Privacy-Enhanced Electronic Mail (pem) -------------------------------------- Charter Last Modified: 02/09/1996 Current Status: Concluded Working Group Chair(s): Stephen Kent Security Area Director(s): Jeffrey Schiller Steve Bellovin Security Area Advisor: Jeffrey Schiller Mailing Lists: General Discussion:pem-dev@tis.com To Subscribe: pem-dev-request@tis.com Archive: pem-dev-request@tis.com Description of Working Group: PEM is the outgrowth of work by the Privacy and Security Research Group (PSRG) of the IRTF. At the heart of PEM is a set of procedures for transforming RFC 822 messages in such a fashion as to provide integrity, data origin authenticity, and, optionally, confidentiality. PEM may be employed with either symmetric or asymmetric cryptographic key distribution mechanisms. Because the asymmetric (public-key) mechanisms are better suited to the large scale, heterogeneously administered environment characteristic of the Internet, to date only those mechanisms have been standardized. The standard form adopted by PEM is largely a profile of the CCITT X.509 (Directory Authentication Framework) recommendation. PEM is defined by a series of documents. The first in the series defines the message processing procedures. The second defines the public-key certification system adopted for use with PEM. The third provides definitions and identifiers for various algorithms used by PEM. The fourth defines message formats and conventions for user registration, Certificate Revocation List (CRL) distribution, etc. (The first three of these were previously issued as RFCs 1113, 1114 and 1115. All documents have been revised and are being issued first as Internet-Drafts.) Goals and Milestones: JUL 91 Revise Proposed Standards and submit to IESG for consideration as a Draft Standard, and repeat for consideration as an Internet Standard. Done Submit second document as an Internet-Draft. Done First IETF working group meeting to review Internet-Drafts. Done Submit revised Internet-Drafts based on comments received during working group meeting, from pem-dev mailing list, etc. Done Submit Internet-Drafts to IESG for consideration as Proposed Standards. Done Post an Internet-Draft of the MIME/PEM Interaction specification. APR 93 Submit the PEM/MIME specification to the IESG for consideration as a Proposed Standard. Done Submit first, third, and fourth documents as Internet-Drafts. Internet-Drafts: No Current Internet-Drafts. Request For Comments: RFC Stat Published Title ------- -- ----------- ------------------------------------ RFC1320 I APR 92 The MD4 Message-Digest Algorithm RFC1319 I APR 92 The MD2 Message-Digest Algorithm RFC1321 I APR 92 The MD5 Message-Digest Algorithm RFC1424 PS FEB 93 Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services RFC1422 PS FEB 93 Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management RFC1423 PS FEB 93 Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers RFC1421 PS FEB 93 Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures RFC1847 PS OCT 95 Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted RFC1848 PS OCT 95 MIME Object Security Services