Privacy-Enhanced Electronic Mail (pem)

Status: Concluded February, 1996 
 Stephen Kent 
Description of Working Group:
PEM is the outgrowth of work by the Privacy and Security
Research Group (PSRG) of the IRTF.  At the heart of PEM is a set of
procedures for transforming RFC 822 messages in such a fashion as to
provide integrity, data origin authenticity, and, optionally,
confidentiality.  PEM may be employed with either symmetric or
asymmetric cryptographic key distribution mechanisms.  Because the
asymmetric (public-key) mechanisms are better suited to the large
scale, heterogeneously administered environment characteristic of the
Internet, to date only those mechanisms have been standardized.  The
standard form adopted by PEM is largely a profile of the CCITT X.509
(Directory Authentication Framework) recommendation.
PEM is defined by a series of documents.  The first in the
series defines the message processing procedures.  The second defines
the public-key certification system adopted for use with PEM.
The third provides definitions and identifiers for various
algorithms used by PEM.  The fourth defines message formats and conventions for
user registration, Certificate Revocation List (CRL) distribution,
etc.  (The first three of these were previously issued as RFCs 1113,
1114 and 1115.  All documents have been revised and are being issued
first as Internet-Drafts.)

Request for Comments:

  • RFC1319 The MD2 Message-Digest Algorithm (Informational)
  • RFC1320 The MD4 Message-Digest Algorithm (Informational)
  • RFC1321 The MD5 Message-Digest Algorithm (Informational)
  • RFC1421 Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures (Proposed Standard)
  • RFC1422 Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management (Proposed Standard)
  • RFC1423 Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers (Proposed Standard)
  • RFC1424 Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services (Proposed Standard)
  • RFC1847 Security Multiparts for MIME: Multipart/Signed and Multipart/Encrypted (Proposed Standard)
  • RFC1848 MIME Object Security Services (Proposed Standard)