RFC Errata

Errata Search

Source of RFC  
Summary Table Full Records

RFC 5751, "Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification", January 2010

Note: This RFC has been obsoleted by RFC 8551

Source of RFC: smime (sec)

Errata ID: 2031
Status: Rejected
Type: Technical
Publication Format(s) : TEXT

Reported By: Derek Edson
Date Reported: 2010-02-01
Rejected by: Tim Polk
Date Rejected: 2010-03-21

Section says:

   The micalg parameter allows for one-pass processing when the
   signature is being verified.  The value of the micalg parameter is
   dependent on the message digest algorithm(s) used in the calculation
   of the Message Integrity Check.  If multiple message digest
   algorithms are used, they MUST be separated by commas per [MIME-
   SECURE].  The values to be placed in the micalg parameter SHOULD be
   from the following:

      Algorithm   Value Used

      MD5         md5
      SHA-1       sha-1
      SHA-224     sha-224
      SHA-256     sha-256
      SHA-384     sha-384
      SHA-512     sha-512
      Any other   (defined separately in algorithm profile or "unknown"
                   if not defined)

   (Historical note: some early implementations of S/MIME emitted and
   expected "rsa-md5", "rsa-sha1", and "sha1" for the micalg parameter.)
   Receiving agents SHOULD be able to recover gracefully from a micalg
   parameter value that they do not recognize.  Future names for this
   parameter will be consistent with the IANA "Hash Function Textual
   Names" registry.


This revision creates a backward compatibility issue with S/MIME v2, S/MIME v3 and S/MIME v3.1 agents. In each of the previous (obsoleted) standards, they all refer to the micalg for SHA-1 as "sha1" and not "sha-1".

The historical note should mean that v3.2 agents will recognize "sha1" as emitted by earlier implementations, but these implementations are unlikely to recognize the micalg value of "sha-1" emitted by a v3.2 agent.

All previous standards state that receiving agents SHOULD be able to handle this situation gracefully, but when these agents fail to recognize a micalg value, they can no longer perform a "one-pass processing". Given that this parameter is "required", the most likely implication is that they will fail to verify the signature.

To ensure interoperability with clients supporting previous versions, the micalg for SHA-1 MUST remain as "sha1", and receiving agents SHOULD also accept "sha-1".

The micalg parameters values have always been defined as "SHOULD", but for interoperability they should be declared as "MUST".
These changes were introduced for alignment with the names in the IANA "Hash Function Textual Names" registry. Given that the requirements is a SHOULD and the note explains the situation, I do not consider this text in error.

Report New Errata