J. Linn. RFC 1115: Privacy enhancement for Internet electronic mail: Part III --- algorithms, modes, and identifiers, Aug. 1989. Obsoleted by RFC1423 [2].  Home/Search   Document Not in Database   Summary   Related Articles   Check

....solutions for providing authentication and key exchange exist in the literature, including Kerberos [SNS88] and the Distributed System Security Architecture (DSSA) GGKL89] that we will analyze in detail later. Other examples include the ISO security architecture [iITT88] and privacy enhanced mail [KL89]. None of these systems were designed to facilitate application development, and most are based on a specific authentication protocol. Delegation has only relatively recently received much attention as large scale distributed systems become more common. As a result the available literature is ....

S. Kent and J. Linn. RFC 1114: Privacy Enhancement for Internet Electronic Mail: Part II --- Certificate-Based Key Management. Internet Activities Board, August 1989. 34

....(about 200 decimal digits long eachtomake the public key encryption reasonably strong) Obtaining memory for them, as well as additional cache memory for larger resource records, is not a problem in currentarchitectures. The keys have to be obtained before they can be used. S. Kent describes in [Ken93b] certifi, based key management# X.509 is the equivalent in the OSI world. We will not go into detail regarding the key distribution process. The registering process is rather cumbersome. The calculations to encrypt and decrypt message digests may take too long to support the goal of the ....

Stephen T. Kent. RFC-1422 Privacy Enhancement for Internet Electronic Mail: PartII: Certificate-Based Key Management. Network Working Group, February 1993.

....Who said that the message came from that person Were they authorised to say that What steps did they take to be sure, and what confidence can you place in their judgement In the PASSWORD project, the secure e mail protocols we used were X. 400(88) 2] and Internet Privacy Enhance Mail [3]. Although there are many important di#erences between these protocols, they use the same approach to identifying and authenticating users, so I will describe them both together. They both meet the requirements outlined above by providing the following facilities: User names are designed to be ....

S. Kent and J. Linn. RFC 1114: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate Based Key Management. IAB Privacy Task Force, 1989.

....provides a particular example of the PKCS process at work. PKCS #7, now at version 1.5, defines the syntax for several kinds of cryptographically protected messages, including encrypted messages and messages with digital signatures. Originally an outgrowth of Internet Privacy Enhanced Mail [1], PKCS #7 has become the basis for the now widely implemented S MIME secure electronic mail specification [2] But its applications have not been limited to mail; PKCS #7 has also become a basis for message security in systems as diverse as the Secure Electronic Transaction (SET) specifications ....

J. Linn. RFC 1421: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures.February 1993.

....containing the message digest is encrypted with the RSA private key of the signer of the content. The content and the encrypted message digest are represented together according to the syntax in PKCS #7 to yield a digital signature. This application is compatible with Privacy Enhanced Mail methods [4,5]. For digital envelopes, the content to be enveloped is first encrypted under a content encryption key with a content encryption algorithm (such as DES [6] and then the content encryption key is encrypted with the RSA public key(s) of the recipient(s) of the content. The encrypted content and ....

J. Linn. RFC 1115: Privacy Enhancement for Internet Electronic Mail: Part III -- Algorithms, Modes, and Identifiers. August 1989. See also [17].

.... provides a particular example of the PKCS process at work. PKCS #7, now at version 1.5, defines the syntax for several kinds of cryptographically protected messages, including encrypted messages and messages with digital signatures. Originally an outgrowth of Internet Privacy Enhanced Mail [1], PKCS #7 has become the basis for the now widely implemented S MIME secure electronic mail specification [2] But its applications have not been limited to mail; PKCS #7 has also become a basis for message security in systems as diverse as the Secure Electronic Transaction (SET) specifications ....

J. Linn. RFC 1421: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures. February 1993.

....standard [19] thus certificates can be read or written by any application complying with X.509. Further refinements are found in the PKCS set of standards (see Question 8.9) and the PEM standard (see Question 8. 7) A detailed discussion of certificate format can also be found in Kent [40]. A certificate is issued by a certifying authority (see Question 3.7) and signed with the certifying authority s private key. 17 3.6 How are certificates used A certificate is displayed in order to generate confidence in the legitimacy of a public key. Someone verifying a signature can also ....

S. Kent. RFC 1422: Privacy Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management. Internet Activities Board, February 1993.

....(about 200 decimal digits long each to make the public key encryption reasonably strong) Obtaining memory for them, as well as additional cache memory for larger resource records, is not a problem in current architectures. The keys have to be obtained before they can be used. S. Kent describes in [Ken93b] certificate based key management; X.509 is the equivalent in the OSI 2 world. We will not go into detail regarding the key distribution process. The registering process is rather cumbersome. The calculations to encrypt and decrypt message digests may take too long to support the goal of the ....

Stephen T. Kent. RFC-1422 Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management. Network Working Group, February 1993.

....containing the message digest is encrypted with the RSA private key of the signer of the content. The content and the encrypted message digest are represented together according to the syntax in PKCS #7 to yield a digital signature. This application is compatible with Privacy Enhanced Mail methods [4,5]. For digital envelopes, the content to be enveloped is first encrypted under a content encryption key with a content encryption algorithm (such as DES [6] and then the content encryption key is encrypted with the RSA public key(s) of the recipient(s) of the content. The encrypted content and ....

J. Linn. RFC 1115: Privacy Enhancement for Internet Electronic Mail: Part III -- Algorithms, Modes, and Identifiers. August 1989. See also [17].

....containing the message digest is encrypted with the RSA private key of the signer of the content. The content and the encrypted message digest are represented together according to the syntax in PKCS #7 to yield a digital signature. This application is compatible with Privacy Enhanced Mail methods [4,5]. For digital envelopes, the content to be enveloped is first encrypted under a content encryption key with a content encryption algorithm (such as DES [6] and then the content encryption key is encrypted with the RSA public key(s) of the recipient(s) of the content. The encrypted content and ....

J. Linn. RFC 1115: Privacy Enhancement for Internet Electronic Mail: Part III -- Algorithms, Modes, and Identifiers. August 1989. See also [17].

....of integers assigned by the authority that defines the content type. This standard defines five content types (see PKCS #7: CRYPTOGRAPHIC ENHANCEMENT SYNTAX STANDARD 5 6.2 DigestAlgorithmIdentifier The DigestAlgorithmIdentifier type identifies a message digest algorithm. Examples include MD2 [10,11] and MD5 [12] whose object identifiers are given in the NIST OIW agreements [13] DigestAlgorithmIdentifier : AlgorithmIdentifier 6.3 DigestEncryptionAlgorithm The DigestEncryptionAlgorithm type identifies a digest encryption algorithm under which a message digest can be encrypted. One ....

J. Linn. RFC 1115: Privacy Enhancement for Internet Electronic Mail: Part III -- Algorithms, Modes, and Identifiers. August 1989.

.... SEQUENCE version Version, issuerAndSerialNumber IssuerAndSerialNumber, digestAlgorithm DigestAlgorithmIdentifier, authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL, digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier, encryptedDigest EncryptedDigest, unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL EncryptedDigest : OCTET STRING The fields of type SignerInfo have the following meanings: version is the syntax version number. It shall be 0 for this version of the standard. issuerAndSerialNumber specifies the signer s certificate (and thereby the signer s ....

....MD) denote octet strings. Underlining (e.g. MDO) indicates that an octet string is BER encoded. MD message digest MDO BER encoded message digest object identifier PKCS #7: CRYPTOGRAPHIC ENHANCEMENT SYNTAX STANDARD 2 enabling reliable transmission by re encoding the octet string. RFC 1113 [1] suggests one possible solution to this problem. 2. ....

J. Linn. RFC 1113: Privacy Enhancement for Internet Electronic Mail: Part I -- Message Encipherment and Authentication Procedures. August 1989. See also [17].

....containing the message digest is encrypted with the RSA private key of the signer of the content. The content and the encrypted message digest are represented together according to the syntax in PKCS #7 to yield a digital signature. This application is compatible with Privacy Enhanced Mail methods [4,5]. For digital envelopes, the content to be enveloped is first encrypted under a content encryption key with a content encryption algorithm (such as DES [6] and then the content encryption key is encrypted with the RSA public key(s) of the recipient(s) of the content. The encrypted content and ....

J. Linn. RFC 1115: Privacy Enhancement for Internet Electronic Mail: Part III -- Algorithms, Modes, and Identifiers. August 1989. See also [17].

....types Explicit tagging denotes a type derived from another type by adding an outer tag to the underlying type. Explicit tagging is used for optional SEQUENCE components with underlying type ANY throughout PKCS, and for the version component of X. 509 s Certificate type [4] as revised by RFC 1114 [6]. 5.2.1 ASN.1 notation The ASN.1 notation for explicitly tagged types is [ class] number] EXPLICIT Type class = UNIVERSAL APPLICATION PRIVATE where Type is a type, class is an optional class name, and number is the tag number within the class, a nonnegative integer. If the class name is ....

....ContentType, content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL Here the underlying type is ANY DEFINED BY contentType, the class is absent (i.e. context specific) and the tag number within the class is 0. As another example, X. 509 s Certificate type [4] as updated by RFC 1114 [6]) has a version component with an explicit, context specific tag, where the EXPLICIT keyword is omitted: A LAYMAN S GUIDE TO A SUBSET OF ASN.1, BER, AND DER 14 Certificate : version [0] Version DEFAULT v1988, The tag is explicit because the default tagging method for the ASN.1 ....

[Article contains additional citation context not shown here]

S. Kent and J. Linn. RFC 1114: Privacy Enhancement for Internet Electronic Mail: Part II -- Certificate-Based Key Management. August 1989. See also [16].

....encryption algorithm. An entity s password, salt value, and iteration count may be different for each message the entity encrypts. Two password based encryption algorithms are defined here. The first algorithm (informally, MD2 with DES CBC ) combines the MD2 message digest algorithm [4,5] with DES in cipher block chaining mode, and the second (informally, MD5 with DESCBC ) combines the MD5 message digest algorithm [6] with DES in cipher block chaining mode. The selected message digest algorithm shall either be MD2 or MD5, depending on the password based encryption algorithm. ....

....as described in PKCS #8 [1] The standard defines two key encryption algorithms: MD2 with DES CBC and MD5 with DES CBC. The algorithms employ DES secret key encryption [2] in cipher block chaining mode [3] where the secret key is derived from a password with the MD2 message digest algorithm [4,5], or MD5 message digest algorithm [6] 2. ....

J. Linn. RFC 1115: Privacy Enhancement for Internet Electronic Mail: Part III -- Algorithms, Modes, and Identifiers. August 1989.

....(policy and procedure agreements) among authorizing or verifying entities. The common ways of doing this are represented in a continuum from a centralized root, hierarchical structure of certification authorities that operate under some set of common policies at one end of the spectrum (see [Ken93]) through webs of organization scope CAs, to the completely decentralized approach of PGP (where individuals attest to each other s attributes) at the other end. All of these approaches are in use, and we have focused on the middle ground of independent organization level CAs that attest to ....

Steve Kent. RFC-1422: Privacy enhancement for internet electronic mail: Part II: Certificate-based key management, Feb 1993. Available at http://ds.internic.net/rfc/rfc1422.txt.

....establish and represent trust relationships between different CAs, because clients, mediator and information sources may work with different CAs. Some common ways of doing this are following: ffl a hierarchical structure of certification authorities that operate under some set of common policies [12, 10] ffl completely decentralized approach of PGP where individuals attest to each other s attributes [17] Trust relationships between CAs respectively CA domains can be represented by an exchange of trusted public keys. If there is a single CA that signs key in both domains, then these public keys ....

S. Kent. RFC-1422: Privacy enhancement for internet electronic mail: Part II: Certificate-based key management. http://www.imc.org/rfc1422.

No context found.

J. Linn. RFC 1115: Privacy enhancement for Internet electronic mail: Part III --- algorithms, modes, and identifiers, Aug. 1989. Obsoleted by RFC1423 [2].

No context found.

Linn, J.: RFC 1421: Privacy enhancement for Internet electronic mail: Part I: Message encryption and authentication procedures (1993) Obsoletes RFC1113 [6]. Status: PROPOSED STANDARD. 15

No context found.

Linn, J.: RFC 1113: Privacy enhancement for Internet electronic mail: Part I --- message encipherment and authentication procedures (1989) Obsoleted by RFC1421 [16]. Obsoletes RFC0989, RFC1040 [4, 5]. Status: HISTORIC.

No context found.

Linn, J.: RFC 1040: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures (1988) Obsoleted by RFC1113 [6]. Obsoletes RFC0989 [4]. Status: UNKNOWN.

No context found.

Linn, J.: RFC 989: Privacy enhancement for Internet electronic mail: Part I: Message encipherment and authentication procedures (1987) Obsoleted by RFC1040, RFC1113 [5, 6]. Status: UNKNOWN.

No context found.

S. Kent. RFC 1422: Privacy Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management. Internet Activities Board, February 1993.

No context found.

S. Kent. RFC 1422: Privacy Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management. Internet Activities Board, February 1993.

No context found.

S. Kent, RFC 1422: Privacy Enhancement for Internet Electronic Mail, Part II: Certificate-Based Key Management, February 1993

First 50 documents

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC