< draft-ito-documentsigning-eku-01.txt   draft-ito-documentsigning-eku-02.txt >
Individual T. Ito Individual T. Ito
Internet-Draft SECOM CO., LTD. Internet-Draft SECOM CO., LTD.
Intended status: Informational T. Okubo Intended status: Informational T. Okubo
Expires: 13 January 2022 DigiCert, Inc. Expires: 5 May 2022 DigiCert, Inc.
S. Turner S. Turner
sn3rd sn3rd
12 July 2021 7 November 2021
General Purpose Extended Key Usage (EKU) for Document Signing X.509 General Purpose Extended Key Usage (EKU) for Document Signing X.509
Certificates Certificates
draft-ito-documentsigning-eku-01 draft-ito-documentsigning-eku-02
Abstract Abstract
[RFC5280] specifies several extended key usages for X.509 [RFC5280] specifies several extended key usages for X.509
certificates. This document defines a general purpose document certificates. This document defines a general purpose document
signing extended key usage for X.509 public key certificates which signing extended key usage for X.509 public key certificates which
restricts the usage of the certificates for document signing. restricts the usage of the certificates for document signing.
Status of This Memo Status of This Memo
skipping to change at page 1, line 37 skipping to change at page 1, line 37
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 13 January 2022. This Internet-Draft will expire on 5 May 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Revised BSD License text as
as described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions and Definitions . . . . . . . . . . . . . . . . . 3 2. Conventions and Definitions . . . . . . . . . . . . . . . . . 3
3. Extended Key usage for DocumentSigning . . . . . . . . . . . 3 3. Extended Key usage for DocumentSigning . . . . . . . . . . . 3
3.1. Extended Key Usage Values for Document Signing . . . . . 3 3.1. Extended Key Usage Values for Document Signing . . . . . 3
4. Implications for a Certification Authority . . . . . . . . . 4 4. Using the Document Signing EKU in a Certificate . . . . . . . 4
5. Security Considerations . . . . . . . . . . . . . . . . . . . 4 5. Implications for a Certification Authority . . . . . . . . . 5
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 6. Security Considerations . . . . . . . . . . . . . . . . . . . 5
7. Normative References . . . . . . . . . . . . . . . . . . . . 4 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5 8. Normative References . . . . . . . . . . . . . . . . . . . . 6
Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 5 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 7
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 7
1. Introduction 1. Introduction
[RFC5280] specifies several extended key usages for X.509 [RFC5280] specifies several extended key usages for X.509
certificates. In addition, several extended key usage had been certificates. In addition, several extended key usage had been
added[RFC7299] as public OID under the IANA repository. While usage added[RFC7299] as public OID under the IANA repository. While usage
of any extended key usage is bad practice for publicly trusted of any extended key usage is bad practice for publicly trusted
certificates, there are no public and general extended key usage certificates, there are no public and general extended key usage
explicitly assigned for Document Signing certificates. The current explicitly assigned for Document Signing certificates. The current
practice is to use id-kp-emailProtection, id-kp-codeSigning or vendor practice is to use id-kp-emailProtection, id-kp-codeSigning or vendor
skipping to change at page 3, line 28 skipping to change at page 3, line 29
14 [RFC2119] [RFC8174] when, and only when, they appear in all 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
3. Extended Key usage for DocumentSigning 3. Extended Key usage for DocumentSigning
This specification defines the KeyPurposeId id-kp-documentSigning. This specification defines the KeyPurposeId id-kp-documentSigning.
Inclusion of this KeyPurposeId in a certificate indicates that the Inclusion of this KeyPurposeId in a certificate indicates that the
use of any Subject names in the certificate is restricted to use by a use of any Subject names in the certificate is restricted to use by a
document signing. document signing.
Term of "Document Sign" in this paper is digitaly signing human Term of "Document Sign" in this document is digitally sign contents
readable data or data that is intended to be human readable by means that are consumed by humans. To be more precise, contents are
of services and software. intended to be shown to human with printable or displayable form by
means of services or software, rather than processed by machines.
3.1. Extended Key Usage Values for Document Signing 3.1. Extended Key Usage Values for Document Signing
[RFC5280] specifies the EKU X.509 certificate extension for use in [RFC5280] specifies the EKU X.509 certificate extension for use in
the Internet. The extension indicates one or more purposes for which the Internet. The extension indicates one or more purposes for which
the certified public key is valid. The EKU extension can be used in the certified public key is valid. The EKU extension can be used in
conjunction with the key usage extension, which indicates how the conjunction with the key usage extension, which indicates how the
public key in the certificate is used, in a more basic cryptographic public key in the certificate is used, in a more basic cryptographic
way. way.
skipping to change at page 4, line 10 skipping to change at page 4, line 16
Inclusion of this KeyPurposeId in a certificate indicates that the Inclusion of this KeyPurposeId in a certificate indicates that the
use of any Subject names in the certificate is restricted to use by a use of any Subject names in the certificate is restricted to use by a
document signing service or a software (along with any usages allowed document signing service or a software (along with any usages allowed
by other EKU values). by other EKU values).
id-kp OBJECT IDENTIFIER ::= id-kp OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) 3 } security(5) mechanisms(5) pkix(7) 3 }
id-kp-documentSigning OBJECT IDENTIFIER ::= { id-kp XX } id-kp-documentSigning OBJECT IDENTIFIER ::= { id-kp XX }
4. Implications for a Certification Authority 4. Using the Document Signing EKU in a Certificate
[RFC8358] specifies the conventions for digital signatures on
Internet-Drafts. This is one of the intended use cases for the
general document signing EKU described in this document. [RFC8358]
uses CMS to digitally sign a wide array of files such as ASCII, PDF,
EPUB, HTML etc. Currently, there are no specification regarding EKU
for certificates signing those files except those which are defined
by the software vendor.
The signed contents of Internet-Drafts are primarily intended to be
consumed by human. To be more precise, contents are intended to be
shown to human in a printable or displayable form by means of
services or software, rather than processed by machines. To validate
the digital signature which is signed to contents intended to be
consumed by human, implementations MAY perform the steps below as a
certificate validation:
The implementation MAY examine the Extended Key Usage value(s):
1. If there are no restrictions set for the relying party and the
relying party software, the certificate is acceptable.
2. If there are restrictions set for the replying party and relying
party software, proceed as following.
Each Restriction on the EKUs can be "Excluded EKU" or "Permitted EKU"
and handled.
The procedure is intended to permit or prohibit presence of a certain
EKU or complete absence of EKUs. It is outside the scope of this
document, but the relying party can permit or prohibit conbinations
of EKU. A consideration on prohibiting combination of EKUs is
described in the security consideration section of this document.
2.1. Excluded EKUs procedure "Excluded EKU" is an EKU which the
relying party or the relying party software prohibits. Examples of
"Excluded EKU" are, presence of anyEKU or complete absence of EKU
extension on a certificate. If an EKU of the certificate meets the
conditions set by the "Excluded EKU" restriction, the relying party
or the relying party software rejects the certificate.
2.2. Permitted EKU procedure "Permitted EKU" is an EKU which the
relying party or the relying party software accepts. Examples of
"Permitted EKU" are, presence of this general document signing EKU
and/or protocol specific document signing-type EKUs. If an EKU of
the certificate meets the condition set by a "Permitted EKU"
restriction, the certificate is acceptable. Otherwise, relying party
or the relying party software rejects the certificate.
When a single software has capability to process various data
formats, the software may choose to make the excluded and permitted
decisions separately in accordance with the format it is handling
(e.g. text, pdf, etc).
5. Implications for a Certification Authority
The procedures and practices employed by a certification authority The procedures and practices employed by a certification authority
MUST ensure that the correct values for the EKU extension are MUST ensure that the correct values for the EKU extension are
inserted in each certificate that is issued. Unless certificates are inserted in each certificate that is issued. Unless certificates are
governed by a vendor specific PKI (or trust program), certificates governed by a vendor specific PKI (or trust program), certificates
that indicate usage for document signing MAY include the id-kp- that indicate usage for document signing MAY include the id-kp-
documentSigning EKU extension. This does not encompass the mandatory documentSigning EKU extension. This does not encompass the mandatory
usage of the id-kp-documentSigning EKU in conjunction with the vendor usage of the id-kp-documentSigning EKU in conjunction with the vendor
specific EKU. However, this does not restrict the CA from including specific EKU. However, this does not restrict the CA from including
multiple EKUs related to document signing. multiple EKUs related to document signing.
5. Security Considerations 6. Security Considerations
The Use of id-kp-documentSigning EKU can prevents the usage of id-kp- The usage of id-kp-documentSigning EKU intends to prevent id-kp-
emailProtection for none-email purposes and id-kp-codeSigning for emailProtection from being used for none-email purposes and id-kp-
signing objects other than binary codes. An id-kp-documentSigning codeSigning used to sign objects other than binary codes. This EKU
EKU value does not introduce any new security or privacy concerns. does not introduce new security risks but instead reduces existing
security risks by providing means to separate other EKUs used for
communication protocols namely, TLS or S/MIME etc. in order to
minimize the risk of cross protocol attacks.
6. IANA Considerations To reduce the risk of specific cross protocol attacks, the relying
party or relying party software may additionaly prohibit use of
specific combination of EKUs.
While a specific protocol or signing scheme may choose to come up
with their own EKU, some may not have significant motive or resource
to set up and manage thier own EKU. This general document signing
EKU may be used as a stop gap for those that intend to set up their
own EKU or those who do not intend to set up an EKU but still would
like to distinguish from other usage.
Introduction of this id-kp-documentSigning EKU value does not
introduce any new security or privacy concerns.
7. IANA Considerations
This document requests that IANA make two assignments. One for the This document requests that IANA make two assignments. One for the
id-kp-documentSigning object identifier (OID), as defined in id-kp-documentSigning object identifier (OID), as defined in
Section 3.1, for the EKU from the "SMI Security for PKIX Extended Key Section 3.1, for the EKU from the "SMI Security for PKIX Extended Key
Purpose" (1.3.6.1.5.5.7.3) registry. Another for the id-mod-docsign- Purpose" (1.3.6.1.5.5.7.3) registry. Another for the id-mod-docsign-
eku, as defined in Appendix A, for the ASN.1 module [X.680] from the eku, as defined in Appendix A, for the ASN.1 module [X.680] from the
in the "SMI Security for PKIX Module Identifier" (1.3.6.1.5.5.7.0) in the "SMI Security for PKIX Module Identifier" (1.3.6.1.5.5.7.0)
registry. No further action is necessary by IANA. registry. No further action is necessary by IANA.
7. Normative References 8. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
<https://www.rfc-editor.org/info/rfc5280>. <https://www.rfc-editor.org/info/rfc5280>.
[RFC7299] Housley, R., "Object Identifier Registry for the PKIX [RFC7299] Housley, R., "Object Identifier Registry for the PKIX
Working Group", RFC 7299, DOI 10.17487/RFC7299, July 2014, Working Group", RFC 7299, DOI 10.17487/RFC7299, July 2014,
<https://www.rfc-editor.org/info/rfc7299>. <https://www.rfc-editor.org/info/rfc7299>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
[RFC8358] Housley, R., "Update to Digital Signatures on Internet-
Draft Documents", RFC 8358, DOI 10.17487/RFC8358, March
2018, <https://www.rfc-editor.org/info/rfc8358>.
[X.680] ITU-T, "Information technology - Abstract Syntax Notation [X.680] ITU-T, "Information technology - Abstract Syntax Notation
One (ASN.1): Specification of basic notation", ISO/ One (ASN.1): Specification of basic notation", ISO/
IEC 8824-1:2015, November 2015. IEC 8824-1:2015, November 2015.
Acknowledgments Acknowledgments
We would like to thank Russ Housley for verifying the ASN.1 module. We would like to thank Russ Housley for verifying the ASN.1 module.
Appendix A. ASN.1 Module Appendix A. ASN.1 Module
 End of changes. 13 change blocks. 
25 lines changed or deleted 103 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/