[IPP] Fwd: [lamps] S/MIME 4+

[IPP] Fwd: [lamps] S/MIME 4+

Ira McDonald blueroofmusic at gmail.com
Wed May 27 16:30:35 UTC 2026 

Hi,

FYI - for IPP Encrypted Jobs and Documents

Cheers,
- Ira

---------- Forwarded message ---------
From: Sean Turner <sean at sn3rd.com>
Date: Wed, May 27, 2026 at 11:26 AM
Subject: [lamps] S/MIME 4+
To: IETF LAMPS <spasm at ietf.org>


Hi! Blake and I submitted drafts that we are hoping will be the basis for
S/MIME 4+. Four things I would like to draw your attention to:

1. Authors

Jim Schaad passed away in 2020. Out of acknowledgement for the amount of
work he put into previous versions, we have moved him to the new
"Contributors” section.

2. Formatting

The drafts are as close to RFCs 8550 & 8551 as I could get them; previous
versions had some formatting that I could not recreate with the current
tools (s7.1 in RFCs 8550 & 8551 was moved to s1.2 in the bis drafts). We
can then make changes and everybody can then see what’s changed. Drafts are
here:

https://datatracker.ietf.org/doc/draft-turner-lamps-rfc8550bis/
https://datatracker.ietf.org/doc/draft-turner-lamps-rfc8551bis/

Diffs to RFCs 8550 & 8551 are here:

https://author-tools.ietf.org/iddiff?url1=rfc8550&url2=draft-turner-lamps-rfc8550bis-00&difftype=--html
https://author-tools.ietf.org/iddiff?url1=rfc8551&url2=draft-turner-lamps-rfc8551bis-00&difftype=--html

3. Version Number

I picked 4+ because how much we change will dictate what number we use.

4. Changes to Incorporate !?!

I started an issue to track what we are going to change - we can then
create sub-issues to track each one we agree to do; see
https://github.com/seanturner/smime/issues/1.

The one thing I absolutely sure we need to include in this update is a
“fix” that addresses the Falco attack; see
https://github.com/seanturner/smime/issues/2. BUT, the question is do we do
that simply by requiring signed attributes always be present or do we do
what -cms-euf-cma-signeddata recommends for new protocols and use the
id-ct-mimeData content type?

I am sure others will come up with more, but here are more changes to
consider:
    • Deprecate use of EnvelopedData except for backward compatibility?
    • Deprecate RSA encryption?
    • Keep RSA-OAEP?
    • Add PQ algorithms?
    • Drop ’88 ASN.1 Module?

Let the games begin!

Cheers,
spt

_______________________________________________
Spasm mailing list -- spasm at ietf.org
To unsubscribe send an email to spasm-leave at ietf.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.pwg.org/pipermail/ipp/attachments/20260527/4c116885/attachment.html>

More information about the ipp mailing list