The IT Law Wiki


Internet Engineering Task Force, Network Working Group, Privacy Enhancement for Internet Electronic Mail: Part I — Message Encipherment and Authentication Procedures (RFC 989) (Feb. 1989); (RFC 1113) (Aug. 1989).


These RFCs suggests a draft standard elective protocol for the Internet community, and requests discussion and suggestions for improvements. This RFC is the outgrowth of a series of IAB Privacy Task Force meetings and of internal working papers distributed for those meetings. It defines message encipherment and authentication procedures, in order to provide privacy enhancement services for electronic mail transfer in the Internet. It is intended that the procedures defined here be compatible with a wide range of key management approaches, including both conventional (symmetric) and public-key (asymmetric) approaches for encryption of data encrypting keys.

Use of conventional cryptography for message text encryption and/or authentication is anticipated.

Privacy enhancement services (confidentiality, authentication, and message integrity assurance) are offered through the use of end-to-end cryptography between originator and recipient User Agent processes, with no special processing requirements imposed on the Message Transfer System at endpoints or at intermediate relay sites. This approach allows privacy enhancement facilities to be incorporated on a site-by-site or user-by-user basis without impact on other Internet entities. Interoperability among heterogeneous components and mail transport facilities is supported.