Internet Draft Denis Pinkas, Integris draft-ietf-pkix-dpv&dpd-req-01.txt November 2001 Target Category: INFORMATIONAL Expires in six months Delegated Path Validation and Delegated Path Discovery Protocol Requirements (DPV&DPD-REQ) Status of this memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. 1. Abstract This document specifies requirements for two main request/response pairs. The first one, called Delegated Path Validation (DPV), can be used to fully delegate a path validation processing to an DPV server, according to a set of rules, called a validation policy. The second one, called Delegated Path Discovery (DPD), can be used to obtain from a DPD server all the information needed (e.g. leaf certificates, CA certificates, full CRLs, delta-CRLs, OCSP responses) to locally validate a certificate according to a set of rules, called a path discovery policy. It also defines the requirements for two optional request/response pairs, either for allowing to indicate to a validation server a validation policy, or to a path discovery server a path discovery policy; or giving the reference of a policy to get obtain details of an already defined policy. Pinkas [Page 1] Internet Draft DPV&DPD-REQ November 2001 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in uppercase, as shown) are to be interpreted as described in [RFC2119]. 2. Rational and benefits These delegated processing provides two primary services: delegated signature validation, delegated path validation and delegated path discovery. Not all clients require both services in all scenarios. Some clients have requirements for offloaded path validation and have no need for data acquisition, while some other clients require only delegated path discovery to help them perform their own path validation. 3. Rational and benefits for DPV (Delegated Path Validation) DPV allows to perform a real time validation for a time T for any kind of certificate and any kind of security service. In order to validate a certificate, a chain of multiple certificates, called a certification path, may be needed, comprising a certificate of the public key owner (the end entity) signed by one CA, and zero or more additional certificates of CAs signed by other CAs. Offloading path validation to a server may be required by a client that lacks the processing, and/or communication capabilities to perform path construction first and then a local path validation. In constrained execution environments such as telephones and PDAs, memory and processing limitations may preclude implementation of complete, PKIX-compliant path validation. In applications where minimum latency is critical, delegating validation to a trusted server can offer significant advantages. The time required to send the target certificate to the validation server, receive the response, and verify the signature on the response, can be considerably less than the time required by the client to perform path discovery and validation. Even if a certification path were readily available to the client, the delay associated with processing the signatures for each certificate in the path might (under some circumstances such as very long paths or very limited processor speed) be greater than the delay associated with use of a validation server. Another motivation for offloading path validation is that it allows validation against validation policies defined by the management in a consistent fashion across an enterprise. Even clients that are able to do their own path validation may rely on a trusted server to do path validation if clients are in an environment where centralized management of validation policies is needed for some applications. Pinkas [Page 2] Internet Draft DPV&DPD-REQ November 2001 When a client uses this service, it inherently trusts the server as much as it would its own path validation software (if it contained such software). Servers can also take directions from the client about how path validation SHALL be done (such as which validation policy SHALL be used). In all these cases, the client will delegate path validation to a fully-trusted server. 4. Rational and benefits for DPD (Delegated Path Discovery) DPD is valuable for clients that do much of the PKI processing themselves and simply want a server to collect information for them. The server need not even be trusted, because the client will ultimately perform path validation. A client that performs path validation for itself may get benefit in several ways from using a server to acquire certificates, CRLs, and OCSP responses to aid in the validation process. In this context, the client is relying on the server to interact with repositories to acquire the data that the client would otherwise have to acquire using LDAP, HTTP, and so on. Since these data items are digitally signed, the client need not trust the server to return the "right" data any more than the client would have to trust the repositories. There are several benefits to this approach; for example, a single query to a server can replace multiple queries to one or more directories and caching by the server can reduce latency. Another benefit to the client system is that it need not incorporate a diverse set of software to interact with various forms of repositories, perhaps via different protocols, nor to perform the graph processing necessary to discover paths, separate from making the queries to acquire path validation data. In these cases, the client will delegate path discovery to an untrusted server. 5. Validation policy and path discovery policy Policies MAY be a priori known by the server or MAY be specified by the client to the server. Because validation software is controlled by many parameters which, if incorrectly set, may result in insecure behavior, it is often important to be able rely on pre-defined policies that are already known by the servers, where system security administrators can carefully manage them. Both services (delegated path validation and delegated path discovery) can be potentially used by the enterprise for enforcing various aspects of centralized policy. Pinkas [Page 3] Internet Draft DPV&DPD-REQ November 2001 Alternatively, clients MAY also define policies. However, such policy definition may be quite complex and only simple forms of policies SHOULD be defined in this way, otherwise testing all the possible variations would lead to non-interoperable implementations or would delay the time to make sure that two implementations are really interoperable. Since policy definitions can be quite long and complex, all the parameters SHOULD not be passed with each individual request but a reference to either an a priori known policy (e.g. an OID) or an already pre-defined policy (e.g. a reference returned by the server) SHOULD be used. Some forms of path discovery policy can be simple enough, e.g. a set of self-signed certificates. In that case it MAY be acceptable to pass all the parameters from the path discovery policy with each individual request. Policies allows to support security services, such as an entity authentication service, a data origin authentication service, an integrity service or a confidentiality service or some combination of these services. This can be for immediate use, e.g. to use a certificate in order to support a confidentiality service by using a certificate that contains the key exchange bit set or the key agreement bit set or the digital signature bit set when an ephemeral-ephemeral Diffie-Hellman key exchange is being used. This can be for a time T in the past, e.g. to use a certificate in order to verify data protected by a data origin authentication service in combination with an integrity service, using a certificate that contains the digital signature bit set. There is an inevitable delay between a compromise of key being noticed by the end-entity, and the report of revocation being made by the CA (or on behalf of the CA) to the relying parties. This delay exists in any case, even when an OCSP service is being used. So querying the revocation status of a certificate for a time T never proves that the private key corresponding to that certificate was not revoked at that time T. Ideally, a cautionary period SHOULD be defined in the policy, in order to allow some time for 1) the end-entity to realize that a private key has been or could possibly be compromised, and for 2) the revocation Authority to make available the revocation status information, e.g. by providing an OCSP service, CRLs or delta-CRLs in combination with full CRLs. Pinkas [Page 4] Internet Draft DPV&DPD-REQ November 2001 When the key included in the certificate is for immediate use, it is not possible to apply a cautionary period and thus it should be realized that some risk is taken, since the corresponding private key might indeed be compromised at the time of use. When the key included in the certificate is for the verification of some usage in the past, then it is possible to apply a cautionary period. In such a case, the policy SHOULD indicate a minimum delay to be observed between the time T in the past, i.e. when the use of the private key took was supposed to take place, and the time of the current verification. 5.1. Validation Policy A validation policy is a set of rules against which the validation of the certificate is performed. A validation policy MAY include several trust anchors. A trust anchor is defined as one public key value (root key) for a given CA name, valid during some time interval. The use of a self-signed certificate allows to specify at the same time: the public key to be used, the CA name and the validity period of the root key. Additional constrains for each trust anchor MAY be defined, such as a set of Certification Policy constraints and a set of naming constraints. In some cases, these constrains MAY also be included in self-signed certificates. Additional conditions that apply to the certificates from the chain, (e.g. user-initial-policy-set, initial-policy-mapping-inhibit, initial- explicit-policy, or initial-any-policy-inhibit) or to the end- certificate (e.g. a name form that must be present in the end- certificate, like an e-mail address either in the rfc822 subject alt name or in the emailAddress attribute in the subject name) MAY also be specified in the validation policy. In order to succeed, one valid path (i.e. none of the certificates from the path must be revoked) must be found between a leaf certificate and a trust anchor and all constraints that apply to the certificate chain must be verified. 5.2. Path discovery policy A path discovery policy is a set of rules against which the discovery of a certification path is performed. A path discovery policy MAY either be a reference to a validation policy or contain only some major elements from a validation policy, e.g. the root keys to be used to construct the path. Pinkas [Page 5] Internet Draft DPV&DPD-REQ November 2001 Since the client MUST be "PKI aware", it SHALL be able to locally apply additional constraints on the certification paths that MAY be returned. Thus "crude" (i.e. simpler) criteria can be defined and used in that case. The client needs to be able to limit the number of paths to be returned so that the server does not loose time to find out more paths than requested. While making that limitation, the returned paths MAY not be appropriate to the client when it then locally applies additional tests. Instead of asking one by one the paths (which would mandate to manage state information at the server), the client will specify with every request the maximum number of paths that MAY be returned. If that number cannot be reached by the server, an indication SHOULD be returned by the server showing that an additional query will not return more paths. When that number is reached, and when more paths are needed, that number can be increased. Previously found paths will likely be returned, but the client can easily discard them. This avoids to mandate the management of state information at the server, but does not prevent a server to maintain a cache of previous responses. 6. Delegated Path Validation Protocol Requirements The Delegated Path Validation (DPV) protocol allows to validate one or more certificate for the current time and according to a single set of rules, called a validation policy. The validation policy SHALL be known by the DPV server. When it isn't, it MAY defined using an additional protocol (see section 10). In this way clients only need to be aware of the reference of the validation policy to be used by a given application. The certificate to be validated MAY either be directly provided in the request or alternatively an unambiguous reference MAY be provided, e.g. the CA name and certificate serial number together with the hash of the certificate like ESSCertID as defined in RFC 2634. In order to help the server, the client MAY provide to the validation server "useful certificates", as well as "useful revocation information" that MAY be used by the validation server (e.g. of OCSP requests, CRLs or delta-CRLs). As an example, an S/MIME message may include such information and the client can simply provide that information. In order to obtain the revocation status information of any certificate from the certification path, the DPV server MAY use, in accordance with the validation policy, different sources of revocation information, e.g. a combination of OCSP requests, CRLs or delta-CRLs. If the client does not specify in its request the validation policy to be used, the server MUST indicate in the response the one that has been used. In such a case, the client MUST verify that the one that has been selected is appropriate for its use. Pinkas [Page 6] Internet Draft DPV&DPD-REQ November 2001 The status of the response MAY be one out of three types: 1) the certificate is valid according to the validation policy, 2) the certificate is invalid according to the validation policy, 3) the server cannot determine the validity of the certificate (e.g. a path cannot be constructed). In order to be able to be confident that the validation of the certificate has correctly be done, the client will only require an authenticated response. 7. Delegated Path Discovery Protocol Requirements The Delegated Path Discovery (DPD) protocol allows to use a single protocol towards a single server to collect at one time all the data elements that might be collected using different protocols (e.g. LDAP, DAP, OCSP) or by querying multiple servers. Then this information can locally be used to validate one or more certificates for the current time and according to a single path discovery policy. The path discovery policy MAY be known a priori by the DPD server. When it isn't, it MAY defined using an additional protocol (see section 8). None, one or several certification paths MAY be returned. Each path consists of a sequence of certificates, starting after the certificate to validate and ending with one self-signed certificate. In addition, the revocation information associated with each path MAY also be returned. The paths that are returned MAY need to match some additional local controls done by the client, e.g. verifying some certificate extensions. The client MAY indicate the maximum number of certification paths that MUST be returned (provided that they may be found). If the number is not specified, that number is defaulted to one. If the paths that are returned do not match the local conditions, then the number of number of certification paths to be returned can be extended, by augmenting this value. The server may use a local cache to avoid to search again the same elements, but is not mandated to maintain any local state information from any previous request. The goal is to avoid to maintain state information on previous requests: if this is done, it optimizes the response time. Path discovery is performed according to the path discovery policy. Pinkas [Page 7] Internet Draft DPV&DPD-REQ November 2001 The status of the response MAY be one out of three types: 1) one or more certification paths could be found according to the path discovery policy, with partial or full revocation information present. 2) one or more certification paths could be found according to the path discovery policy, with no revocation information present. 3) no certification path could be found according to the path validation criteria, The information that is returned consists of one or more certification paths and optionally its associated revocation status information for each element from the path. In order to be able to be confident that the values returned are coming from the DPV server, the client MAY require an authenticated response. 8. Components for a validation policy A validation policy is build from four components: 1. Certificate chain requirements, 2. Revocation requirements, 3. End-certificate specific requirements, 4. optionally, a cautionary period requirements. 8.1. Certificate chain requirements The certificate requirements identifies a sequence of trust anchors used to start (or end) certification path processing and initial conditions for certification path validation as defined in [PKIX-1]. 8.2. Revocation Requirements Revocation information MAY be obtained through CRLs, delta-CRLs or OCSP responses. Certificate revocation requirements are specified both in terms of checks required on the end-certificate (i.e. the certificate for which a path is required) and on checks required on CA certificates. It can then specified if : - full CRLs (or full Authority revocation lists) have to be collected, - OCSP responses, using RFC 2560, have to be collected, - delta-CRLs and the relevant associated full CRLs (or full Authority revocation lists) are to be collected. None, one or more of the above conditions MAY apply. Pinkas [Page 8] Internet Draft DPV&DPD-REQ November 2001 8.3. End-certificate specific requirements There MAY be requirements that apply only to the end-certificate (i.e. the certificate that is the object of the query). For example, the end-certificate must contain specific extensions with specific types or values (it does not matter whether they are critical or non critical). As an example, the end-certificate must contain a name form like an e-mail address either in the rfc822 subject alt name or in the emailAddress attribute in the subject name. 8.4. Cautionary period requirements When applicable, the cautionary period will define a minimum delay to be observed between a time T in the past, where the use of the private key or the public key is supposed to take took place, and the time of the current validation. 9. Components for a path discovery policy A path discovery must include certificate chain requirements, and MAY include revocation requirements, and end-certificate specific requirements. 10. Policy definition protocol (PDP) requirements The support of these request/response pairs is OPTIONAL. These request/response pairs allow either to define a policy, i.e. a validation policy and/or a path discovery policy, and to receive back a reference for that policy or to provide a reference to a previously defined policy and to receive back the definition of that policy. Policies locally predefined at the server may be more precise than policies defined using this optional protocol. Thus this OPTIONAL protocol exchanges will never have all the flexibility to describe any kind of policy. So in practice it will be restricted to define relatively simple policies. Usually, these protocol exchanges will be used by managers to register the policies to be used, e.g. within an organization for various applications. As a result of the registration, managers will receive a reference of the policy. These requests SHALL be able to be authenticated so that only authorized clients can register policies (and thus avoid denial of service attacks by registering useless policies). The reference of the policy MAY be specific to the request or MAY be a reference that has already been provided as the result of a previous request with an identical definition. Pinkas [Page 9] Internet Draft DPV&DPD-REQ November 2001 It is up to server to decide how long a temporary defined policy will be kept. In case the policy is locally defined at the server, when querying a policy reference, it would be interesting to consider to provide back information about the purpose of the policy in a natural language. When using DPV, there are two possibilities: a) the client is a little bit PKI-aware, in the sense that it is only able to parse the end-certificate to check some properties in that certificate, and delegates the validation of the rest of the path to the server. It appears easier to remotely define such "partial policies" since the tests on the end-certificate are left to the client. b) the client is fully PKI-unaware, and thus fully delegates the validation to the server. It appears more difficult to remotely define such "complete policies" since the tests on the end- certificate are made by the server and may be quite complex. When using DPD, simpler validation policies may be defined since anyway clients need to be fully PKI-aware to do other tests. 11. DPV versus DSV DPV does not return information allowing to prove to someone else, not trusting the same DPV server, that a digital signature from a signer was produced while the signer's certificate was valid. Another document [DSV-REQ] specifies requirements for a Delegated Signature Validation (DSV) service that allows to fully delegate the validation of a digital signature to a DSV (Delegated Signature Validation) server. In particular, DSV allows to prove later on to someone else, not trusting the same DSV server, that the signature was applied while the certificate was valid. 12. Security considerations A client may trust a DPV server to provide the right answer. However, this does not mean that all clients will trust the same servers. Thus while a positive answer MAY be sufficient for a client, that positive answer will not necessarily be able to convince another client. That other clients will trust their own servers and will query them. Queries relative to the current time can easily be done to another server. 13. Acknowledgments These requirements have been refined after some valuable inputs from Ambarish Malpani, Russ Housley and Paul Hoffman. Pinkas [Page 10] Internet Draft DPV&DPD-REQ November 2001 14. References [DSV-REQ] Delegated Signature Validation Protocol Requirements [PKIX-1] Internet X.509 Public Key Infrastructure. Certificate and CRL Profile. RFC 2459 R. Housley, W. Ford, W. Polk, D. Solo. or its successor as soon as it can be referenced. [OCSP] X.509 Internet Public Key Infrastructure. Online Certificate Status Protocol - OCSP. RFC 2560 M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams. [TSP] Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). RFC 3161 C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001. [ES-F] Electronic Signature Formats for long term electronic signatures RFC 3126. D. Pinkas, J. Ross, N. Pope. September 2001. [ES-P] Electronic Signature Policies. RFC 3125. D. Pinkas, J. Ross, N. Pope. September 2001. [CMS] Cryptographic Message Syntax. RFC 2630. R. Housley June 1999. [ISO-X509] ISO/IEC 9594-8/ITU-T Recommendation X.509, "Information Technology - Open Systems Interconnection: The Directory: Authentication Framework," 1997 edition. (Pending publication of 1997 edition, use 1993 edition with the following amendment applied: Final Text of Draft Amendment DAM 1 to ISO/IEC 9594-8 on Certificate Extensions, June 1996.) Pinkas [Page 11] Internet Draft DPV&DPD-REQ November 2001 14. Authors' address Denis Pinkas Integris, Bull. 68, Route de Versailles 78434 Louveciennes CEDEX FRANCE e-mail: Denis.Pinkas@bull.net 15. Full Copyright Statement Copyright (C) The Internet Society (2001). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Pinkas [Page 12]