Privacy-Enhanced Electronic Mail (PEM) Charter Chair(s) Stephen Kent: kent@bbn.com Mailing Lists General Discussion: pem-dev@tis.com To Subscribe: pem-dev-request@tis.com Archive: pem-dev-request@tis.com Description of Working Group PEM is the outgrowth of work by the Privacy and Security Research Group (PSRG) of the IRTF. At the heart of PEM is a set of procedures for transforming RFC 822 messages in such a fashion as to provide integrity, data origin authenticity, and, optionally, confidentiality. PEM may be employed with either symmetric or asymmetric cryptographic key distribution mechanisms. Because the asymmetric (public-key) mechanisms are better suited to the large scale, heterogeneously administered environment characteristic of the Internet, to date only those mechanisms have been standardized. The standard form adopted by PEM is largely a profile of the CCITT X.509 (Directory Authentication Framework) recommendation. PEM is defined by a series of documents. The first in the series defines the message processing procedures. The second defines the public-key certification system adopted for use with PEM. The third provides definitions and identifiers for various algorithms used by PEM. The fourth defines message formats and conventions for user registration, Certificate Revocation List (CRL) distribution, etc. (The first three of these were previously issued as RFCs 1113, 1114 and 1115. All documents have been revised and are being issued first as Internet-Drafts.) Goals and Milestones Done Submit first, third, and fourth documents as Internet-Drafts. Ongoing Revise Proposed Standards and submit to IESG for consideration as a Draft Standard, and repeat for consideration as an Internet Standard. Done Submit second document as an Internet-Draft. Done First IETF working group meeting to review Internet-Drafts. Done Submit revised Internet-Drafts based on comments received during working group meeting, from pem-dev mailing list, etc. Done Submit Internet-Drafts to IESG for consideration as Proposed Standards. Done Post an Internet-Draft of the MIME/PEM Interaction specification. Apr 1993 Submit the PEM/MIME specification to the IESG for consideration as a Proposed Standard. Internet-Drafts ``PEM Security Services and MIME'', 07/21/1994, S. Crocker, N. Freed, J. Galvin ``Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted'', 07/21/1994, J. Galvin, S. Murphy, S. Crocker ``Privacy Enhancement for Internet Electronic Mail: Part V: ANSI X9.17-Based Key Management'', 08/12/1994, J. Backus Request For Comments RFC 1319 ``The MD2 Message-Digest Algorithm'' RFC 1320 ``The MD4 Message-Digest Algorithm'' RFC 1321 ``The MD5 Message-Digest Algorithm'' RFC 1421 ``Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures'' RFC 1422 ``Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management'' RFC 1423 ``Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers'' RFC 1424 ``Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services''