United States Department of Veterans Affairs
One-VA Technical Reference Model v16.5
Cryptographic Message Syntax (CMS)
Cryptographic Message Syntax (CMS) Standard or Specification

General InformationClick for Help

Technologies must be operated and maintained in accordance with Federal and Department security and privacy policies and guidelines. More information on the proper use of the TRM can be found on the TRM Proper Use Tab/Section.

Website: Go to site
Description: This standard describes the Cryptographic Message Syntax (CMS). This syntax is used to digitally sign, digest, authenticate, or encrypt arbitrary message content. The CMS describes an encapsulation syntax for data protection. It supports digital signatures and encryption. The syntax allows multiple encapsulations; one encapsulation envelope can be nested inside another. Likewise, one party can digitally sign some previously encapsulated data. It also allows arbitrary attributes, such as signing time, to be signed along with the message content, and it provides for other attributes such as countersignatures to be associated with a signature.
Section 508 Information:
Decision: View Decisions
Decision Constraints: Veterans Affairs (VA) users must ensure VA sensitive data is properly protected in compliance with all VA regulations. All instances of deployment using this technology should be reviewed by the local ISO (Information Security Officer) to ensure compliance with VA Handbook 6500.

Decision Source: TRM Mgmt Group
Decision Process: One-VA TRM v16.1
Decision Date: 01/27/2016
Aliases: RFC 3852, RFC 5652
Introduced By:
Standards Body: IETF
- The information contained on this page is accurate as of the Decision Date (01/27/2016).
Reviewed/Updated Date: Tuesday, May 31, 2016