RFC 1040 (rfc1040) - Page 1 of 29


Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures



Alternative Format: Original Text Document

Next >


Network Working Group                                    J. Linn (BBNCC)
Request for Comments: 1040                        IAB Privacy Task Force
Obsoletes RFCs: 989                                         January 1988


           Privacy Enhancement for Internet Electronic Mail:
       Part I: Message Encipherment and Authentication Procedures


STATUS OF THIS MEMO

   This RFC suggests a proposed protocol for the Internet community, and
   requests discussion and suggestions for improvements.  Distribution
   of this memo is unlimited.

ACKNOWLEDGMENT

   This RFC is the outgrowth of a series of IAB Privacy Task Force
   meetings and of internal working papers distributed for those
   meetings.  I would like to thank the following Privacy Task Force
   members and meeting guests for their comments and contributions at
   the meetings which led to the preparation of this RFC:  David
   Balenson, Curt Barker, Matt Bishop, Danny Cohen, Tom Daniel, Charles
   Fox, Morrie Gasser, Steve Kent (chairman), John Laws, Steve Lipner,
   Dan Nessett, Mike Padlipsky, Rob Shirey, Miles Smid, Steve Walker,
   and Steve Wilbur.

1.  Executive Summary

   This RFC defines message encipherment and authentication procedures,
   as the initial phase of an effort to provide privacy enhancement
   services for electronic mail transfer in the Internet.  Detailed key
   management mechanisms to support these procedures will be defined in
   a subsequent RFC.  As a goal of this initial phase, it is intended
   that the procedures defined here be compatible with a wide range of
   key management approaches, including both conventional (symmetric)
   and public-key (asymmetric) approaches for encryption of data
   encrypting keys.  Use of conventional cryptography for message text
   encryption and/or integrity check computation is anticipated.

   Privacy enhancement services (confidentiality, authentication, and
   message integrity assurance) are offered through the use of
   end-to-end cryptography between originator and recipient User Agent
   processes, with no special processing requirements imposed on the
   Message Transfer System at endpoints or at intermediate relay
   sites.  This approach allows privacy enhancement facilities to be
   incorporated on a site-by-site or user-by-user basis without impact
   on other Internet entities.  Interoperability among heterogeneous



Linn


Next >


Web Standards & Support:

Link to and support eLook.org Powered by LoadedWeb Web Hosting
Valid XHTML 1.0! Valid CSS! eLook.org FireFox Extensions