The peer entity authentication service allows two adjacent components in the MHS to create a secure association by transferring authentication credentials. For example, a UA may provide a password to its MTA when establishing a connection to submit a message. This service counters the threat of masquerade (i.e., impersonation of one MHS entity to another).
To provide peer entity authentication, the connection initiator transfers either simple authentication credentials (i.e., passwords) or strong authentication credentials (i.e., signatures) to the connection recipient. If strong authentication is used, the signature is applied to an asymmetric token, called a bind token.
In the bind token's signed-data, the connection initiator places a non-repeating number. This number allows the recipient to detect replay threats. For example, if a recipient receives a connection request where the token's non-repeating number duplicates a number received previously, the recipient can assume that the connection request is a replay of the previous connection.
The initiator may use the bind token's encrypted-data to transfer secret information, such as a symmetric encryption key. The communicating parties can use this key to encrypt data transferred across the connection (see sec. 11.6.3 for an example).
The connection initiator signs the bind token using its private key. The recipient validates the token signature using the initiator's public key certificate. This certificate may be registered with the recipient, transferred during the authentication process, or distributed by some other means.