| rfc9788v8.txt | rfc9788.txt | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) D. K. Gillmor | Internet Engineering Task Force (IETF) D. K. Gillmor | |||
| Request for Comments: 9788 American Civil Liberties Union | Request for Comments: 9788 American Civil Liberties Union | |||
| Updates: 8551 B. Hoeneisen | Updates: 8551 B. Hoeneisen | |||
| Category: Standards Track pEp Project | Category: Standards Track pEp Project | |||
| ISSN: 2070-1721 A. Melnikov | ISSN: 2070-1721 A. Melnikov | |||
| Isode Ltd | Isode Ltd | |||
| July 2025 | August 2025 | |||
| Header Protection for Cryptographically Protected Email | Header Protection for Cryptographically Protected Email | |||
| Abstract | Abstract | |||
| S/MIME version 3.1 introduced a mechanism to provide end-to-end | S/MIME version 3.1 introduced a mechanism to provide end-to-end | |||
| cryptographic protection of email message headers. However, few | cryptographic protection of email message headers. However, few | |||
| implementations generate messages using this mechanism, and several | implementations generate messages using this mechanism, and several | |||
| legacy implementations have revealed rendering or security issues | legacy implementations have revealed rendering or security issues | |||
| when handling such a message. | when handling such a message. | |||
| skipping to change at line 668 ¶ | skipping to change at line 668 ¶ | |||
| * signed message with multiple signatures | * signed message with multiple signatures | |||
| * encrypted message with a cryptographic signature outside the | * encrypted message with a cryptographic signature outside the | |||
| encryption | encryption | |||
| All such messages are out of scope of this document. | All such messages are out of scope of this document. | |||
| 1.9. Example | 1.9. Example | |||
| This section gives an overview by providing an example of how MIME | This section provides an example of MIME messages with Header | |||
| messages with Header Protection look. | Protection. | |||
| Consider the following MIME message: | Consider the following MIME message: | |||
| A └┬╴application/pkcs7-mime; smime-type="enveloped-data" | A └┬╴application/pkcs7-mime; smime-type="enveloped-data" | |||
| ╧ (decrypts to) | ╧ (decrypts to) | |||
| B └┬╴application/pkcs7-mime; smime-type="signed-data" | B └┬╴application/pkcs7-mime; smime-type="signed-data" | |||
| ┴ (unwraps to) | ┴ (unwraps to) | |||
| C └┬╴multipart/alternative; hp="cipher" | C └┬╴multipart/alternative; hp="cipher" | |||
| D ├─╴text/plain; hp-legacy-display="1" | D ├─╴text/plain; hp-legacy-display="1" | |||
| E └─╴text/html; hp-legacy-display="1" | E └─╴text/html; hp-legacy-display="1" | |||
| skipping to change at line 3366 ¶ | skipping to change at line 3366 ¶ | |||
| [RFC8551] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ | [RFC8551] Schaad, J., Ramsdell, B., and S. Turner, "Secure/ | |||
| Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 | Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 | |||
| Message Specification", RFC 8551, DOI 10.17487/RFC8551, | Message Specification", RFC 8551, DOI 10.17487/RFC8551, | |||
| April 2019, <https://www.rfc-editor.org/info/rfc8551>. | April 2019, <https://www.rfc-editor.org/info/rfc8551>. | |||
| [RFC9580] Wouters, P., Ed., Huigens, D., Winter, J., and Y. Niibe, | [RFC9580] Wouters, P., Ed., Huigens, D., Winter, J., and Y. Niibe, | |||
| "OpenPGP", RFC 9580, DOI 10.17487/RFC9580, July 2024, | "OpenPGP", RFC 9580, DOI 10.17487/RFC9580, July 2024, | |||
| <https://www.rfc-editor.org/info/rfc9580>. | <https://www.rfc-editor.org/info/rfc9580>. | |||
| [RFC9787] Gillmor, D. K., Ed., Hoeneisen, B., Ed., and A. Melnikov, | [RFC9787] Gillmor, D. K., Ed., Melnikov, A., Ed., and B. Hoeneisen, | |||
| Ed., "Guidance on End-to-End Email Security", RFC 9787, | Ed., "Guidance on End-to-End Email Security", RFC 9787, | |||
| DOI 10.17487/RFC9787, June 2025, | DOI 10.17487/RFC9787, August 2025, | |||
| <https://www.rfc-editor.org/info/rfc9787>. | <https://www.rfc-editor.org/info/rfc9787>. | |||
| 13.2. Informative References | 13.2. Informative References | |||
| [chrome-indicators] | [chrome-indicators] | |||
| Schechter, E., "Evolving Chrome's security indicators", | Schechter, E., "Evolving Chrome's security indicators", | |||
| Chromium Blog, May 2018, | Chromium Blog, May 2018, | |||
| <https://blog.chromium.org/2018/05/evolving-chromes- | <https://blog.chromium.org/2018/05/evolving-chromes- | |||
| security-indicators.html>. | security-indicators.html>. | |||
| skipping to change at line 12161 ¶ | skipping to change at line 12161 ¶ | |||
| this document and proposed concrete, substantial improvements. | this document and proposed concrete, substantial improvements. | |||
| Thanks to his contributions, the document is clearer, and the | Thanks to his contributions, the document is clearer, and the | |||
| protocols described herein are more useful. | protocols described herein are more useful. | |||
| Additionally, the authors would like to thank the following people | Additionally, the authors would like to thank the following people | |||
| who have provided helpful comments and suggestions for this document: | who have provided helpful comments and suggestions for this document: | |||
| Berna Alp, Bernhard E. Reiter, Bron Gondwana, Carl Wallace, Claudio | Berna Alp, Bernhard E. Reiter, Bron Gondwana, Carl Wallace, Claudio | |||
| Luck, Daniel Huigens, David Wilson, Éric Vyncke, Hernani Marques, | Luck, Daniel Huigens, David Wilson, Éric Vyncke, Hernani Marques, | |||
| juga, Kelly Bristol, Krista Bennett, Lars Rohwedder, Michael StJohns, | juga, Kelly Bristol, Krista Bennett, Lars Rohwedder, Michael StJohns, | |||
| Nicolas Lidzborski, Orie Steele, Paul Wouters, Peter Yee, Phillip | Nicolas Lidzborski, Orie Steele, Paul Wouters, Peter Yee, Phillip | |||
| Tao, Robert Williams, Rohan Mahy, Roman Danyliw, Russ Housley, Sofia | Tao, Robert Williams, Rob Sayre, Rohan Mahy, Roman Danyliw, Russ | |||
| Balicka, Steve Kille, Volker Birk, Warren Kumari, and Wei Chuang. | Housley, Sofia Balicka, Steve Kille, Volker Birk, Warren Kumari, and | |||
| Wei Chuang. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Daniel Kahn Gillmor | Daniel Kahn Gillmor | |||
| American Civil Liberties Union | American Civil Liberties Union | |||
| 125 Broad St. | 125 Broad St. | |||
| New York, NY 10004 | New York, NY 10004 | |||
| United States of America | United States of America | |||
| Email: dkg@fifthhorseman.net | Email: dkg@fifthhorseman.net | |||
| Bernie Hoeneisen | Bernie Hoeneisen | |||
| pEp Project | pEp Project | |||
| Oberer Graben 4 | Oberer Graben 4 | |||
| CH- 8400 Winterthur | CH-8400 Winterthur | |||
| Switzerland | Switzerland | |||
| Email: bernie@ietf.hoeneisen.ch | Email: bernie@ietf.hoeneisen.ch | |||
| URI: https://pep-project.org/ | URI: https://pep-project.org/ | |||
| Alexey Melnikov | Alexey Melnikov | |||
| Isode Ltd | Isode Ltd | |||
| 14 Castle Mews | 14 Castle Mews | |||
| Hampton, Middlesex | Hampton, Middlesex | |||
| TW12 2NP | TW12 2NP | |||
| United Kingdom | United Kingdom | |||
| End of changes. 6 change blocks. | ||||
| 8 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||