Presentation is loading. Please wait.

Presentation is loading. Please wait.

S/MIME Freeware Library IETF S/MIME WG 13 December 2000 Getronics Government Solutions.

Published byAshlynn Parker Modified over 9 years ago

Similar presentations

Presentation on theme: "S/MIME Freeware Library IETF S/MIME WG 13 December 2000 Getronics Government Solutions."— Presentation transcript:

1 S/MIME Freeware Library IETF S/MIME WG 13 December 2000 John.Pawling@GetronicsGov.com Getronics Government Solutions

2 Getronics Freeware Security Libraries S/MIME Freeware Library Implements CMS/ESS security protocol Provides ESS features: security labels, signed receipts, secure mail list info, signing certificate Certificate Management Library Validates X.509 v3 certification paths and CRLs Provides local cert/CRL storage functions Provides remote directory retrieval via LDAP Access Control Library Provides Rule Based Access Control using security labels and authorizations conveyed in either X.509 Attribute or public key certificates Enhanced SNACC ASN.1 library provides DER

3 Getronics Freeware Architecture CygnaCom Certificate Path Development Library S/MIME Freeware Library Application (email, web browser/server, file encrypter, etc) Access Control Library Enhanced SNACC ASN.1 Library Crypto Token Interface Libraries Certificate Management Library Other Protocols

4 Getronics Freeware Availability For all Getronics freeware libraries, unencumbered source code is freely available to all from. Getronics freeware can be used as part of applications without paying any royalties or licensing fees. There is a public license associated with each Getronics freeware library.

5 S/MIME Freeware Library SFL is freeware implementation of IETF S/MIME v3 RFC 2630 CMS & RFC 2634 ESS. When used with Crypto++ library, SFL implements RFC 2631 D-H Key Agreement Method (E-S). SFL supports use of RFC 2632 (Certificate Handling) and RFC 2633 (Message Specification). Goal: Provide reference implementation of RFCs 2630 & 2634 to encourage acceptance as Internet Standards. Protects any type of data (not just MIME). SFL maximizes crypto algorithm independence. SFL successfully used by many vendors.

6 SFL High Level Library Enhanced SNACC ASN.1 Library Various PKCS #11 Libraries CTIL for PKCS #11 Various Tokens CTIL for Crypto++ Crypto++ Freeware Library CTIL for BSAFE RSA BSAFE Library CTIL: Crypto Token Interface Library Note: Third parties are welcome to develop other CTILs. SFL Architecture Fortezza CI Library CTIL for Fortezza Fortezza Card/SWF SPYRUS SPEX/ II Library CTIL for SPEX/ Various Tokens

7 SFL Interoperability Testing SFL exchanges signed & encrypted msgs with S/MIME v2 products. SFL S/MIME v3 interop testing includes majority of RFC 2630, 2631, 2634 features; some RFC 2632, 2633 features. SFL produces and processes majority of "Examples of S/MIME Messages". SFL-generated data included in Examples-05 I-D such as: signed receipts, countersignatures, security labels, equivalent labels, mail list information, signing certificate attribute. SFL produces and processes majority of features in Jim Schaad’s S/MIME v3 interop test matrix.

8 SFL Interop Testing (cont’d) S/MIME v3 interop testing between SFL & Microsoft (Windows 2000) included majority of CMS/ESS features using mandatory, RSA and Fortezza algorithms. Tested signed receipts, security labels, mail list information. Some S/MIME V3 CMS/ESS testing with Baltimore and Entrust has been performed. More is planned. Test drivers (source code) and test data available in SFL release or separately upon request.

9 SFL Update SEP 00: v1.8 SFL included: –Tested RedHat Linux, Windows NT/98/00, Solaris 2.7 –PKCS #12 process/create capabilities (OpenSSL) –Complete PKCS #11 CTIL JAN 01: v1.9 SFL will include: –Improved PKCS #11 CTIL (tested with GemPlus, DataKey, Litronic PKCS #11 libraries) –Advanced Encryption Standard (AES) content encryption (aes-alg-00) and key wrap (128, 192, 256 bit keys; based on CMS 3DES key wrap algorithm) –Enhanced SNACC performance/memory usage –Bug fixes (ex: corrected D-H OID)

10 IMC Mail Lists Internet Mail Consortium (IMC) has established SFL, CML and Enhanced SNACC mail lists used to: –distribute information regarding releases; –discuss technical issues; and –provide feedback/bug reports/questions. Subscription information for mail lists available at: Please DO NOT send SFL/CML/Enhanced SNACC messages to IETF mail lists.

Download ppt "S/MIME Freeware Library IETF S/MIME WG 13 December 2000 Getronics Government Solutions."

Similar presentations

© Copyrights 1998 Algorithmic Research Ltd. All rights Reserved D a t a S e c u r i t y A c r o s s t h e E n t e r p r i s e Algorithmic Research a company.

© Copyrights 1998 Algorithmic Research Ltd. All rights Reserved D a t a S e c u r i t y A c r o s s t h e E n t e r p r i s e Algorithmic Research a company.
Digital Certificate Installation & User Guide For Class-2 Certificates.

Digital Certificate Installation & User Guide For Class-2 Certificates.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
1 PK-Enabling Toolkits August 27, 2001. 2 CSOS Interfaces STATUS CHECKING Network Interface: HTTP Port 80 PKI Interface: PKCS 10 Request PKCS 7 Response.

1 PK-Enabling Toolkits August 27, CSOS Interfaces STATUS CHECKING Network Interface: HTTP Port 80 PKI Interface: PKCS 10 Request PKCS 7 Response.
Certificate Authorities - Commercial Options Robert Brentrup Educause/Dartmouth PKI Summit July 26, 2005.

Certificate Authorities - Commercial Options Robert Brentrup Educause/Dartmouth PKI Summit July 26, 2005.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.

SSL & SharePoint IT:Network:Applications. Agenda Secure Socket Layer Encryption 101 SharePoint Customization SharePoint Integration.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.

European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Secure Teleradiology Nick Collett Brookside Consulting

Secure Teleradiology Nick Collett Brookside Consulting
Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)

Product and Technology News Georg Bommer, Inter-Networking AG (Switzerland)
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 15 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
S/MIME Email and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.

S/MIME and PKI Dartmouth College PKI Lab. What Is S/MIME? RFC 2633 (S/MIME Version 3)RFC 2633 Extensions to MIME Uses PKI certificates, keys, and.
Public Key Infrastructure from the Most Trusted Name in e-Security.

Public Key Infrastructure from the Most Trusted Name in e-Security.
SMUCSE 5349/49 Email Security. SMUCSE 5349/7349 Threats Threats to the security of e-mail itself –Loss of confidentiality E-mails are sent in clear over.

SMUCSE 5349/49 Security. SMUCSE 5349/7349 Threats Threats to the security of itself –Loss of confidentiality s are sent in clear over.
PKI Processing with OpenSSL Rodney Thayer

PKI Processing with OpenSSL Rodney Thayer
VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;

VDA Security Services Freeware Libraries Update IETF S/MIME WG 29 March 2000 John Pawling J.G. Van Dyke & Associates (VDA), Inc;

Similar presentations

Ads by Google