Jump to content

Privacy-Enhanced Mail

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Cedar101 (talk | contribs) at 00:34, 22 December 2020 (Format: syntaxhighlight error fix). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

Privacy-Enhanced Mail (PEM) is a de facto file format for storing and sending cryptographic keys, certificates, and other data, based on a set of 1993 IETF standards defining "privacy-enhanced mail." While the original standards were never broadly adopted, and were supplanted by PGP and S/MIME, the textual encoding they defined became very popular. The PEM format was eventually formalized by the IETF in RFC 7468.[1]

Format

Many cryptography standards use ASN.1 to define their data structures, and Distinguished Encoding Rules (DER) to serialize those structures.[2] Because DER produces binary output, it can be challenging to transmit the resulting files through systems, like electronic mail, that only support ASCII.

The PEM format solves this problem by encoding the binary data using base64. PEM also defines a one-line header, consisting of "-----BEGIN ", a label, and "-----", and a one-line footer, consisting of "-----END ", a label, and "-----". The label determines the type of message encoded. Common labels include "CERTIFICATE", "CERTIFICATE REQUEST", "PRIVATE KEY" and "X509 CRL".

PEM data is commonly stored in files with a ".pem" suffix, a ".cer" or ".crt" suffix (for certificates), or a ".key" suffix (for public or private keys).[3] The label inside a PEM file represents the type of the data more accurately than the file suffix, since many different types of data can be saved in a ".pem" file.

A PEM file may contain multiple instances. For instance, an operating system might provide a file containing a list of trusted CA certificates, or a web server might be configured with a "chain" file containing an end-entity certificate plus a list of intermediate certificates.

-----BEGIN PRIVATE KEY-----
MIIJRAIBADANBgkqhkiG9w0BAQEFAASCCS4wggkqAgEAAoICAQD2GlhF9HuoPwiF
S8lh0lHCwVGlVq0Jqtmp7ieyVOZ0mbU6T2KCDwkL3mWWSiVZc+cjh3EOsXtyzuiq
C1nsynrlSQuU3/pTkKVRWJCL51KXe7Rf+NPjSzqDdyowwQubWH42MMYbdLvjKRp9
Yje8yjHDE6N1OSJyp5TCN+74qLT/xqJOLsBQBEJoQESVUM5xIuEJk8epHwNaP4kP
SiYan5lTqXl0pOwNwyxG/kfRUdhdLI6VhaVzOqG3BT/HBYmu1Tk5CanqLeK8g5yw
pVfhKc/HIlbjTDjBXWfqUqTOOJaLkJxpJgcHS2FvtVzuc2VIbJoaOZqs10SIoqCZ
HuNVMvsFIeM2T2VB+XozoQrboP057wnUr5cvglpFZo7bWvDcbwZs8wXG9u0k1xxo
kolCtIM/FKwdZqgWBfKvmrQFZR5jUos0yaRVilTKMGKRCZvB2B242Z/JjhWabwjO
DyytbCADVUwyc4u7ZpJySDmAw9WiLmcGc2Z4E8qEeS/ejiVvBc5hE06CgaENdkTl
TpKunhZc0nfdOJvAxENfwT+D+SNN3oh6m8/thNWFsj6pd4uIc77s6WI9pfmxC8MC
G4NqJp2L0TDxN4e7iDCnQuWIWVMTSNGlIKRqsSnTXvdPbLsqD3+CcRkTe7oKu1Mv
jhVUqo1GQpLivx6GmCGDPOfjud4/qwIDAQABAoICAGBYtgBFE3gtnS9aGS/zv9CI
EGezRDEJswck1mOpe0NgvaNjWsRiEH+WBJ1Oz8pyZqXxK2C+OP8cY9fWc9ERAAXt
j9wrx3uZoC71hjlPSXVGl7oO1x0f4XuAVoMZwGqDvX2HoLc0/y2SdO1rWzjMy6h8
cry8rnDGjKVwclzk519PK1GCWgW5dSoNJwxxwzBloEY4lazvGEfnocfblolLvCIV
shfpTQSiSR5OBF29NgBcJkIBPWGcLZ1SL8LBt0I79ZgP4XZtmluFBv3c7UeYL+Dc
37lCqOGCqOECk8SsQLvI1IMRwSSo7S9niEdN4/PzmGz16kkKSalYSZlIj2VWfRCj
wS6xWD4Sfez9Fx/s8tfPEv15KXtoIDKn20h/m7szlfSNYTi15ZdKPPW9SHKCol6C
1kDgHg31eQtf3Nn6ukrBeHsyZr1FdkYwBSkRy+VIl6Kj5FJXUR1hWEvaLi1tplGP
I6NwSA6ArouaAGTVyS3VpHZw8hyGpBiJ4ZYIMcISyXyMNEM3kNcvbKnb+bME88/6
p/od4gb5kCUWEui34Nh7VtxY1n4g8HYJXWC07W0Xxz1/bvfAH7trPLHEyaoZ8kjz
Lj4TZLwx7BplUMaOsXEFFb+lgzwhZL0Nd9F4zPT3WeGUTYJMukRMGumS86qDbLof
7W08V+3MxKtfXgcIgKD5AoIBAQD/RoIchybjiTggPCZgCkRSx/HmjvtRZukwF9vk
LSjuhaIDxY/x+eyLstubjn3Wkhjx/DcTxV+efs/QeOneerj0n6ft8H0yQcgfTvmP
y6Kucx5lvSy4JH3ftKGuUu9X2erxKYaYIPWPMiPqQojECB1B1Bjsp8Xx0E4WioNK
WYWkQmrVvaxUuYa1JV3cdREcrbgObj84qbz15NprfOqLUJMBQ2qqvkiJ3yAiW72i
Nl1N6vf/TUGRCu8eCyMepDoLZI6apG0szqnAGPXW1v5m6/GxKFbuZCgR+73Dypsx
qbmQ7F4r2QKrZuPnsae68l8MmfawbEYb+yObuzSaJuHGc7JvAoIBAQD2zSvoKiHi
G1VVPkoXcZwe1rBn6zFZ+SZFtiTNR486xE0PvaJ/tCiPsqDO4xBZG+RwkOldAPbi
oNsFgbOw+3mjQ2r8HGpgeuZ3GIy9e48olGP1b+fcvf0JFLkAHZr1iOeJDR+ewddT
MzQmY3V1RWf13DvZDl0dT8Kaddz1UDlv9YN1iwPva7Rew4BLmIqmpcSo+m7qgG3f
wmHKvV+ABuj/8GyCMogUkc+ZAw8XfnnzRGdQHDJhRJIvaS0b6IxVun3m4mRbJ93r
poB8o15mL2DTjOGlN1qIQym6shuLZR2OV1hz1e0NEFwxsw4EbzR8cVCVBNhtKrBg
bBfHDJNKvDSFAoIBAQCSmuXCiIP3DSlkqebIJV1TxWzRorAG8fleG3W3t4/YXHrN
e7rNl2EYYeHplo4CmukkoFrpSeM+XUnwSmDV2tk59C83YXQlVs4d3PdKdAK7+XUt
rNVv89UuksiAGzVF2OsrEVQxLkyYro0dzpRJMPfMhIjD8R6nX6BZJbd9DajIyzQc
CNBd4CbTBeC/6aOoOsSH1R0N572T4pjmPlldJSsoAJXT9XAnbjNASDvCW0J+q0E+
KBpNuF/Xe0HyKRME0/1qJqBkqVOn9S3K8rIsXbjyq14xjufMXC2Bsmwqu3TNHFKB
ECKOWYrt14Oiw+t+izW34JbrHvI2T+9H0Ki9lliVAoIBAQDjwAZqoqbN/ydKGMdK
xx6pHrl/zHyoaNE2t5VSklzMgGYUxoz0iA5+PPtEsClf8etnLXMMzl0GWiaD+GMY
SZjAXvCVYquQCRowgUkvepxreDSeQ/yVqgWdoa/vOWLMfuAbiy7I1FyefLv9SP8V
j00Wh3v7G9Q1vmr5GxcikjvO46PCjty8zomOgZ8dI9GfY44N2b0NTiMWwEx6STOd
88KEnRulMnh9cuk+bKI6rg5fvZoRRVQAisTUV5y3CmymmAijTfwKWsniMq6TVjdA
2SvjTTjVvDUhVclmbgIZKuCRgG0xyBKPYa+SdYfT88NdqzwPqH8IjsJg2J9Aoowy
BWf5AoIBAQD8zybogaMZBBAHbnEObVzHfJS6+g3nqNEL/pKePc7oh2e7wLIOe9zq
3E7DYKJOnC4CulqxK6r7cE2H8dEbdbyMc2u9CqsM4kpLL7aaLWjG3H+MADbgDnWN
lE+wjylfewl+y99tElBHxtsfWXf4AdM9eofirjY5nlDCuym44XG1T/MnJETKyobC
vUmP0OzwCADl/pzVNkbeUyNZVTd9Y34f0FyxWelM5y/MSKCmLBBmS6FXB58nrlQY
psGUNwWXrARgiInCeQkvN3toQrXOyQ5Df3MwrTAUIy0Nec7MrUEcdjrE0Mks3HhH
hMnpHOOGnVBZdVNxlZ9utshYrhRTfEnn
-----END PRIVATE KEY-----

Privacy-enhanced mail

The PEM format was first developed in the privacy-enhanced mail series of RFCs: RFC 1421, RFC 1422, RFC 1423, and RFC 1424. These standards assumed prior deployment of a hierarchical public key infrastructure (PKI) with a single root. Such a PKI was never deployed, due to operational cost and legal liability concerns.[citation needed] These standards were eventually obsoleted by PGP and S/MIME, competing e-mail encryption standards.[citation needed]

History

The initiative to develop Privacy Enhanced Mail began in 1985 on behalf of the PSRG (Privacy and Security Research Group) [4] also known as the Internet Research Task Force.

References

  1. ^ Johnson, Mike (1995-10-01). "Cryptology in Cyberspace". Cryptologia. 19 (4): 392–396. doi:10.1080/0161-119591884042. ISSN 0161-1194.
  2. ^ Sean, Leonard; Simon, Josefsson (April 2015). Textual Encodings of PKIX, PKCS, and CMS Structures. sec. 1. doi:10.17487/RFC7468. RFC 7468. Retrieved 2017-03-06.
  3. ^ "DER vs. CRT vs. CER vs. PEM Certificates and How To Convert Them". www.gtopia.org. Retrieved 2020-02-04.
  4. ^ Kent, S. (1993). "Internet Privacy Enhanced Mail". Communications of the ACM. doi:10.1145/163381.163390.