Request for comments from x500 experts

Allegre <> Tue, 30 July 1996 08:52 UTC

Received: from by id aa28805; 30 Jul 96 4:52 EDT
Received: from cnri by id aa28801; 30 Jul 96 4:52 EDT
Received: from by CNRI.Reston.VA.US id aa03779; 30 Jul 96 4:52 EDT
Received: from by with local SMTP id <>; Tue, 30 Jul 1996 09:29:12 +0100
Received: from by with Internet SMTP id <>; Tue, 30 Jul 1996 09:28:49 +0100
X400-Received: by /PRMD=INTERNET/ADMD=ATLAS/C=FR/; Relayed; Tue, 30 Jul 1996 10:28:41 +0200
X400-Received: by mta in /PRMD=INTERNET/ADMD=ATLAS/C=FR/; Relayed; Tue, 30 Jul 1996 10:28:41 +0200
X400-Received: by /ADMD=ATLAS/C=FR/; Relayed; Tue, 30 Jul 1996 10:28:43 +0200
X400-Received: by /PRMD=cnet/ADMD=atlas/C=FR/; Relayed; Tue, 30 Jul 1996 10:25:48 +0200
Date: Tue, 30 Jul 1996 10:25:48 +0200
X400-Recipients: non-disclosure:;
X400-MTS-Identifier: [/PRMD=cnet/ADMD=atlas/C=FR/;]
X400-Content-Type: P2-1984 (2)
Content-Identifier: Request for comm
Alternate-Recipient: Allowed
From: Allegre <>
Message-ID: <9607300825.AA00222@detritus>
Subject: Request for comments from x500 experts

Dear all,

For Public Switching Telecommunication Networks,
We are studying an architecture to offer several services to customers
in a multi providers environment. We would have liked to use an implementation
conformed to ITU-T Recommendation X500 series to ensure and support
the security of the services but it seems that we have to define
our own X500 extensions. Before, to select this kind of alternative, 
we would like advice from X500 experts in order to know if we don't miss 
a capability of X500 series to achieve our requirements. If none capability 
exists or if some other X500 users have met similar requirements perhaps 
it could be fine to gather the solutions in order to contribute to 
the standard.


Francois ALLEGRE

PS Following the description of the service and its constraints and 
the different  X500 operations that we examined

Description of a part of service :
A provider of service H (e.g. a bank) has customer C who roams in other domains 
and use services from providers Vi (e.g. telecommunication). 
Each providers Vi want to ensure that C is the one he claims.

Architecture constraints:
The link between C and V doesn't support X500. Thus the DUA run in 
a computer of V. Computers of V can dialog with computers of H using X500.

Functionality constraints :
The authentication is based on a (challenge, response) scheme. 
The algorithm used to compute response from challenge could be proprietary. 
Then, since V could provision its service to several H, V doesn't get 
the code to execute the challenge/response algorithms

Authentication description :
The security experts propose a choice between two procedures
	- precomputation of challenge/response by H, distribution 
	  to V (as in GSM), sending of the challenge to C and 
	  verification of his response
	- selection of challenge by V, , sending of the challenge to C 
	  and verification of his response, sending of the user response 
	  and the challenge to H for verification 
	  (H ought to control any replay of challenge)

Examination of the implementation of procedures on X500
Choice 1
It seems that this procedure cannot be implemented without corrupting 
the X500 spirit
	- triggering an internal computation by a read of a specific attribute 
	  of the user entry. The read of this zone of the database is detected 
	  by a specific implementation mechanism which changes its content 
	  after the reading
	- use of a read with a "PROTECTED" read result where the "encAlgorithm" 
	  of the "genEncryptedTransform" (X501 amendment 5) are not ciphering 
	  algorithm but an algorithm which selects a random, makes a 
	  computation and fills the "encData" with challenge/response 
	  on a "ber" format

Choice 2
The challenge and the customer answering could be put in a "ExternalCredential".
The verification would be done by a "bind" with "externalProcedure" credentials 
if the DUA could select the "right" DSA (i.e. the DSA where the user entry 
is stored) in H. It seems that it doesn't work if the selected DSA has to 
chain the verification to the DSA including the user Entry.
Thanks by advance for your comments and suggestions