doc: Add RFC documents

1 files changed, 339 insertions, 0 deletions

diff --git a/doc/rfc/rfc3853.txt b/doc/rfc/rfc3853.txt
new file mode 100644
index 0000000..fd6fbaa
--- /dev/null
+++ b/doc/rfc/rfc3853.txt
@@ -0,0 +1,339 @@
+
+
+
+
+
+
+Network Working Group                                        J. Peterson
+Request for Comments: 3853                                       Neustar
+Updates: 3261                                                  July 2004
+Category: Standards Track
+
+
+               S/MIME Advanced Encryption Standard (AES)
+         Requirement for the Session Initiation Protocol (SIP)
+
+Status of this Memo
+
+   This document specifies an Internet standards track protocol for the
+   Internet community, and requests discussion and suggestions for
+   improvements.  Please refer to the current edition of the "Internet
+   Official Protocol Standards" (STD 1) for the standardization state
+   and status of this protocol.  Distribution of this memo is unlimited.
+
+Copyright Notice
+
+   Copyright (C) The Internet Society (2004).
+
+Abstract
+
+   RFC 3261 currently specifies 3DES as the mandatory-to-implement
+   ciphersuite for implementations of S/MIME in the Session Initiation
+   Protocol (SIP).  This document updates the normative guidance of RFC
+   3261 to require the Advanced Encryption Standard (AES) for S/MIME.
+
+Table of Contents
+
+   1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 2
+   2. Terminology  . . . . . . . . . . . . . . . . . . . . . . . . . . 3
+   3. S/MIME Ciphersuite Requirements for SIP  . . . . . . . . . . . . 3
+   4. Security Considerations  . . . . . . . . . . . . . . . . . . . . 3
+   5. References . . . . . . . . . . . . . . . . . . . . . . . . . . . 4
+      5.1.  Normative References . . . . . . . . . . . . . . . . . . . 4
+      5.2.  Informative References . . . . . . . . . . . . . . . . . . 4
+   6. Acknowledgments  . . . . . . . . . . . . . . . . . . . . . . . . 4
+   7. Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 5
+   8. Full Copyright Statement . . . . . . . . . . . . . . . . . . . . 6
+
+
+
+
+
+
+
+
+
+
+
+Peterson                    Standards Track                     [Page 1]
+
+RFC 3853             S/MIME AES Requirement for SIP            July 2004
+
+
+1.  Introduction
+
+   The Session Initiation Protocol (SIP) specification (RFC 3261 [1])
+   currently details optional support (a normative MAY) for the use of
+   secure MIME, or S/MIME (RFC 2633 [8]).  Since RFC 3261 was published,
+   the S/MIME specification and the underlying Cryptographic Message
+   Syntax (CMS, RFC 3369 [3]) have undergone some revision.  Ongoing
+   work has identified AES as a algorithm that might be used for content
+   encryption in S/MIME.
+
+   The Advanced Encryption Standard (AES [6]) is widely believed to be
+   faster than Triple-DES (3DES, which has previously been mandated for
+   usage with S/MIME) and to be comparably secure.  AES is also believed
+   to have comparatively low memory requirements, which makes it
+   suitable for use in mobile or embedded devices, an important use-case
+   for SIP.
+
+   As an additional consideration, the SIP specification has a
+   recommendation (normative SHOULD) for support of Transport Layer
+   Security (TLS, RFC 2246 [7]).  TLS support in SIP requires the usage
+   of AES.  That means that currently, implementations that support both
+   TLS and S/MIME must support both 3DES and AES.  A similar duplication
+   of effort exists with DSS in S/MIME as a digital signature algorithm
+   (the mandatory TLS ciphersuite used by SIP requires RSA).  Unifying
+   the ciphersuite and signature algorithm requirements for TLS and
+   S/MIME would simplify security implementations.
+
+   It is therefore desirable to bring the S/MIME requirement for SIP
+   into parity with ongoing work on the S/MIME standard, as well as to
+   unify the algorithm requirements for TLS and S/MIME.  To date, S/MIME
+   has not yet seen widespread deployment in SIP user agents, and
+   therefore the minimum ciphersuite for S/MIME could be updated without
+   obsoleting any substantial deployments of S/MIME for SIP (in fact,
+   these changes will probably make support for S/MIME easier).  This
+   document therefore updates the normative requirements for S/MIME in
+   RFC 3261.
+
+   Note that work on these revisions in the S/MIME working group is
+   still in progress.  This document will continue to track that work as
+   it evolves.  By initiating this process in the SIP WG now, we provide
+   an early opportunity for input into the proposed changes and give
+   implementers some warning that the S/MIME requirements for SIP are
+   potentially changing.
+
+
+
+
+
+
+
+
+Peterson                    Standards Track                     [Page 2]
+
+RFC 3853             S/MIME AES Requirement for SIP            July 2004
+
+
+2.  Terminology
+
+   In this document, the key words "MUST", "MUST NOT", "REQUIRED",
+   "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT
+   RECOMMENDED", "MAY", and "OPTIONAL" are to be interpreted as
+   described in BCP 14, RFC 2119 [2] and indicate requirement levels for
+   compliant SIP implementations.
+
+3.  S/MIME Ciphersuite Requirements for SIP
+
+   The following updates the text of RFC 3261 Section 23.3, specifically
+   the fifth bullet point.  The text currently reads:
+
+   o  S/MIME implementations MUST at a minimum support SHA1 as a digital
+      signature algorithm, and 3DES as an encryption algorithm.  All
+      other signature and encryption algorithms MAY be supported.
+      Implementations can negotiate support for these algorithms with
+      the "SMIMECapabilities" attribute.
+
+   This text is updated with the following:
+
+   S/MIME implementations MUST at a minimum support RSA as a digital
+   signature algorithm and SHA1 as a digest algorithm [5], and AES as an
+   encryption algorithm (as specified in [4].  For key transport, S/MIME
+   implementations MUST support RSA key transport as specified in
+   section 4.2.1. of [5].  S/MIME implementations of AES MUST support
+   128-bit AES keys, and SHOULD support 192 and 256-bit keys.  Note that
+   the S/MIME specification [8] mandates support for 3DES as an
+   encryption algorithm, DH for key encryption and DSS as a signature
+   algorithm.  In the SIP profile of S/MIME, support for 3DES, DH and
+   DSS is RECOMMENDED but not required.  All other signature and
+   encryption algorithms MAY be supported.  Implementations can
+   negotiate support for algorithms with the "SMIMECapabilities"
+   attribute.
+
+   Since SIP is 8-bit clean, all implementations MUST use 8-bit binary
+   Content-Transfer-Encoding for S/MIME in SIP.  Implementations MAY
+   also be able to receive base-64 Content-Transfer-Encoding.
+
+4.  Security Considerations
+
+   The migration of the S/MIME requirement from Triple-DES to AES is not
+   known to introduce any new security considerations.
+
+
+
+
+
+
+
+
+Peterson                    Standards Track                     [Page 3]
+
+RFC 3853             S/MIME AES Requirement for SIP            July 2004
+
+
+5.  References
+
+5.1.  Normative References
+
+   [1]  Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
+        Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
+        Session Initiation Protocol", RFC 3261, June 2002.
+
+   [2]  Bradner, S., "Key words for use in RFCs to indicate requirement
+        levels", BCP 14, RFC 2119, March 1997.
+
+   [3]  Housley, R., "Cryptographic Message Syntax (CMS)", RFC 3369,
+        August 2002.
+
+   [4]  Schaad, J., "Use of the Advanced Encryption Standard (AES)
+        Encryption Algorithm in Cryptographic Message Syntax (CMS)", RFC
+        3565, July 2003.
+
+   [5]  Housley, R., "Cryptographic Message Syntax (CMS) Algorithms",
+        RFC 3394, August 2002.
+
+5.2.  Informative References
+
+   [6]  National Institute of Standards & Technology, "Advanced
+        Encryption Standard (AES).", FIPS 197, November 2001.
+
+   [7]  Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", RFC
+        2246, January 1999.
+
+   [8]  Ramsdell, B., Ed., "S/MIME Version 3.1 Message Specification",
+        RFC 3851, July 2004.
+
+6.  Acknowledgments
+
+   Thanks to Rohan Mahy, Gonzalo Camarillo, and Eric Rescorla for review
+   of this document.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Peterson                    Standards Track                     [Page 4]
+
+RFC 3853             S/MIME AES Requirement for SIP            July 2004
+
+
+7.  Author's Address
+
+   Jon Peterson
+   NeuStar, Inc.
+   1800 Sutter St
+   Suite 570
+   Concord, CA  94520
+   US
+
+   Phone: +1 925/363-8720
+   EMail: jon.peterson@neustar.biz
+   URI:   http://www.neustar.biz/
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Peterson                    Standards Track                     [Page 5]
+
+RFC 3853             S/MIME AES Requirement for SIP            July 2004
+
+
+8.  Full Copyright Statement
+
+   Copyright (C) The Internet Society (2004).  This document is subject
+   to the rights, licenses and restrictions contained in BCP 78, and
+   except as set forth therein, the authors retain all their rights.
+
+   This document and the information contained herein are provided on an
+   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
+   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
+   ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
+   INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
+   INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
+   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Intellectual Property
+
+   The IETF takes no position regarding the validity or scope of any
+   Intellectual Property Rights or other rights that might be claimed to
+   pertain to the implementation or use of the technology described in
+   this document or the extent to which any license under such rights
+   might or might not be available; nor does it represent that it has
+   made any independent effort to identify any such rights.  Information
+   on the procedures with respect to rights in RFC documents can be
+   found in BCP 78 and BCP 79.
+
+   Copies of IPR disclosures made to the IETF Secretariat and any
+   assurances of licenses to be made available, or the result of an
+   attempt made to obtain a general license or permission for the use of
+   such proprietary rights by implementers or users of this
+   specification can be obtained from the IETF on-line IPR repository at
+   http://www.ietf.org/ipr.
+
+   The IETF invites any interested party to bring to its attention any
+   copyrights, patents or patent applications, or other proprietary
+   rights that may cover technology that may be required to implement
+   this standard.  Please address the information to the IETF at ietf-
+   ipr@ietf.org.
+
+Acknowledgement
+
+   Funding for the RFC Editor function is currently provided by the
+   Internet Society.
+
+
+
+
+
+
+
+
+
+Peterson                    Standards Track                     [Page 6]
+