Privacy-Enhanced Electronic Mail (pem)
--------------------------------------
Charter
Last Modified: 02/09/1996
Current Status: Concluded Working Group
Chair(s):
Stephen Kent <kent@bbn.com>
Security Area Director(s):
Jeffrey Schiller <jis@mit.edu>
Steve Bellovin <smb@research.att.com>
Security Area Advisor:
Jeffrey Schiller <jis@mit.edu>
Mailing Lists:
General Discussion:pem-dev@tis.com
To Subscribe: pem-dev-request@tis.com
Archive: pem-dev-request@tis.com
Description of Working Group:
PEM is the outgrowth of work by the Privacy and Security
Research Group (PSRG) of the IRTF. At the heart of PEM is a set of
procedures for transforming RFC 822 messages in such a fashion as to
provide integrity, data origin authenticity, and, optionally,
confidentiality. PEM may be employed with either symmetric or
asymmetric cryptographic key distribution mechanisms. Because the
asymmetric (public-key) mechanisms are better suited to the large
scale, heterogeneously administered environment characteristic of the
Internet, to date only those mechanisms have been standardized. The
standard form adopted by PEM is largely a profile of the CCITT X.509
(Directory Authentication Framework) recommendation.
PEM is defined by a series of documents. The first in the
series defines the message processing procedures. The second defines
the public-key certification system adopted for use with PEM.
The third provides definitions and identifiers for various
algorithms used by PEM. The fourth defines message formats and conventions for
user registration, Certificate Revocation List (CRL) distribution,
etc. (The first three of these were previously issued as RFCs 1113,
1114 and 1115. All documents have been revised and are being issued
first as Internet-Drafts.)
Goals and Milestones:
JUL 91 Revise Proposed Standards and submit to IESG for
consideration as a Draft Standard, and repeat for
consideration as an Internet Standard.
Done Submit second document as an Internet-Draft.
Done First IETF working group meeting to review Internet-Drafts.
Done Submit revised Internet-Drafts based on comments received
during working group meeting, from pem-dev mailing list,
etc.
Done Submit Internet-Drafts to IESG for consideration as
Proposed Standards.
Done Post an Internet-Draft of the MIME/PEM Interaction
specification.
APR 93 Submit the PEM/MIME specification to the IESG for
consideration as a Proposed Standard.
Done Submit first, third, and fourth documents as
Internet-Drafts.
Internet-Drafts:
No Current Internet-Drafts.
Request For Comments:
RFC Stat Published Title
------- -- ----------- ------------------------------------
RFC1320 I APR 92 The MD4 Message-Digest Algorithm
RFC1319 I APR 92 The MD2 Message-Digest Algorithm
RFC1321 I APR 92 The MD5 Message-Digest Algorithm
RFC1424 PS FEB 93 Privacy Enhancement for Internet Electronic Mail:
Part IV: Key Certification and Related Services
RFC1422 PS FEB 93 Privacy Enhancement for Internet Electronic Mail:
Part II: Certificate-Based Key Management
RFC1423 PS FEB 93 Privacy Enhancement for Internet Electronic Mail:
Part III: Algorithms, Modes, and Identifiers
RFC1421 PS FEB 93 Privacy Enhancement for Internet Electronic Mail:
Part I: Message Encryption and Authentication
Procedures
RFC1847 PS OCT 95 Security Multiparts for MIME: Multipart/Signed and
Multipart/Encrypted
RFC1848 PS OCT 95 MIME Object Security Services