Internet Draft                                      Editor: Peter Gutmann
draft-ietf-smime-compression-01.txt                 University of Auckland
August 29, 2000
Expires February 2001

                   Compressed Data Content Type for S/MIME

Status of this memo

This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026.

Internet-Drafts are working documents of the Internet Engineering Task
Force (IETF), its areas, and its working groups.  Note that other
groups may also distribute working documents as Internet-Drafts.

Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time.  It is inappropriate to use Internet- Drafts as reference
material or to cite them other than as "work in progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

Abstract

The Cryptographic Message Syntax data format doesn't currently contain
any provisions for compressing data before processing it.  Compressing
data before transmission provides a number of advantages including the
elimination of data redundancy which could help an attacker, speeding
up processing by reducing the amount of data to be processed by later
steps such as signing or encryption, and reducing overall message size.
Although there have been proposals for adding compression at other
levels (for example at the MIME or SSL level) these don't address the
problem of compression of CMS content unless the compression is
supplied by an external means (for example by intermixing MIME and
CMS).  This document defines a format for using compressed data as a
CMS content type.

1. Introduction

This document describes a compressed data content encryption type for
S/MIME. This is implemented as a new ContentInfo type and is an
extension to the types currently defined in CMS [RFC 2630].  Future
implementations of CMS SHOULD include this extension.

The format of the messages are described in ASN.1:1994 [ASN1].

The key words "MUST", "MUST NOT", "REQUIRED", "SHOULD", "SHOULD NOT",
"RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be
interpreted as described in [RFC2119].

1.1 Compressed Data Content Type

The compressed-data content type consists of content of any type
compressed using a specified algorithm.  The following object
identifier identifies the compressed-data content type:

  id-ct-compressedData OBJECT IDENTIFIER ::= { iso(1) member-body(2)
    us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1) 9 }

The compressed-data content type shall have ASN.1 type CompressedData:

  CompressedData ::= SEQUENCE {
    version CMSVersion,
    compressionAlgorithm CompressionAlgorithmIdentifier,
    encapContentInfo EncapsulatedContentInfo
    }

The fields of type CompressedData have the following meanings:

    version is the syntax version number.  It shall be 0.

    compressionAlgorithm is a compression algorithm identifier, as
    defined in section 2.

    encapContentInfo is the content which is compressed.

Implementations SHOULD use the SMIMECapabilities attribute to indicate
their ability to process compressed content types.  A compression
SMIMECapability consists of the AlgorithmIdentifier for the supported
compression algorithm, in the case of the algorithm specified in this
document this is id-alg-zlibCompression with parameters NULL.
Alternatively, the use of compression may be handled by prior
arrangement (for example as part of an interoperability profile).

2. Compression Types

CMS implementations should include ZLIB [RFC 1950] [RFC 1951], which is
free of any intellectual property restrictions and has a freely-
available, portable and efficient reference implementation.  The
following object identifier identifies ZLIB:

  id-alg-zlibCompress OBJECT IDENTIFIER ::= { iso(1) member-body(2)
    us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) alg(3) 8 }

The parameters for this algorithm are NULL.

3. Security Considerations

This RFC is not concerned with security, except for the fact that
compressing data before encryption can enhance the security provided by
other processing steps by reducing the quantity of known plaintext
available to an attacker.

Author Address

Peter Gutmann
University of Auckland
Private Bag 92019
Auckland, New Zealand
pgut001@cs.auckland.ac.nz

References

  ASN1  Recommendation X.680: Specification of Abstract Syntax Notation
        One (ASN.1), 1994.

  RFC2119 Key Words for Use in RFC's to Indicate Requirement Levels,
        S.Bradner, March 1997.

  RFC1950 ZLIB Compressed Data Format Specification version 3.3,
        P.Deutsch and J-L Gailly, May 1996.

  RFC1951 DEFLATE Compressed Data Format Specification version 1.3,
        P.Deutsch, May 1996.

  RFC 2630 Cryptographic Message Syntax, R.Housley, June 1999.

Appendix A: ASN.1 Module

CompressedDataContent
  { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
    smime(16) modules(0) compress(11) }

DEFINITIONS IMPLICIT TAGS ::=
BEGIN

IMPORTS
  CMSVersion, EncapsulatedContentInfo FROM CryptographicMessageSyntax
    { iso(1) member-body(2) us(840) rsadsi(113549)
      pkcs(1) pkcs-9(9) smime(16) modules(0) cms(1) },
  AlgorithmIdentifier FROM AuthenticationFramework
    { joint-iso-itu-t ds(5) module(1) authenticationFramework(7) 3 };


CompressedData ::= SEQUENCE {
  version CMSVersion,       -- Always set to 0
  compressionAlgorithm CompressionAlgorithmIdentifier,
  encapContentInfo EncapsulatedContentInfo
  }

CompressionAlgorithmIdentifer ::= AlgorithmIdentifier

END

Full Copyright Statement

Copyright (C) The Internet Society 1999.  All Rights Reserved.

This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it or
assist in its implementation may be prepared, copied, published and
distributed, in whole or in part, without restriction of any kind,
provided that the above copyright notice and this paragraph are
included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing the
copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of developing
Internet standards in which case the procedures for copyrights defined
in the Internet Standards process must be followed, or as required to
translate it into languages other than English.

The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.

This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT
NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL
NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.