draft-josefsson-rfc2538bis-01.txt | draft-ietf-dnsext-rfc2538bis.txt | |||
---|---|---|---|---|
Network Working Group S. Josefsson | Network Working Group S. Josefsson | |||
Expires: July 4, 2005 | Expires: December 12, 2005 | |||
Storing Certificates in the Domain Name System (DNS) | Storing Certificates in the Domain Name System (DNS) | |||
draft-josefsson-rfc2538bis-01 | draft-ietf-dnsext-rfc2538bis-03 | |||
Status of this Memo | Status of this Memo | |||
This document is an Internet-Draft and is subject to all provisions | By submitting this Internet-Draft, each author represents that any | |||
of section 3 of RFC 3667. By submitting this Internet-Draft, each | applicable patent or other IPR claims of which he or she is aware | |||
author represents that any applicable patent or other IPR claims of | have been or will be disclosed, and any of which he or she becomes | |||
which he or she is aware have been or will be disclosed, and any of | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
which he or she become aware will be disclosed, in accordance with | ||||
RFC 3668. | ||||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
other groups may also distribute working documents as | other groups may also distribute working documents as Internet- | |||
Internet-Drafts. | Drafts. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
This Internet-Draft will expire on July 4, 2005. | This Internet-Draft will expire on December 12, 2005. | |||
Copyright Notice | Copyright Notice | |||
Copyright (C) The Internet Society (2005). | Copyright (C) The Internet Society (2005). | |||
Abstract | Abstract | |||
Cryptographic public key are frequently published and their | Cryptographic public key are frequently published and their | |||
authenticity demonstrated by certificates. A CERT resource record | authenticity demonstrated by certificates. A CERT resource record | |||
(RR) is defined so that such certificates and related certificate | (RR) is defined so that such certificates and related certificate | |||
revocation lists can be stored in the Domain Name System (DNS). | revocation lists can be stored in the Domain Name System (DNS). | |||
More information on this document, including rfcdiff output, may be | This document obsolete RFC 2538. | |||
found at <http://josefsson.org/rfc2538bis/>. | ||||
Table of Contents | Table of Contents | |||
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
2. The CERT Resource Record . . . . . . . . . . . . . . . . . . . 3 | 2. The CERT Resource Record . . . . . . . . . . . . . . . . . . 3 | |||
2.1 Certificate Type Values . . . . . . . . . . . . . . . . . 4 | 2.1 Certificate Type Values . . . . . . . . . . . . . . . . . 4 | |||
2.2 Text Representation of CERT RRs . . . . . . . . . . . . . 5 | 2.2 Text Representation of CERT RRs . . . . . . . . . . . . . 5 | |||
2.3 X.509 OIDs . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2.3 X.509 OIDs . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
3. Appropriate Owner Names for CERT RRs . . . . . . . . . . . . . 6 | 3. Appropriate Owner Names for CERT RRs . . . . . . . . . . . . 6 | |||
3.1 Content-based X.509 CERT RR Names . . . . . . . . . . . . 7 | 3.1 Content-based X.509 CERT RR Names . . . . . . . . . . . . 7 | |||
3.2 Purpose-based X.509 CERT RR Names . . . . . . . . . . . . 8 | 3.2 Purpose-based X.509 CERT RR Names . . . . . . . . . . . . 8 | |||
3.3 Content-based PGP CERT RR Names . . . . . . . . . . . . . 8 | 3.3 Content-based OpenPGP CERT RR Names . . . . . . . . . . . 9 | |||
3.4 Purpose-based PGP CERT RR Names . . . . . . . . . . . . . 9 | 3.4 Purpose-based OpenPGP CERT RR Names . . . . . . . . . . . 9 | |||
4. Performance Considerations . . . . . . . . . . . . . . . . . . 9 | 3.5 Owner names for IPKIX, ISPKI, and IPGP . . . . . . . . . . 9 | |||
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 | 4. Performance Considerations . . . . . . . . . . . . . . . . . 10 | |||
6. Security Considerations . . . . . . . . . . . . . . . . . . . 10 | 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
7. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 | |||
8. Changes since RFC 2538 . . . . . . . . . . . . . . . . . . . . 10 | 7. Security Considerations . . . . . . . . . . . . . . . . . . 10 | |||
Author's Address . . . . . . . . . . . . . . . . . . . . . . . 12 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . 11 | |||
A. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 12 | 9. Changes since RFC 2538 . . . . . . . . . . . . . . . . . . . 11 | |||
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11 | Author's Address . . . . . . . . . . . . . . . . . . . . . . 13 | |||
9.1 Normative References . . . . . . . . . . . . . . . . . . . . 11 | 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 | |||
9.2 Informative References . . . . . . . . . . . . . . . . . . . 12 | 10.1 Normative References . . . . . . . . . . . . . . . . . . 12 | |||
B. Copying conditions . . . . . . . . . . . . . . . . . . . . . . 12 | 10.2 Informative References . . . . . . . . . . . . . . . . . 12 | |||
Intellectual Property and Copyright Statements . . . . . . . . 13 | A. Copying conditions . . . . . . . . . . . . . . . . . . . . . 13 | |||
Intellectual Property and Copyright Statements . . . . . . . 14 | ||||
1. Introduction | 1. Introduction | |||
Public keys are frequently published in the form of a certificate and | Public keys are frequently published in the form of a certificate and | |||
their authenticity is commonly demonstrated by certificates and | their authenticity is commonly demonstrated by certificates and | |||
related certificate revocation lists (CRLs). A certificate is a | related certificate revocation lists (CRLs). A certificate is a | |||
binding, through a cryptographic digital signature, of a public key, | binding, through a cryptographic digital signature, of a public key, | |||
a validity interval and/or conditions, and identity, authorization, | a validity interval and/or conditions, and identity, authorization, | |||
or other information. A certificate revocation list is a list of | or other information. A certificate revocation list is a list of | |||
certificates that are revoked, and incidental information, all signed | certificates that are revoked, and incidental information, all signed | |||
skipping to change at page 3, line 28 | skipping to change at page 3, line 28 | |||
Section 2 below specifies a CERT resource record (RR) for the storage | Section 2 below specifies a CERT resource record (RR) for the storage | |||
of certificates in the Domain Name System. | of certificates in the Domain Name System. | |||
Section 3 discusses appropriate owner names for CERT RRs. | Section 3 discusses appropriate owner names for CERT RRs. | |||
Sections 4, 5, and 6 below cover performance, IANA, and security | Sections 4, 5, and 6 below cover performance, IANA, and security | |||
considerations, respectively. | considerations, respectively. | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
document are to be interpreted as described in [11]. | document are to be interpreted as described in [3]. | |||
2. The CERT Resource Record | 2. The CERT Resource Record | |||
The CERT resource record (RR) has the structure given below. Its RR | The CERT resource record (RR) has the structure given below. Its RR | |||
type code is 37. | type code is 37. | |||
1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 | 1 1 1 1 1 1 1 1 1 1 2 2 2 2 2 2 2 2 2 2 3 3 | |||
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 | |||
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | |||
| type | key tag | | | type | key tag | | |||
skipping to change at page 4, line 6 | skipping to change at page 4, line 6 | |||
The type field is the certificate type as define in section 2.1 | The type field is the certificate type as define in section 2.1 | |||
below. | below. | |||
The algorithm field has the same meaning as the algorithm field in | The algorithm field has the same meaning as the algorithm field in | |||
DNSKEY and RRSIG RRs [10] except that a zero algorithm field | DNSKEY and RRSIG RRs [10] except that a zero algorithm field | |||
indicates the algorithm is unknown to a secure DNS, which may simply | indicates the algorithm is unknown to a secure DNS, which may simply | |||
be the result of the algorithm not having been standardized for | be the result of the algorithm not having been standardized for | |||
DNSSEC. | DNSSEC. | |||
The key tag field is the 16 bit value computed for the key embedded | The key tag field is the 16 bit value computed for the key embedded | |||
in the certificate, using the RRSIG Key Tag Algorithm described in | in the certificate, using the RRSIG Key Tag algorithm described in | |||
Appendix B of [10]. This field is used as an efficiency measure to | Appendix B of [10]. This field is used as an efficiency measure to | |||
pick which CERT RRs may be applicable to a particular key. The key | pick which CERT RRs may be applicable to a particular key. The key | |||
tag can be calculated for the key in question and then only CERT RRs | tag can be calculated for the key in question and then only CERT RRs | |||
with the same key tag need be examined. However, the key must always | with the same key tag need be examined. However, the key must always | |||
be transformed to the format it would have as the public key portion | be transformed to the format it would have as the public key portion | |||
of a DNSKEY RR before the key tag is computed. This is only possible | of a DNSKEY RR before the key tag is computed. This is only possible | |||
if the key is applicable to an algorithm (and limits such as key size | if the key is applicable to an algorithm (and limits such as key size | |||
limits) defined for DNS security. If it is not, the algorithm field | limits) defined for DNS security. If it is not, the algorithm field | |||
MUST BE zero and the tag field is meaningless and SHOULD BE zero. | MUST BE zero and the tag field is meaningless and SHOULD BE zero. | |||
2.1 Certificate Type Values | 2.1 Certificate Type Values | |||
The following values are defined or reserved: | The following values are defined or reserved: | |||
Value Mnemonic Certificate Type | Value Mnemonic Certificate Type | |||
----- -------- ----------- ---- | ----- -------- ----------- ---- | |||
0 reserved | 0 reserved | |||
1 PKIX X.509 as per PKIX | 1 PKIX X.509 as per PKIX | |||
2 SPKI SPKI certificate | 2 SPKI SPKI certificate | |||
3 PGP OpenPGP packet | 3 PGP OpenPGP packet | |||
4-252 available for IANA assignment | 4 IPKIX The URL of an X.509 data object | |||
5 ISPKI The URL of an SPKI certificate | ||||
6 IPGP The URL of an OpenPGP packet | ||||
7-252 available for IANA assignment | ||||
253 URI URI private | 253 URI URI private | |||
254 OID OID private | 254 OID OID private | |||
255-65534 available for IANA assignment | 255-65534 available for IANA assignment | |||
65535 reserved | 65535 reserved | |||
The PKIX type is reserved to indicate an X.509 certificate conforming | The PKIX type is reserved to indicate an X.509 certificate conforming | |||
to the profile being defined by the IETF PKIX working group. The | to the profile being defined by the IETF PKIX working group. The | |||
certificate section will start with a one byte unsigned OID length | certificate section will start with a one byte unsigned OID length | |||
and then an X.500 OID indicating the nature of the remainder of the | and then an X.500 OID indicating the nature of the remainder of the | |||
certificate section (see 2.3 below). (NOTE: X.509 certificates do | certificate section (see 2.3 below). (NOTE: X.509 certificates do | |||
not include their X.500 directory type designating OID as a prefix.) | not include their X.500 directory type designating OID as a prefix.) | |||
The SPKI type is reserved to indicate a certificate formated as to be | The SPKI type is reserved to indicate the SPKI certificate format | |||
specified by the IETF SPKI working group. | [13], for use when the SPKI documents are moved from experimental | |||
status. | ||||
The PGP type indicates an OpenPGP packet as described in [5] and its | The PGP type indicates an OpenPGP packet as described in [6] and its | |||
extensions and successors. Two uses are to transfer public key | extensions and successors. Two uses are to transfer public key | |||
material and revocation signatures. The data is binary, and MUST NOT | material and revocation signatures. The data is binary, and MUST NOT | |||
be encoded into an ASCII armor. An implementation SHOULD process | be encoded into an ASCII armor. An implementation SHOULD process | |||
transferable public keys as described in section 10.1 of [5], but it | transferable public keys as described in section 10.1 of [5], but it | |||
MAY handle additional OpenPGP packets. | MAY handle additional OpenPGP packets. | |||
The IPKIX, ISPKI and IPGP types indicate a URL which will serve the | ||||
content that would have been in the "certificate, CRL or URL" field | ||||
of the corresponding (PKIX, SPKI or PGP) packet types. These types | ||||
are known as "indirect". These packet types MUST be used when the | ||||
content is too large to fit in the CERT RR, and MAY be used at the | ||||
implementations discretion. They SHOULD NOT be used where the entire | ||||
UDP packet would have fit in 512 bytes. | ||||
The URI private type indicates a certificate format defined by an | The URI private type indicates a certificate format defined by an | |||
absolute URI. The certificate portion of the CERT RR MUST begin with | absolute URI. The certificate portion of the CERT RR MUST begin with | |||
a null terminated URI [4] and the data after the null is the private | a null terminated URI [5] and the data after the null is the private | |||
format certificate itself. The URI SHOULD be such that a retrieval | format certificate itself. The URI SHOULD be such that a retrieval | |||
from it will lead to documentation on the format of the certificate. | from it will lead to documentation on the format of the certificate. | |||
Recognition of private certificate types need not be based on URI | Recognition of private certificate types need not be based on URI | |||
equality but can use various forms of pattern matching so that, for | equality but can use various forms of pattern matching so that, for | |||
example, subtype or version information can also be encoded into the | example, subtype or version information can also be encoded into the | |||
URI. | URI. | |||
The OID private type indicates a private format certificate specified | The OID private type indicates a private format certificate specified | |||
by a an ISO OID prefix. The certificate section will start with a | by a an ISO OID prefix. The certificate section will start with a | |||
one byte unsigned OID length and then a BER encoded OID indicating | one byte unsigned OID length and then a BER encoded OID indicating | |||
skipping to change at page 5, line 32 | skipping to change at page 5, line 44 | |||
The RDATA portion of a CERT RR has the type field as an unsigned | The RDATA portion of a CERT RR has the type field as an unsigned | |||
decimal integer or as a mnemonic symbol as listed in section 2.1 | decimal integer or as a mnemonic symbol as listed in section 2.1 | |||
above. | above. | |||
The key tag field is represented as an unsigned decimal integer. | The key tag field is represented as an unsigned decimal integer. | |||
The algorithm field is represented as an unsigned decimal integer or | The algorithm field is represented as an unsigned decimal integer or | |||
a mnemonic symbol as listed in [10]. | a mnemonic symbol as listed in [10]. | |||
The certificate / CRL portion is represented in base 64 [8] and may | The certificate / CRL portion is represented in base 64 [14] and may | |||
be divided up into any number of white space separated substrings, | be divided up into any number of white space separated substrings, | |||
down to single base 64 digits, which are concatenated to obtain the | down to single base 64 digits, which are concatenated to obtain the | |||
full signature. These substrings can span lines using the standard | full signature. These substrings can span lines using the standard | |||
parenthesis. | parenthesis. | |||
Note that the certificate / CRL portion may have internal sub-fields | Note that the certificate / CRL portion may have internal sub-fields | |||
but these do not appear in the master file representation. For | but these do not appear in the master file representation. For | |||
example, with type 254, there will be an OID size, an OID, and then | example, with type 254, there will be an OID size, an OID, and then | |||
the certificate / CRL proper. But only a single logical base 64 | the certificate / CRL proper. But only a single logical base 64 | |||
string will appear in the text representation. | string will appear in the text representation. | |||
skipping to change at page 6, line 36 | skipping to change at page 6, line 46 | |||
Following some of the guidelines below may result in the use in DNS | Following some of the guidelines below may result in the use in DNS | |||
names of characters that require DNS quoting which is to use a | names of characters that require DNS quoting which is to use a | |||
backslash followed by the octal representation of the ASCII code for | backslash followed by the octal representation of the ASCII code for | |||
the character such as \000 for NULL. | the character such as \000 for NULL. | |||
The choice of name under which CERT RRs are stored is important to | The choice of name under which CERT RRs are stored is important to | |||
clients that perform CERT queries. In some situations, the client | clients that perform CERT queries. In some situations, the client | |||
may not know all information about the CERT RR object it wishes to | may not know all information about the CERT RR object it wishes to | |||
retrieve. For example, a client may not know the subject name of an | retrieve. For example, a client may not know the subject name of an | |||
X.509 certificate, or the e-mail address of the owner of an OpenPGP | X.509 certificate, or the e-mail address of the owner of an OpenPGP | |||
key. Further, the client may only know the hostname of a service | key. Further, the client might only know the hostname of a service | |||
that uses X.509 certificates or the OpenPGP key id of an OpenPGP key. | that uses X.509 certificates or the Key ID of an OpenPGP key. | |||
This motivate describing two different owner name guidelines. We | This motivates describing two different owner name guidelines. We | |||
call the two rules content-based owner names and purpose-based owner | call the two rules content-based owner names and purpose-based owner | |||
names. A content-based owner name is derived from the content of the | names. A content-based owner name is derived from the content of the | |||
CERT RR data; for example the Subject field in an X.509 certificate | CERT RR data; for example the Subject field in an X.509 certificate | |||
or the User ID field in OpenPGP keys. A purpose-based owner name is | or the User ID field in OpenPGP keys. A purpose-based owner name is | |||
selected to be a name that clients that wishes to retrieve CERT RRs | selected to be a name that clients that wishes to retrieve CERT RRs | |||
knows; for example the host name of a X.509 protected service or a | are expected to know; for example the host name of a X.509 protected | |||
OpenPGP key id of an OpenPGP key. Note that in some situations, the | service or a Key ID of an OpenPGP key. Note that in some situations, | |||
content-based and purpose-based owner name can be the same; for | the content-based and purpose-based owner name can be the same; for | |||
example when a client look up keys based on e-mail addresses for | example when a client look up keys based on e-mail addresses for | |||
incoming e-mail. | incoming e-mail. | |||
[Editorial note: Purpose-based owner name guidelines were introduced | Implementations SHOULD use the purpose-based owner name guidelines | |||
in RFC 2538bis. Earlier, in RFC 2538, only content-based owner name | described in this document, and MAY use CNAMEs at content-based owner | |||
guidelines were described. Implementation experience suggested that | names (or other names), pointing to the purpose-based owner name. | |||
the content-based owner name guidelines were not generally | ||||
applicable. It was realized that purpose-based owner name guidelines | ||||
were required to use CERT RRs in some ways.] | ||||
3.1 Content-based X.509 CERT RR Names | 3.1 Content-based X.509 CERT RR Names | |||
Some X.509 versions permit multiple names to be associated with | Some X.509 versions permit multiple names to be associated with | |||
subjects and issuers under "Subject Alternate Name" and "Issuer | subjects and issuers under "Subject Alternate Name" and "Issuer | |||
Alternate Name". For example, x.509v3 has such Alternate Names with | Alternate Name". For example, x.509v3 has such Alternate Names with | |||
an ASN.1 specification as follows: | an ASN.1 specification as follows: | |||
GeneralName ::= CHOICE { | GeneralName ::= CHOICE { | |||
otherName [0] INSTANCE OF OTHER-NAME, | otherName [0] INSTANCE OF OTHER-NAME, | |||
skipping to change at page 7, line 39 | skipping to change at page 7, line 47 | |||
The recommended locations of CERT storage are as follows, in priority | The recommended locations of CERT storage are as follows, in priority | |||
order: | order: | |||
1. If a domain name is included in the identification in the | 1. If a domain name is included in the identification in the | |||
certificate or CRL, that should be used. | certificate or CRL, that should be used. | |||
2. If a domain name is not included but an IP address is included, | 2. If a domain name is not included but an IP address is included, | |||
then the translation of that IP address into the appropriate | then the translation of that IP address into the appropriate | |||
inverse domain name should be used. | inverse domain name should be used. | |||
3. If neither of the above it used but a URI containing a domain | 3. If neither of the above it used but a URI containing a domain | |||
name is present, that domain name should be used. | name is present, that domain name should be used. | |||
4. If none of the above is included but a character string name is | 4. If none of the above is included but a character string name is | |||
included, then it should be treated as described for PGP names in | included, then it should be treated as described for OpenPGP | |||
3.2 below. | names below. | |||
5. If none of the above apply, then the distinguished name (DN) | 5. If none of the above apply, then the distinguished name (DN) | |||
should be mapped into a domain name as specified in [3]. | should be mapped into a domain name as specified in [4]. | |||
Example 1: Assume that an X.509v3 certificate is issued to /CN=John | Example 1: Assume that an X.509v3 certificate is issued to /CN=John | |||
Doe/DC=Doe/DC=com/DC=xy/O=Doe Inc/C=XY/ with Subject Alternative | Doe/DC=Doe/DC=com/DC=xy/O=Doe Inc/C=XY/ with Subject Alternative | |||
names of (a) string "John (the Man) Doe", (b) domain name john- | names of (a) string "John (the Man) Doe", (b) domain name john- | |||
doe.com, and (c) uri <https://www.secure.john-doe.com:8080/>. Then | doe.com, and (c) uri <https://www.secure.john-doe.com:8080/>. Then | |||
the storage locations recommended, in priority order, would be | the storage locations recommended, in priority order, would be | |||
1. john-doe.com, | 1. john-doe.com, | |||
2. www.secure.john-doe.com, and | 2. www.secure.john-doe.com, and | |||
3. Doe.com.xy. | 3. Doe.com.xy. | |||
skipping to change at page 8, line 25 | skipping to change at page 8, line 33 | |||
3.2 Purpose-based X.509 CERT RR Names | 3.2 Purpose-based X.509 CERT RR Names | |||
It is difficult for clients that do not already posses a certificate | It is difficult for clients that do not already posses a certificate | |||
to reconstruct the content-based owner name that should be used to | to reconstruct the content-based owner name that should be used to | |||
retrieve the certificate. For this reason, purpose-based owner names | retrieve the certificate. For this reason, purpose-based owner names | |||
are recommended in this section. Because purpose-based owner names | are recommended in this section. Because purpose-based owner names | |||
by nature depend on the specific scenario, or purpose, for which the | by nature depend on the specific scenario, or purpose, for which the | |||
certificate will be used, there are more than one recommendation. | certificate will be used, there are more than one recommendation. | |||
The following table summarize the purpose-based X.509 CERT RR owner | The following table summarize the purpose-based X.509 CERT RR owner | |||
name guidelines. | name guidelines for use with S/MIME [16], SSL/TLS [11], and IPSEC | |||
[12]. | ||||
Scenario Owner name | Scenario Owner name | |||
------------------------------------------------------------------- | ------------------------------------------------------------------- | |||
S/MIME Certificate Standard translation of RFC 822 email address. | S/MIME Certificate Standard translation of RFC 822 email address. | |||
Example: A S/MIME certificate for | Example: A S/MIME certificate for | |||
"postmaster@example.org" will use a standard | "postmaster@example.org" will use a standard | |||
hostname translation of the owner name, | hostname translation of the owner name, | |||
i.e. "postmaster.example.org". | i.e. "postmaster.example.org". | |||
SSL Certificate Hostname of the SSL server. | TLS Certificate Hostname of the TLS server. | |||
IPSEC Certificate Hostname of the IPSEC machine, and/or | IPSEC Certificate Hostname of the IPSEC machine, and/or for | |||
for the in-addr.arpa reverse lookup IP address. | IPv4 or IPv6 addresses the fully qualified | |||
domain name in the appropriate reverse domain. | ||||
CRLs Hostname of the issuing CA. | An alternative approach for IPSEC is to store raw public keys [15]. | |||
3.3 Content-based PGP CERT RR Names | 3.3 Content-based OpenPGP CERT RR Names | |||
OpenPGP signed keys (certificates) use a general character string | OpenPGP signed keys (certificates) use a general character string | |||
User ID [5]. However, it is recommended by PGP that such names | User ID [6]. However, it is recommended by OpenPGP that such names | |||
include the RFC 2822 [7] email address of the party, as in "Leslie | include the RFC 2822 [8] email address of the party, as in "Leslie | |||
Example <Leslie@host.example>". If such a format is used, the CERT | Example <Leslie@host.example>". If such a format is used, the CERT | |||
should be under the standard translation of the email address into a | should be under the standard translation of the email address into a | |||
domain name, which would be leslie.host.example in this case. If no | domain name, which would be leslie.host.example in this case. If no | |||
RFC 2822 name can be extracted from the string name no specific | RFC 2822 name can be extracted from the string name no specific | |||
domain name is recommended. | domain name is recommended. | |||
If a user has more than one email address, the CNAME type can be used | If a user has more than one email address, the CNAME type can be used | |||
to reduce the amount of data stored in the DNS. For example: | to reduce the amount of data stored in the DNS. For example: | |||
$ORIGIN example.org. | $ORIGIN example.org. | |||
smith IN CERT PGP 0 0 <OpenPGP binary> | smith IN CERT PGP 0 0 <OpenPGP binary> | |||
john.smith IN CNAME smith | john.smith IN CNAME smith | |||
js IN CNAME smith | js IN CNAME smith | |||
3.4 Purpose-based PGP CERT RR Names | 3.4 Purpose-based OpenPGP CERT RR Names | |||
Applications that receive an OpenPGP packet but do not know the email | Applications that receive an OpenPGP packet containing encrypted or | |||
address of the sender will have difficulties guessing the correct | signed data but do not know the email address of the sender will have | |||
owner name, and cannot use the content-based owner name guidelines. | difficulties constructing the correct owner name and cannot use the | |||
However, the OpenPGP packet typically contain the Key ID of the key. | content-based owner name guidelines. However, these clients commonly | |||
In these situations, it is recommended to use an owner name derived | know the key fingerprint or the Key ID. The key ID is found in | |||
from the Key ID. For example: | OpenPGP packets, and the key fingerprint is commonly found in | |||
auxilliary data that may be available. For these situations, it is | ||||
recommended to use an owner name identical to the key fingerprint and | ||||
key ID expressed in hexadecimal [14]. For example: | ||||
$ORIGIN example.org. | $ORIGIN example.org. | |||
0424D4EE81A0E3D119C6F835EDA21E94B565716F IN CERT PGP ... | ||||
F835EDA21E94B565716F IN CERT PGP ... | F835EDA21E94B565716F IN CERT PGP ... | |||
B565716F IN CNAME F835EDA21E94B565716F | B565716F IN CERT PGP ... | |||
As before, if the same key material is stored at several owner names, | If the same key material is stored at several owner names, the use of | |||
using CNAME can be used to avoid data duplication. | CNAME may be used to avoid data duplication. Note that CNAME is not | |||
always applicable, because it map an owner names to the other for all | ||||
purposes, and this may be sub-optimal when two keys with the same Key | ||||
ID are stored. | ||||
3.5 Owner names for IPKIX, ISPKI, and IPGP | ||||
These types are stored under the same owner names, both purpose- and | ||||
content-based, as the PKIX, SPKI and PGP types, respectively. | ||||
4. Performance Considerations | 4. Performance Considerations | |||
Current Domain Name System (DNS) implementations are optimized for | Current Domain Name System (DNS) implementations are optimized for | |||
small transfers, typically not more than 512 bytes including | small transfers, typically not more than 512 bytes including | |||
overhead. While larger transfers will perform correctly and work is | overhead. While larger transfers will perform correctly and work is | |||
underway to make larger transfers more efficient, it is still | underway to make larger transfers more efficient, it is still | |||
advisable at this time to make every reasonable effort to minimize | advisable at this time to make every reasonable effort to minimize | |||
the size of certificates stored within the DNS. Steps that can be | the size of certificates stored within the DNS. Steps that can be | |||
taken may include using the fewest possible optional or extensions | taken may include using the fewest possible optional or extensions | |||
fields and using short field values for variable length fields that | fields and using short field values for variable length fields that | |||
must be included. | must be included. | |||
5. IANA Considerations | The RDATA field in the DNS protocol may only hold data of size 65535 | |||
octets (64kb) or less. This means that each CERT RR cannot contain | ||||
more than 64kb worth of payload, even if the corresponding | ||||
certificate or certificate revocation list is larger. This document | ||||
address this by defining "indirect" data types for each normal type. | ||||
Certificate types 0x0000 through 0x00FF and 0xFF00 through 0xFFFF can | 5. Contributors | |||
only be assigned by an IETF standards action [6]. This document | ||||
assigns 0x0001 through 0x0003 and 0x00FD and 0x00FE. Certificate | ||||
types 0x0100 through 0xFEFF are assigned through IETF Consensus [6] | ||||
based on RFC documentation of the certificate type. The availability | ||||
of private types under 0x00FD and 0x00FE should satisfy most | ||||
requirements for proprietary or private types. | ||||
6. Security Considerations | The majority of this document is copied verbatim from RFC 2538, by | |||
Donald Eastlake 3rd and Olafur Gudmundsson. | ||||
6. Acknowledgements | ||||
Thanks to David Shaw and Michael Graff for their contributions to | ||||
earlier works that motivated, and served as inspiration for, this | ||||
document. | ||||
This document was improved by suggestions and comments from Olivier | ||||
Dubuisson, Olaf M. Kolkman, Ben Laurie, Samuel Weiler, and Florian | ||||
Weimer. No doubt the list is incomplete. We apologize to anyone we | ||||
left out. | ||||
7. Security Considerations | ||||
By definition, certificates contain their own authenticating | By definition, certificates contain their own authenticating | |||
signature. Thus it is reasonable to store certificates in non-secure | signature. Thus it is reasonable to store certificates in non-secure | |||
DNS zones or to retrieve certificates from DNS with DNS security | DNS zones or to retrieve certificates from DNS with DNS security | |||
checking not implemented or deferred for efficiency. The results MAY | checking not implemented or deferred for efficiency. The results MAY | |||
be trusted if the certificate chain is verified back to a known | be trusted if the certificate chain is verified back to a known | |||
trusted key and this conforms with the user's security policy. | trusted key and this conforms with the user's security policy. | |||
Alternatively, if certificates are retrieved from a secure DNS zone | Alternatively, if certificates are retrieved from a secure DNS zone | |||
with DNS security checking enabled and are verified by DNS security, | with DNS security checking enabled and are verified by DNS security, | |||
the key within the retrieved certificate MAY be trusted without | the key within the retrieved certificate MAY be trusted without | |||
verifying the certificate chain if this conforms with the user's | verifying the certificate chain if this conforms with the user's | |||
security policy. | security policy. | |||
CERT RRs are not used in connection with securing the DNS security | When the URI type is used, it should be understood that it introduces | |||
additions so there are no security considerations related to CERT RRs | an additional indirection that may allow for a new attack vector. | |||
and securing the DNS itself. | One method to secure that indirection is to include a hash of the | |||
certificate in the URI itself. | ||||
7. Open Issues | CERT RRs are not used by DNSSEC [9] so there are no security | |||
considerations related to CERT RRs and securing the DNS itself. | ||||
1. How to handle PGP certificates larger than 64kb? In | If DNSSEC is used then the non-existence of a CERT RR, and | |||
draft-josefsson-cert-openpgp I outline one approach, but it may | consequently certificates or revocation lists, can be securely | |||
not be the best one. | asserted. Without DNSSEC, this is not possible. | |||
2. Whether to enforce owner name guidelines with SHOULD/MUST. From | ||||
David Shaw (on OpenPGP): "One of the things that struck me when | ||||
reading this draft is that while there are several suggested ways | ||||
to name keys in DNS, there is no one canonical name as a SHOULD | ||||
or MUST. I suggest that the key fingerprint be the canonical | ||||
name, and all others be CNAMEs pointing to the fingerprint | ||||
name.". From Sean P. Turner (on PKIX): "Should "recommended" be | ||||
"RECOMMENDED" in the 1st and 2nd sentences?" referring to the | ||||
text in section 3 that recommend appropriate owner names. | ||||
3. Should the document suggest use of both full fingerprints, 4/8 | ||||
byte OpenPGP key id owner names? Perhaps only fingerprint | ||||
version. | ||||
8. Changes since RFC 2538 | 8. IANA Considerations | |||
Certificate types 0x0000 through 0x00FF and 0xFF00 through 0xFFFF can | ||||
only be assigned by an IETF standards action [7]. This document | ||||
assigns 0x0001 through 0x0006 and 0x00FD and 0x00FE. Certificate | ||||
types 0x0100 through 0xFEFF are assigned through IETF Consensus [7] | ||||
based on RFC documentation of the certificate type. The availability | ||||
of private types under 0x00FD and 0x00FE should satisfy most | ||||
requirements for proprietary or private types. | ||||
The CERT RR reuses the DNS Security Algorithm Numbers registry. In | ||||
particular, the CERT RR requires that algorithm number 0 remain | ||||
reserved, as described in Section 2. The IANA is directed to | ||||
reference the CERT RR as a user of this registry and value 0, in | ||||
particular. | ||||
9. Changes since RFC 2538 | ||||
1. Editorial changes to conform with new document requirements, | 1. Editorial changes to conform with new document requirements, | |||
including splitting reference section into two parts and updating | including splitting reference section into two parts and | |||
references to point at latest versions. | updating the references to point at latest versions, and to add | |||
some additional references. | ||||
2. Improve terminology. For example replace "PGP" with "OpenPGP", | 2. Improve terminology. For example replace "PGP" with "OpenPGP", | |||
to align with RFC 2440. | to align with RFC 2440. | |||
3. In section 2.1, clarify that OpenPGP public key data are binary, | 3. In section 2.1, clarify that OpenPGP public key data are binary, | |||
not the ASCII armored format, and reference 10.1 in RFC 2440 on | not the ASCII armored format, and reference 10.1 in RFC 2440 on | |||
how to deal with OpenPGP keys, and acknowledge that | how to deal with OpenPGP keys, and acknowledge that | |||
implementations may handle additional packet types. | implementations may handle additional packet types. | |||
4. Clarify that integers in the representation format are decimal. | 4. Clarify that integers in the representation format are decimal. | |||
5. Replace KEY/SIG with DNSKEY/RRSIG etc, to align with DNSSECbis | 5. Replace KEY/SIG with DNSKEY/RRSIG etc, to align with DNSSECbis | |||
terminology. | terminology. Improve reference for Key Tag Algorithm | |||
calculations. | ||||
6. Add examples that suggest use of CNAME to reduce bandwidth. | 6. Add examples that suggest use of CNAME to reduce bandwidth. | |||
7. In section 3, add three paragraphs that discuss "content-based" | 7. In section 3, appended the last paragraphs that discuss | |||
vs "purpose-based" owner names. Add section 3.2 for | "content-based" vs "purpose-based" owner names. Add section 3.2 | |||
purpose-based X.509 CERT owner names, and section 3.4 for | for purpose-based X.509 CERT owner names, and section 3.4 for | |||
purpose-based OpenPGP CERT owner names. | purpose-based OpenPGP CERT owner names. | |||
8. Added size considerations. | ||||
9. The SPKI types has been reserved, until RFC 2692/2693 is moved | ||||
from the experimental status. | ||||
10. Added indirect types IPKIX, ISPKI, and IPGP. | ||||
9. References | 10. References | |||
9.1 Normative References | 10.1 Normative References | |||
[1] Mockapetris, P., "Domain names - concepts and facilities", STD | [1] Mockapetris, P., "Domain names - concepts and facilities", | |||
13, RFC 1034, November 1987. | STD 13, RFC 1034, November 1987. | |||
[2] Mockapetris, P., "Domain names - implementation and | [2] Mockapetris, P., "Domain names - implementation and | |||
specification", STD 13, RFC 1035, November 1987. | specification", STD 13, RFC 1035, November 1987. | |||
[3] Kille, S., Wahl, M., Grimstad, A., Huber, R. and S. Sataluri, | [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement | |||
Levels", BCP 14, RFC 2119, March 1997. | ||||
[4] Kille, S., Wahl, M., Grimstad, A., Huber, R., and S. Sataluri, | ||||
"Using Domains in LDAP/X.500 Distinguished Names", RFC 2247, | "Using Domains in LDAP/X.500 Distinguished Names", RFC 2247, | |||
January 1998. | January 1998. | |||
[4] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform | [5] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | |||
Resource Identifiers (URI): Generic Syntax", RFC 2396, August | Resource Identifiers (URI): Generic Syntax", RFC 2396, | |||
1998. | August 1998. | |||
[5] Callas, J., Donnerhacke, L., Finney, H. and R. Thayer, "OpenPGP | ||||
Message Format", RFC 2440, November 1998. | ||||
[6] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA | ||||
Considerations Section in RFCs", BCP 26, RFC 2434, October | ||||
1998. | ||||
[7] Resnick, P., "Internet Message Format", RFC 2822, April 2001. | [6] Callas, J., Donnerhacke, L., Finney, H., and R. Thayer, | |||
"OpenPGP Message Format", RFC 2440, November 1998. | ||||
[8] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", | [7] Narten, T. and H. Alvestrand, "Guidelines for Writing an IANA | |||
RFC 3548, July 2003. | Considerations Section in RFCs", BCP 26, RFC 2434, | |||
October 1998. | ||||
[9] Arends, R., Austein, R., Massey, D., Larson, M. and S. Rose, | [8] Resnick, P., "Internet Message Format", RFC 2822, April 2001. | |||
"DNS Security Introduction and Requirements", | ||||
draft-ietf-dnsext-dnssec-intro-13 (work in progress), October | ||||
2004. | ||||
[10] Arends, R., "Resource Records for the DNS Security Extensions", | [9] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, | |||
draft-ietf-dnsext-dnssec-records-11 (work in progress), October | "DNS Security Introduction and Requirements", RFC 4033, | |||
2004. | March 2005. | |||
9.2 Informative References | [10] Arends, R., Austein, R., Larson, M., Massey, D., and S. Rose, | |||
"Resource Records for the DNS Security Extensions", RFC 4034, | ||||
March 2005. | ||||
[11] Bradner, S., "Key words for use in RFCs to Indicate Requirement | 10.2 Informative References | |||
Levels", BCP 14, RFC 2119, March 1997. | ||||
Author's Address | [11] Dierks, T. and C. Allen, "The TLS Protocol Version 1.0", | |||
RFC 2246, January 1999. | ||||
Simon Josefsson | [12] Kent, S. and R. Atkinson, "Security Architecture for the | |||
Internet Protocol", RFC 2401, November 1998. | ||||
EMail: simon@josefsson.org | [13] Ellison, C., Frantz, B., Lampson, B., Rivest, R., Thomas, B., | |||
and T. Ylonen, "SPKI Certificate Theory", RFC 2693, | ||||
September 1999. | ||||
Appendix A. Acknowledgements | [14] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", | |||
RFC 3548, July 2003. | ||||
The majority of this document is copied verbatim from RFC 2538, by | [15] Richardson, M., "A Method for Storing IPsec Keying Material in | |||
Donald Eastlake 3rd and Olafur Gudmundsson. | DNS", RFC 4025, March 2005. | |||
The author wishes to thank David Shaw and Michael Graff for their | [16] Ramsdell, B., "Secure/Multipurpose Internet Mail Extensions | |||
contributions to the earlier work that motivated this revised | (S/MIME) Version 3.1 Message Specification", RFC 3851, | |||
document. | July 2004. | |||
Florian Weimer suggested to clarify wording regarding what data can | Author's Address | |||
be stored in RRDATA portion of OpenPGP CERT RRs. Olivier Dubuisson | ||||
confirmed that the X.509 OID were indeed correct. | ||||
Appendix B. Copying conditions | Simon Josefsson | |||
In addition to the IETF/ISOC copying conditions, the following | Email: simon@josefsson.org | |||
statement grant third parties further rights to the parts of this | ||||
document ("the work") that were written by Simon Josefsson. | ||||
Copyright (C) 2004, 2005 Simon Josefsson | Appendix A. Copying conditions | |||
Copying and distribution of the work, with or without | Regarding the portion of this document that was written by Simon | |||
modification, are permitted in any medium without royalty | Josefsson ("the author", for the remainder of this section), the | |||
provided the copyright notice and this notice are preserved. | author makes no guarantees and is not responsible for any damage | |||
resulting from its use. The author grants irrevocable permission to | ||||
anyone to use, modify, and distribute it in any way that does not | ||||
diminish the rights of anyone else to use, modify, and distribute it, | ||||
provided that redistributed derivative works do not contain | ||||
misleading author or version information. Derivative works need not | ||||
be licensed under similar terms. | ||||
Intellectual Property Statement | Intellectual Property Statement | |||
The IETF takes no position regarding the validity or scope of any | The IETF takes no position regarding the validity or scope of any | |||
Intellectual Property Rights or other rights that might be claimed to | Intellectual Property Rights or other rights that might be claimed to | |||
pertain to the implementation or use of the technology described in | pertain to the implementation or use of the technology described in | |||
this document or the extent to which any license under such rights | this document or the extent to which any license under such rights | |||
might or might not be available; nor does it represent that it has | might or might not be available; nor does it represent that it has | |||
made any independent effort to identify any such rights. Information | made any independent effort to identify any such rights. Information | |||
on the procedures with respect to rights in RFC documents can be | on the procedures with respect to rights in RFC documents can be | |||
End of changes. | ||||
This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ |