idnits 2.17.1 draft-ietf-sidr-rpki-algs-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 8, 2010) is 4911 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Downref: Normative reference to an Informational draft: draft-ietf-sidr-arch (ref. 'I-D.ietf-sidr-arch') ** Obsolete normative reference: RFC 3447 (Obsoleted by RFC 8017) Summary: 2 errors (**), 0 flaws (~~), 1 warning (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 SIDR G. Huston 3 Internet-Draft APNIC 4 Intended status: Standards Track October 8, 2010 5 Expires: April 11, 2011 7 A Profile for Algorithms and Key Sizes for use in the Resource Public 8 Key Infrastructure 9 draft-ietf-sidr-rpki-algs-02.txt 11 Abstract 13 This document defines a profile for the algorithm and key size to be 14 used for signatures applied to certificates, Certificate Revocation 15 Lists, and signed objects in the context of the Resource Public Key 16 Infrastructure. 18 Status of this Memo 20 This Internet-Draft is submitted in full conformance with the 21 provisions of BCP 78 and BCP 79. 23 Internet-Drafts are working documents of the Internet Engineering 24 Task Force (IETF). Note that other groups may also distribute 25 working documents as Internet-Drafts. The list of current Internet- 26 Drafts is at http://datatracker.ietf.org/drafts/current/. 28 Internet-Drafts are draft documents valid for a maximum of six months 29 and may be updated, replaced, or obsoleted by other documents at any 30 time. It is inappropriate to use Internet-Drafts as reference 31 material or to cite them other than as "work in progress." 33 This Internet-Draft will expire on April 11, 2011. 35 Copyright Notice 37 Copyright (c) 2010 IETF Trust and the persons identified as the 38 document authors. All rights reserved. 40 This document is subject to BCP 78 and the IETF Trust's Legal 41 Provisions Relating to IETF Documents 42 (http://trustee.ietf.org/license-info) in effect on the date of 43 publication of this document. Please review these documents 44 carefully, as they describe your rights and restrictions with respect 45 to this document. Code Components extracted from this document must 46 include Simplified BSD License text as described in Section 4.e of 47 the Trust Legal Provisions and are provided without warranty as 48 described in the Simplified BSD License. 50 1. Introduction 52 This document defines a profile for the algorithm and key size to be 53 used for signatures applied to certificates, Certificate Revocation 54 Lists (CRLs), and signed objects in the context of the Resource 55 Public Key Infrastructure (RPKI) [I-D.ietf-sidr-arch]. 57 This section of the profile is specified in a distinct profile 58 document, referenced by the RPKI Certificate Policy (CP) 59 [I-D.ietf-sidr-cp] and the RPKI Certificate Profile 60 [I-D.ietf-sidr-res-certs], in order to allow for a degree of 61 algorithm and key agility in the RPKI, while permitting some longer 62 term stability in the CP and Certificate Profile specifications. 64 1.1. Terminology 66 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 67 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 68 document are to be interpreted as described in RFC 2119. 70 2. Algorithm and Key Size 72 This profile specifies the use of RSASSA-PKCS1-v1_5 [RFC3447] with 73 the SHA-256 hash algorithm to compute the signature of certificates, 74 CRLs, and signed objects in the context of the RPKI. Accordingly, 75 the OID value in the RPKI for such signatures MUST be 76 1.2.840.113549.1.1.11 (sha256WithRSAEncryption). The RSA key pairs 77 used to compute the signatures MUST have a 2048-bit modulus and a 78 public exponent (e) of 65,537. 80 In order to facilitate a potential need to transition to stronger 81 cryptographic algorithms in the future, Certification Authorities 82 (CAs) and Relying Parties (RPs) SHOULD be able to generate and verify 83 RSASSA-PKCS1-v1_5 signatures using the SHA-512 hash algorithm and RSA 84 key sizes of 3072 and 4096 bits. 86 3. Future Upates 88 It is anticipated that the RPKI will require the adoption of updated 89 key sizes and a different set of signature and hash algorithms over 90 time, in order to maintain an acceptable level of cryptographic 91 security to protect the integrity of signed products in the RPKI. 92 This profile should be updated to specify such future requirements, 93 as and when appropriate. 95 CAs and RPs SHOULD be capable of supporting a transition to allow for 96 the phased introduction of additional encryption algorithms and key 97 specifications, and also accomodate the orderly deprecation of 98 previously specified algorithms and keys. Accordingly, CAs and RPs 99 SHOULD be capable of supporting multiple RPKI algorithm and key 100 profiles simultaneously within the scope of such anticipated 101 transitions. The recommended procedures to implement such a 102 transition of key sizes and algorithms is not specified in this 103 document. 105 4. Security Considerations 107 The Security Considerations of [RFC3779], [RFC5280], and [RFC4055] 108 apply to signatures as defined by this profile, and their use. 110 5. IANA Considerations 112 [There are no IANA considerations in this document.] 114 6. Acknowledgments 116 The author acknowledges the re-use in this draft of material 117 originally contained in working drafts the RPKI Certificate Policy 118 and Resource Certificate profile documents. The co-authors of these 119 two documents, namely Stephen Kent, Derrick Kong, Karen Seo, Ronald 120 Watro, George Michaelson and Robert Loomans, are acknowledged, with 121 thanks. The constraint on key size noted in this profile is the 122 outcome of comments from Stephen Kent and review comments from David 123 Cooper. 125 7. Normative References 127 [I-D.ietf-sidr-arch] 128 Lepinski, M. and S. Kent, "An Infrastructure to Support 129 Secure Internet Routing", draft-ietf-sidr-arch (work in 130 progress), July 2009. 132 [I-D.ietf-sidr-cp] 133 Seo, K., Watro, R., Kong, D., and S. Kent, "Certificate 134 Policy (CP) for the Resource PKI (RPKI)", 135 draft-ietf-sidr-cp (work in progress), July 2009. 137 [I-D.ietf-sidr-res-certs] 138 Husotn, G., Michaelson, G., and R. Loomans, "A Profile for 139 X.509 PKIX Resource Certificates", 140 draft-ietf-sidr-res-certs (work in progress), 141 February 2008. 143 [RFC3447] Jonsson, J. and B. Kaliski, "Public-Key Cryptography 144 Standards (PKCS) #1: RSA Cryptography Specifications 145 Version 2.1", RFC 3447, February 2003. 147 [RFC3779] Lynn, C., Kent, S., and K. Seo, "X.509 Extensions for IP 148 Addresses and AS Identifiers", RFC 3779, June 2004. 150 [RFC4055] Schaad, J., Kaliski, B., and R. Housley, "Additional 151 Algorithms and Identifiers for RSA Cryptography for use in 152 the Internet X.509 Public Key Infrastructure Certificate 153 and Certificate Revocation List (CRL) Profile", RFC 4055, 154 June 2005. 156 [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., 157 Housley, R., and W. Polk, "Internet X.509 Public Key 158 Infrastructure Certificate and Certificate Revocation List 159 (CRL) Profile", RFC 5280, May 2008. 161 Author's Address 163 Geoff Huston 164 APNIC 166 Email: gih@apnic.net