[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: S/MIME and PGP
From: Jorg Beermann <beermann () secude ! com>
Date: 2001-08-22 8:03:01
[Download RAW message or body]
Hi,
to get it a little more clear:
S/MIME v3 has widely the same structure as S/MIME v2 (both of these are
based on
MIME rfc1521, rfc 1522)
the main differnence is that for v2 the CMS (Cryptograhic Message Syntax)
is the well known PKCS#7(rfc2315) ;) and for v3 the CMS is not called
PKCS#...
but just CMS (rfc2630).
And there are some more features as in the v2 CMS.
The main differnence between the PGP securd MIME (rfc2015, rfc3156) is that
S/MIME uses the CMS mentioned above. And this is a big differnence ;)
cause S/MIME takes use of the x.509 Public Key Infrastructure
(rfc2459) PKIX, by the way wich is used by SSL/TSL as well,
and these hierarchical structure is real differnet from PGP and the web of
trust.
x.509 Certificates (we talk of version 3) are DER encoded ASN.1 structures,
which encapsulates a lot of additional information apart from the Public Key
of
the owner.
For this reason the framework to handle x.509v3 Certificates is totaly
diffrent
from the framwork to handle with PGP keys.
Im not an PGP or an PGP secured MIME expert, so please let me know if I?m
wrong,
but furthermore in S/MIME you can sign and/or encrypt every kind of MIME
Contenttyp,
just one Bodypart or the hole message with 5 Bodyparts,
you can produce countersignatures or groupsignatures you can produce a
Request for a certificate and so on...
And I think this is not possible with PGP, or is it?
So I hope these mitght be a little bit illuminative for S/MIME ;)
Jorg
> > > Is S/MIME using the multipart/{encrypted,signed} (RFC1847), or did
> > > they cook up something different?
> >
> > I would suggest you to look at www.rsa.com for PKCS standards series.
> > Actually S/MIME is PKCS #7. Also it was decribed somewhere else. I
> > found osme traces in RFCs...
> >
> > But this standard is a basic one.
>
> I know that S/MIME is defined in a series of RFC's.
> This doesn't answer my question. PKCS#[0-9]+ has nothing to do with how
> encrypted messages are sent via MIME.
> <digging...>
> OK, FTR: It's RFC2311 and it seems to build on rfc1847. So the
> framework for rfc2015/rfc3156 that is being developed currently can be
> used for s/mime, too.
Ough, yes. If we talk about embedding PKCS #7 message in a mail - 2311 is a
good start. But I suspect it is better to look at 2632, 2633, 2634 first.
They describe S/MIME v3. not v2.
--
Sincerely Yours,
Denis Perchine
----------------------------------
E-Mail: dyp@perchine.com
HomePage: http://www.perchine.com/dyp/
FidoNet: 2:5000/120.5
----------------------------------
_______________________________________________
Kmail Developers mailing list
Kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
_______________________________________________
Kmail Developers mailing list
Kmail@mail.kde.org
http://mail.kde.org/mailman/listinfo/kmail
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic