wdiff draft-ietf-pkix-cmc-trans-00.txt draft-ietf-pkix-cmc-trans-01.txt

PKIX Working Group M. Myers
Internet Draft VeriSign
Document: draft-ietf-pkix-cmc-trans-00.txt X. Liu
February 2001 Cisco
Expires: July 2001 J. Schaad
Internet Draft Soaring Hawk Consulting
Document: draft-ietf-pkix-cmc-trans-01.txt M.Myers
March 2002 TraceRoute Security
Expires: September 2002 X.Liu
Cisco
J. Weinstein

CMC Transport

Status of this Memo

This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026 [1].

Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts. Internet-Drafts are draft documents valid for a maximum of
six months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet- Drafts
as reference material or to cite them other than as "work in
progress."

The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt

The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.

Comments or suggestions for improvement may be made on the "ietf-
pkix" mailing list, or directly to the author.

Abstract

This document defines a number of transport mechanisms that are used
to move [CMC] messages. The transport mechanisms described in this
document are: HTTP, file, mail and TCP.

1. Overview

This document defines a number of transport methods that are used to
move [CMC] messages. The transport mechanisms described in this
document are: HTTP, file, mail and TCP.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in
this document are to be interpreted as described in [RFC 2119].

1. Overview

2. File based protocol

Enrollment messages and responses may be transferred between clients
and servers using file system-based mechanisms, such as when
enrollment is performed for an off-line client. When files are used
to transport binary, BER-encoded Full Enrollment Request and
Response messages. There MUST be only one instance of a request or
response message in a single file. The following file type
extensions SHOULD be used:

Message Type File Extension

Full PKI Request .crq

Full PKI Response .crp

3. Mail based protocol

MIME wrapping is defined for those environments that are MIME
native.

The basic mime wrapping in this section is taken from [SMIMEV2] and
[SMIMEV3]. Simple enrollment requests are encoded using the
"application/pkcs10" content type. A file name MUST be included
either in a content type or a content disposition statement. The
extension for the file MUST be ".p10".

Simple enrollment response messages MUST be encoded as content-type
"application/pkcs7-mime". An smime-type parameter MUST be on the
content-type statement with a value of "certs-only." A file name
with the ".p7c" extension MUST be specified as part of the content-
type or content-disposition statement.

Full enrollment request messages MUST be encoded as content-type
"application/pkcs7-mime". The smime-type parameter MUST be included
with a value of "CMC-enroll". A file name with the ".p7m" extension
MUST be specified as part of the content-type or content-disposition
statement.

Full enrollment response messages MUST be encoded as content-type
"application/pkcs7-mime". The smime-type parameter MUST be included
with a value of "CMC-response." A file name with the ".p7m"
extensions MUST be specified as part of the content-type or content-
disposition statement.

MIME TYPE File Extension SMIME-TYPE

application/pkcs10 .p10 N/A
(simple PKI request)

application/pkcs7-mime .p7m CMC-request
(full PKI request)

application/pkcs7-mime .p7c certs-only
(simple PKI response)
application/pkcs7-mime .p7m CMC-response
(full PKI response)

4. HTTP/HTTPS based protocol

HTTP messages are wrapped with by a mime object as specified above.

5. TCP based protocol

When is the connection closed? How is this represented?

While this section is called TCP-Based and the CMC messages are called
TCP-message's, the same protocol can be used sent over any reliable,
connection oriented transport protocol (e.g. SNA, DECnet, etc.).
This protocol is suitable for cases where an end entity (or an RA)
initiates a transaction and can poll to pick up the results.

The length of the flags field for this version is 1 octet. The LSB TCP-Based connection, no wrapping
is used to indicate a connection close; all other bits in the flags
octet MUST be ignored by receivers, and MUST be set to zero by
senders.

By default connections are kept open after the receipt required of a
response. Either party (client or server) MAY set the connection
close bit at any time. If the message. Messages are sent in their binary
encoded form.

The connection close bit is set on a
request, then closed by the server MUST set the bit in the response and close
the connection after sending the response. If the bit is set on generating a response from the server,
for the client. (All CMC request messages from client MUST NOT send any further
requests on that connection. Applications MAY decide to close an
idle connection (one on which no server
generate a response is outstanding) after some
time-out. Because message.) If a second set of messages from the problem where a
client sends a request and to the server closes is required to complete the connection while transaction, the request is still in
flight, clients SHOULD automatically retry
client generates a request new TCP-Based connection for which no
part this purpose, it
cannot reuse an existing one.

Out of the response could band setup can be read due used to keep a TCP-Based connection close or
reset.

If the connection is kept open, it MUST only be used open
for subsequent
request/response transactions started by the client - the server
MUST NOT use it to send requests more than one message pair. A situation where this can occur is
an RA talking to the client. Different
transactions may be freely interwoven on the same connection. E.g. a
CR/CP need not immediately be followed by the Confirm, but may be
followed by any other request from CA over a different transaction.

7.3 specially setup TCP connection.

6 Socket-Based Transport

When enrollment messages and responses are sent over sockets, no
wrapping is required. Messages SHOULD MUST be sent in their binary, BER-
encoded form.

7. Security Considerations

Mechanisms for thwarting replay attacks may be required in
particular implementations of this protocol depending on the
operational environment. In cases where the CA maintains significant
state information, replay attacks may be detectable without the
inclusion of the optional nonce mechanisms. Implementers of this
protocol need to carefully consider environmental conditions before
choosing whether or not to implement the senderNonce and
recipientNonce attributes described in section 5.6. Developers of
state-constrained PKI clients are strongly encouraged to incorporate
the use of these attributes.

10.

8. Acknowledgments

The authors would like to thank Brian LaMacchia for his work in
developing and writing up many of the concepts presented in this
document. The authors would also like to thank Alex Deacon and Barb
Fox for their contributions.

11.

9. References

[CMC] J. Schaad, M. Myers, X. Liu, J. Weinstein, ôBASEö,
<base>.

[CMS] Housley, R., "Cryptographic Message Syntax", RFC 2630,
June 1999.

[CRMF] Myers, M., Adams, C., Solo, D. and D. Kemp, "Internet
X.509 Certificate Request Message Format", RFC 2511,
March
1999.

[DH] B. Kaliski, "PKCS 3: Diffie-Hellman Key Agreement v1.4"

[DH-POP] H. Prafullchandra, J. Schaad, "Diffie-Hellman Proof-of-
Possession Algorithms", Work in Progress.

[HMAC] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-

Hashing for Message Authentication", RFC 2104, February

1997.

[PKCS1] Kaliski, B., "PKCS #1: RSA Encryption, Version 1.5", RFC

2313, March 1998.

[PKCS7] Kaliski, B., "PKCS #7: Cryptographic Message Syntax
v1.5",
RFC 2315, October 1997.

[PKCS8] RSA Laboratories, "PKCS#8: Private-Key Information Syntax

Standard, Version 1.2", November 1, 1993.

[PKCS10] Kaliski, B., "PKCS #10: Certification Request Syntax

v1.5", RFC 2314, October 1997.

[PKIXCERT] Housley, R., Ford, W., Polk, W. and D. Solo "Internet

X.509 Public Key Infrastructure Certificate and CRL
Profile", RFC 2459, January 1999.

[RFC 2119] Bradner, S., "Key words for use in RFCs to Indicate

Requirement Levels", BCP 14, RFC 2119, March 1997.

[SMIMEV2] Dusse, S., Hoffman, P., Ramsdell, B., Lundblade, L. and
L.
Repka, "S/MIME Version 2 Message Specification", RFC
2311,
March 1998.

[SMIMEV3] Ramsdell, B., "S/MIME Version 3 Message Specification",

RFC 2633, June 1999.

[X942] Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC

2631, June 1999.

12.

10. Authors' Addresses

Jim Schaad
Soaring Hawk Consulting

EMail: jimsch@exmsft.com
Michael Myers
TraceRoute Security, Inc.

EMail: myers@coastside.net

Xiaoyi Liu
Cisco Systems
170 West Tasman Drive
San Jose, CA 95134

Phone: (480) 526-7430
EMail: xliu@cisco.com

Jim Schaad
Soaring Hawk Consulting

EMail: jimsch@exmsft.com

Jeff Weinstein

EMail: jsw@meer.net

Full Copyright Statement

This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain it
or assist in its implementation may be prepared, copied, published
and distributed, in whole or in part, without restriction of any
kind, provided that the above copyright notice and this paragraph
are included on all such copies and derivative works. However, this
document itself may not be modified in any way, such as by removing
the copyright notice or references to the Internet Society or other
Internet organizations, except as needed for the purpose of
developing Internet standards in which case the procedures for
copyrights defined in the Internet Standards process must be
followed, or as required to translate it into languages other than
English.

The limited permissions granted above are perpetual and will not be
revoked by the Internet Society or its successors or assigns.

This document and the information contained herein is provided on an
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

Funding for the RFC Editor function is currently provided by the
Internet Society.