1. 技术文章
  2. S/mime timestamp support

S/mime timestamp support

点点圈 提交于 2019-12-10 10:54:47

问题


OK now I do have the timestamp from a TS provider.

How am I supposed to put it in a mime message so to comply with the standards? As far as I know, no mailer supports timestamping, and this will not be a problem because I will be handling the mime message myself.

However I want to make it the standard way... any examples?

Thanks.


回答1:


I think @Michael's own answer is just quite there with the following caveats:

  • An application/timestamp-replyis intended to transport a TimeStampResp which may or may not contain a TimeStampToken, and for the current purpose a TimeStampToken is always required to exist. See RFC 3161, "2.4.2. Response Format".
  • application/timestamp-reply content type is not currently defined as a security multipart protocol. See RFC 1847, "1. Introduction" and RFC 3161, "3.1. Time-Stamp Protocol Using E-mail".

Because of the previous I suggest the following sample structure:

MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/timestamp-signature"; micalg="sha256"; boundary="{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}"

--{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
MIME-Version: 1.0
Content-Type: text/plain

Hello

--{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
Content-Type: application/timestamp-signature; name="tst.bin"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="tst.bin"

MIINygYJKoZIhvcNAQcCoIINuzCCDbcCAQMxDzANBglghkgBZQMEAgEFADB5BgsqhkiG9w0BCRAB
BKBqBGgwZgIBAQYLYIZIAYb9bgEHFwQwMTANBglghkgBZQMEAgEFAAQg7fR3pD+6Lw0dlYtTjYke
...
vlwFfWaVsUq6VyE0Sw3mVxQGooR7/GH10QSP7bNQqHNWyk1kX+9FlrRY3BPjsvJ046+ol74/3QkB
WA7ZrAGzhwRBPQKfkCXysHwtDIj7iF1YXcXoeKQ1SWiGjhIHCpCXMJwNiapZQfYsnZQbI6L/xXMA

--{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}--

Where

  • tst.bin is a TimeStampToken.
  • application/timestamp-signature is an non-standard security multipart protocol.

Edit:

There seems to be a couple of standards that could fit here:

  • RFC 5544 - "Syntax for Binding Documents with Time-Stamps"
  • RFC 5955 - "The application/timestamped-data Media Type"

But I did not have the time to check them in detail.




回答2:


I believe this is the appropriate format:

MIME-Version: 1.0
Content-Type: multipart/signed; protocol="application/timestamp-reply"; micalg="sha256"; boundary="{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}"

--{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
MIME-Version: 1.0
Content-Type: text/plain

Hello

--{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}
Content-Type: application/timestamp-reply; name="smime.tsr"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="smime.tsr"

MIIIUgYJKoZIhvcNAQcCoIIIQzCCCD8CAQMxDzANBglghkgBZQMEAgEFADCCAQ4G
CyqGSIb3DQEJEAEEoIH+BIH7MIH4AgEBBgorBgEEAbIxAgEBMDEwDQYJYIZIAWUD
BAIBBQAEIO30d6Q/ui8NHZWLU42JHpvHqwcukBtDCZiWtieBErjfAhQJsQprheA+
j/8hfRdCJYqNwURr+BgPMjAxNjA3MjgxMTM4NDdaoIGMpIGJMIGGMQswCQYDVQQG
EwJHQjEbMBkGA1UECBMSR3JlYXRlciBNYW5jaGVzdGVyMRAwDgYDVQQHEwdTYWxm
b3JkMRowGAYDVQQKExFDT01PRE8gQ0EgTGltaXRlZDEsMCoGA1UEAxMjQ09NT0RP
IFNIQS0yNTYgVGltZSBTdGFtcGluZyBTaWduZXKgggSgMIIEnDCCA4SgAwIBAgIQ
TrCHj8wkNTay2Mn3vzlVdzANBgkqhkiG9w0BAQsFADCBlTELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMV
VGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0
cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3QtT2JqZWN0MB4XDTE1MTIz
MTAwMDAwMFoXDTE5MDcwOTE4NDAzNlowgYYxCzAJBgNVBAYTAkdCMRswGQYDVQQI
ExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAYBgNVBAoT
EUNPTU9ETyBDQSBMaW1pdGVkMSwwKgYDVQQDEyNDT01PRE8gU0hBLTI1NiBUaW1l
IFN0YW1waW5nIFNpZ25lcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
AM68dLdwgE9e8z+Yqi7L1BIBIzVpCyK85v0JbCjkExKsu7ot5dXdIu5ztiz40qRx
50kleKslt5AQoJuLdybdQOpBo/2IzXKmiTtQVxx6JSQiAlFANWeKMWkN5TlzSTmb
lQGFUvIrFImaTgSkvECuOabdQALgOnX+PX1VlFvxTiR8yLhYGcrA2r5YE5rmHOfR
wTvwXY9JCCGe0PO+1tRmT1xyNnvDgtOYCJSvq0RPGMcU2haxHjIOEjjAtTx27HVQ
ACAEERntxv/fTv4IgScxT3F0bgMMcCeBVWqaQ5Kkf9v9P8UXHkG7zuinf4yV+f1/
+GGIiQA+/wsB2/3VtaTkkRECAwEAAaOB9DCB8TAfBgNVHSMEGDAWgBTa7WR0FJwU
PKvdmam9WyhNizzJ2DAdBgNVHQ4EFgQUfb+R16dsWkdmRHuQ1I6QckGPF8IwDgYD
VR0PAQH/BAQDAgbAMAwGA1UdEwEB/wQCMAAwFgYDVR0lAQH/BAwwCgYIKwYBBQUH
AwgwQgYDVR0fBDswOTA3oDWgM4YxaHR0cDovL2NybC51c2VydHJ1c3QuY29tL1VU
Ti1VU0VSRmlyc3QtT2JqZWN0LmNybDA1BggrBgEFBQcBAQQpMCcwJQYIKwYBBQUH
MAGGGWh0dHA6Ly9vY3NwLnVzZXJ0cnVzdC5jb20wDQYJKoZIhvcNAQELBQADggEB
AFCw9d9frTPcw1NYWLzCE3V7IB1Uyro/UD+6ivRrCWPAW12L1nUac72L/0fxFdxR
FiMZMuZukk3Rxi5aHohCFMly5dcIUIpq9WRAVq4k42GXFULwLEiug+Y1PItbwo+u
jsw0UjTg+/7K/bEkaNGkESMQBv2ywiQnx9fpShyPPz7P7et1eWyOX/chtlDmJaHN
ZpQSbL/bs66H2GgDciACwn7alPNyBzxX6FUk5wWgHcSBAYJLHz8PnTOb8E/MndaF
gc/L5/1K6ZK49w1ycy3pd/lvjyh6Ph69CIbcjR4RX/dbu4d2xp5MVGHQZ9uThNox
hwOS55/j6c9aVsho4FJJlFwxggJxMIICbQIBATCBqjCBlTELMAkGA1UEBhMCVVMx
CzAJBgNVBAgTAlVUMRcwFQYDVQQHEw5TYWx0IExha2UgQ2l0eTEeMBwGA1UEChMV
VGhlIFVTRVJUUlVTVCBOZXR3b3JrMSEwHwYDVQQLExhodHRwOi8vd3d3LnVzZXJ0
cnVzdC5jb20xHTAbBgNVBAMTFFVUTi1VU0VSRmlyc3QtT2JqZWN0AhBOsIePzCQ1
NrLYyfe/OVV3MA0GCWCGSAFlAwQCAQUAoIGYMBoGCSqGSIb3DQEJAzENBgsqhkiG
9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMTYwNzI4MTEzODQ3WjArBgsqhkiG9w0B
CRACDDEcMBowGDAWBBQ2Un1Pompo+etFlvHZmrssDqdt+jAvBgkqhkiG9w0BCQQx
IgQgXBnEfFijVzb4h7n7wGBdvQhBEzRn87M67RIUdRNe6dwwDQYJKoZIhvcNAQEB
BQAEggEACcjtqph0BQ20lchE0HZYg/4oL8KuPh1Vx5LL2cVaPcj2fruoXH58577E
XFQxhZ08HsjZtYdhVokRs2vbjM/i23HVDX+IkwGuESloFXhtoAt9hKNkyhXTtWx5
tt7TEJwi+o8/SU9bFnDqPMVn5Bg+QNnnegiCJzQ4lZnmTW2JiEmL3u7XzZ21FLZ7
KT/JqgOvBY3yvWySODN1yKVdhk5FkVKxBAxBgccPQ6nwmdm0RxqbsLdoSXFuRMi5
7sUgo113xR2VuvdJzl6d4iAYdUvuSRz94xXIQMQ9L307dKZ2yTYUQTy1YcSRxsZb
kTmkisjtzbXCyfC+AYB6dnoeBp3euQ==

--{79EAC9E2-BAF9-11CE-8C82-00AA004BA90B}--

Please edit me if I am wrong. Any e-mail client that supports it so to verify?



来源:https://stackoverflow.com/questions/38618108/s-mime-timestamp-support

标签
cryptography
timestamp
mime
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!