PKIX WG Meeting November 10, 2010
Edited by Steve Kent
Co-Chairs: Stephen Kent <kent@bbn.com>
Stefan Santesson <stefans@aaa-sec.com>
The PKIX WG met once, for a little over an hour, during the 78th IETF. A total of approximately 30
individuals participated in the meeting. Stefan Santesson
was unable to attend because of illness.
Document Status Review – Steve Kent (for Stefan Santesson (3xA Security)
There
has been significant progress in document status since the previous meeting.
-
3 RFCs published since Maastricht: 5934, 6024, and 6025
-
0 documents in
the RFC EditorÕs queue:
-
2 documents in
IESG processing: certificate image & OCSP Agility
-
4 I-Ds in
process in the WG: CMC Updates, 5280 clarifications, OCSP updte,
and transport protocols for CMP
(Slides)
PKIX WG Documents
OCSP Update – Tim Polk (NIST) for David Cooper
(NIST) and Stefan Santesson (3xA Secruity)
This is an ongoing
effort to remove ambiguities in RFC 2560, and to incorporate the algorithm
agility features documented later. Tim Polk reiterated that he wants the
document to be an update (vs. a ŌbisĶ), and that work
should begin (later) on a bis document.
Several issues have
been resolved, e.g., the nonce extension is defined as an OCTET string, and the
ASN.1 module has been modified accordingly. The security considerations section
has been revised to note name collision concerns (as per 5280), and a
clarification about integrated vs. designated responders and name matches.
Still unresolved is how to handle critical extensions that are unrecognized.
(Slides)
OCSP Agility – Jim Schaad (August Wine Cellars) for Stefan Santesson
(3xA Security)
It was decided to not make
any additional changes to this doc, which will begin IETF LC very soon. There
appears to be agreement on how to better accommodate signature algorithm
parameters. Use of SMIMECapabilities seems appropriate, but the appropriate
structure does not exist. It was agreed that a separate document should be
created to address this gap. Since
the SMIME WG has closed, and because PKIX needs this, we will pursue it in
PKIX. A recent concern has arisen about how a client should deal with certID generated using a hash algorithm unknown to it. This
issue will be pushed to the OCSP bis effort. (Slides)
Presentations
on non-WG Topics
A local TA management approach (Steve Kent - BBN)
Steve Kent described an
approach to local TA management that has been developed for the SIDR WG, and
which is now a work item there. The approach calls for each RP to establish
itself as a TA, and to issue certificates under itself to all other, offered
TAs. This is easily effected by extracting appropriate data from the
self-signed certificate of each offered TA, and using that as the content of a
new certificate issued under the RPÕs TA. When this re-issuance is effected,
the RP also can add any constraint extensions to these certificates, e.g. name
constraints, policy constraints, basic constraints, etc. Because these new
certificates will be 1 tier below the RPÕs TA, normal 5280 path validation
rules will enforce these constraints.
In the Resource PKI
(RPKI) developed in SIDR, each certificate contains one or two RFC 3779
extension, representing address space or autonomous system number resources
held by the subject. RFC 3779 extensions requires a subset check for these
extensions, in addition to normal 5280 path validation procedures. Steve
described contexts in which an RP might need to override the RPKI hierarchy,
for local processing. This motivated creation of a document to explain how to
do this, which Steve briefly described.
Steve noted that
most of the complexity of the mechanism described in the SIDR document is due
to the stringent 3779 processing rules. However, the general notion of an RP
acting as the ONLY TA that it recognizes, and re-issuing certificates to offered
TAs, might be generally useful, and that motivated this presentation.