Last Modified: 2003-09-10
PKIX has produced several informational and standards track documents in support of the original and revised scope of the WG. The first of these standards, RFC 2459, profiled X.509 version 3 certificates and version 2 CRLs for use in the Internet. Profiles for the use of Attribute Certificates (RFC XXXX [pending]), LDAP v2 for certificate and CRL storage (RFC 2587), the Internet X.509 Public Key Infrastructure Qualified Certificates Profile (RFC 3039), and the Internet X.509 Public Key Infrastructure Certificate Policy and certification Practices Framework (RFC 2527 - Informational) are in line with the initial scope.
The Certificate Management Protocol (CMP) (RFC 2510), the Online Certificate Status Protocol (OCSP) (RFC 2560), Certificate Management Request Format (CRMF) (RFC 2511), Time-Stamp Protocol (RFC 3161), Certificate Management Messages over CMS (RFC 2797), Internet X.509 Public Key Infrastructure Time Stamp Protocols (RFC 3161), and the use of FTP and HTTP for transport of PKI operations (RFC 2585) are representative of the expanded scope of PKIX, as these are new protocols developed in the working group, not profiles of ITU PKI standards.
A roadmap, providing a guide to the growing set of PKIX document, also has been developed as an informational RFC.
Ongoing PKIX Work items
An ongoing PKIX task is the progression of existing, standards track RFCs from PROPOSED to DRAFT. Also, to the extent that PKIX work relates to protocols from other areas, e.g., LDAP, it is necessary to track the evolution of the other protocols and produce updated RFCs. For example, the LDAP v2 documents from PKIX are evolving to address LDAP v3. Finally, since the profiling of X.509 standards for use in the Internet remains a major focus, the WG will continue to track the evolution of these standards and incorporate changes and additions as appropriate.
New Work items for PKIX
- production of a requirements RFC for delegated path discovery and path validation protocols (DPD/DPV) and subsequent production of RFCs for protocols that satisfy the requirements
- development of a logotype extension for certificates
- development of a proxy certificate extension and associated processing rules
- development of an informational document on PKI disaster recovery
These work items may become standards track, INFORMATIONAL or EXPERIMENTAL RFCs, or may not even be published as RFCs.
Other deliverables may be agreed upon as extensions are proposed. New deliverables must be approved by the Security Area Directors before inclusion on the charter or IETF meeting agendas.
| Done | Complete approval of CMC, and qualified certificates documents | |
| Done | Complete time stamping document | |
| Done | Continue attribute certificate profile work | |
| Done | Complete data certification document | |
| Done | Complete work on attribute certificate profile | |
| Done | Standard RFCs for public key and attribute certificate profiles, CMP, OCSP, CMC, CRMF, TSP, Qualified Certificates, LDAP v2 schema, use of FTP/HTTP, Diffie-Hellman POP | |
| Done | INFORMATIONAL RFCs for X.509 PKI policies and practices, use of KEA | |
| Done | Experimental RFC for Data Validation and Certification Server Protocols | |
| Done | Production of revised certificate and CRL syntax and processing RFC (son-of-2459) | |
| Done | DPD/DVP Requirements RFC | |
| Sep 03 | Certificate Policy & CPS Informational RFC (revision) | |
| Oct 03 | Progression of CRMF, CMP, and CMP Transport to DRAFT Standard | |
| Oct 03 | Logotype Extension RFC | |
| Oct 03 | Proxy Certificate RFC | |
| Nov 03 | SCVP proposed Standard RFC | |
| Dec 03 | Progression of CMC RFCs to DRAFT Standard | |
| Mar 04 | Progression of Qualified Certificates Profile RFC to DRAFT Standard | |
| Mar 04 | Progression of Certificate & CRL Profile RFC to DRAFT Standard | |
| Mar 04 | Progression of Time Stamp Protocols RFC to DRAFT Standard | |
| Mar 04 | Progression of Logotype RFC to DRAFT Standard | |
| Jun 04 | Progression of Proxy Certificate RFC to DRAFT Standard | |
| Jun 04 | Progression of SCVP to Draft Standard | |
| Jun 04 | Progression of Attribute Certificate Profile RFC to DRAFT standard |
| RFC | Status | Title |
|---|---|---|
| RFC2459 | PS | Internet X.509 Public Key Infrastructure Certificate and CRL Profile |
| RFC2510 | PS | Internet X.509 Public Key Infrastructure Certificate Management Protocols |
| RFC2511 | PS | Internet X.509 Certificate Request Message Format |
| RFC2527 | I | Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework |
| RFC2528 | I | Internet X.509 Public Key Infrastructure Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509 Public Key Infrastructure Certificates |
| RFC2559 | PS | Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2 |
| RFC2585 | PS | Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP |
| RFC2587 | PS | Internet X.509 Public Key Infrastructure LDAPv2 Schema |
| RFC2560 | PS | X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP |
| RFC2797 | PS | Certificate Management Messages over CMS |
| RFC2875 | PS | Diffie-Hellman Proof-of-Possession Algorithms |
| RFC3039 | PS | Internet X.509 Public Key Infrastructure Qualified Certificates Profile |
| RFC3029 | E | Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols |
| RFC3161 | PS | Internet X.509 Public Key Infrastructure Time Stamp Protocols (TSP) |
| RFC3279 | PS | Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and CRI Profile |
| RFC3280 | PS | Internet X.509 Public Key Infrastructure Certificate and CRL Profile |
| RFC3281 | PS | An Internet Attribute Certificate Profile for Authorization |
| RFC3379 | I | Delegated Path Validation and Delegated Path Discovery Protocol Requirements |
| RFC3628 | I | Policy Requirements for Time-Stamping Authorities |
| RFC3647 | I | Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework |
------------------PKIX WG Meeting 11/10/03 Edited by Steve Kent Chairs: Stephen Kent <kent@bbn.com>, Tim Polk <tim.polk@nist.gov> The PKIX WG met once during the 58th IETF. A total of approximately 73 individuals participated in the meeting. Agenda review and document status - Tim Polk (NIST) There are a number of WG documents in various stages in the process. Two RFcs (3628 & 3647) were issued since the last IETF meeting. Three documents (Permanent Identifiers, CMP and CRMF) will be revised based on IESG comments. The Logotypes I-D has been revised in response to IESG comments and should be approved soon. The Proxy Certificates and IP Addresses & AS Identifiers I-Ds are in the hands of the IESG. Five documents are close to emerging from the WG. SCVP is being revised to reflect WG last call comments. Attribute Certificate Policies is in WG last call, but there is some question re support for the document. A straw poll on the document indicated about seven in favor of standards track progression, and about 4 in favor of an informational RFC, and a fair amount of indifference. Qualified certificates will enter WG last call after the meeting. The EEC "NIST Curves" I-D and the path building I-D also will be forward to the ADs by January. Ongoing work items include Subject Identification Method (SIM), PK algorithms, LDAP specs, OCSPv2, and progression of 3279/3280. the only new work item is a name comparison spec (to address international name issues), an initial draft of which is slated for the Seoul meeting. [slides] PKIX WG Specifications SIM - Jongwook Park (KISA) & Tim Polk (NIST) This specification is still in early stages of development. Current efforts are concentrating on formalizing security goals and requirements. The implementation details are still being revised, and in some cases appear as a TBD in the current draft. Unresolved issues include where to put the hash value, e.g., as an extension vs. as an otherName, and some details of the two-pass hashing function. [slides] RFC 3039bis (Qualified Certificates) - Stefan Santesson (Microsoft) The QC document is technically stable and incorporates the required changes for 3280 alignment. Minor issues remain for the ASN.1 in the document; the AD has provided clear guidance for resolution. Three issues raised on the list (regarding the document name, timeline for progression, and its relationship to RFC 3039) were also discussed. The WG chairs and the AD indicated that WG Last Call is appropriate at this time, and that the new specification should obsolete RFC 3039. Certificate Path Building - Peter Hesse (Gemini Security) This document, intended to become an informational RFC, was written to provide guidance and recommendations to developers building X.509 public-key certification paths within their applications, based on experience gained in several contexts. The document describes different PKI structures, considerations for forward vs. reverse path construction, tree pruning, etc. emphasis on the value of disallowing repeated name/key combination in a path. Guidance is based on experience with various products, but must describe processes that are consistent with PKIX RFCs. This is just an advisory document, not proscriptive, and so there will be no MUSTs, SHOULDS, etc. Plan to release another version of the document by the end of this month, then proceed to WG last call. [slides] OCSPv1 problem - Mike Meyers (Traceroute) OCSP has a facility in which a client may include a nonce in a request, to detect and reject replays of responses. Unfortunately, the RFC did not make perfectly clear that a client MUST reject a response that did not include a nonce, if the client included a nonce in the request. Similarly, the RFC did not make clear what a server should do if it receives a request with a nonce, but is incapable of generating a response containing a nonce, i.e., a server that deals only with pre-signed responses. A straw poll indicated that the vast majority of clients deal with these issues properly, but not all. OCSP servers that rely on caching do not generate a unique response for each request, so they omit nonces. An error could be returned by a server to indicate the inability to respond properly to a request with a nonce, but errors are not signed, so this does not address the security concern. Russ Housley, the cognizant AD made the following observation re this issue. "When an OCSP Client puts a nonce in an OCSP Request, replay protection is expected. Therefore, the OCSP Responder MUST include the same nonce value in the OCSP Response. If the OCSP Client receives an OCSP Response that fails to include the correct nonce value, it MUST be rejected." Liaison/Related Projects IPsec PKI Profile - Brian Korver (Xythos Software) Announcement of a BOF on this topic on Thursday, 9 AM. Steve Hanna (Sun) - OASIS PKI Obstacles Survey Report Steve is the co-chair of the OASIS PKI technical committee. Effort is trying to determine obstacles to successful PKI deployment and adoption, and to recommend ways to eliminate these obstacles. Survey generated 200 responses. Most significant obstacles include: - lack of application support - high costs - complexity, lack of understanding - interoperability problems Suggested fixes include: - free software - cookbook deployment guidance - path validation guidance - too many standards for some function, too general, not enough standards for other functions Action plan now available for public review. [slides] Path Validation Conformance Tests - Tim Polk [NIST] A suite of tests has been developed by NIST and several contractors, designed to ensure that products implement RFC 3280 properly. It is an extensive suite of tests. NIST's goals are to encourage vendors to submit products for testing, and for users to demand products that pass the tests. Common Criteria Protection Profiles have been created, based on these tests, in an effort to achieve the goal noted above. These profiles should be validated and available for use by the end of 2003. [slides] |