SFL software, this interim release of the SFL software is NOT complete. We are still in the process of developing the SFL software. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is June 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. The SFL will be thoroughly tested and all memory leaks fixed once the S/MIME v3 specs are finalized. The 31 Mar 98 interim release of the SFL does not implement attributes and does not implement signed receipts. It provides a C++ API. The SFL will be enhanced to also provide a C API that will wrap the C++ API. It has not been completely tested and it includes memory leaks. It includes security holes. For example, the SFL stores private keys in the clear on the hard drive of the host system. We will be enhancing the SFL Crypto++ Crypto Token Interface Library (CTIL) to use PKCS #8 to store and protect the private key material that it accesses. The IMC has established an SFL web page at http://www.imc.org/imc-sfl/ which includes links to the SFL files stored on the VDA web site at http://www.jgvandyke.com/services/infosec/sfl.htm. The following SFL files are available: 1) Word 97, ASCII text and Adobe Acrobat PDF files for the SFL Fact Sheet (facsht.*), Software Design Description (SDD) (sfl_sdd.*), Application Programming Interface (API) (sfl_api.*) and CTI API (cti_api.*) documents. 2) SFL Public License (ASCII text). 3) Compressed tar file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement the Distinguished Encoding Rules. 4) Zipped exe file containing MS Windows NT/95 files including: SFL source code, SNACC ASN.1 Library, test code, project files. 5) Compressed tar file containing SunOS 4.1.3 filed including: SFL source code, SNACC ASN.1 Library, test code, makefiles. Note: The last two files also include sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates (with bogus signature values) that each include a D-H or DSA public key. Detailed instructions for the implementation of the software for each platform is included in a README file contained within the file for that platform. All source code for the SFL has been provided at no cost and with no limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" included in the license.txt file available in each of the tar and exe files, and on the VDA web site. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. This strategy allows the SFL source code to be freely distributed to the entire Internet community because it does not contain software that directly implements any crypto algorithms that are copyrighted or export controlled. For example, we the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must the Crypto++ freeware library from the Crypto++ Web Page (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the SFL source code that is obtained from us. IMPORTANT NOTE: We were able to use the Crypto++ v2.3 library with MS Windows 95/NT with only a few trivial changes that are documented in the SFL MS Windows README file. Due to limitations with the GCC 2.7.2 compiler we had to use Crypto++ v2.0 on SunOS 4.1.3. We made many non-trivial changes to the Crypto++ v2.0 software so that we could use it on SunOS 4.1.3 with GCC 2.7.2. We are communicating with the Crypto++ author and web site manager to determine if the our modifications will be posted on Crypto++ web site. In the meantime, if you need the modified Crypto++ v2.0 for SunOS 4.1.3, please contact John Pawling. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: LINUX, Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that they be sent them to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Thu Apr 9 13:13:10 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA20853 for imc-sfl-bks; Thu, 9 Apr 1998 13:13:10 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA20849 for ; Thu, 9 Apr 1998 13:12:59 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id PAA04835 for ; Thu, 9 Apr 1998 15:13:10 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA02552; Thu, 9 Apr 1998 16:08:34 -0400 Received: from hobbes by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA00411; Thu, 9 Apr 1998 16:08:20 -0400 Message-Id: <003c01bd63f2$98a30d60$2d02bd9e@hobbes.jgvandyke.com> From: "David M Harris" To: "SFL List" Subject: Building the SFL on the Intel/Windows platform Date: Thu, 9 Apr 1998 16:03:40 -0400 Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-imc-sfl@imc.org Precedence: bulk Hello All, We feel that the following needs to be clarified again: For the Intel/Win32 version of the SFL and associated libraries, we are using Microsoft Visual C++ v5.0. There have been some questions about using Visual C++ v4.x. The SFL currently will NOT compile with Visual C++ v4.x. It appears as if 4.x does not fully implement ANSI C++ templates. We have not tried Borland C++ Builder or any of the other commercial win32 compilers. We were able to compile the SFL static library using GNU G++ 2.8.0 under Windows but we haven't linked or tested the G++ builds. So, if you don't want to use Visual C++ 5.0, G++ might be a good alternative for you to try (especially since that is what we use on the Unix side). For now, we intend to continue development and testing using Visual C++ 5.0. In case you don't already know, you can read about and download DJGPP binaries (GNU compilers ported to DOS/Windows) at http://www.delorie.com/djgpp/ dave harris From owner-imc-sfl Thu Apr 9 18:48:39 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id SAA24242 for imc-sfl-bks; Thu, 9 Apr 1998 18:48:39 -0700 (PDT) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id SAA24234 for ; Thu, 9 Apr 1998 18:48:38 -0700 (PDT) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.0) id SAA22937; Thu, 9 Apr 1998 18:47:52 -0700 (PDT) Received: from verisign.com by mentat.verisign.com (8.8.5/BCH1.0) id SAA02331; Thu, 9 Apr 1998 18:48:15 -0700 (PDT) Message-ID: <352D7A6A.BB323F4A@verisign.com> Date: Thu, 09 Apr 1998 18:48:27 -0700 From: Xinhong Yuan X-Mailer: Mozilla 4.04 [en] (WinNT; I) MIME-Version: 1.0 To: John Pawling CC: imc-sfl@imc.org Subject: Re: SFL SW Now Available References: <199804071909.PAA05561@ajsn101.jgvandyke.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk When is your schedules to deliver the release for RSA Bsafe? John Pawling wrote: > All, > > J.G. Van Dyke and Associates (VDA) has delivered the first interim release > of the S/MIME Freeware Library (SFL) for SunOS 4.1.3 and MS Windows NT/95. > The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS > I-Ds. This interim release of the SFL has been successfully used to sign, > verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, > D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by > Government-furnished freeware. This process includes using the SNACC ASN.1 > Library to encode and decode CMS signedData and envelopedData objects. This > interim release includes: SFL High-level library; SFL Crypto++ Crypto Token > Interface Library (CTIL); VDA-enhanced GNU SNACC ASN.1 Compiler and > Library; test drivers and test data. > > Although we have made significant progress with the development of the SFL > software, this interim release of the SFL software is NOT complete. We are > still in the process of developing the SFL software. Further releases will > be provided as significant capabilities are added. The SFL is being > delivered incrementally to provide software as soon as possible to allow > developers to: work with the API; begin integrating the SFL into their > applications; and to provide feedback to the ongoing SFL development > process. The SFL documents and software are still being developed and are > subject to change. The goal for completion of the SFL is June 1998. The > stability of the S/MIME v3 specifications is a prerequisite for meeting this > delivery goal. The SFL will be thoroughly tested and all memory leaks fixed > once the S/MIME v3 specs are finalized. > > The 31 Mar 98 interim release of the SFL does not implement attributes and > does not implement signed receipts. It provides a C++ API. The SFL will be > enhanced to also provide a C API that will wrap the C++ API. It has not > been completely tested and it includes memory leaks. It includes security > holes. For example, the SFL stores private keys in the clear on the hard > drive of the host system. We will be enhancing the SFL Crypto++ Crypto > Token Interface Library (CTIL) to use PKCS #8 to store and protect the > private key material that it accesses. > > The IMC has established an SFL web page at http://www.imc.org/imc-sfl/ which > includes links to the SFL files stored on the VDA web site at > http://www.jgvandyke.com/services/infosec/sfl.htm. The following SFL files > are available: > > 1) Word 97, ASCII text and Adobe Acrobat PDF files for the SFL Fact > Sheet (facsht.*), Software Design Description (SDD) (sfl_sdd.*), > Application Programming Interface (API) (sfl_api.*) and CTI API > (cti_api.*) documents. > > 2) SFL Public License (ASCII text). > > 3) Compressed tar file containing SNACC ASN.1 Compiler and Library > source code that has been enhanced by VDA to implement the > Distinguished Encoding Rules. > > 4) Zipped exe file containing MS Windows NT/95 files including: SFL > source code, SNACC ASN.1 Library, test code, project files. > > 5) Compressed tar file containing SunOS 4.1.3 filed including: SFL > source code, SNACC ASN.1 Library, test code, makefiles. > > Note: The last two files also include sample CMS test data and test X.509 > Certificates. This file also includes test utilities to create X.509 > Certificates (with bogus signature values) that each include a D-H or DSA > public key. > > Detailed instructions for the implementation of the software for each > platform is included in a README file contained within the file for that > platform. > > All source code for the SFL has been provided at no cost and with no > limitations regarding its use and distribution. Organizations can use the > SFL without paying any royalties or licensing fees. VDA is developing the > SFL under contract to the U.S. Government. The U.S. Government is > furnishing the SFL software at no cost to the vendor subject to the > conditions of the "SFL Public License" included in the license.txt file > available in each of the tar and exe files, and on the VDA web site. > > The SFL is composed of a high-level library that performs generic CMS and > ESS processing independent of the crypto algorithms used to protect a > specific object. The SFL high-level library makes calls to an > algorithm-independent Crypto Token Interface API. The underlying, external > crypto token libraries are not distributed as part of the SFL source code. > The application developer must independently obtain these libraries and then > link them with the SFL. This strategy allows the SFL source code to be > freely distributed to the entire Internet community because it does not > contain software that directly implements any crypto algorithms that are > copyrighted or export controlled. For example, we the SFL uses the freeware > Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ > the vendor must the Crypto++ freeware library from the Crypto++ Web Page > (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the > SFL source code that is obtained from us. > > IMPORTANT NOTE: We were able to use the Crypto++ v2.3 library with MS > Windows 95/NT with only a few trivial changes that are documented in the SFL > MS Windows README file. Due to limitations with the GCC 2.7.2 compiler we > had to use Crypto++ v2.0 on SunOS 4.1.3. We made many non-trivial changes > to the Crypto++ v2.0 software so that we could use it on SunOS 4.1.3 with > GCC 2.7.2. We are communicating with the Crypto++ author and web site > manager to determine if the our modifications will be posted on Crypto++ > web site. In the meantime, if you need the modified Crypto++ v2.0 for SunOS > 4.1.3, please contact John Pawling. > > The SFL software is developed to maximize portability to 32-bit operating > systems. In the future, support may be added for the following operating > systems: LINUX, Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and > SCO ODT 3.0/5.0. > > The IMC has established an SFL mail list which is used to: distribute > information regarding SFL releases; discuss SFL-related issues; and provide > a means for SFL users to provide feedback, comments, bug reports, etc. > Subscription information for the imc-sfl mailing list is at the IMC web site > listed above. > > All comments regarding the SFL software and documents are welcome. We > recommend that they be sent them to the imc-sfl mail list. We will respond > to all messages on that list. > > ================================ > John Pawling, jsp@jgvandyke.com > J.G. Van Dyke & Associates, Inc. > www.jgvandyke.com > ================================ From owner-imc-sfl Fri Apr 10 06:03:13 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id GAA11913 for imc-sfl-bks; Fri, 10 Apr 1998 06:03:13 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id GAA11909 for ; Fri, 10 Apr 1998 06:03:12 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id IAA10292; Fri, 10 Apr 1998 08:03:29 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA12207; Fri, 10 Apr 1998 09:04:59 -0400 Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id JAA01266; Fri, 10 Apr 1998 09:04:46 -0400 Date: Fri, 10 Apr 1998 09:04:46 -0400 Message-Id: <199804101304.JAA01266@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: Xinhong Yuan From: jsp@jgvandyke.com (John Pawling) Subject: Re: SFL SW Now Available Cc: imc-sfl@imc.org Sender: owner-imc-sfl@imc.org Precedence: bulk Xinhong, We (VDA) are working on the BSAFE CTIL right now, but we can't promise anything before June 98. Hopefully, it will be done in May 98, but we can't commit to that. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Wed Apr 15 13:28:06 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA04609 for imc-sfl-bks; Wed, 15 Apr 1998 13:28:06 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA04605 for ; Wed, 15 Apr 1998 13:28:04 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id PAA04891 for ; Wed, 15 Apr 1998 15:28:24 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA19461; Wed, 15 Apr 1998 16:30:02 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA09931; Wed, 15 Apr 1998 16:29:40 -0400 Message-Id: <353517C9.1353@jgvandyke.com> Date: Wed, 15 Apr 1998 16:25:46 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: SFL Subject: FYI: SFL, Solaris, and Linux Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk Just thought I'd let everyone know that the SFL does compile, link, and work on Solaris 2.6 and Linux. The really good news is that we can use Crypto++ v2.3 on Linux with the same modifications that were necessary for Win32. Same goes with Solaris 2.6 except that the "#define LITTLE_ENDIAN" line needs to be commented out of the config.h file. Both plaforms require the following software to compile and link: * EGCS-1.01 c/c++ compiler (http://www.egcs.cygnus.com) * GNU Make v3.76.1 (anything newer should work as well) I'm still exploring the use of the SFL with Crypto++ v2.3 on SunOS 4.1.3. -Pierce J. G. Van Dyke & Associates From owner-imc-sfl Wed Apr 15 13:34:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA04652 for imc-sfl-bks; Wed, 15 Apr 1998 13:34:48 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA04648 for ; Wed, 15 Apr 1998 13:34:40 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id PAA03903 for ; Wed, 15 Apr 1998 15:35:15 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA19595; Wed, 15 Apr 1998 16:36:53 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA10055; Wed, 15 Apr 1998 16:36:33 -0400 Message-Id: <35351964.5F82@jgvandyke.com> Date: Wed, 15 Apr 1998 16:32:36 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: SFL Subject: FYI: Missing SNACC file Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk In the March 31st release of our modified SNACC compiler we are missing one file: ./c-lib/tbl.h.patch To build the entire distribution of SNACC this file is required. You can obtain it from the un-modified version of SNACC. This problem will be fixed in our next release. -Pierce J. G. Van Dyke & Associates From owner-imc-sfl Thu Apr 16 07:13:36 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id HAA23593 for imc-sfl-bks; Thu, 16 Apr 1998 07:13:36 -0700 (PDT) Received: from pony-1.mail.digex.net (pony-1.mail.digex.net [204.91.241.5]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id HAA23583 for ; Thu, 16 Apr 1998 07:13:33 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-1.mail.digex.net (8.8.8/8.8.8) with SMTP id JAA24512 for ; Thu, 16 Apr 1998 09:14:21 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA05056; Thu, 16 Apr 1998 10:15:59 -0400 Received: from hobbes by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id KAA19957; Thu, 16 Apr 1998 10:15:41 -0400 Message-Id: <005701bd6941$5831eea0$2d02bd9e@hobbes.jgvandyke.com> From: "David M Harris" To: "SFL List" Subject: Microsoft Visual C++ & Crypto++ v2.3 Date: Thu, 16 Apr 1998 10:09:58 -0400 Mime-Version: 1.0 Content-Type: text/plain; charset="iso-2022-kr" Content-Transfer-Encoding: 7bit X-Priority: 3 X-Msmail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-imc-sfl@imc.org Precedence: bulk Hello All, After a recent question regarding this issue, I thought I might be useful to post the following information to this list that was posted to the Crypto++ list a month ago. It may be particularly helpful to those trying to use Crypto++ with the Free CTI Library and the SFL using the Microsoft compiler: >ORIGINAL MESSAGE: >I include cryptlib in my project, set the Additional Include Directories to >point to the crypto++ directory, then include a crypto header file in my >project. > >I get a compile error, as iosfwd is recursively including itself, only >because MSDEV is misinterpreting the "#include " line in >crypto\iosfwd and not loading the vc version. > >RESPONSE: >The easiest solution would be to do "delete fstream iomanip iosfwd >iostream strstream" in the Crypto++ directory. Those files are only useful >with EGCS to work around the lack of standard iostream headers. With MSVC >if they are deleted the compiler will automatically find the standard >headers. Hopefully by the next release of Crypto++ EGCS will also have the >standard headers. > So, if you have problems building Crypto++ with Microsoft Visual C++ regarding recursive includes going to deep, delete the three mentioned files... dave harris, VDA From owner-imc-sfl Thu Apr 16 10:26:06 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id KAA01524 for imc-sfl-bks; Thu, 16 Apr 1998 10:26:06 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id KAA01519 for ; Thu, 16 Apr 1998 10:26:05 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id MAA12110 for ; Thu, 16 Apr 1998 12:26:45 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA07100; Thu, 16 Apr 1998 13:28:25 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id NAA23387; Thu, 16 Apr 1998 13:28:06 -0400 Message-Id: <35363EBC.29C8@jgvandyke.com> Date: Thu, 16 Apr 1998 13:24:12 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: SFL Subject: Re: FYI: SFL, Solaris, and Linux References: <353517C9.1353@jgvandyke.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk Sorry about the URL for EGCS. I referenced it from the another page without verifying it. The address should be http://egcs.cygnus.com . -Pierce Pierce Leonberger wrote: > > Just thought I'd let everyone know that the SFL does compile, link, > and work on Solaris 2.6 and Linux. The really good news is that we can > use Crypto++ v2.3 on Linux with the same modifications that were > necessary for Win32. Same goes with Solaris 2.6 except that the > "#define LITTLE_ENDIAN" line needs to be commented out of the config.h > file. > > Both plaforms require the following software to compile and link: > > * EGCS-1.01 c/c++ compiler (http://www.egcs.cygnus.com) > * GNU Make v3.76.1 (anything newer should work as well) > > I'm still exploring the use of the SFL with Crypto++ v2.3 on SunOS > 4.1.3. > > -Pierce > J. G. Van Dyke & Associates From owner-imc-sfl Fri Apr 17 11:08:36 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA13456 for imc-sfl-bks; Fri, 17 Apr 1998 11:08:36 -0700 (PDT) Received: from tounes.gw.tn (tounes.gw.tn [193.95.50.118]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA13452 for ; Fri, 17 Apr 1998 11:08:35 -0700 (PDT) Received: from tounes.tn (tounes.tn [193.95.50.110]) by tounes.gw.tn (8.8.8/8.8.8) with ESMTP id TAA00742 for ; Fri, 17 Apr 1998 19:08:10 -0100 (GMT) Received: from tounes.ati.tn (tounes.ati.tn [193.95.66.21]) by tounes.tngw.tn (8.8.8/8.8.8) with ESMTP id TAA00482; Fri, 17 Apr 1998 19:14:15 -0100 (GMT) Received: from venus.ati.tn (root@hamdi.ati.tn [193.95.68.33]) by tounes.ati.tn (8.6.9/8.6.9) with ESMTP id TAA26396; Fri, 17 Apr 1998 19:06:45 GMT Received: (from root@localhost) by venus.ati.tn (8.8.7/8.8.7) id TAA29214; Sat, 18 Apr 1998 19:07:42 -0100 Message-Id: <199804182007.TAA29214@venus.ati.tn> Subject: Re: FYI: Missing SNACC file To: pleonber@jgvandyke.com (Pierce Leonberger) Date: Sat, 18 Apr 1998 19:07:41 -0100 (GMT+1) Cc: imc-sfl@imc.org In-Reply-To: <35351964.5F82@jgvandyke.com> from "Pierce Leonberger" at Apr 15, 98 04:32:36 pm Reply-To: hamdi.tounsi@ati.tn From: Hamdi Tounsi MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="35900.69018.21868" Sender: owner-imc-sfl@imc.org Precedence: bulk --35900.69018.21868 Content-Type: text/plain Hi There was no tbl.h.patch in the un-modified version of SNACC ! the unmodified version is in the file Sunos413_sfl_tar ? please correct me if i erred Best regards > > In the March 31st release of our modified SNACC compiler we are > missing one file: > > ./c-lib/tbl.h.patch > > To build the entire distribution of SNACC this file is required. You > can obtain it from the un-modified version of SNACC. > > This problem will be fixed in our next release. > > -Pierce > J. G. Van Dyke & Associates > --35900.69018.21868-- From owner-imc-sfl Fri Apr 17 11:33:58 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id LAA13641 for imc-sfl-bks; Fri, 17 Apr 1998 11:33:58 -0700 (PDT) Received: from pony-2.mail.digex.net (pony-2.mail.digex.net [204.91.241.6]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id LAA13637 for ; Fri, 17 Apr 1998 11:33:55 -0700 (PDT) Received: from apollo (apollo.jgvandyke.com [158.189.10.100]) by pony-2.mail.digex.net (8.8.8/8.8.8) with SMTP id NAA23769; Fri, 17 Apr 1998 13:34:34 -0500 (EDT) Received: from ajsn101.jgvandyke.com by apollo (5.x/SMI-SVR4) id AA18183; Fri, 17 Apr 1998 14:36:14 -0400 Received: from ajpc60 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA10629; Fri, 17 Apr 1998 14:35:55 -0400 Message-Id: <3537A021.2247@jgvandyke.com> Date: Fri, 17 Apr 1998 14:32:01 -0400 From: Pierce Leonberger Organization: Network Systems Division X-Mailer: Mozilla 3.04Gold (X11; I; HP-UX A.09.07 9000/712) Mime-Version: 1.0 To: hamdi.tounsi@ati.tn Cc: imc-sfl@imc.org Subject: Re: FYI: Missing SNACC file References: <199804182007.TAA29214@venus.ati.tn> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-imc-sfl@imc.org Precedence: bulk The un-modified version of SNACC v1.3 should be downloaded from the SNACC Homepage at: http://www.fokus.gmd.de/ovma/freeware/snacc -Pierce Hamdi Tounsi wrote: > > Hi > There was no tbl.h.patch in the un-modified version of SNACC ! > the unmodified version is in the file Sunos413_sfl_tar ? please correct me if i erred > Best regards > > > > > In the March 31st release of our modified SNACC compiler we are > > missing one file: > > > > ./c-lib/tbl.h.patch > > > > To build the entire distribution of SNACC this file is required. You > > can obtain it from the un-modified version of SNACC. > > > > This problem will be fixed in our next release. > > > > -Pierce > > J. G. Van Dyke & Associates > > From owner-imc-sfl Tue May 5 17:22:51 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id RAA01106 for imc-sfl-bks; Tue, 5 May 1998 17:22:51 -0700 (PDT) Received: from aum.proper.com (ip200.proper.com [165.227.249.200]) by mail.proper.com (8.8.8/8.7.3) with SMTP id RAA01102 for ; Tue, 5 May 1998 17:22:50 -0700 (PDT) Message-Id: <199805060022.RAA01102@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1.334 (Beta) Date: Tue, 05 May 1998 17:24:25 -0700 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: New restrictions on distributing the SFL Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk I'm sorry to announce that the source code for the SFL has been removed from the official site. It has been moved to a new site, that appears to be export-controlled. You need a password to get the software from that site, and the passwords are handed out by the US Department of Defense. I'm personally embarssed that the government of my country enforces such silly laws. I understand that many other countries have similar laws, but that doesn't make me feel any better. I had hoped that the SFL would be the beginning of sensibility on the part of the US government with respect to cryptography distribution; I still have that hope for the future. There are many people on this mailing list who are outside the US, and this change in distribution may prevent you from getting the SFL. If other Web sites appear that contain unofficial versions of the SFL and do not restrict who can download from them, I will be happy to list those on the IMC SFL page at . I would also like to list links to cryptography packages that work with the SFL at our site. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Fri May 15 13:49:05 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.7.3) id NAA06409 for imc-sfl-bks; Fri, 15 May 1998 13:49:05 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.7.3) with ESMTP id NAA06405 for ; Fri, 15 May 1998 13:49:02 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id QAA00703 for ; Fri, 15 May 1998 16:54:01 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA11250; Fri, 15 May 1998 16:53:47 -0400 Date: Fri, 15 May 1998 16:53:47 -0400 Message-Id: <199805152053.QAA11250@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.2 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the second interim release (Version 0.2) of the S/MIME Freeware Library (SFL). It has been successfully tested with the Sun Solaris 2.6, MS Windows NT/95 and Linux operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS I-Ds. We have made significant progress with the testing of the SFL. The v0.2 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.2 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. We were able to successfully encrypt and decrypt (using 3DES) an envelopedData object that included copies of the message key protected using Diffie-Hellman and RSA. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.2 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. The v0.2 SFL release adds support for: authenticated attributes; ESS signed receipts; local key encryption; encrypting private keys stored in PKCS#8 format using PKCS#5; signing/verifying multiple signerInfos in a signedData object; revised CSM_List template class; enhanced test routines; bug fixes; updated documents; BSAFE CTIL; and the capability to generate RSA certificates. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. Further releases will be provided (probably on a montlky basis) as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is June 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: support for additional attributes; Fortezza CTIL; additional helper functions; C API (in addition to C++ API); support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include support for Microsoft's CAPI and Open Group's Common Data Security Architecture. We will continue developing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) Word 97 and Adobe Acrobat PDF files for the SFL Fact Sheet (facsht.*), Software Design Description (SDD) (sfl_sdd.*), Application Programming Interface (API) (sfl_api.*) and CTI API (cti_api.*) documents. 2) SFL Public License (ASCII text). 3) Compressed tar file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement the Distinguished Encoding Rules. The following SFL files are available at the Fortezza Developer's S/MIME Page: SFL Hi-Level: 1) Compressed tar file containing all source code except for CTILs. This includes: SFL Hi-Level source code; VDA-enhanced SNACC ASN.1 Library source code; SNACC-generated source code; makefiles; project files. 2) Zip file containing MS Windows NT/95 run time libraries for the SFL Hi-Level library and SNACC ASN.1 library. Crypto++ (a.k.a Free) CTIL: 1) Compressed tar file containing SFL Crypto++ CTIL source code, project files and makefiles. 2) Zip file containing MS Windows NT/95 run time library for Crypto++ CTIL. BSAFE CTIL: 1) Compressed tar file containing SFL BSAFE CTIL source code, project files and makefiles. 2) Zip file containing MS Windows NT/95 run time library for BSAFE CTIL. TEST SW/DATA: 1) Compressed tar file containing test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must the Crypto++ freeware library from the Crypto++ Web Page (http://www.eskimo.com/~weidai/cryptlib.html) and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that they be sent them to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Wed May 27 13:45:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA19313 for imc-sfl-bks; Wed, 27 May 1998 13:45:48 -0700 (PDT) Received: from hq.ljl.COM (hq.ljl.com [206.151.234.1]) by mail.proper.com (8.8.8/8.8.5) with SMTP id NAA19308 for ; Wed, 27 May 1998 13:45:46 -0700 (PDT) Received: from semperfi.ljl.com by hq.ljl.COM. id aa27333; 27 May 98 15:49 CDT X-Mailer: Microsoft Outlook Express for Macintosh - 4.01 (295) Date: Wed, 27 May 1998 15:52:50 -0500 Subject: Win32 SNACC? From: Paul Robichaux To: imc-sfl@imc.org Mime-version: 1.0 X-Priority: 3 X-No-Archive: yes X-Security: ArmorMail! see http://www.ljl.com Content-type: text/plain; charset="US-ASCII" Content-transfer-encoding: 7bit Message-ID: <9805271549.aa27333@hq.ljl.COM.> Sender: owner-imc-sfl@imc.org Precedence: bulk Does there already exist a Win32 build of the VDA-enhanced SNACC, or do I need to dust off OpenNT and roll my own? Thanks, -Paul From owner-imc-sfl Tue Jul 7 13:29:28 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA17854 for imc-sfl-bks; Tue, 7 Jul 1998 13:29:28 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA17850 for ; Tue, 7 Jul 1998 13:29:27 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id QAA18203 for ; Tue, 7 Jul 1998 16:31:42 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA05943; Tue, 7 Jul 1998 16:30:51 -0400 Date: Tue, 7 Jul 1998 16:30:51 -0400 Message-Id: <199807072030.QAA05943@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.3 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the third interim release (Version 0.3) of the S/MIME Freeware Library (SFL). It has been successfully tested with the Sun Solaris 2.6 and MS Windows NT/95 operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS and ESS I-Ds. We have made significant progress with the testing of the SFL. The v0.3 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.3 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.3 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Since the v0.2 SFL release, we have begun interoperability testing between the MS Outlook Express S/MIME v2 e-mail client and SFL. We used the SFL to successfully verify the signature of an Outlook Express-generated v2 signedData message. We used the SFL to create a signedData message that was verified by Outlook Express. This required a number of changes in both the SFL and test environment. This is just the beginning of our interoperability testing. Since v0.2 SFL release, we have made the following progress with the SFL: fixed many bugs and memory leaks; improved VDA DER SNACC code to correctly decode indefinite length BER sequences and ANYs (this was needed to interoperate with Outlook Express and Netscape); "#pragma pack(8)" added to "sm_api.h" to force consistent structure alignment for references to the SFL classes; made minor changes recommended by customers; added support for ESSSecurityLabel signed attribute; improved Receipt Request logic; improved certificate generation utilities; and added support for processing the encapsulated content separate from the signedData object that includes the signature of the content. We also improved the SFL test environment: added ability to specify combinations of various hash/signing/encryption algorithms when creating a message; added limited MIME message construction using the freeware MIME++ library (SignedData only); increased consistency of certificates and private keys used for all CTILs (address book logic). Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided (probably on a monthly basis) as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is September 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: support for additional attributes; Fortezza CTIL; additional helper functions; C API (in addition to C++ API); support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page (now) and VDA SFL Page (any minute now): 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API and SFL Public License. 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler and Library source code compilable for Unix that has been enhanced by VDA to implement the Distinguished Encoding Rules. makefiles are included. 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) smimeR03.tar.Z: Compressed tar file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; makefiles. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. 2) smimeR03.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries compiled for MS Windows NT/95. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Tue Jul 7 18:18:23 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA24026 for imc-sfl-bks; Tue, 7 Jul 1998 18:18:23 -0700 (PDT) Received: from aum.proper.com (ip200.proper.com [165.227.249.200]) by mail.proper.com (8.8.8/8.8.5) with SMTP id SAA24022 for ; Tue, 7 Jul 1998 18:18:22 -0700 (PDT) Message-Id: <199807080118.SAA24022@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Tue, 07 Jul 1998 18:17:58 -0700 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: RE: v0.3 SFL Interim Release In-Reply-To: <004901bdaa0d$3f3f4610$be03a8c0@xyuan-pc.verisign.com> References: <199807072030.QAA05943@ajsn101.jgvandyke.com> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk At 06:10 PM 7/7/98 -0700, Xinhong Yuan wrote: >Can anyone give me a tip how I can get access to the download site of SFL? I >need the name/password for access. Where should I get it from? As John's message said: > The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which > includes links to the SFL files stored on the VDA SFL Page > (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza > Developer's S/MIME Page > (http://www.armadillo.huntsville.al.us/software/smime). --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Tue Jul 7 18:08:47 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA23947 for imc-sfl-bks; Tue, 7 Jul 1998 18:08:47 -0700 (PDT) Received: from caladan.verisign.com (caladan.verisign.com [205.180.232.21]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA23943 for ; Tue, 7 Jul 1998 18:08:46 -0700 (PDT) Received: from mentat.verisign.com by caladan.verisign.com (8.8.5/BCH1.5) id SAA07759; Tue, 7 Jul 1998 18:06:52 -0700 (PDT) Received: from xyuan-pc by mentat.verisign.com (8.8.5/BCH1.0) id SAA04773; Tue, 7 Jul 1998 18:08:10 -0700 (PDT) Reply-To: From: "Xinhong Yuan" To: "John Pawling" , Subject: RE: v0.3 SFL Interim Release Date: Tue, 7 Jul 1998 18:10:50 -0700 Message-ID: <004901bdaa0d$3f3f4610$be03a8c0@xyuan-pc.verisign.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Importance: Normal In-Reply-To: <199807072030.QAA05943@ajsn101.jgvandyke.com> Sender: owner-imc-sfl@imc.org Precedence: bulk Can anyone give me a tip how I can get access to the download site of SFL? I need the name/password for access. Where should I get it from? Xinhong VeriSign, Inc. 650.429.3308 > -----Original Message----- > From: owner-imc-sfl@imc.org [mailto:owner-imc-sfl@imc.org]On Behalf Of > John Pawling > Sent: Tuesday, July 07, 1998 1:31 PM > To: imc-sfl@imc.org > Subject: v0.3 SFL Interim Release > > > All, > > J.G. Van Dyke and Associates (VDA) has delivered the third interim release > (Version 0.3) of the S/MIME Freeware Library (SFL). It has been > successfully tested with the Sun Solaris 2.6 and MS Windows NT/95 > operating > systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS > and ESS I-Ds. We have made significant progress with the testing of the > SFL. The v0.3 SFL has been successfully used to sign, verify, encrypt and > decrypt CMS objects using the mandatory algorithms (DSA, D-H, > 3DES) provided > by the Crypto++ library and SHA-1 provided by > Government-furnished freeware. > The v0.3 SFL has also been used to sign, verify, encrypt and decrypt CMS > objects using the RSA suite of algorithms provided by the RSA > BSAFE library. > The SFL uses the SNACC ASN.1 Library to encode and decode CMS > signedData and > envelopedData objects. The v0.3 SFL release includes: SFL High-level > library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; > VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers > and test data. > > Since the v0.2 SFL release, we have begun interoperability testing between > the MS Outlook Express S/MIME v2 e-mail client and SFL. We used > the SFL to > successfully verify the signature of an Outlook Express-generated v2 > signedData message. We used the SFL to create a signedData > message that was > verified by Outlook Express. This required a number of changes > in both the > SFL and test environment. This is just the beginning of our > interoperability testing. > > Since v0.2 SFL release, we have made the following progress with the SFL: > fixed many bugs and memory leaks; improved VDA DER SNACC code to correctly > decode indefinite length BER sequences and ANYs (this was needed to > interoperate with Outlook Express and Netscape); "#pragma > pack(8)" added to > "sm_api.h" to force consistent structure alignment for references > to the SFL > classes; made minor changes recommended by customers; added support for > ESSSecurityLabel signed attribute; improved Receipt Request > logic; improved > certificate generation utilities; and added support for processing the > encapsulated content separate from the signedData object that includes the > signature of the content. We also improved the SFL test > environment: added > ability to specify combinations of various hash/signing/encryption > algorithms when creating a message; added limited MIME message > construction > using the freeware MIME++ library (SignedData only); increased consistency > of certificates and private keys used for all CTILs (address book logic). > > Although we have made significant progress with the development > of the SFL, > this interim release of the SFL is NOT complete. We are still in > the process > of developing and testing the SFL. For example, we will be enhancing the > BSAFE CTIL to store the user's private keys in an encrypted form. Further > releases will be provided (probably on a monthly basis) as significant > capabilities are added. The SFL is being delivered incrementally > to provide > software as soon as possible to allow developers to: work with the API; > begin integrating the SFL into their applications; and to provide feedback > to the ongoing SFL development process. The SFL documents and software are > still being developed and are subject to change. The goal for > completion of > the SFL is September 1998. The stability of the S/MIME v3 > specifications is > a prerequisite for meeting this delivery goal. > > Future releases will include: support for additional attributes; Fortezza > CTIL; additional helper functions; C API (in addition to C++ API); support > for other crypto libraries; and support for other operating systems. The > SFL will be thoroughly tested and all memory leaks fixed. Robustness > testing will be performed. The SFL will be tested for > interoperability with > S/MIME v2 and v3 products. Other possible future enhancements include > additional example CTILs supporting other Cryptographic APIs, such as Open > Group's Common Data Security Architecture. We will continue enhancing > utilities to generate certificates to be used as test data. > > The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which > includes links to the SFL files stored on the VDA SFL Page > (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza > Developer's S/MIME Page > (http://www.armadillo.huntsville.al.us/software/smime). > > > The following SFL files are not export-controlled. They are available at > the Fortezza Developer's S/MIME Page (now) and VDA SFL Page (any > minute now): > > 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL > Application Programming Interface, SFL CTI API and SFL Public License. > > 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler > and Library source code compilable for Unix that has been > enhanced by VDA to > implement the Distinguished Encoding Rules. makefiles are included. > > 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and > Library source > code that has been enhanced by VDA to implement DER. MS Windows NT/95 > project files are included for the SNACC code, MIME++ and Crypto++. Note > that the Crypto++ and MIME++ libraries are not included. See > (http://www.eskimo.com/~weidai/cryptlib.html) and > (http://hunnysoft.com/mimepp/) for these two libraries. > > The following SFL files are export controlled and are available at the > Fortezza Developer's S/MIME Page: > > 1) smimeR03.tar.Z: Compressed tar file containing all SFL source code > including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 > source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; > makefiles. This file also contains test driver source code, > sample CMS test > data and test X.509 Certificates. This file also includes test > utilities to > create X.509 Certificates that each include a D-H, DSA or RSA > public key. > > 2) smimeR03.zip: Zip file containing all SFL source code including: SFL > Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL > Crypto++ CTIL source code; SFL BSAFE CTIL source code; project > files. This > file also contains test driver source code, sample CMS test data and test > X.509 Certificates. This file also includes test utilities to > create X.509 > Certificates that each include a D-H, DSA or RSA public key. > SNACC release > and debug libraries compiled for MS Windows NT/95. > > > Instructions for applying for an account on the Fortezza > Developer's S/MIME > Page are available from that page. An account is required to download the > SFL files from the Fortezza Developer's S/MIME Page due to U.S. export > restrictions. See the U.S. Bureau of Export Administration's Commercial > Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm > for more information regarding the U.S. export restrictions. > > All source code for the SFL is being provided at no cost and with no > financial limitations regarding its use and distribution. > Organizations can > use the SFL without paying any royalties or licensing fees. VDA is > developing the SFL under contract to the U.S. Government. The U.S. > Government is furnishing the SFL software at no cost to the vendor subject > to the conditions of the "SFL Public License" available from the VDA SFL > Page and Fortezza Developer's S/MIME Page. > > The SFL is composed of a high-level library that performs generic CMS and > ESS processing independent of the crypto algorithms used to protect a > specific object. The SFL high-level library makes calls to an > algorithm-independent Crypto Token Interface API. The > underlying, external > crypto token libraries are not distributed as part of the SFL source code. > The application developer must independently obtain these > libraries and then > link them with the SFL. For example, the SFL uses the freeware Crypto++ > library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the > vendor must download the Crypto++ freeware library from the Crypto++ Web > Page and then compile it with the SFL source code. > > The SFL software is developed to maximize portability to 32-bit operating > systems. In the future, support may be added for the following operating > systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 > and SCO ODT > 3.0/5.0. > > The IMC has established an SFL mail list which is used to: distribute > information regarding SFL releases; discuss SFL-related issues; > and provide > a means for SFL users to provide feedback, comments, bug reports, etc. > Subscription information for the imc-sfl mailing list is at the > IMC web site > listed above. > > All comments regarding the SFL software and documents are welcome. We > recommend that comments should be sent to the imc-sfl mail list. We will > respond to all messages on that list. > > ================================ > John Pawling, jsp@jgvandyke.com > J.G. Van Dyke & Associates, Inc. > www.jgvandyke.com > ================================ > > From owner-imc-sfl Wed Jul 8 05:13:15 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA13449 for imc-sfl-bks; Wed, 8 Jul 1998 05:13:15 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA13445 for ; Wed, 8 Jul 1998 05:13:14 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id IAA20397; Wed, 8 Jul 1998 08:15:52 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id IAA21998; Wed, 8 Jul 1998 08:14:59 -0400 Date: Wed, 8 Jul 1998 08:14:59 -0400 Message-Id: <199807081214.IAA21998@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: , From: jsp@jgvandyke.com (John Pawling) Subject: RE: v0.3 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk Xinhong, An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to US government export restrictions. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from http://www.armadillo.huntsville.al.us/software/smime. For more info regarding obtaining an account on the Fortezza Developer's S/MIME Page, please contact Lloyd Craig, locraig@missi.ncsc.mil, telephone: (410) 859-4463. - John Pawling >At 06:10 PM 7/7/98 -0700, Xinhong Yuan wrote: >Can anyone give me a tip how I can get access to the download site of SFL? I >need the name/password for access. Where should I get it from? > >Xinhong >VeriSign, Inc. >650.429.3308 > From owner-imc-sfl Wed Aug 5 11:05:48 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id LAA07266 for imc-sfl-bks; Wed, 5 Aug 1998 11:05:48 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id LAA07262 for ; Wed, 5 Aug 1998 11:05:46 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id OAA03244 for ; Wed, 5 Aug 1998 14:11:16 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id OAA21938; Wed, 5 Aug 1998 14:10:04 -0400 Date: Wed, 5 Aug 1998 14:10:04 -0400 Message-Id: <199808051810.OAA21938@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: SFL Interop Testing Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library (SFL) to implement the Internet Engineering Task Force (IETF) draft S/MIME version 3 set of specifications. Recently, VDA used the SFL to successfully exchange signed and encrypted S/MIME messages with legacy S/MIME version 2 products. This testing is the initial step in proving the interoperability of the current draft IETF S/MIME v3 set of specifications with the S/MIME v2 specifications (RFC 2315, RFC 2311, RFC 2312) based on the PKCS #7, v1.5 specification. This testing proves that the SFL code is maturing and will soon be a viable candidate for incorporation into applications that require S/MIME v3 capabilities including the optional S/MIME v3 security features. VDA successfully tested the SFL at the Internet Mail Consortium (IMC)-sponsored SecureConnect 1 event held on July 23-24, 1998 in San Jose, CA. We used the SFL to verify the digital signature of S/MIME version 2 signedData messages created by RSA (S/MAIL toolkit), WorldTalk, Microsoft and Entrust. We used the SFL to create S/MIME v2 signedData messages that were verified by RSA, WorldTalk and Microsoft. We used the SFL to decrypt an S/MIME v2 envelopedData message encrypted using the RSA S/MAIL toolkit. Also at SecureConnect, we began interoperability testing of S/MIME v3 features with Microsoft. We believe that the SecureConnect event was extremely valuable and we plan to participate at the next SecureConnect event scheduled for Spring 1999. Prior to the SecureConnect event, VDA performed interoperability testing between the Microsoft Outlook Express (MSOE) S/MIME v2 e-mail client and the SFL. We used the SFL to successfully verify the signature of an MSOE-generated v2 signedData message. We used the SFL to create a signedData message that was verified by MSOE. We used the SFL to decrypt an envelopedData that was encrypted by MSOE. We used the SFL to encrypt an envelopedData that was then decrypted using MSOE. We also used the SFL to exchange a signed and encrypted S/MIME v2 message (i.e. signedData encapsulated within envelopedData) with MSOE. All of this interoperability testing was conducted using the RSA suite of algorithms. We plan to test the IETF mandatory crypto algorithms: Secure Hash Algorithm-1, Digital Signature Algorithm, Triple Digital Encryption Standard and Diffie-Hellman key agreement algorithm. To achieve these results, we made minor changes to the SFL v0.3 code such as adding support for additional object identifiers. We plan to deliver an updated release of the SFL that includes these fixes by the end of August. More information regarding the SFL is available on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. ================================ From owner-imc-sfl Wed Aug 5 17:34:41 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA09724 for imc-sfl-bks; Wed, 5 Aug 1998 17:34:41 -0700 (PDT) Received: from stargate.zergo.com.au (root@[203.2.208.130]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id RAA09719; Wed, 5 Aug 1998 17:34:33 -0700 (PDT) Received: from owen.zergo.com.au (owen.zergo.com.au [203.2.208.44]) by stargate.zergo.com.au (8.8.7/8.8.7) with SMTP id KAA07934; Thu, 6 Aug 1998 10:36:11 +1000 Received: by owen.zergo.com.au with Microsoft Mail id <01BDC126.3EA487D0@owen.zergo.com.au>; Thu, 6 Aug 1998 10:37:44 +1000 Message-ID: <01BDC126.3EA487D0@owen.zergo.com.au> From: Owen Roberts To: "'John Pawling'" , "'phoffman@imc.org'" , "'locraig@missi.ncsc.mil'" Cc: "'imc-sfl@imc.org'" Subject: SFL Availability to non-NorthAmericans Date: Thu, 6 Aug 1998 10:37:42 +1000 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 8bit X-MIME-Autoconverted: from quoted-printable to 8bit by mail.proper.com id RAA09720 Sender: owner-imc-sfl@imc.org Precedence: bulk Gentlemen and SFL followers, I'm sure I represent "The Rest Of" the internet community concerned with secure electronic commerce in complaining about the restriction of SFL source code to North Americans. I know that both John and Paul would prefer that it is available, because the SFL is DESIGNED to be separate from the export controlled cryptographic libraries, and this is not what the IMC is about either. I have been following the development of the SFL for some time, and have even downloaded a version of it previously. I believe the whole concept of a reference implementation is a great idea, as it is only going to push the industry forward into interoperability - and that's what the industry is all about. Fine, control the crypto, we have our own - that's easy, but when you have something as complex as S/MIME, only a reference implementation is going going to make it practical in the short and medium term. Lets get people using it. Now, thats my speel. How do we go about changing this situation? Who do we contact in the DoD. Regards, Owen Roberts ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Owen Roberts - Systems Architect Zergo Asia Pacific, Sydney Australia (+612) 9929 9650 mailto:owen@zergo.com.au ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. This strategy allows the SFL source code to be freely distributed to the entire Internet community because it does not contain software that directly implements any crypto algorithms that are copyrighted or export controlled. [John Pawling April 98] I'm sorry to announce that the source code for the SFL has been removed from the official site. It has been moved to a new site, that appears to be export-controlled. You need a password to get the software from that site, and the passwords are handed out by the US Department of Defense. I'm personally embarssed that the government of my country enforces such silly laws. I understand that many other countries have similar laws, but that doesn't make me feel any better. I had hoped that the SFL would be the beginning of sensibility on the part of the US government with respect to cryptography distribution; I still have that hope for the future. --Paul Hoffman, Director --Internet Mail Consortium [May 5] I regret to inform you I cannot process your account request. In a nutshell, my organization runs the web page. We do not have control over what is and isn't export controlled. While many people feel, as you do, that portions should be accessable, I do not have the authority to make them accessable. The IMC at www.imc.org has more information on this issue and may point you to someone who properly assist you. I'm sorry I couldn't help you. Lloyd Craig [August 6] ---------- From: John Pawling Sent: Tuesday, August 04, 1998 1:30 AM To: Owen Roberts Subject: Re: SFL Availability Owen, Enclosed is the most recent message that I sent regarding the SFL. The ASN.1 software portions of the SFL are available to everybody at http://www.armadillo.huntsville.al.us/software/smime. All other portions of the SFL are export controlled as per U.S. export laws. Please take special note of the following paragraph from the enclosed message: "Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions." The U.S. Department of Defense (DoD) Export Control Policy office ruled that the SFL source code and binaries are covered under the US export laws. The US export laws include some exceptions. In some cases, export-controlled software can be distributed to other than US citizens. For more info, please contact Lloyd Craig, DoD, Office X22, Telephone: (410) 859-4463. Also, you can contact Jim Madsen, DoD Export Control Policy office, 301-688-7834. - John Pawling At 01:51 PM 8/3/98 +1000, Owen Roberts wrote: >Hi John, > >I downloaded v0.3 (March 98) of the SFL from the jgvandyke.com pages some time ago. It used to be the case that there was no export control on this software, only on the crypto libraries to use with it like Crypto++. It seems now that the SFL is export controlled as well, as seen on http://www.armadillo.huntsville.al.us/software/smime/ where it now resides. > >Is this correct? Please tell me non-NorthAmericans will be able to use the SFL. > >Thanks for your time, >Regards, >Owen Roberts. From owner-imc-sfl Wed Aug 5 17:46:53 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id RAA09778 for imc-sfl-bks; Wed, 5 Aug 1998 17:46:53 -0700 (PDT) Received: from aum.proper.com (ip200.proper.com [165.227.249.200]) by mail.proper.com (8.8.8/8.8.5) with SMTP id RAA09774 for ; Wed, 5 Aug 1998 17:46:52 -0700 (PDT) Message-Id: <199808060046.RAA09774@mail.proper.com> X-Sender: phoffman@mail.imc.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Wed, 05 Aug 1998 17:49:14 -0700 To: imc-sfl@imc.org From: Paul Hoffman / IMC Subject: Re: SFL Availability to non-NorthAmericans In-Reply-To: <01BDC126.3EA487D0@owen.zergo.com.au> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-imc-sfl@imc.org Precedence: bulk I've talked to IMC's lawyers, and they said that the SFL is "clearly export controlled even without the crypto libraries themselves." The US has been consistent in their stance on "crypto with a hole", and it has hurt many of IMC's members. I do not believe that there is any hope of the SFL being distributed until the US changes its laws or the current administration changes its mind. Either way, it is extremely unlikely, given that much more powerful (read: monied) companies have been lobbying hard for years on this. Neither Congress nor the President have shown any big interest in changing the current situation. And, I assure you, this mailing list won't make a dent; let's not waste the bandwidth. --Paul Hoffman, Director --Internet Mail Consortium From owner-imc-sfl Mon Aug 31 05:28:54 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id FAA12827 for imc-sfl-bks; Mon, 31 Aug 1998 05:28:54 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id FAA12823 for ; Mon, 31 Aug 1998 05:28:52 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id IAA04719 for ; Mon, 31 Aug 1998 08:36:49 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id IAA03712; Mon, 31 Aug 1998 08:35:27 -0400 Date: Mon, 31 Aug 1998 08:35:27 -0400 Message-Id: <199808311235.IAA03712@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: v0.4 SFL Interim Release Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) has delivered the fourth interim release (Version 0.4) of the S/MIME Freeware Library (SFL). It has been successfully tested with the SunOS 4.1.3 and MS Windows NT/95 operating systems. The SFL is a reference implementation of the IETF S/MIME v3 CMS (June 98) and ESS (August 98) I-Ds. We have made significant progress with the testing of the SFL. The v0.4 SFL has been successfully used to sign, verify, encrypt and decrypt CMS objects using the mandatory algorithms (DSA, D-H, 3DES) provided by the Crypto++ library and SHA-1 provided by Government-furnished freeware. The v0.4 SFL has also been used to sign, verify, encrypt and decrypt CMS objects using the RSA suite of algorithms provided by the RSA BSAFE library. The SFL uses the SNACC ASN.1 Library to encode and decode CMS signedData and envelopedData objects. The v0.4 SFL release includes: SFL High-level library; SFL Crypto++ Crypto Token Interface Library (CTIL); BSAFE CTIL; VDA-enhanced GNU SNACC ASN.1 Compiler and Library; test drivers and test data. Since the v0.3 SFL release, we have continued interoperability testing between S/MIME v2 e-mail clients and the SFL as documented in the attached message. To achieve the results documented in the attached message, we made minor changes to the SFL v0.3 code such as adding support for additional object identifiers. The v0.4 release of the SFL includes these fixes. Specifically, the following enhancements are included in the v0.4 SFL release: - Finished integration of newest CMS ASN.1 () and ESS ASN.1 specifications (draft-ietf-smime-ess-07.txt) into source code. - Moved UKM processing from OriginatorInfo to RecipientInfo in all encrypt/decrypt logic (this code still does not support multiple recipients under the same UKM, this will be implemented in a future release of the SFL). - SMIME test environment updates for more robustness and interoperability with SMIME v2 vendor software (as a result of the SecureConnect Conference). - Created SFL Class diagrams using Microsoft Visual Modeler (can be viewed using Releation Rose C++ Demo 4.0). - Based upon requests from SFL integrators, included in this e-mail message are notes regarding the use of proprietary environment private keys with the SFL. Although we have made significant progress with the development of the SFL, this interim release of the SFL is NOT complete. We are still in the process of developing and testing the SFL. For example, we will be enhancing the BSAFE CTIL to store the user's private keys in an encrypted form. Further releases will be provided as significant capabilities are added. The SFL is being delivered incrementally to provide software as soon as possible to allow developers to: work with the API; begin integrating the SFL into their applications; and to provide feedback to the ongoing SFL development process. The SFL documents and software are still being developed and are subject to change. The goal for completion of the SFL is October 1998. The stability of the S/MIME v3 specifications is a prerequisite for meeting this delivery goal. Future releases will include: incorporate S/MIME specification changes; support for additional attributes; Fortezza CTIL; additional helper functions; multiple signerInfos in signed receipts; enhanced test routines; bug fixes; support for other crypto libraries; and support for other operating systems. The SFL will be thoroughly tested and all memory leaks fixed. Robustness testing will be performed. The SFL will be tested for interoperability with S/MIME v2 and v3 products. Other possible future enhancements include additional example CTILs supporting other Cryptographic APIs, such as Open Group's Common Data Security Architecture. We will continue enhancing utilities to generate certificates to be used as test data. The IMC has established an SFL web page (http://www.imc.org/imc-sfl) which includes links to the SFL files stored on the VDA SFL Page (http://www.jgvandyke.com/services/infosec/sfl.htm) and on the Fortezza Developer's S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). The following SFL files are not export-controlled. They are available at the Fortezza Developer's S/MIME Page and VDA SFL Page: 1) SFL Documents: SFL Fact Sheet, SFL Software Design Description, SFL Application Programming Interface, SFL CTI API and SFL Public License. 2) snacc-1.3vda.tar.Z: Compressed tar file containing SNACC ASN.1 Compiler and Library source code compilable for Unix that has been enhanced by VDA to implement the Distinguished Encoding Rules. makefiles are included. 3) snaccvc.zip: zip file containing SNACC ASN.1 Compiler and Library source code that has been enhanced by VDA to implement DER. MS Windows NT/95 project files are included for the SNACC code, MIME++ and Crypto++. Note that the Crypto++ and MIME++ libraries are not included. See (http://www.eskimo.com/~weidai/cryptlib.html) and (http://hunnysoft.com/mimepp/) for these two libraries. The following SFL files are export controlled and are available at the Fortezza Developer's S/MIME Page: 1) sfl4Unixtar.Z: Compressed tar file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; makefiles. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. 2) smimeR04.zip: Zip file containing all SFL source code including: SFL Hi-Level source code; VDA-enhanced SNACC-generated ASN.1 source code; SFL Crypto++ CTIL source code; SFL BSAFE CTIL source code; project files. This file also contains test driver source code, sample CMS test data and test X.509 Certificates. This file also includes test utilities to create X.509 Certificates that each include a D-H, DSA or RSA public key. SNACC release and debug libraries compiled for MS Windows NT/95. 3) csmime.mdl contains SFL Class diagrams created using Microsoft Visual Modeler (can be viewed using Releation Rose C++ Demo 4.0). Please note that no changes were made to the SFL documents or ASN.1 encode/decode library. The sfl4Unixtar.Z and smimeR04.zip contain all of the changes between the v0.3 and v0.4 SFL releases. Instructions for applying for an account on the Fortezza Developer's S/MIME Page are available from that page. An account is required to download the SFL files from the Fortezza Developer's S/MIME Page due to U.S. export restrictions. See the U.S. Bureau of Export Administration's Commercial Encryption Export Controls web site at http://www.bxa.doc.gov/encstart.htm for more information regarding the U.S. export restrictions. All source code for the SFL is being provided at no cost and with no financial limitations regarding its use and distribution. Organizations can use the SFL without paying any royalties or licensing fees. VDA is developing the SFL under contract to the U.S. Government. The U.S. Government is furnishing the SFL software at no cost to the vendor subject to the conditions of the "SFL Public License" available from the VDA SFL Page and Fortezza Developer's S/MIME Page. The SFL is composed of a high-level library that performs generic CMS and ESS processing independent of the crypto algorithms used to protect a specific object. The SFL high-level library makes calls to an algorithm-independent Crypto Token Interface API. The underlying, external crypto token libraries are not distributed as part of the SFL source code. The application developer must independently obtain these libraries and then link them with the SFL. For example, the SFL uses the freeware Crypto++ library to provide 3DES, D-H and DSA. To use the SFL with Crypto++ the vendor must download the Crypto++ freeware library from the Crypto++ Web Page and then compile it with the SFL source code. The SFL software is developed to maximize portability to 32-bit operating systems. In the future, support may be added for the following operating systems: Macintosh, HP/UX 9.x/10.x, IBM AIX 3.2, Sun Solaris 2.6 and SCO ODT 3.0/5.0. The IMC has established an SFL mail list which is used to: distribute information regarding SFL releases; discuss SFL-related issues; and provide a means for SFL users to provide feedback, comments, bug reports, etc. Subscription information for the imc-sfl mailing list is at the IMC web site listed above. All comments regarding the SFL software and documents are welcome. We recommend that comments should be sent to the imc-sfl mail list. We will respond to all messages on that list. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ START OF PROPRIETARY ENVIRONMENT PRIVATE KEY NOTES Some application vendors have requested information regarding how they can add support for proprietary environment private keys to the SFL. We have concluded that each application vendor should simply add their proprietary environment private keys directly to the RSA entries in the SFL CSM_CSInst class as loaded in the SMRsaInit() global function. The vendor would replace the "do"/"while" condition to reflect the intended originator private key entry(s). There are two relevant pieces of information necessary to perform the sign/encrypt operations relevant to the CTIL: public key and private key. The following paragraphs describe where this information is stored as simple "(char *)" and "int" for each. We suggest duplicating the "SMRsaInit" source code in the vendor's own source file (to avoid being over-written by SFL updates) and changing to reflect the custom conventions. For now in the RSA CTIL library, these private keys are store un-encrypted. In the freeware CTIL they are password based encrypted to make it difficult for users to snoop into memory to access the keys in the clear, but this logic has not been migrated fully to the RSA CTIL yet. For the vendor it makes it easier. In the example logic below (from "sm_rsa.cpp"), simply assign the length and data to "pRsa->m_RSAX.len" and "pRsa->m_RSAX.data" from the vendor's clear private key information. Again, the vendor's "do"/"while" condition would be set to reflect the number of keys required to be loaded (probably just a single entry for now) looping through the vendor's private data structures for the private/public keys. ... void SMRsaInit(CSMIME *pCSMIME, char *pszPassword, char *pszAddressBook, char *pszPrefix) { ... pEntry = AB.m_pEntries->SetCurrToFirst(); do { ... (sm_rsa.cpp:LINE 1336) // store the private key info as a RSA private key if (*pEntry->m_pPrivateOID == bsafe_id_rsa_encr || *pEntry->m_pPrivateOID == rsaEncryption) { // convert X from entry file into m_RSAX ITEM SME(pRsa->m_RSAX.len = (unsigned int)pEntry-> m_pPrivateInfo->Length()); SME(pRsa->m_RSAX.data = (unsigned char *)pEntry-> m_pPrivateInfo->Get()); } // store parameters and Y in preferred Alg for this instance pAlgID = NULL; SME(pRsa->GetParamsAndY(pEntry, &AB, pAlgID));//PUBLIC KEY ... } while ((pEntry = AB.m_pEntries->GoNext()) != NULL); In the future, we will probably wrap this load with a password based encryption and unwrap when necessary as demonstrated in the "sm_free.cpp" logic. This would simply add a few calls to any new logic that the vendor creates now custom to the vendor's environment relating to loading different private keys. The public key is loaded by decoding the certificate associated with a user and loading the appropriate data structure. We assume you have the public key stored separate from the certificate and can thus load it directly into the CTIL data structures. Our load from the certificate is demonstrated in the member function: GetParamsAndY; but the vendor can simply load the bitstring and length (in bytes) into the following CSM_RSA m_RSAY member. ... SME(m_RSAY.data = (unsigned char *)bufferTemp.Access()); SME(m_RSAY.len = bufferTemp.Length()); ... This operation can be done directly in the "do"/"while" loop above that loads the private key. This is where the CTIL init now loads the public key with the call to "SME(pRsa->GetParamsAndY(pEntry, &AB, pAlgID));". END OF PROPRIETARY ENVIRONMENT PRIVATE KEY NOTES ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ >Return-Path: >Date: Wed, 5 Aug 1998 14:10:04 -0400 >X-Sender: jsp@ajsn101 >To: imc-sfl@imc.org >From: jsp@jgvandyke.com (John Pawling) >Subject: SFL Interop Testing >Sender: owner-imc-sfl@imc.org >Precedence: bulk > >All, > >J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library >(SFL) to implement the Internet Engineering Task Force (IETF) draft S/MIME >version 3 set of specifications. Recently, VDA used the SFL to successfully >exchange signed and encrypted S/MIME messages with legacy S/MIME version 2 >products. This testing is the initial step in proving the interoperability >of the current draft IETF S/MIME v3 set of specifications with the S/MIME v2 >specifications (RFC 2315, RFC 2311, RFC 2312) based on the PKCS #7, v1.5 >specification. This testing proves that the SFL code is maturing and will >soon be a viable candidate for incorporation into applications that require >S/MIME v3 capabilities including the optional S/MIME v3 security features. > >VDA successfully tested the SFL at the Internet Mail Consortium >(IMC)-sponsored SecureConnect 1 event held on July 23-24, 1998 in San Jose, >CA. We used the SFL to verify the digital signature of S/MIME version 2 >signedData messages created by RSA (S/MAIL toolkit), WorldTalk, Microsoft >and Entrust. We used the SFL to create S/MIME v2 signedData messages that >were verified by RSA, WorldTalk and Microsoft. We used the SFL to decrypt >an S/MIME v2 envelopedData message encrypted using the RSA S/MAIL toolkit. >Also at SecureConnect, we began interoperability testing of S/MIME v3 >features with Microsoft. We believe that the SecureConnect event was >extremely valuable and we plan to participate at the next SecureConnect >event scheduled for Spring 1999. > >Prior to the SecureConnect event, VDA performed interoperability testing >between the Microsoft Outlook Express (MSOE) S/MIME v2 e-mail client and the >SFL. We used the SFL to successfully verify the signature of an >MSOE-generated v2 signedData message. We used the SFL to create a >signedData message that was verified by MSOE. We used the SFL to decrypt an >envelopedData that was encrypted by MSOE. We used the SFL to encrypt an >envelopedData that was then decrypted using MSOE. We also used the SFL to >exchange a signed and encrypted S/MIME v2 message (i.e. signedData >encapsulated within envelopedData) with MSOE. > >All of this interoperability testing was conducted using the RSA suite of >algorithms. We plan to test the IETF mandatory crypto algorithms: Secure >Hash Algorithm-1, Digital Signature Algorithm, Triple Digital Encryption >Standard and Diffie-Hellman key agreement algorithm. > >To achieve these results, we made minor changes to the SFL v0.3 code such as >adding support for additional object identifiers. We plan to deliver an >updated release of the SFL that includes these fixes by the end of August. > >More information regarding the SFL is available on the Fortezza Developer's >S/MIME Page (http://www.armadillo.huntsville.al.us/software/smime). > >================================ >John Pawling, jsp@jgvandyke.com >J.G. Van Dyke & Associates, Inc. >================================ > > From owner-imc-sfl Fri Sep 11 13:08:49 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id NAA24076 for imc-sfl-bks; Fri, 11 Sep 1998 13:08:49 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id NAA24072 for ; Fri, 11 Sep 1998 13:08:48 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id QAA05475 for ; Fri, 11 Sep 1998 16:17:49 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id QAA02761; Fri, 11 Sep 1998 16:16:24 -0400 Date: Fri, 11 Sep 1998 16:16:24 -0400 Message-Id: <199809112016.QAA02761@ajsn101.jgvandyke.com> X-Sender: jsp@ajsn101 X-Mailer: Windows Eudora Version 1.4.4 Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" To: imc-sfl@imc.org From: jsp@jgvandyke.com (John Pawling) Subject: SFL C API Requirements??? Sender: owner-imc-sfl@imc.org Precedence: bulk All, J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library (SFL) to implement the IETF S/MIME v3 CMS and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In the past, we have stated that we are going to also develop a C API in addition to the C++ API. We are now re-examining the requirement to develop a C API. Does anybody require a C API in addition to a C++ API to the SFL? ================================ John Pawling, jsp@jgvandyke.com J.G. Van Dyke & Associates, Inc. www.jgvandyke.com ================================ From owner-imc-sfl Mon Sep 14 18:56:03 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id SAA13912 for imc-sfl-bks; Mon, 14 Sep 1998 18:56:03 -0700 (PDT) Received: from inet16.us.oracle.com (inet16.us.oracle.com [192.86.155.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id SAA13908 for ; Mon, 14 Sep 1998 18:56:03 -0700 (PDT) Received: from mailsun3 (mailsun3-fddi.us.oracle.com [144.25.88.135]) by inet16.us.oracle.com (8.8.5/8.8.5) with SMTP id TAA03264 for ; Mon, 14 Sep 1998 19:01:49 -0700 (PDT) Received: from us.oracle.com by mailsun3 with ESMTP (SMI-8.6/37.9) id TAA27349; Mon, 14 Sep 1998 19:01:48 -0700 Message-ID: <35FDCD49.3D476926@us.oracle.com> Date: Mon, 14 Sep 1998 19:13:29 -0700 From: Guang Yee X-Mailer: Mozilla 4.05 [en] (WinNT; U) MIME-Version: 1.0 To: imc-sfl@imc.org Subject: Re: [Fwd: SFL C API Requirements???] References: <35F9911B.763DD2BB@us.oracle.com> Content-Type: multipart/mixed; boundary="------------FE68716E0009B645CEED4B4F" Sender: owner-imc-sfl@imc.org Precedence: bulk This is a multi-part message in MIME format. --------------FE68716E0009B645CEED4B4F Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Yes. Any plans to implement a Java API to the SFL in the near future? > Subject: SFL C API Requirements??? > Date: Fri, 11 Sep 1998 16:16:24 -0400 > From: jsp@jgvandyke.com (John Pawling) > To: imc-sfl@imc.org > > All, > > J.G. Van Dyke and Associates (VDA) is developing the S/MIME Freeware Library > (SFL) to implement the IETF S/MIME v3 CMS > and ESS I-Ds. To date, we have developed the SFL to provide a C++ API. In > the past, we have stated that we are going to also develop a C API in > addition to the C++ API. We are now re-examining the requirement to develop > a C API. Does anybody require a C API in addition to a C++ API to the SFL? > > ================================ > John Pawling, jsp@jgvandyke.com > J.G. Van Dyke & Associates, Inc. > www.jgvandyke.com > ================================ --------------FE68716E0009B645CEED4B4F Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Guang Yee Content-Disposition: attachment; filename="vcard.vcf" begin: vcard fn: Guang Yee n: Yee;Guang org: Oracle adr: 600 Oracle Parkway;;M/S: 6op301D;Redwood Shores;CA;94065;USA email;internet: gyee@us.oracle.com title: Member of Technical Staff tel;work: (650)633-6338 x-mozilla-cpt: ;0 x-mozilla-html: TRUE version: 2.1 end: vcard --------------FE68716E0009B645CEED4B4F-- From owner-imc-sfl Tue Sep 15 06:40:20 1998 Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id GAA06793 for imc-sfl-bks; Tue, 15 Sep 1998 06:40:20 -0700 (PDT) Received: from apollo.jgvandyke.com (apollo.jgvandyke.com [158.189.10.100]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id GAA06789 for ; Tue, 15 Sep 1998 06:40:19 -0700 (PDT) Received: from ajsn101.jgvandyke.com (ajsn101.jgvandyke.com [158.189.2.101]) by apollo.jgvandyke.com (8.8.8/8.8.8) with SMTP id JAA17962; Tue, 15 Sep 1998 09:49:41 -0400 (EDT) Received: from ajpc81 by ajsn101.jgvandyke.com (SMI-8.6/SMI-SVR4) id JAA18295; Tue, 15 Sep 1998 09:48:15 -0400 Date: Tue, 15 Sep 1998 09:48:15 -0400 Message-Id: <199