Privacy-enhanced Electronic Mail
   HOME

TheInfoList



Click Here for Items Related To - Privacy-enhanced Electronic Mail
OR:
Privacy-enhanced Electronic Mail on:   [Wikipedia]   [Google]   [Amazon]

Privacy-Enhanced Mail (PEM) is a
de facto ''De facto'' ( ; , "in fact") describes practices that exist in reality, whether or not they are officially recognized by laws or other formal norms. It is commonly used to refer to what happens in practice, in contrast with '' de jure'' ("by l ...
file format for storing and sending cryptographic
keys Key or The Key may refer to: Common meanings * Key (cryptography), a piece of information that controls the operation of a cryptography algorithm * Key (lock), device used to control access to places or facilities restricted by a lock * Key (m ...
, certificates, and other data, based on a set of 1993
IETF The Internet Engineering Task Force (IETF) is a standards organization for the Internet and is responsible for the technical standards that make up the Internet protocol suite (TCP/IP). It has no formal membership roster or requirements an ...
standards defining "privacy-enhanced mail." While the original standards were never broadly adopted and were supplanted by
PGP PGP or Pgp may refer to: Science and technology * P-glycoprotein, a type of protein * Pelvic girdle pain, a pregnancy discomfort * Personal Genome Project, to sequence genomes and medical records * Pretty Good Privacy, a computer program for the ...
and
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by R ...
, the textual encoding they defined became very popular. The PEM format was eventually formalized by the IETF in RFC 7468.


Format

Many cryptography standards use
ASN.1 Abstract Syntax Notation One (ASN.1) is a standard interface description language for defining data structures that can be serialized and deserialized in a cross-platform way. It is broadly used in telecommunications and computer networking, and ...
to define their data structures, and
Distinguished Encoding Rules X.690 is an ITU-T standard specifying several ASN.1 encoding formats: * Basic Encoding Rules (BER) * Canonical Encoding Rules (CER) * Distinguished Encoding Rules (DER) The Basic Encoding Rules (BER) were the original rules laid out by the ASN. ...
(DER) to serialize those structures. Because DER produces binary output, it can be challenging to transmit the resulting files through systems, like electronic mail, that only support ASCII. The PEM format solves this problem by encoding the binary data using
base64 In computer programming, Base64 is a group of binary-to-text encoding schemes that represent binary data (more specifically, a sequence of 8-bit bytes) in sequences of 24 bits that can be represented by four 6-bit Base64 digits. Common to all bina ...
. PEM also defines a one-line header, consisting of , a label, and , and a one-line footer, consisting of , a label, and . The label determines the type of message encoded. Common labels include , , and . -----BEGIN PRIVATE KEY----- -----END PRIVATE KEY----- PEM data is commonly stored in files with a ".pem" suffix, a ".cer" or ".crt" suffix (for certificates), or a ".key" suffix (for public or private keys). The label inside a PEM file represents the type of the data more accurately than the file suffix, since many different types of data can be saved in a ".pem" file. In particular PEM refers to the header and base64 wrapper for a binary format contained within, but does not specify any type or format for the binary data, so that a PEM file may contain "almost anything base64 encoded and wrapped with BEGIN and END lines". A PEM file may contain multiple instances. For instance, an operating system might provide a file containing a list of trusted
CA certificate In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. This ...
s, or a web server might be configured with a "chain" file containing an end-entity certificate plus a list of intermediate certificates.


Privacy-enhanced mail

The PEM format was first developed in the privacy-enhanced mail series of RFCs: RFC 1421, RFC 1422, RFC 1423, and RFC 1424. These standards assumed prior deployment of a hierarchical
public key infrastructure A public key infrastructure (PKI) is a set of roles, policies, hardware, software and procedures needed to create, manage, distribute, use, store and revoke digital certificates and manage public-key encryption. The purpose of a PKI is to facili ...
(PKI) with a single root. Such a PKI was never deployed, due to operational cost and legal liability concerns. These standards were eventually obsoleted by
PGP PGP or Pgp may refer to: Science and technology * P-glycoprotein, a type of protein * Pelvic girdle pain, a pregnancy discomfort * Personal Genome Project, to sequence genomes and medical records * Pretty Good Privacy, a computer program for the ...
and
S/MIME S/MIME (Secure/Multipurpose Internet Mail Extensions) is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly . It was originally developed by R ...
, competing e-mail encryption standards.


History

The initiative to develop Privacy Enhanced Mail began in 1985 on behalf of the PSRG (Privacy and Security Research Group) also known as the Internet Research Task Force.


References

{{Reflist Cryptographic protocols Computer file formats