| < draft-msahli-ipwave-ieee1609-00.txt | draft-msahli-ipwave-ieee1609-01.txt > | |||
|---|---|---|---|---|
| IPWAVE Working Group M. Msahli, Ed. | Network Working Group M. Msahli, Ed. | |||
| Internet-Draft Telecom ParisTech | Internet-Draft Telecom ParisTech | |||
| Intended status: Informational P. Kampanakis, Ed. | Intended status: Experimental P. Kampanakis, Ed. | |||
| Expires: September 30, 2019 Cisco | Expires: November 29, 2019 Cisco | |||
| March 29, 2019 | May 28, 2019 | |||
| TLS Authentication using IEEE 1609.2 certificates | TLS Authentication using IEEE 1609.2 certificates | |||
| draft-msahli-ipwave-ieee1609-00.txt | draft-msahli-ipwave-ieee1609-01.txt | |||
| Abstract | Abstract | |||
| This document specifies the use of a new certificate type to | This document specifies the use of a new certificate type to | |||
| authenticate TLS entities. The first type enables the use of a | authenticate TLS entities. The first type enables the use of a | |||
| certificate specified by the IEEE and the European Telecommunications | certificate specified by the IEEE and the European Telecommunications | |||
| Standards Institute (ETSI). | Standards Institute (ETSI). | |||
| Status of This Memo | Status of This Memo | |||
| skipping to change at page 1, line 34 ¶ | skipping to change at page 1, line 34 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on September 30, 2019. | This Internet-Draft will expire on November 29, 2019. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 17 ¶ | skipping to change at page 2, line 17 ¶ | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Requirements Terminology . . . . . . . . . . . . . . . . . . 2 | 2. Requirements Terminology . . . . . . . . . . . . . . . . . . 2 | |||
| 3. Extension Overview . . . . . . . . . . . . . . . . . . . . . 2 | 3. Extension Overview . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 4. TLS Client and Server Handshake . . . . . . . . . . . . . . . 4 | 4. TLS Client and Server Handshake . . . . . . . . . . . . . . . 4 | |||
| 4.1. Client Hello . . . . . . . . . . . . . . . . . . . . . . 5 | 4.1. Client Hello . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4.2. Server Hello . . . . . . . . . . . . . . . . . . . . . . 5 | 4.2. Server Hello . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 5. Certificate Verification . . . . . . . . . . . . . . . . . . 6 | 5. Certificate Verification . . . . . . . . . . . . . . . . . . 6 | |||
| 6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 6. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 6.1. TLS Server and TLS Client use the 1609Dot2 Certificate . 6 | 6.1. TLS Server and TLS Client use the 1609Dot2 Certificate . 6 | |||
| 6.2. TLS Client uses the IEEE 1609.2 certificate and TLS | 6.2. TLS Client uses the IEEE 1609.2 certificate and TLS | |||
| Server uses the X 509 certificate . . . . . . . . . . . . 7 | Server uses the X509 certificate . . . . . . . . . . . . 7 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 8 | |||
| 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 9 | 8. Privacy Considerations . . . . . . . . . . . . . . . . . . . 9 | |||
| 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 | 10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 9 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 9 | 11.1. Normative References . . . . . . . . . . . . . . . . . . 9 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 10 | 11.2. Informative References . . . . . . . . . . . . . . . . . 10 | |||
| Appendix A. Co-Authors . . . . . . . . . . . . . . . . . . . . . 11 | Appendix A. Co-Authors . . . . . . . . . . . . . . . . . . . . . 11 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| skipping to change at page 6, line 14 ¶ | skipping to change at page 6, line 14 ¶ | |||
| extension in the Server Hello for TLS 1.2 or in Encrypted | extension in the Server Hello for TLS 1.2 or in Encrypted | |||
| Extension for TLS 1.3. Then, the server requests a certificate | Extension for TLS 1.3. Then, the server requests a certificate | |||
| from the client (via the certificate_request message) | from the client (via the certificate_request message) | |||
| It is worth to mention that the TLS client or server public keys are | It is worth to mention that the TLS client or server public keys are | |||
| obtained from a certificate chain from a web page. | obtained from a certificate chain from a web page. | |||
| 5. Certificate Verification | 5. Certificate Verification | |||
| Verification of an IEEE 1609.2/ ETSI TS 103097 certificates or | Verification of an IEEE 1609.2/ ETSI TS 103097 certificates or | |||
| certificate chain is described in section 5.5.2 of [IEEE1609.2]. In | certificate chain is described in section 5.1 of [IEEE1609.2]. In | |||
| the case where the certificate_type is 1609Dot2, the | the case where the certificate_type is 1609Dot2, the | |||
| CertificateVerify message does not contain a raw signature but | CertificateVerify message does not contain a raw signature but | |||
| instead contains a Canonical Octet Encoding Rules (COER)-encoded | instead contains a Canonical Octet Encoding Rules (COER)-encoded | |||
| Ieee1609Dot2Data of type signed as specified in [1609.2b], with the | Ieee1609Dot2Data of type signed as specified in [1609.2b], with the | |||
| pduFunctionalType field present and set to tlsHandshake. A full | pduFunctionalType field present and set to tlsHandshake. A full | |||
| specification of the contents of this Ieee1609Dot2Data, including | specification of the contents of this Ieee1609Dot2Data, including | |||
| optional fields, is given in [1609.2b]. The message input to the | optional fields, is given in [1609.2b]. The message input to the | |||
| signature calculation is the usual message input for TLS 1.3, as | signature calculation is the usual message input for TLS 1.3, as | |||
| specified in [RFC8446] section 4.4.3, consisting of pad, context | specified in [RFC8446] section 4.4.3, consisting of pad, context | |||
| string, separator and content, where content is Transcript- | string, separator and content, where content is Transcript- | |||
| skipping to change at page 7, line 25 ¶ | skipping to change at page 7, line 25 ¶ | |||
| {CertificateVerify*} | {CertificateVerify*} | |||
| {Finished} | {Finished} | |||
| {Certificate*} <------- [Application Data*] | {Certificate*} <------- [Application Data*] | |||
| {CertificateVerify*} | {CertificateVerify*} | |||
| {Finished} --------> | {Finished} --------> | |||
| [Application Data] <-------> [Application Data] | [Application Data] <-------> [Application Data] | |||
| Figure 2: TLS Client and TLS Server use the IEEE 1609.2 certificate | Figure 2: TLS Client and TLS Server use the IEEE 1609.2 certificate | |||
| 6.2. TLS Client uses the IEEE 1609.2 certificate and TLS Server uses | 6.2. TLS Client uses the IEEE 1609.2 certificate and TLS Server uses | |||
| the X 509 certificate | the X509 certificate | |||
| This example shows the TLS authentication, where the TLS Client | This example shows the TLS authentication, where the TLS Client | |||
| populates the server_certificate_type extension with the X509 | populates the server_certificate_type extension with the X509 | |||
| certificate and Raw Public Key type as presented in figure 3. the | certificate and Raw Public Key type as presented in figure 3. the | |||
| client indicates its ability to receive and to validate an X509 | client indicates its ability to receive and to validate an X509 | |||
| certificate from the server. The server chooses the X509 | certificate from the server. The server chooses the X509 | |||
| certificateto make its authentication with the Client. | certificateto make its authentication with the Client. | |||
| Client Server | Client Server | |||
| skipping to change at page 9, line 7 ¶ | skipping to change at page 9, line 7 ¶ | |||
| The "SessionTicket" [IANA value 35] extension for session | The "SessionTicket" [IANA value 35] extension for session | |||
| resumption. | resumption. | |||
| In addition, servers SHOULD not support renegotiation [RFC5746] | In addition, servers SHOULD not support renegotiation [RFC5746] | |||
| which presented Man-In-The-Middle (MITM) type attacks over the | which presented Man-In-The-Middle (MITM) type attacks over the | |||
| past years for TLS 1.2. | past years for TLS 1.2. | |||
| 8. Privacy Considerations | 8. Privacy Considerations | |||
| For privacy considerations in a vehicular environment the use of EEE | For privacy considerations in a vehicular environment the use of IEEE | |||
| 1609.2/ETSI TS 103097 certificate is recommended for many reasons: | 1609.2/ETSI TS 103097 certificate is recommended for many reasons: | |||
| In order to address the risk of a personal data leakage, messages | In order to address the risk of a personal data leakage, messages | |||
| exchanged for V2V communications are signed using IEEE 1609.2/ETSI | exchanged for V2V communications are signed using IEEE 1609.2/ETSI | |||
| TS 103097 pseudonym certificates | TS 103097 pseudonym certificates | |||
| The purpose of these certificates is to provide privacy relying on | The purpose of these certificates is to provide privacy relying on | |||
| geographical and/or temporal validity criteria, and minimizing the | geographical and/or temporal validity criteria, and minimizing the | |||
| exchange of private data | exchange of private data | |||
| 9. IANA Considerations | 9. IANA Considerations | |||
| Existing IANA references have not been updated yet to point to this | Existing IANA references have not been updated yet to point to this | |||
| document. | document. | |||
| 10. Acknowledgements | 10. Acknowledgements | |||
| The authors wish to thank Eric Rescola and Ilari Liusvaara for their | The authors wish to thank Eric Rescola and Ilari Liusvaara for their | |||
| feedback and suggestions on improving this document. Thanks are due | feedback and suggestions on improving this document. Thanks are due | |||
| to Sean Turner for his valuable and detailed comments. Special | to Sean Turner for his valuable and detailed comments. Special | |||
| thanks to Maik Seewald for their guidance and support in the early | thanks to Jasja Tijink and Maik Seewald for their guidance and | |||
| stages of the draft. | support of the draft. | |||
| 11. References | 11. References | |||
| 11.1. Normative References | 11.1. Normative References | |||
| [IEEE1609.2] | [IEEE1609.2] | |||
| "IEEE Standard for Wireless Access in Vehicular | "IEEE Standard for Wireless Access in Vehicular | |||
| Environments - Security Services for Applications and | Environments - Security Services for Applications and | |||
| Management Messages", 2016. | Management Messages", 2016. | |||
| [IEEE1609.2b] | [IEEE1609.2a] | |||
| "Draft Standard for Wireless Access in Vehicular | "Draft Standard for Wireless Access in Vehicular | |||
| Environments Security Services for Applications and for | Environments Security Services for Applications and for | |||
| Management Messages", 2018. | Management Messages", 2017. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", March 1997. | Requirement Levels", March 1997. | |||
| [RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B. | [RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B. | |||
| Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites | Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites | |||
| for Transport Layer Security (TLS)", May 2006. | for Transport Layer Security (TLS)", May 2006. | |||
| [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security | [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security | |||
| (TLS) Protocol Version 1.2", August 2008. | (TLS) Protocol Version 1.2", August 2008. | |||
| skipping to change at page 10, line 23 ¶ | skipping to change at page 10, line 23 ¶ | |||
| Extension Definitions", January 2011. | Extension Definitions", January 2011. | |||
| [RFC7250] Wouters, P., Tschofenig, H., Weiler, S., and T. Kivinen, | [RFC7250] Wouters, P., Tschofenig, H., Weiler, S., and T. Kivinen, | |||
| "Using Raw Public Keys in Transport Layer Security (TLS) | "Using Raw Public Keys in Transport Layer Security (TLS) | |||
| and Datagram Transport Layer Security (DTLS)", June 2014. | and Datagram Transport Layer Security (DTLS)", June 2014. | |||
| [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | [RFC8446] Rescorla, E., "The Transport Layer Security (TLS) Protocol | |||
| Version 1.3", August 2018. | Version 1.3", August 2018. | |||
| [TS103097] | [TS103097] | |||
| "ETSI TS 103 097 v1.3.1 (2017-10): Intelligent Transport | "ETSI TS 103 097 : Intelligent Transport Systems (ITS); | |||
| Systems (ITS); Security; Security header and certificate | Security; Security header and certificate formats". | |||
| formats", October 2017. | ||||
| 11.2. Informative References | 11.2. Informative References | |||
| [draft-serhrouchni-tls-certieee1609-00] | [draft-serhrouchni-tls-certieee1609-00] | |||
| KAISER, A., LABIOD, H., LONC, B., MSAHLI, M., and A. | KAISER, A., LABIOD, H., LONC, B., MSAHLI, M., and A. | |||
| SERHROUCHNI, "Transport Layer Security (TLS) | SERHROUCHNI, "Transport Layer Security (TLS) | |||
| Authentication using ITS ETSI and IEEE certificates", | Authentication using ITS ETSI and IEEE certificates", | |||
| august 2017. | august 2017. | |||
| Appendix A. Co-Authors | Appendix A. Co-Authors | |||
| End of changes. 12 change blocks. | ||||
| 17 lines changed or deleted | 16 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||