[secdir] sec-dir review of draft-ietf-pkix-authorityclearanceconstraints-02.txt

Derek Atkins <derek@ihtfp.com> Tue, 11 August 2009 20:53 UTC

Return-Path: <derek@ihtfp.com>
X-Original-To: secdir@core3.amsl.com
Delivered-To: secdir@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 63AAF3A6FBA; Tue, 11 Aug 2009 13:53:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.988
X-Spam-Level:
X-Spam-Status: No, score=-1.988 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObnArGOW+CfC; Tue, 11 Aug 2009 13:53:23 -0700 (PDT)
Received: from mail.ihtfp.org (MAIL.IHTFP.ORG [204.107.200.6]) by core3.amsl.com (Postfix) with ESMTP id 692973A6FAE; Tue, 11 Aug 2009 13:53:23 -0700 (PDT)
Received: from pgpdev.ihtfp.org (PGPDEV.IHTFP.ORG [204.107.200.23]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "cliodev.ihtfp.com", Issuer "IHTFP Consulting Certification Authority" (verified OK)) by mail.ihtfp.org (Postfix) with ESMTP id 81FC1BD8441; Tue, 11 Aug 2009 15:49:35 -0400 (EDT)
Received: (from warlord@localhost) by pgpdev.ihtfp.org (8.14.3/8.14.2/Submit) id n7BJnWQ8022146; Tue, 11 Aug 2009 15:49:32 -0400
To: iesg@ietf.org, secdir@ietf.org
From: Derek Atkins <derek@ihtfp.com>
Date: Tue, 11 Aug 2009 15:49:32 -0400
Message-ID: <sjm63cuqgfn.fsf@pgpdev.ihtfp.org>
User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.3 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Cc: pkix-chairs@tools.ietf.org, SChokhani@cygnacom.com
Subject: [secdir] sec-dir review of draft-ietf-pkix-authorityclearanceconstraints-02.txt
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Aug 2009 20:53:24 -0000

I have reviewed this document as part of the security directorate's 
ongoing effort to review all IETF documents being processed by the 
IESG.  These comments were written primarily for the benefit of the 
security area directors.  Document editors and WG chairs should treat 
these comments just like any other last call comments.

   This document defines the syntax and semantics for the Clearance 
   attribute and the Authority Clearance Constraints extension in X.509 
   certificates.  The Clearance attribute is used to indicate the 
   clearance held by the subject.  The Clearance attribute may appear in 
   the subject directory attributes extension of a public key 
   certificate or in the attributes field of an attribute certificate.  
   The Authority Clearance Constraints certificate extension values in a 
   Trust Anchor (TA), CA public key certificates, and an Attribute 
   Authority (AA) public key certificate in a public key certification 
   path constrain the effective Clearance of the subject.   

As with all certificate attributes (in particular constraints), it's
always a question of when to use them and what to do when the
attribute doesn't exist.  In this case the mere presence of an
attribute could release classified information, but luckily this is
briefly mentioned in the Security Considerations section.

-derek

-- 
       Derek Atkins                 617-623-3745
       derek@ihtfp.com             www.ihtfp.com
       Computer and Internet Security Consultant