| < draft-ietf-sidr-bgpsec-pki-profiles-19.txt | draft-ietf-sidr-bgpsec-pki-profiles-20.txt > | |||
|---|---|---|---|---|
| Secure Inter-Domain Routing Working Group M. Reynolds | Secure Inter-Domain Routing Working Group M. Reynolds | |||
| Internet-Draft IPSw | Internet-Draft IPSw | |||
| Updates: 6487 (if approved) S. Turner | Updates: 6487 (if approved) S. Turner | |||
| Intended status: Standard Track sn3rd | Intended status: Standard Track sn3rd | |||
| Expires: July 3, 2017 S. Kent | Expires: July 8, 2017 S. Kent | |||
| BBN | BBN | |||
| December 30, 2016 | January 4, 2017 | |||
| A Profile for BGPsec Router Certificates, | A Profile for BGPsec Router Certificates, | |||
| Certificate Revocation Lists, and Certification Requests | Certificate Revocation Lists, and Certification Requests | |||
| draft-ietf-sidr-bgpsec-pki-profiles-19 | draft-ietf-sidr-bgpsec-pki-profiles-20 | |||
| Abstract | Abstract | |||
| This document defines a standard profile for X.509 certificates used | This document defines a standard profile for X.509 certificates used | |||
| to enable validation of Autonomous System (AS) paths in the Border | to enable validation of Autonomous System (AS) paths in the Border | |||
| Gateway Protocol (BGP), as part of an extension to that protocol | Gateway Protocol (BGP), as part of an extension to that protocol | |||
| known as BGPsec. BGP is the standard for inter-domain routing in the | known as BGPsec. BGP is the standard for inter-domain routing in the | |||
| Internet; it is the "glue" that holds the Internet together. BGPsec | Internet; it is the "glue" that holds the Internet together. BGPsec | |||
| is being developed as one component of a solution that addresses the | is being developed as one component of a solution that addresses the | |||
| requirement to provide security for BGP. The goal of BGPsec is to | requirement to provide security for BGP. The goal of BGPsec is to | |||
| provide full AS path validation based on the use of strong | provide full AS path validation based on the use of strong | |||
| cryptographic primitives. The end-entity (EE) certificates specified | cryptographic primitives. The end-entity (EE) certificates specified | |||
| by this profile are issued (to routers within an Autonomous System). | by this profile are issued to routers within an Autonomous System. | |||
| Each of these certificates is issued under a Resource Public Key | Each of these certificates is issued under a Resource Public Key | |||
| Infrastructure (RPKI) Certification Authority (CA) certificate. | Infrastructure (RPKI) Certification Authority (CA) certificate. | |||
| These CA certificates and EE certificates both contain the AS | These CA certificates and EE certificates both contain the AS | |||
| Identifier Delegation extension. An EE certificate of this type | Identifier Delegation extension. An EE certificate of this type | |||
| asserts that the router(s) holding the corresponding private key are | asserts that the router(s) holding the corresponding private key are | |||
| authorized to emit secure route advertisements on behalf of the | authorized to emit secure route advertisements on behalf of the | |||
| AS(es) specified in the certificate. This document also profiles the | AS(es) specified in the certificate. This document also profiles the | |||
| format of certification requests, and specifies Relying Party (RP) | format of certification requests, and specifies Relying Party (RP) | |||
| certificate path validation procedures for these EE certificates. | certificate path validation procedures for these EE certificates. | |||
| This document extends the RPKI; therefore, this documents updates the | This document extends the RPKI; therefore, this documents updates the | |||
| skipping to change at page 2, line 10 ¶ | skipping to change at page 2, line 10 ¶ | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2016 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 2, line 32 ¶ | skipping to change at page 2, line 32 ¶ | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 | 1.1. Terminology . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Describing Resources in Certificates . . . . . . . . . . . . . 3 | 2. Describing Resources in Certificates . . . . . . . . . . . . . 3 | |||
| 3. Updates to [RFC6487] . . . . . . . . . . . . . . . . . . . . . 5 | 3. Updates to [RFC6487] . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 3.1 BGPsec Router Certificate Fields . . . . . . . . . . . . . 5 | 3.1 BGPsec Router Certificate Fields . . . . . . . . . . . . . 5 | |||
| 3.1.1. Subject . . . . . . . . . . . . . . . . . . . . . . . 5 | 3.1.1. Subject . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 3.1.2. Subject Public Key Info . . . . . . . . . . . . . . . 5 | 3.1.2. Subject Public Key Info . . . . . . . . . . . . . . . 5 | |||
| 3.1.3. BGPsec Router Certificate Version 3 Extension Fields . 6 | 3.1.3. BGPsec Router Certificate Version 3 Extension Fields . 5 | |||
| 3.1.3.1. Basic Constraints . . . . . . . . . . . . . . . . 6 | 3.1.3.1. Basic Constraints . . . . . . . . . . . . . . . . 5 | |||
| 3.1.3.2. Extended Key Usage . . . . . . . . . . . . . . . . 6 | 3.1.3.2. Extended Key Usage . . . . . . . . . . . . . . . . 5 | |||
| 3.1.3.3. Subject Information Access . . . . . . . . . . . . 6 | 3.1.3.3. Subject Information Access . . . . . . . . . . . . 6 | |||
| 3.1.3.4. IP Resources . . . . . . . . . . . . . . . . . . . 6 | 3.1.3.4. IP Resources . . . . . . . . . . . . . . . . . . . 6 | |||
| 3.1.3.5. AS Resources . . . . . . . . . . . . . . . . . . . 6 | 3.1.3.5. AS Resources . . . . . . . . . . . . . . . . . . . 6 | |||
| 3.2. BGPsec Router Certificate Request Profile . . . . . . . . 7 | 3.2. BGPsec Router Certificate Request Profile . . . . . . . . 6 | |||
| 3.3. BGPsec Router Certificate Validation . . . . . . . . . . . 7 | 3.3. BGPsec Router Certificate Validation . . . . . . . . . . . 7 | |||
| 3.4. Router Certificates and Signing Functions in the RPKI . . 8 | 3.4. Router Certificates and Signing Functions in the RPKI . . 7 | |||
| 4. Design Notes . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 4. Design Notes . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
| 5. Implementation Considerations . . . . . . . . . . . . . . . . . 9 | 5. Implementation Considerations . . . . . . . . . . . . . . . . . 8 | |||
| 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | 6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | |||
| 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10 | 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 9.1. Normative References . . . . . . . . . . . . . . . . . . . 10 | 9.1. Normative References . . . . . . . . . . . . . . . . . . . 10 | |||
| 9.2. Informative References . . . . . . . . . . . . . . . . . . 11 | 9.2. Informative References . . . . . . . . . . . . . . . . . . 11 | |||
| Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 12 | Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 12 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 13 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12 | |||
| 1. Introduction | 1. Introduction | |||
| This document defines a profile for X.509 end-entity (EE) | This document defines a profile for X.509 end-entity (EE) | |||
| certificates [RFC5280] for use in the context of certification of | certificates [RFC5280] for use in the context of certification of | |||
| Autonomous System (AS) paths in the BGPsec. Such certificates are | Autonomous System (AS) paths in the BGPsec. Such certificates are | |||
| termed "BGPsec Router Certificates". The holder of the private key | termed "BGPsec Router Certificates". The holder of the private key | |||
| associated with a BGPsec Router Certificate is authorized to send | associated with a BGPsec Router Certificate is authorized to send | |||
| secure route advertisements (BGPsec UPDATEs) on behalf of the AS(es) | secure route advertisements (BGPsec UPDATEs) on behalf of the AS(es) | |||
| named in the certificate. A router holding the private key is | named in the certificate. A router holding the private key is | |||
| skipping to change at page 4, line 45 ¶ | skipping to change at page 4, line 45 ¶ | |||
| certificate is explained in Section 1 and falls within the scope of | certificate is explained in Section 1 and falls within the scope of | |||
| appropriate uses defined within [RFC6484]. The issuance of BGPsec | appropriate uses defined within [RFC6484]. The issuance of BGPsec | |||
| Router Certificates has minimal impact on RPKI CAs because the RPKI | Router Certificates has minimal impact on RPKI CAs because the RPKI | |||
| CA certificate and CRL profile remain unchanged (i.e., they are as | CA certificate and CRL profile remain unchanged (i.e., they are as | |||
| specified in [RFC6487]). Further, the algorithms used to generate | specified in [RFC6487]). Further, the algorithms used to generate | |||
| RPKI CA certificates that issue the BGPsec Router Certificates and | RPKI CA certificates that issue the BGPsec Router Certificates and | |||
| the CRLs necessary to check the validity of the BGPsec Router | the CRLs necessary to check the validity of the BGPsec Router | |||
| Certificates remain unchanged (i.e., they are as specified in | Certificates remain unchanged (i.e., they are as specified in | |||
| [RFC7935]). The only impact is that RPKI CAs will need to be able to | [RFC7935]). The only impact is that RPKI CAs will need to be able to | |||
| process a profiled certificate request (see Section 5) signed with | process a profiled certificate request (see Section 5) signed with | |||
| algorithms found in [ID.sidr-bgpsec-algs]. The use of BGPsec Router | algorithms found in [ID.sidr-bgpsec-algs]. BGPsec Router | |||
| Certificates in no way affects RPKI RPs that process Manifests and | Certificates are used only to verify the signature on the BGPsec | |||
| ROAs because the public key found in the BGPsec Router Certificate is | certificate request (only CAs process these) and the signature on a | |||
| used only to verify the signature on the BGPsec certificate request | BGPsec Update Message [ID.sidr-bgpsec-protocol] (only BGPsec routers | |||
| (only CAs process these) and the signature on a BGPsec Update Message | process these); BGPsec Router Certificates are not used to process | |||
| [ID.sidr-bgpsec-protocol] (only BGPsec routers process these). | Manifests and ROAs or verify signatures on Certificates or CRLs. | |||
| This document enumerates only the differences between this profile | This document enumerates only the differences between this profile | |||
| and the profile in [RFC6487]. Note that BGPsec Router Certificates | and the profile in [RFC6487]. Note that BGPsec Router Certificates | |||
| are EE certificates and as such there is no impact on process | are EE certificates and as such there is no impact on process | |||
| described in [RFC6916]. | described in [RFC6916]. | |||
| 3. Updates to [RFC6487] | 3. Updates to [RFC6487] | |||
| 3.1 BGPsec Router Certificate Fields | 3.1 BGPsec Router Certificate Fields | |||
| A BGPsec Router Certificate is consistent with the profile in | A BGPsec Router Certificate is consistent with the profile in | |||
| [RFC6487] as modified by the specifications in this section. As | [RFC6487] as modified by the specifications in this section. As | |||
| such, it is a valid X.509 public key certificate and consistent with | such, it is a valid X.509 public key certificate and consistent with | |||
| the PKIX profile [RFC5280]. The differences between this profile and | the PKIX profile [RFC5280]. The differences between this profile and | |||
| the profile in [RFC6487] are specified in this section. | the profile in [RFC6487] are specified in this section. | |||
| 3.1.1. Subject | 3.1.1. Subject | |||
| This field identifies the router to which the certificate has been | Common name encoding options that are supported are printableString | |||
| issued. Consistent with [RFC6487], only two attributes are allowed | and UTF8String. For BGPsec Router Certificates, it is RECOMMENDED | |||
| in the Subject field: common name and serial number. Moreover, the | that the common name attribute contain the literal string "ROUTER-" | |||
| only common name encoding options that are supported are | followed by the 32-bit AS Number [RFC3779] encoded as eight | |||
| printableString and UTF8String. For BGPsec Router Certificates, it | hexadecimal digits and that the serial number attribute contain the | |||
| is RECOMMENDED that the common name attribute contain the literal | 32-bit BGP Identifier [RFC4271] (i.e., the router ID) encoded as | |||
| string "ROUTER-" followed by the 32-bit AS Number [RFC3779] encoded | eight hexadecimal digits. If there is more than one AS number, the | |||
| as eight hexadecimal digits and that the serial number attribute | choice of which to include in the common name is at the discretion of | |||
| contain the 32-bit BGP Identifier [RFC4271] (i.e., the router ID) | the Issuer. If the same certificate is issued to more than one router | |||
| encoded as eight hexadecimal digits. If there is more than one AS | (hence the private key is shared among these routers), the choice of | |||
| number, the choice of which to include in the common name is at the | the router ID used in this name is at the discretion of the Issuer. | |||
| discretion of the Issuer. If the same certificate is issued to more | ||||
| than one router (hence the private key is shared among these | ||||
| routers), the choice of the router ID used in this name is at the | ||||
| discretion of the Issuer. Note that router IDs are not guaranteed to | ||||
| be unique across the Internet, and thus the Subject name in a BGPsec | ||||
| Router Certificate issued using this convention also is not | ||||
| guaranteed to be unique across different issuers. However, each | ||||
| certificate issued by an individual CA MUST contain a Subject name | ||||
| that is unique to that CA context. | ||||
| 3.1.2. Subject Public Key Info | 3.1.2. Subject Public Key Info | |||
| Refer to section 3.1 of [ID.sidr-bgpsec-algs]. | Refer to section 3.1 of [ID.sidr-bgpsec-algs]. | |||
| 3.1.3. BGPsec Router Certificate Version 3 Extension Fields | 3.1.3. BGPsec Router Certificate Version 3 Extension Fields | |||
| 3.1.3.1. Basic Constraints | 3.1.3.1. Basic Constraints | |||
| BGPsec speakers are EEs; therefore, the Basic Constraints extension | BGPsec speakers are EEs; therefore, the Basic Constraints extension | |||
| skipping to change at page 8, line 10 ¶ | skipping to change at page 7, line 43 ¶ | |||
| extension. | extension. | |||
| o BGPsec Router Certificates MUST include the AS Resource Identifier | o BGPsec Router Certificates MUST include the AS Resource Identifier | |||
| Delegation extension. | Delegation extension. | |||
| o BGPsec Router Certificate MUST include the subjectPublicKeyInfo | o BGPsec Router Certificate MUST include the subjectPublicKeyInfo | |||
| described in [ID.sidr-bgpsec-algs]. | described in [ID.sidr-bgpsec-algs]. | |||
| NOTE: BGPsec RPs will need to support the algorithms in [ID.sidr- | NOTE: BGPsec RPs will need to support the algorithms in [ID.sidr- | |||
| bgpsec-algs], which are used to validate BGPsec signatures, as well | bgpsec-algs], which are used to validate BGPsec signatures, as well | |||
| as the algorithms in [ID.sidr-rfc6485bis], which are needed to | as the algorithms in [RFC7935], which are needed to validate | |||
| validate signatures on BGPsec certificates, RPKI CA certificates, and | signatures on BGPsec certificates, RPKI CA certificates, and RPKI | |||
| RPKI CRLs. | CRLs. | |||
| 3.4. Router Certificates and Signing Functions in the RPKI | 3.4. Router Certificates and Signing Functions in the RPKI | |||
| As described in Section 1, the primary function of BGPsec route | As described in Section 1, the primary function of BGPsec route | |||
| certificates in the RPKI is for use in the context of certification | certificates in the RPKI is for use in the context of certification | |||
| of Autonomous System (AS) paths in the BGPsec protocol. | of Autonomous System (AS) paths in the BGPsec protocol. | |||
| The private key associated with a router EE certificate may be used | The private key associated with a router EE certificate may be used | |||
| multiple times in generating signatures in multiple instances of the | multiple times in generating signatures in multiple instances of the | |||
| BGPsec_Path Attribute Signature Segments [ID.sidr-bgpsec-protocol]. | BGPsec_Path Attribute Signature Segments [ID.sidr-bgpsec-protocol]. | |||
| skipping to change at page 9, line 42 ¶ | skipping to change at page 9, line 27 ¶ | |||
| A BGPsec Router Certificate is an extension of the RPKI [RFC6480] to | A BGPsec Router Certificate is an extension of the RPKI [RFC6480] to | |||
| encompass routers. It is a building block BGPsec and is used to | encompass routers. It is a building block BGPsec and is used to | |||
| validate signatures on BGPsec Signature-Segment origination of | validate signatures on BGPsec Signature-Segment origination of | |||
| Signed-Path segments [ID.sidr-bgpsec-protocol]. Thus its essential | Signed-Path segments [ID.sidr-bgpsec-protocol]. Thus its essential | |||
| security function is the secure binding of one or more AS numbers to | security function is the secure binding of one or more AS numbers to | |||
| a public key, consistent with the RPKI allocation/assignment | a public key, consistent with the RPKI allocation/assignment | |||
| hierarchy. | hierarchy. | |||
| Hash functions [ID.sidr-bgpsec-algs] are used when generating the two | Hash functions [ID.sidr-bgpsec-algs] are used when generating the two | |||
| key identifier extensions included in BGPsec certificates. However | key identifier extensions (i.e., Subject Key Identifier and Issuer | |||
| as noted in [RFC6818], collision resistance is not a required | Key Identifier) included in BGPsec certificates. However as noted in | |||
| property of one-way hash functions when used to generate key | [RFC6818], collision resistance is not a required property of one-way | |||
| identifiers. Regardless, hash collisions are unlikely, but they are | hash functions when used to generate key identifiers. Regardless, | |||
| possible and if detected an operator should be alerted. A subject | hash collisions are unlikely, but they are possible and if detected | |||
| key identifier collision might cause the incorrect certificate to be | an operator should be alerted. A subject key identifier collision | |||
| selected from the cache, resulting in a failed signature validation. | might cause the incorrect certificate to be selected from the cache, | |||
| resulting in a failed signature validation. | ||||
| 7. IANA Considerations | 7. IANA Considerations | |||
| This document makes use of two object identifiers in the SMI Registry | This document makes use of two object identifiers in the SMI Registry | |||
| for PKIX. One is for the ASN.1 module in Appendix A and it comes | for PKIX. One is for the ASN.1 module in Appendix A and it comes | |||
| from the SMI Security for PKIX Module Identifier IANA registry (id- | from the SMI Security for PKIX Module Identifier IANA registry (id- | |||
| mod-bgpsec-eku). The other is for the BGPsec router EKU defined in | mod-bgpsec-eku). The other is for the BGPsec router EKU defined in | |||
| Section 3.1.3.2 and Appendix A and it comes from the SMI Security for | Section 3.1.3.2 and Appendix A and it comes from the SMI Security for | |||
| PKIX Extended Key Purpose IANA registry. These OIDs were assigned | PKIX Extended Key Purpose IANA registry. These OIDs were assigned | |||
| before management of the PKIX Arc was handed to IANA. No IANA | before management of the PKIX Arc was handed to IANA. No IANA | |||
| End of changes. 15 change blocks. | ||||
| 49 lines changed or deleted | 41 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||