draft-ietf-lamps-hash-of-root-key-cert-extn-03.txt   draft-ietf-lamps-hash-of-root-key-cert-extn-04.txt 
Network Working Group R. Housley Network Working Group R. Housley
Internet-Draft Vigil Security Internet-Draft Vigil Security
Intended status: Informational January 03, 2019 Intended status: Informational January 15, 2019
Expires: July 7, 2019 Expires: July 19, 2019
Hash Of Root Key Certificate Extension Hash Of Root Key Certificate Extension
draft-ietf-lamps-hash-of-root-key-cert-extn-03 draft-ietf-lamps-hash-of-root-key-cert-extn-04
Abstract Abstract
This document specifies the Hash Of Root Key certificate extension. This document specifies the Hash Of Root Key certificate extension.
This certificate extension is carried in the self-signed certificate This certificate extension is carried in the self-signed certificate
for a trust anchor, which is often called a Root Certification for a trust anchor, which is often called a Root Certification
Authority (CA) certificate. This certificate extension unambiguously Authority (CA) certificate. This certificate extension unambiguously
identifies the next public key that will be used at some point in the identifies the next public key that will be used at some point in the
future as the next Root CA certificate, replacing the current one. future as the next Root CA certificate, eventually replacing the
current one.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 7, 2019. This Internet-Draft will expire on July 19, 2019.
Copyright Notice Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of (https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 17 skipping to change at page 2, line 17
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 2
1.2. ASN.1 . . . . . . . . . . . . . . . . . . . . . . . . . . 3 1.2. ASN.1 . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. Hash Of Root Key Certificate Extension . . . . . . . . . . . 4 3. Hash Of Root Key Certificate Extension . . . . . . . . . . . 4
4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
5. Operational Considerations . . . . . . . . . . . . . . . . . 4 5. Operational Considerations . . . . . . . . . . . . . . . . . 4
6. Security Considerations . . . . . . . . . . . . . . . . . . . 5 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 6 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
8.1. Normative References . . . . . . . . . . . . . . . . . . 6 8.1. Normative References . . . . . . . . . . . . . . . . . . 7
8.2. Informative References . . . . . . . . . . . . . . . . . 7 8.2. Informative References . . . . . . . . . . . . . . . . . 8
Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 7 Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 8
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 9 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 10
1. Introduction 1. Introduction
This document specifies the Hash Of Root Key X.509 version 3 This document specifies the Hash Of Root Key X.509 version 3
certificate extension. The extension is an optional addition to the certificate extension. The extension is an optional addition to the
Internet X.509 Public Key Infrastructure Certificate and Certificate Internet X.509 Public Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile [RFC5280]. The certificate extension Revocation List (CRL) Profile [RFC5280]. The certificate extension
facilitates the orderly transition from one Root Certification facilitates the orderly transition from one Root Certification
Authority (CA) public key to the next. It does so by publishing the Authority (CA) public key to the next. It does so by publishing the
hash value of the next generation public key in the current self- hash value of the next generation public key in the current self-
signed certificate. This hash value is a commitment to a particular signed certificate. This hash value is a commitment to a particular
public key in the next generation self-signed certificate. This public key in the next generation self-signed certificate. This
commitment allows a relying party to unambiguously recognize the next commitment allows a relying party to unambiguously recognize the next
generation self-signed certificate when it becomes available, install generation self-signed certificate when it becomes available, install
the new self-signed certificate in the trust anchor store, and remove the new self-signed certificate in the trust anchor store, and
the previous one from the trust anchor store. eventually remove the previous one from the trust anchor store.
A Root CA Certificate MAY include the Hashed Root Key certificate A Root CA Certificate MAY include the Hashed Root Key certificate
extension to provide the hash value of the next public key that will extension to provide the hash value of the next public key that will
be used by the Root CA. be used by the Root CA.
1.1. Terminology 1.1. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
skipping to change at page 3, line 37 skipping to change at page 3, line 37
the following are generated: the following are generated:
R3 = The third generation Root key pair R3 = The third generation Root key pair
H3 = Thumbprint (hash) the public key of R3 H3 = Thumbprint (hash) the public key of R3
C2 = Self-signed certificate for R2, which contains H3 C2 = Self-signed certificate for R2, which contains H3
This is an iterative process. That is, R4 and H4 are generated when This is an iterative process. That is, R4 and H4 are generated when
it is time for C3 to replace C2. And so on. it is time for C3 to replace C2. And so on.
The successor to the Root CA self-signed certificate can be delivered The successor to the Root CA self-signed certificate can be delivered
by any means. Whenever a new Root CA certificate is received, the by any means. Whenever a new Root CA self-signed certificate is
recipient is able to verify that the potential Root CA certificate received, the recipient is able to verify that the potential Root CA
links back to a previously authenticated Root CA certificate with the certificate links back to a previously authenticated Root CA
hashOfRootKey certificate extension. That is, the recipient verifies certificate with the hashOfRootKey certificate extension. That is,
the signature on the self-signed certificate and verifies that the the recipient verifies the signature on the self-signed certificate
hash of the DER-encoded SubjectPublicKeyInfo from the potential Root and verifies that the hash of the DER-encoded SubjectPublicKeyInfo
CA certificate matches the value from the HashOfRootKey certificate from the potential Root CA certificate matches the value from the
extension of the current Root CA certificate. Checking the self- HashOfRootKey certificate extension of the current Root CA
signed certificate signature ensures that the certificate contains certificate. Checking the self-signed certificate signature ensures
the subject name, public key algorithm identifier, and public key that the certificate contains the subject name, public key algorithm
algorithm parameters intended by the key owner intends; these are identifier, and public key algorithm parameters intended by the key
important inputs to certification path validation as defined in owner; these are important inputs to certification path validation as
Section 6 of [RFC5280]. Checking the hash of the defined in Section 6 of [RFC5280]. Checking the hash of the
SubjectPublicKeyInfo ensures that the certificate contains the SubjectPublicKeyInfo ensures that the certificate contains the
intended public key. If either check fails, then potential Root CA intended public key. If either check fails, then the potential Root
certificate is not a valid replacement, and the recipient continues CA certificate is not a valid replacement, and the recipient
to use the current Root CA certificate. continues to use the current Root CA certificate. If both checks
succeed, then the recipient adds the potential Root CA certificate to
the trust anchor store. As discussed in Section 5, the recipient can
remove the current Root CA certificate immediately in some
situations. In other situations, the recipient waits an appropriate
amount of time to ensure that existing certification paths continue
to validate.
3. Hash Of Root Key Certificate Extension 3. Hash Of Root Key Certificate Extension
The HashOfRootKey certificate extension MUST NOT be critical. The HashOfRootKey certificate extension MUST NOT be critical.
The following ASN.1 [X680][X690] syntax defines the HashOfRootKey The following ASN.1 [X680][X690] syntax defines the HashOfRootKey
certificate extension: certificate extension:
ext-HashOfRootKey EXTENSION ::= { -- Only in Root CA certificates ext-HashOfRootKey EXTENSION ::= { -- Only in Root CA certificates
SYNTAX HashedRootKey SYNTAX HashedRootKey
skipping to change at page 4, line 43 skipping to change at page 4, line 48
generation public key. The public key is DER-encoded generation public key. The public key is DER-encoded
SubjectPublicKeyInfo as defined in [RFC5280]. SubjectPublicKeyInfo as defined in [RFC5280].
4. IANA Considerations 4. IANA Considerations
This document makes no requests of the IANA. This document makes no requests of the IANA.
5. Operational Considerations 5. Operational Considerations
Guidance on the transition from one trust anchor to another is Guidance on the transition from one trust anchor to another is
available in [RFC2510]. In particular, the oldWithNew and newWithOld available in Section 4.4 of [RFC4210]. In particular, the oldWithNew
advice ensures that relying parties are able to validate certificates and newWithOld advice ensures that relying parties are able to
issued under the current Root CA certificate and the next generation validate certificates issued under the current Root CA certificate
Root CA certificate throughout the transition. Further, this and the next generation Root CA certificate throughout the
technique avoids the need for all relying parties to make the transition. The notAfter field in the oldWithNew certificate MUST
cover the validity period of all unexpired certificates issued under
the old Root CA private key. Further, this advice SHOULD be followed
by Root CAs to avoid the need for all relying parties to make the
transition at the same time. transition at the same time.
After issuing the oldWithNew and newWithOld certificates, the Root CA
MUST stop using the old private key to sign certificates.
In enterprise and application-specific environments where a directory
service or certificate repository is available, the oldWithNew and
newWithOld certificates SHOULD be published before the successor to
the current Root CA self-signed certificate is released. In
environments without such a directory service or repository,
recipients SHOULD keep both the old and replacement Root CA self-
signed certificate in the trust anchor store for some amount of time
to ensure that all end-entity certificates can be validated until
they expire. The recipient MAY keep the old Root CA self-signed
certificate until all of the certificates in the local cache that are
subordinate to it have expired.
Certification path construction is more complex when multiple self-
signed certificates in the trust anchor store have the same
distinguished name. For this reason, the replacement Root CA self-
signed certificate SHOULD contain a different distinguished name than
the one it is replacing. One approach is to include a number as part
of the name that is incremented with each generation, such as
"Example CA", "Example CA G2", "Example CA G3", and so on.
Changing names from one generation to another can lead to confusion
when reviewing the history of a trust anchor store. To assist with
such review, a recipient MAY create an audit entry to capture the old
and replacement self-signed certificates.
The Root CA must securely back up the yet-to-be-deployed key pair. The Root CA must securely back up the yet-to-be-deployed key pair.
If the Root CA stores the key pair in a hardware security module, and If the Root CA stores the key pair in a hardware security module, and
that module fails, the Root CA remains committed to the now that module fails, the Root CA remains committed to the key pair that
unavailable key pair. The remedy is to deploy a new self-signed is no longer available. This leaves the Root CA with no alternative
certificate that contains a newly-generated key pair in the same but to deploy a new self-signed certificate that contains a newly-
manner as the initial self-signed certificate, thus loosing the generated key pair in the same manner as the initial self-signed
benefits of the Hash Of Root Key certificate extension altogether. certificate, thus losing the benefits of the Hash Of Root Key
certificate extension altogether.
6. Security Considerations 6. Security Considerations
The security considerations from [RFC5280] apply, especially the The security considerations from [RFC5280] apply, especially the
discussion of self-issued certificates. discussion of self-issued certificates.
The Hash Of Root Key certificate extension facilitates the orderly The Hash Of Root Key certificate extension facilitates the orderly
transition from one Root CA public key to the next by publishing the transition from one Root CA public key to the next by publishing the
hash value of the next generation public key in the current hash value of the next generation public key in the current
certificate. This allows a relying party to unambiguously recognize certificate. This allows a relying party to unambiguously recognize
skipping to change at page 5, line 30 skipping to change at page 6, line 20
the full public key is not disclosed until the Root CA releases the the full public key is not disclosed until the Root CA releases the
next generation certificate. In this way, attackers cannot begin to next generation certificate. In this way, attackers cannot begin to
analyze the public key before the next generation Root CA self-signed analyze the public key before the next generation Root CA self-signed
certificate is released. certificate is released.
The Root CA needs to ensure that the public key in the next The Root CA needs to ensure that the public key in the next
generation certificate is as strong or stronger than the key that it generation certificate is as strong or stronger than the key that it
is replacing. Of course, a significant advance in cryptoanalytic is replacing. Of course, a significant advance in cryptoanalytic
capability can break the yet-to-be-deployed key pair. Such advances capability can break the yet-to-be-deployed key pair. Such advances
are rare and difficult to predict. If such an advance occurs, the are rare and difficult to predict. If such an advance occurs, the
Root CA remains committed to the now broken key. The remedy is to Root CA remains committed to the now broken key. This leaves the
deploy a new public key and algorithm in the same manner as the Root CA with no alternative but to deploy a new self-signed
initial Root CA self-signed certificate, thus loosing the benefits of certificate that contains a newly-generated key pair, most likely
the Hash Of Root Key certificate extension altogether. using a different signature algorithm, in the same manner as the
initial self-signed certificate, thus losing the benefits of the Hash
Of Root Key certificate extension altogether.
The Root CA needs to employ a hash function that is resistant to The Root CA needs to employ a hash function that is resistant to
preimage attacks [RFC4270]. A first-preimage attack against the hash preimage attacks [RFC4270]. A first-preimage attack against the hash
function would allow an attacker to find another input that results function would allow an attacker to find another input that results
published hash value. For the attack to be successful, the input published hash value. For the attack to be successful, the input
would have to be a valid SubjectPublicKeyInfo that contains the would have to be a valid SubjectPublicKeyInfo that contains a public
key that corresponds to a private key known to the attacker. A
second-preimage attack becomes possible once the Root CA releases the
next generation public key, which makes the input to the hash
function available to the attacker and everyone else. Again, the
attacker needs to find a valid SubjectPublicKeyInfo that contains the
public key that corresponds to a private key known to the attacker. public key that corresponds to a private key known to the attacker.
A second-preimage attack becomes possible once the Root CA releases
the next generation public key, which makes the input to the hash
function becomes available to the attacker and everyone else. Again,
the attacker needs to find a valid SubjectPublicKeyInfo that contains
the public key that corresponds to a private key known to the
attacker.
If an early release of the next generation public key occurs and the If an early release of the next generation public key occurs and the
Root CA is concerned that attackers were given too much lead time to Root CA is concerned that attackers were given too much lead time to
analyze that public key, then the Root CA can transition to a freshly analyze that public key, then the Root CA can transition to a freshly
generated key pair by rapidly performing two transitions. The first generated key pair by rapidly performing two transitions. The first
transition takes the Root CA to the key pair that suffered the early transition takes the Root CA to the key pair that suffered the early
release, and it causes the Root CA to generate the subsequent Root release, and it causes the Root CA to generate the subsequent Root
key pair. The second transition occurs when the Root CA is confident key pair. The second transition occurs when the Root CA is confident
that the population of relying parties have completed the first that the population of relying parties have completed the first
transition, and it takes the Root CA to the freshly generated key transition, and it takes the Root CA to the freshly generated key
pair. Of course, the second transition also causes the Root CA to pair. Of course, the second transition also causes the Root CA to
generate the Root key pair for future use. generate another key pair that is reserved for future use.
7. Acknowledgements 7. Acknowledgements
The Secure Electronic Transaction (SET) [SET] specification published The Secure Electronic Transaction (SET) [SET] specification published
by MasterCard and VISA in 1997 includes a very similar certificate by MasterCard and VISA in 1997 includes a very similar certificate
extension. The SET certificate extension has essentially the same extension. The SET certificate extension has essentially the same
semantics, but the syntax fairly different. semantics, but the syntax fairly different.
CTIA - The Wireless Association is developing a public key CTIA - The Wireless Association is developing a public key
infrastructure that will make use of the certificate extension infrastructure that will make use of the certificate extension
described in this document. described in this document.
Many thanks to Jim Schaad, Stefan Santesson, and Paul Hoffman. Their Many thanks to Stefan Santesson, Jim Schaad, Daniel Kahn Gillmor,
review and comments have greatly improved the document, especially Joel Halpern, Paul Hoffman, and Rich Salz. Their review and comments
the Operational Considerations and Security Considerations sections. have greatly improved the document, especially the Operational
Considerations and Security Considerations sections.
8. References 8. References
8.1. Normative References 8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC2510] Adams, C. and S. Farrell, "Internet X.509 Public Key [RFC4210] Adams, C., Farrell, S., Kause, T., and T. Mononen,
Infrastructure Certificate Management Protocols", "Internet X.509 Public Key Infrastructure Certificate
RFC 2510, DOI 10.17487/RFC2510, March 1999, Management Protocol (CMP)", RFC 4210,
<https://www.rfc-editor.org/info/rfc2510>. DOI 10.17487/RFC4210, September 2005,
<https://www.rfc-editor.org/info/rfc4210>.
[RFC4270] Hoffman, P. and B. Schneier, "Attacks on Cryptographic [RFC4270] Hoffman, P. and B. Schneier, "Attacks on Cryptographic
Hashes in Internet Protocols", RFC 4270, Hashes in Internet Protocols", RFC 4270,
DOI 10.17487/RFC4270, November 2005, DOI 10.17487/RFC4270, November 2005,
<https://www.rfc-editor.org/info/rfc4270>. <https://www.rfc-editor.org/info/rfc4270>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
 End of changes. 17 change blocks. 
58 lines changed or deleted 100 lines changed or added

This html diff was produced by rfcdiff 1.47. The latest version is available from http://tools.ietf.org/tools/rfcdiff/