Internet Engineering Task Force C. Adams INTERNET DRAFT Entrust Technologies 29 June 2000 Alternative Certificate Formats for PKIX-CMP draft-adams-cmpaltcert-00.txt Status of This Memo Distribution of this memo is unlimited. This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract The PKIX Certificate Management Protocols (PKIX-CMP) specification [1], while primarily focused on X.509v3 public-key certificates, allows the messages it defines to be used for the management of alternative certificate formats as well. This document specifies precisely how such formats may be incorporated into PKIX-CMP and provides the relevant syntax for some important certificate types. Adams Expires 29 December 2000 [Page 1] Internet Draft Alternative Cert Formats for CMP 29 June 2000 1. Introduction Full certificate life-cycle management in a Public-Key Infrastructure (PKI) requires protocol support in order to achieve automated processing and end user transparency. Such protocols require standardization in order to allow more than one vendor to supply various pieces -- End Entity (EE), Certification Authority (CA), Registration Authority (RA) -- in the PKI deployment of a single organization, or to allow multiple, independently-deployed PKIs to be interconnected usefully. The IETF PKIX Working Group currently has certificate management protocol specifications on the standards track. The specification PKIX-CMP [1], looking beyond PKIX-specific environments to the more-general certificate management requirements of other domains, defines a syntactic structure for the "Certificate" data element that allows certificate formats other than X.509 to be included easily into the management messages. In particular, other types of certificates may be requested from a CA, retrieved from a public repository, recovered from a backup facility, updated/replaced when nearing the end of their validity period, and revoked when required. This specification takes the flexible syntax defined in PKIX-CMP and fills in the details regarding how to incorporate alternative certificate formats when this is desired. 2. Including Alternative Certificate Formats In Appendix C of PKIX-CMP, the ASN.1 construct, and corresponding comment, for "Certificate" is given as follows. Certificate ::= CHOICE { x509v3PKCert X509v3PKCert } X509v3PKCert ::= SEQUENCE { tbsCertificate TBSCertificate, -- from pkix1 module signatureAlgorithm AlgorithmIdentifier, signature BIT STRING } -- This syntax, while bits-on-the-wire compatible with the -- standard X.509 definition of "Certificate", allows the -- possibility of future certificate types (such as X.509 -- attribute certificates, ANSI X9.68 "short" certificates, -- or WAP WTLS certificates) within this certificate management -- protocol, should a need ever arise to support such generality. Adams Expires 29 December 2000 [Page 2] Internet Draft Alternative Cert Formats for CMP 29 June 2000 Building on this framework, then, this document expands the above CHOICE construct as follows. Certificate ::= CHOICE { x509v3PKCert X509v3PKCert, x509v2AttCert [0] X509v2AttCert, wapWTLSCert [1] WAPWTLSCert } X509v3PKCert ::= SEQUENCE { tbsCertificate TBSCertificate, -- from PKIX1Explicit88 module in RFC 2459 [2] signatureAlgorithm AlgorithmIdentifier, signature BIT STRING } X509v2AttCert ::= SEQUENCE { attCertinfo AttributeCertificateInfo, -- from X.509 (2000) [3] signatureAlgorithm AlgorithmIdentifier, signature BIT STRING } WAPWTLSCert ::= OCTET STRING -- contains the structure WTLSCertificate from the WAP -- WTLS specification [4], encoded as an ASN.1 OCTET STRING Expanding the CHOICE construct as above allows X.509 attribute certificates and WAP (Wireless Application Protocol) WTLS Wireless Transport Layer Security) certificates to be used within the PKIX-CMP management messages. In the future, this construct may be expanded further (in subsequent revisions of this document) to accomodate other certificate types if this is found to be necessary. 3. Initialization Request One of the features of PKIX-CMP is its use of the CertTemplate construct, which allows a requester (EE, or RA acting on behalf of an EE) to specify as much or as little as they wish regarding the content of the requested certificate. It is explicitly noted that the CA has final authority over the actual certificate content; that is, the CA may alter certificate fields or may add, delete, or alter extensions according to its operating policy (if the resulting certificate is unacceptable to the EE or RA, then that certificate may be rejected and/or revoked prior to any publication/use). Adams Expires 29 December 2000 [Page 3] Internet Draft Alternative Cert Formats for CMP 29 June 2000 For the new certificate types included in this document, a similar flexibility in the request message must be available. Appendix D of PKIX-CMP accomodates this in the following way (where id-regCtrl = {1 3 6 1 5 5 7 5 1}; see [5]). CertRequest ::= SEQUENCE { certReqId INTEGER, certTemplate CertTemplate, controls Controls OPTIONAL } -- If certTemplate is an empty SEQUENCE (i.e., all fields -- omitted), then controls MAY contain the -- id-regCtrl-altCertTemplate control, specifying a template -- for a certificate other than an X.509v3 public-key -- certificate. Conversely, if certTemplate is not empty -- (i.e., at least one field is present), then controls -- MUST NOT contain id-regCtrl-altCertTemplate. The new -- control is defined as follows: id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7} AltCertTemplate ::= AttributeTypeAndValue In this section, an AltCertTemplate is specified for each of the alternative certificates defined in Section 2. 3.1. X.509 Attribute Certificate CertTemplate A CertTemplate for an X.509 attribute certificate can be used by simply defining an object identifier (OID) and corresponding value for use in the id-regCtrl-altCertTemplate control. These are specified as follows. OID: id-acTemplate OBJECT IDENTIFIER ::= {id-regCtrl-altCertTemplate xx} Value: AttCertTemplate ::= SEQUENCE { version AttCertVersion OPTIONAL, holder Holder OPTIONAL, issuer AttCertIssuer OPTIONAL, signature AlgorithmIdentifier OPTIONAL, serialNumber CertificateSerialNumber OPTIONAL, attrCertValidityPeriod OptionalAttCertValidity OPTIONAL, attributes SEQUENCE OF Attribute OPTIONAL, issuerUniqueID UniqueIdentifier OPTIONAL, extensions Extensions OPTIONAL } OptionalAttCertValidity ::= SEQUENCE { notBeforeTime GeneralizedTime OPTIONAL, notAfterTime GeneralizedTime OPTIONAL } -- at least one must be present Adams Expires 29 December 2000 [Page 4] Internet Draft Alternative Cert Formats for CMP 29 June 2000 3.2. WTLS Certificate CertTemplate A CertTemplate for a WAP Wireless Transport Layer Security certificate can be used by simply defining an object identifier (OID) and corresponding value for use in the id-regCtrl-altCertTemplate control. These are specified as follows. OID: id-wtlsTemplate OBJECT IDENTIFIER ::= {id-regCtrl-altCertTemplate yy} Value: WTLSCertTemplate ::= OCTET STRING -- actual content to be defined in the WAP Security Group and -- then encoded as an ASN.1 OCTET STRING 4. Security Considerations This entire memo is about security. It describes a mechanism that may be used to incorporate multiple certificate formats into the PKIX-CMP certificate management protocol. 5. References [1] C. Adams, S. Farrell, "Internet X.509 Public Key Infrastructure: Certificate Management Protocols", Internet Draft draft-ietf- rfc2510bis-00.txt (work in progress). [2] R. Housley, W. Ford, W. Polk, D. Solo, "Internet X.509 Public Key Infrastructure: Certificate and CRL Profile", Internet Request for Comments RFC 2459, January 1999. [3] ITU-T Recommendation X.509 | ISO/IEC 9594-8, "Information Technology -- Open Systems Interconnection -- The Directory: Public-Key and Attribute Certificate Frameworks", 2000. [4] WAP Forum, "Wireless Transport Layer Security Specification", 18-Feb-2000, http://www.wapforum.org/ [5] M. Myers, C. Adams, D. Solo, D. Kemp, "Internet X.509 Certificate Request Message Format", Internet Request for Comments RFC 2511, March 1999. Adams Expires 29 December 2000 [Page 5] Internet Draft Alternative Cert Formats for CMP 29 June 2000 6. Author's Address Questions about this memo can be directed to: Carlisle Adams Entrust Technologies 750 Heron Road, Suite E08 Ottawa, Ontario, Canada K1V 1A7 e-mail: cadams@entrust.com Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Adams Expires 29 December 2000 [Page 6]