draft-ietf-lamps-rfc5750-bis-02.txt   draft-ietf-lamps-rfc5750-bis-03.txt 
LAMPS J. Schaad LAMPS J. Schaad
Internet-Draft August Cellars Internet-Draft August Cellars
Intended status: Standards Track B. Ramsdell Intended status: Standards Track B. Ramsdell
Expires: August 27, 2017 Brute Squad Labs, Inc. Expires: September 14, 2017 Brute Squad Labs, Inc.
S. Turner S. Turner
sn3rd sn3rd
February 23, 2017 March 13, 2017
Secure/Multipurpose Internet Mail Extensions (S/ MIME) Version 4.0 Secure/Multipurpose Internet Mail Extensions (S/ MIME) Version 4.0
Certificate Handling Certificate Handling
draft-ietf-lamps-rfc5750-bis-02 draft-ietf-lamps-rfc5750-bis-03
Abstract Abstract
This document specifies conventions for X.509 certificate usage by This document specifies conventions for X.509 certificate usage by
Secure/Multipurpose Internet Mail Extensions (S/MIME) v4.0 agents. Secure/Multipurpose Internet Mail Extensions (S/MIME) v4.0 agents.
S/MIME provides a method to send and receive secure MIME messages, S/MIME provides a method to send and receive secure MIME messages,
and certificates are an integral part of S/MIME agent processing. and certificates are an integral part of S/MIME agent processing.
S/MIME agents validate certificates as described in RFC 5280, the S/MIME agents validate certificates as described in RFC 5280, the
Internet X.509 Public Key Infrastructure Certificate and CRL Profile. Internet X.509 Public Key Infrastructure Certificate and CRL Profile.
S/MIME agents must meet the certificate processing requirements in S/MIME agents must meet the certificate processing requirements in
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 27, 2017. This Internet-Draft will expire on September 14, 2017.
Copyright Notice Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 9 skipping to change at page 3, line 9
3. Using Distinguished Names for Internet Mail . . . . . . . . . 9 3. Using Distinguished Names for Internet Mail . . . . . . . . . 9
4. Certificate Processing . . . . . . . . . . . . . . . . . . . 10 4. Certificate Processing . . . . . . . . . . . . . . . . . . . 10
4.1. Certificate Revocation Lists . . . . . . . . . . . . . . 11 4.1. Certificate Revocation Lists . . . . . . . . . . . . . . 11
4.2. Certificate Path Validation . . . . . . . . . . . . . . . 11 4.2. Certificate Path Validation . . . . . . . . . . . . . . . 11
4.3. Certificate and CRL Signing Algorithms and Key Sizes . . 12 4.3. Certificate and CRL Signing Algorithms and Key Sizes . . 12
4.4. PKIX Certificate Extensions . . . . . . . . . . . . . . . 13 4.4. PKIX Certificate Extensions . . . . . . . . . . . . . . . 13
4.4.1. Basic Constraints . . . . . . . . . . . . . . . . . . 14 4.4.1. Basic Constraints . . . . . . . . . . . . . . . . . . 14
4.4.2. Key Usage Certificate Extension . . . . . . . . . . . 14 4.4.2. Key Usage Certificate Extension . . . . . . . . . . . 14
4.4.3. Subject Alternative Name . . . . . . . . . . . . . . 15 4.4.3. Subject Alternative Name . . . . . . . . . . . . . . 15
4.4.4. Extended Key Usage Extension . . . . . . . . . . . . 15 4.4.4. Extended Key Usage Extension . . . . . . . . . . . . 15
5. Security Considerations . . . . . . . . . . . . . . . . . . . 15 5. Security Considerations . . . . . . . . . . . . . . . . . . . 16
6. References . . . . . . . . . . . . . . . . . . . . . . . . . 17 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 18
6.1. Normative References . . . . . . . . . . . . . . . . . . 17 6.1. Normative References . . . . . . . . . . . . . . . . . . 18
6.2. Informational References . . . . . . . . . . . . . . . . 20 6.2. Informational References . . . . . . . . . . . . . . . . 20
Appendix A. Historic Considerations . . . . . . . . . . . . . . 23 Appendix A. Historic Considerations . . . . . . . . . . . . . . 23
A.1. Signature Algorithms and Key Sizes . . . . . . . . . . . 23 A.1. Signature Algorithms and Key Sizes . . . . . . . . . . . 23
Appendix B. Moving S/MIME v2 Certificate Handling to Historic Appendix B. Moving S/MIME v2 Certificate Handling to Historic
Status . . . . . . . . . . . . . . . . . . . . . . . 24 Status . . . . . . . . . . . . . . . . . . . . . . . 24
Appendix C. Acknowledgments . . . . . . . . . . . . . . . . . . 24 Appendix C. Acknowledgments . . . . . . . . . . . . . . . . . . 24
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 25
1. Introduction 1. Introduction
skipping to change at page 4, line 36 skipping to change at page 4, line 36
S/MIME agent: User software that is a receiving agent, a sending S/MIME agent: User software that is a receiving agent, a sending
agent, or both. agent, or both.
1.2. Conventions Used in This Document 1.2. Conventions Used in This Document
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
We define some additional terms here: We define the additional requirement levels:
SHOULD+ This term means the same as SHOULD. However, the authors SHOULD+ This term means the same as SHOULD. However, the authors
expect that a requirement marked as SHOULD+ will be promoted expect that a requirement marked as SHOULD+ will be promoted
at some future time to be a MUST. at some future time to be a MUST.
SHOULD- This term means the same as SHOULD. However, the authors SHOULD- This term means the same as SHOULD. However, the authors
expect that a requirement marked as SHOULD- will be demoted expect that a requirement marked as SHOULD- will be demoted
to a MAY in a future version of this document. to a MAY in a future version of this document.
MUST- This term means the same as MUST. However, the authors MUST- This term means the same as MUST. However, the authors
expect that this requirement will no longer be a MUST in a expect that this requirement will no longer be a MUST in a
future document. Although its status will be determined at a future document. Although its status will be determined at a
later time, it is reasonable to expect that if a future later time, it is reasonable to expect that if a future
revision of a document alters the status of a MUST- revision of a document alters the status of a MUST-
requirement, it will remain at least a SHOULD or a SHOULD-. requirement, it will remain at least a SHOULD or a SHOULD-.
The term RSA in this document almost always refers to the PKCS#1 v1.5
RSA signature algorithm even when not qualified as such. There are a
couple of places where it refers to the general RSA cryptographic
operation, these can be determined from the context where it is used.
1.3. Compatibility with Prior Practice S/MIME 1.3. Compatibility with Prior Practice S/MIME
S/MIME version 4.0 agents ought to attempt to have the greatest S/MIME version 4.0 agents ought to attempt to have the greatest
interoperability possible with agents for prior versions of S/MIME. interoperability possible with agents for prior versions of S/MIME.
S/MIME version 2 is described in RFC 2311 through RFC 2315 inclusive S/MIME version 2 is described in RFC 2311 through RFC 2315 inclusive
[SMIMEv2], S/MIME version 3 is described in RFC 2630 through RFC 2634 [SMIMEv2], S/MIME version 3 is described in RFC 2630 through RFC 2634
inclusive and RFC 5035 [SMIMEv3], and S/MIME version 3.1 is described inclusive and RFC 5035 [SMIMEv3], and S/MIME version 3.1 is described
in RFC 3850, RFC 3851, RFC 3852, RFC 2634, and RFC 5035 [SMIMEv3.1]. in RFC 3850, RFC 3851, RFC 3852, RFC 2634, and RFC 5035 [SMIMEv3.1].
RFC 2311 also has historical information about the development of RFC 2311 also has historical information about the development of
skipping to change at page 13, line 13 skipping to change at page 13, line 13
this parameter deterministically. this parameter deterministically.
The following are the RSA and RSASSA-PSS key size requirements for The following are the RSA and RSASSA-PSS key size requirements for
S/MIME receiving agents during certificate and CRL signature S/MIME receiving agents during certificate and CRL signature
verification: verification:
key size <= 2047 : SHOULD NOT (see Historic Considerations) key size <= 2047 : SHOULD NOT (see Historic Considerations)
2048 <= key size <= 4096 : MUST (see Security Considerations) 2048 <= key size <= 4096 : MUST (see Security Considerations)
4096 < key size : MAY (see Security Considerations) 4096 < key size : MAY (see Security Considerations)
For 1024-bit through 3072-bit RSA with SHA-256 see [RFC4055] and The signature algorithm object identifiers for RSA PKCS#1 v1.5 and
[FIPS186-2] with Change Notice 1, and for 4096-bit RSA with SHA-256 RSASSA-PSS with SHA-256 using 1024-bit through 3072-bit public keys
see [RFC4055] and [RFC3447]. In either case, the first reference are specified in [RFC4055] and the signature algorithm definition is
provides the signature algorithm's object identifier and the second found in [FIPS186-2] with Change Notice 1.
provides the signature algorithm's definition.
The signature algorithm object identifiers for RSA PKCS#1 v1.5 and
RSASSA-PSS with SHA-256 using 4096-bit public keys are specified in
[RFC4055] and the signature algorithm definition is found in
[RFC3447].
For RSASSA-PSS with SHA-256 see [RFC4056]. For RSASSA-PSS with SHA-256 see [RFC4056].
For ECDSA see [RFC5758] and [RFC6090]. The first reference provides For ECDSA see [RFC5758] and [RFC6090]. The first reference provides
the signature algorithm's object identifier and the second provides the signature algorithm's object identifier and the second provides
the signature algorithm's definition. Curves other than curve P-256 the signature algorithm's definition. Curves other than curve P-256
MAY be used as well. MAY be used as well.
For EdDSA see [I-D.ietf-curdle-pkix] and [I-D.irtf-cfrg-eddsa]. The For EdDSA see [I-D.ietf-curdle-pkix] and [I-D.irtf-cfrg-eddsa]. The
first reference provides the signature algorithm's object identifier first reference provides the signature algorithm's object identifier
skipping to change at page 18, line 19 skipping to change at page 18, line 23
Publication 186-2, January 2000. Publication 186-2, January 2000.
[FIPS186-3] [FIPS186-3]
National Institute of Standards and Technology (NIST), National Institute of Standards and Technology (NIST),
"Digital Signature Standard (DSS)", Federal Information "Digital Signature Standard (DSS)", Federal Information
Processing Standards Publication 186-3, June 2009. Processing Standards Publication 186-3, June 2009.
[I-D.ietf-lamps-eai-addresses] [I-D.ietf-lamps-eai-addresses]
Melnikov, A. and W. Chuang, "Internationalized Email Melnikov, A. and W. Chuang, "Internationalized Email
Addresses in X.509 certificates", draft-ietf-lamps-eai- Addresses in X.509 certificates", draft-ietf-lamps-eai-
addresses-06 (work in progress), February 2017. addresses-08 (work in progress), March 2017.
[I-D.ietf-lamps-rfc5751-bis] [I-D.ietf-lamps-rfc5751-bis]
Schaad, J., Ramsdell, B., and S. Turner, "Secure/ Schaad, J., Ramsdell, B., and S. Turner, "Secure/
Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Multipurpose Internet Mail Extensions (S/MIME) Version 4.0
Message Specification", draft-ietf-lamps-rfc5751-bis-02 Message Specification", draft-ietf-lamps-rfc5751-bis-03
(work in progress), October 2016. (work in progress), February 2017.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<http://www.rfc-editor.org/info/rfc2119>. <http://www.rfc-editor.org/info/rfc2119>.
[RFC2634] Hoffman, P., Ed., "Enhanced Security Services for S/MIME", [RFC2634] Hoffman, P., Ed., "Enhanced Security Services for S/MIME",
RFC 2634, DOI 10.17487/RFC2634, June 1999, RFC 2634, DOI 10.17487/RFC2634, June 1999,
<http://www.rfc-editor.org/info/rfc2634>. <http://www.rfc-editor.org/info/rfc2634>.
skipping to change at page 24, line 42 skipping to change at page 24, line 46
(this document) are backwards compatible with the S/MIME v2 (this document) are backwards compatible with the S/MIME v2
Certificate Handling Specification [SMIMEv2], with the exception of Certificate Handling Specification [SMIMEv2], with the exception of
the algorithms (dropped RC2/40 requirement and added DSA and RSASSA- the algorithms (dropped RC2/40 requirement and added DSA and RSASSA-
PSS requirements). Therefore, it is recommended that RFC 2312 PSS requirements). Therefore, it is recommended that RFC 2312
[SMIMEv2] be moved to Historic status. [SMIMEv2] be moved to Historic status.
Appendix C. Acknowledgments Appendix C. Acknowledgments
Many thanks go out to the other authors of the S/MIME v2 RFC: Steve Many thanks go out to the other authors of the S/MIME v2 RFC: Steve
Dusse, Paul Hoffman, and Jeff Weinstein. Without v2, there wouldn't Dusse, Paul Hoffman, and Jeff Weinstein. Without v2, there wouldn't
be a v3, v3.1, or v3.2. be a v3, v3.1, v3.2 or v4.0.
A number of the members of the S/MIME Working Group have also worked A number of the members of the S/MIME Working Group have also worked
very hard and contributed to this document. Any list of people is very hard and contributed to this document. Any list of people is
doomed to omission, and for that I apologize. In alphabetical order, doomed to omission, and for that I apologize. In alphabetical order,
the following people stand out in my mind because they made direct the following people stand out in my mind because they made direct
contributions to this document. contributions to this document.
Bill Flanigan, Trevor Freeman, Elliott Ginsburg, Alfred Hoenes, Paul Bill Flanigan, Trevor Freeman, Elliott Ginsburg, Alfred Hoenes, Paul
Hoffman, Russ Housley, David P. Kemp, Michael Myers, John Pawling, Hoffman, Russ Housley, David P. Kemp, Michael Myers, John Pawling,
and Denis Pinkas. and Denis Pinkas.
The version 4 update to the S/MIME documents was done under the
auspices of the LAMPS Working Group.
Authors' Addresses Authors' Addresses
Jim Schaad Jim Schaad
August Cellars August Cellars
Email: ietf@augustcellars.com Email: ietf@augustcellars.com
Blake Ramsdell Blake Ramsdell
Brute Squad Labs, Inc. Brute Squad Labs, Inc.
 End of changes. 12 change blocks. 
17 lines changed or deleted 29 lines changed or added

This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/