IETF Logo Mail Archive

Re: [lamps] Paul Wouters' Discuss on draft-ietf-lamps-cmp-updates-21: (with DISCUSS and COMMENT)

"Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com> Fri, 24 June 2022 09:18 UTC

Return-Path: <hendrik.brockhaus@siemens.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78A33C14CF0E; Fri, 24 Jun 2022 02:18:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.105
X-Spam-Level:
X-Spam-Status: No, score=-7.105 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=siemens.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WuvEGtfShZq6; Fri, 24 Jun 2022 02:18:31 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-eopbgr70070.outbound.protection.outlook.com [40.107.7.70]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EB00CC14CF00; Fri, 24 Jun 2022 02:18:28 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=l+z+cew/N5MoLefs5JYQYhoVdeU8OFcq+Bxx/eCFo35/Kab/ap3s/lgu/nQ7Obl8jcqvQxBtB6Qae3V27B+sfBS1ZOnquWrR5vpK1ubBMsZ42RvkVqaaQ1VzwSBJCODL1Dcoia6FTPFKJdzCKlpc1AvRCexzBF2mOJzQsz5zbREK9ukSRafljjrs3vFogoPYYaW4NRDs25nxZNEo52w9TKmBOTQdsc6bVTL+IzHBTflDQD5LSC4EGHnrgHWm79l/FEL0onQ4m0B1j1QJtwR0d3q+9OAzb/MU7EqlglHSn+/tw4Qdef/ehSI2OYGQOXuf5+Jcbp/lAtoLfdKrzNgsmw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=I5f29J36qZ+KLu4V/Y4zeKWNHgbl8QGS03gZxcByCl0=; b=cir3PrP25yXv4X/Fm22hxocPxQ546PVi5sS6G68NQO7Oy3ugUQoOmpQfx3Norcj7+7OGcSeqyyj951JscenbO/5ouHWiymOxJNLYXUEZS19o3SU35tr6aKnGBosFykTiAZ4O7x94HPhM+7RLmO211Lw71cfU70jqW5hTxAIg7RYwcYBWwoQch7PcoLNvCja3XmZ7iovI2KtCAwuaNIbEoyQg4lADG2Tkf0WPinjSg46AY+Kn7XwwwSMuY9H4kQcuZFacog64uG5JkGo7yhEkijGJKUbp++mMSvZUNxJOeq+nduVXGNLPwHfoP+OXtADBuu8PJSebOBfAnoKAC+AG0Q==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=siemens.com; dmarc=pass action=none header.from=siemens.com; dkim=pass header.d=siemens.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=siemens.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=I5f29J36qZ+KLu4V/Y4zeKWNHgbl8QGS03gZxcByCl0=; b=ZGpY6WRfqPqi4kWO0gb+shfyEjEm2t22Pe4PTZHcfzWrz1jDevfNQkci9kswCCvJsPWtuuhxeviPwgG+uiy8b8rSNWqPJQ0wu73X4InaY89zB20iEVsHoKKCC82ds0+TPXcjQm4lHGxvuWWdEOnxn0qSdtElcrhNk3OU+Z7eFRAnPxoL0qb7tF6IKqMOJcDu7vFz2exfeL1bBSFDEvWMnJ47H1IDHvZrBc6IQ7ACQE04tLzNgsogJ6rzbNHa0ZE9Ru+fP8Dr+DFc8Pf/oRstyGCn75jzoP1bwroYAeNTps0afD+fKGdcYocLT0CcAZZn6NgJi/TrP5HEMyvF6VJqoQ==
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:150:7d::8) by PAXPR10MB4980.EURPRD10.PROD.OUTLOOK.COM (2603:10a6:102:207::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5373.17; Fri, 24 Jun 2022 09:18:18 +0000
Received: from GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::d8ef:359c:76d1:8dc1]) by GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM ([fe80::d8ef:359c:76d1:8dc1%5]) with mapi id 15.20.5353.016; Fri, 24 Jun 2022 09:18:18 +0000
From: "Brockhaus, Hendrik" <hendrik.brockhaus@siemens.com>
To: Tomas Gustavsson <Tomas.Gustavsson@keyfactor.com>, Paul Wouters <paul.wouters@aiven.io>, Carl Wallace <carl@redhoundsoftware.com>
CC: "draft-ietf-lamps-cmp-updates@ietf.org" <draft-ietf-lamps-cmp-updates@ietf.org>, "lamps-chairs@ietf.org" <lamps-chairs@ietf.org>, "spasm@ietf.org" <spasm@ietf.org>, "housley@vigilsec.com" <housley@vigilsec.com>
Thread-Topic: Paul Wouters' Discuss on draft-ietf-lamps-cmp-updates-21: (with DISCUSS and COMMENT)
Thread-Index: AQHYfPnjzDEKO2coT0qkWxzM01uaJK1c9HCwgACFAYCAAKnZ8IAALkEAgAAIPPA=
Date: Fri, 24 Jun 2022 09:18:18 +0000
Message-ID: <GV2PR10MB6210A06E4A75EB19C7B5C60FFEB49@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM>
References: <165488656549.33195.4087333678068665768@ietfa.amsl.com> <GV2PR10MB6210808831831E3E5110C9C9FEB59@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM> <CAGL5yWa=gcCcfpd9zEp6oZv0W_-P8Ze65VCW3Mw8aGH7MT0g-Q@mail.gmail.com> <GV2PR10MB62100E94B687A840DDA5E8CCFEB49@GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM> <DU0PR03MB8696FA97410775D2CAEA7D4486B49@DU0PR03MB8696.eurprd03.prod.outlook.com>
In-Reply-To: <DU0PR03MB8696FA97410775D2CAEA7D4486B49@DU0PR03MB8696.eurprd03.prod.outlook.com>
Accept-Language: de-DE, en-US
Content-Language: de-DE
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
msip_labels: MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Enabled=true; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SetDate=2022-06-24T09:18:17Z; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Method=Standard; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_Name=restricted-default; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_SiteId=38ae3bcd-9579-4fd4-adda-b42e1495d55a; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ActionId=09416d78-7b63-4398-bf9e-12d04a43490c; MSIP_Label_a59b6cd5-d141-4a33-8bf1-0ca04484304f_ContentBits=0
document_confidentiality: Restricted
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=siemens.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 7c534557-7c4c-4c99-ed9c-08da55c27a20
x-ms-traffictypediagnostic: PAXPR10MB4980:EE_
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: cK1fQEeL3HepTT6jEmw26NYmU4AFbmAFjsRZilgIweVv4LKVHq9zGaQ2kxLvZYGdfQihAaoBQCgfWaRJ+PxiISDWVyqerVipjQ76yDMoTFQOBxG8MdcdGo7KrWjBCDSdsfHac7LqOyBYHIrq22mWC+yem2BIoy8vd1kG8dDzbxtbt+zOm7e+w7kVrFk4NjgZkclur+PmBRbt/qjC5wj8ZnC+wTbXqFFw3gw7dy5Jnjg10926pwhzdKGrBrG232F0mzizEvN6gjAnWKT3s2As9KpL1Mfv07bgWTQHyUgY42D9CjnoX5v3euEJh36glLNDVE4o2qEyMOjTSE3ikWqjFWCmfsDKL0T6flB6YIksGL6igm3BNTUlyyXnshYzusuoq8kT3EA6QsjkNoTsxa32gVQ/P7TuQJ2BFW02q1H2URlsYduwqj1erUTYzEs20BvuHkc4JTUlosnBiobpT4+LgajzIXqb+C3RhjWEulZWnYdVe4SMD4VuAEPj88HDyaLjXcB7rq60dUpYFU4SH+5km1uhOoyTqEsWY9e58ZutDe3lzvpZNO/uvheg22hUj0Z+t8jNl3/NPduS4ZkkHf9RXsXDPlxzXmSjQiOOZ81MP7jJExFvBDK/uE0NF1GXLCnsB2eIqKBKZXpI5bzMglaJCO0DVLdKPRQbXU1brlt2HeuuMve/pEuZce0zK/GAYuEMNq6t6N/StK/TXwoFIvC6cuBAx/bOjK/jywn9d0WinsbG3W1ThoEqFvlNmF7o2IJ+SOo/51uhpkdLsjPirBYvr3RkVtu9HSpvJqnu7khfAjg=
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(4636009)(396003)(39860400002)(136003)(366004)(376002)(346002)(110136005)(52536014)(55016003)(316002)(33656002)(8936002)(54906003)(41300700001)(86362001)(5660300002)(186003)(71200400001)(26005)(9686003)(66574015)(66476007)(66946007)(64756008)(76116006)(66446008)(8676002)(4326008)(30864003)(83380400001)(7696005)(38100700002)(478600001)(6506007)(122000001)(38070700005)(66556008)(82960400001)(2906002)(15650500001)(53546011); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qA3bqZfbsNojn2oko9RmZr5+tcOaaLdlQYFvUORTeWQmklfXSmpPJ1/bjgUDfyzzPLaC9pyo5Nsu1Wnc9wzfVS1yYiLWG6mDdHRqzCz9QFywbEritdr74ZAXMM0rfx7markXckfNjUBd+T0O7sjcIJrlSuUYQ8kYUfkkUOofRuaraYw/7VCIBwX6feTqvpM3d+QU/MaUiK78bx6rLndH4DC9+/AOK8tYo0W5iIioFmWeI879yPqWeF6xnrCw+nYg9Ui/5yCOBiXp4n/8VW3EHuvJsj0UR3LMOw9Q0sZbkEYQGVou7N8Or0TSLgehSwYfZ9HQ71Me+R7y6z8uF4dfH61mRKkGm1R0/gl7Kd2souyukuXYtaQ/LDfbYdgyoL25qLHOFcwYP7xhnbSOBqj+VWDM226X6yfDtTQj6EfPcW86+M6ODVuzsZNWT2ZM/H/l0zzZqbOnjTYhOoXMpuPuiJCINq5RMbnyvhUuIi96JcbpbdGgH3Qt0Jh9pFzcM0UgjF5ti32vVPtAv+/WCDVPzHGacrDczgRMFGETk4CqFaydz9Gf2n3AvCv3JhAswfEvdKLTXOav+/jcqDNXpCqvVkmnbqp8PAWRn53i5QWkfcu19dF5s0A472Gj6C8//w9+jWFlqBSFsDD7hpDQBpv6JdIJMj3LkXh/F6aWwWIz3yJk3f85Hkt5haHbmvsT/qBfNCI02y/MrgNbmn3va9RUVv5sA9dwFoyNIZeznT5MSUxOCUSHtdf+yi9c4lgiHT8pFt4Kpc+X1+B8e6Nd4/ccuH+/qZ/h/CwzoIFK/gcP2JDPS51oMMDwVXwoDI1yquAVZeq/1UALHDIigG/XhjsjBqncRDnnM+Vp86tsWgncYP2HO5kdfTxaeaGoVkqMfgOlxLs1ezHB6ixnaeanfzEL8UbtpJtfaoJ3h4Bztxu2ZGsBPtPi5rrTJy2LPoDl4paUcc08Q8BLEVUp3+Wu2Vy4hy0ylaIMuE7EZrPjQ46PLNRbOUkelYAV8sJPIGlrTUMLdi7vkE9xQ6JG2w4B3lgPLrb1eT5NmlDQW6m9f37UnXhIzvLiX0IjFF0yL5dz6yZyhvSSQEjiPTON3DfyagHg4+IhNMmaZ1+QUJzBXJ/vsCNobHCryQMP5dh1xeEOTL4upvEoXAkQlp4Kc6NA1Y05hFvxqYUwp69wdlQTO7Hvo8o8/jCD4MKlhtrnkhYxt+85iGyy/7A8NJZUi0ObU9S8y5Fqp1NtwHtpcb38Mwpwflx4WSSzmpqCLVDoLYmcukpBbpXSebPMYMw2NAymuXnKsKylJoBVIP0KaSXYAicpJVMowwhbDVrd9djGtJhjqXmQoL/qxHaMF8UBfSKEIv28o2E0MF05KBaanv7Dtc9Bm0jXqhJv2MF7Uw63ELEBqmVQxleI6s/vvgiu/ApqjcXcpfJhiRBExDBRZ6UKLu+k+39Fvjst+14BADxgTIjDup9KPPQN4bxs2jfc++jhZyqBGwDHU7U3caLag8SnJ3WKWf9PLb52hyw4Ctalae/SVjFYNiR+nyesLI8LFiLNw+GNFiDfSFVoPXtzul1FR0Ronhw5EPU0isRlsHGpGrD+k7gleGOTbRyOqoXDxfaKZZ1k4g==
Content-Type: multipart/alternative; boundary="_000_GV2PR10MB6210A06E4A75EB19C7B5C60FFEB49GV2PR10MB6210EURP_"
MIME-Version: 1.0
X-OriginatorOrg: siemens.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GV2PR10MB6210.EURPRD10.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-Network-Message-Id: 7c534557-7c4c-4c99-ed9c-08da55c27a20
X-MS-Exchange-CrossTenant-originalarrivaltime: 24 Jun 2022 09:18:18.6716 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 38ae3bcd-9579-4fd4-adda-b42e1495d55a
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: seiKmOnpb65RiD4pWBXuuvtkMBCKyKmi4YEGGnsOdhWStIJedwtzFiB50IhdVxTAz1ykSvpKz6eEnRyykmV/A/BVYTN1VNCcaGksJhTE+Ns=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: PAXPR10MB4980
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/qtu-EZO7hLwrWeMlk4Zjmr4jP7U>
Subject: Re: [lamps] Paul Wouters' Discuss on draft-ietf-lamps-cmp-updates-21: (with DISCUSS and COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jun 2022 09:18:35 -0000

Tomas

Thank you for your feedback.

Initially I wanted to go without any concrete recommendation regarding the validity. I only wanted to point out the an undefined validity is not recommended.
I believe, it is not a CMP protocol issue to specify this max-validity, but it is up to the CA policy to do this.

When Paul asked for a concrete guidance, the only guidance on server certificate validity I am aware of is the CAB Forum BR. And you are right, the recommendations change quite often. As this guidance in not normative text, I can live with it.

I could also completely drop the text on undefined validity regarding certificates containing theses EKUs, including the newly introduced Security Consideration.
@Paul, Carl, what do you prefer?

Hendrik


Von: Tomas Gustavsson <Tomas.Gustavsson@keyfactor.com>
Gesendet: Freitag, 24. Juni 2022 10:38
An: Brockhaus, Hendrik (T CST SEA-DE) <hendrik.brockhaus@siemens.com>; Paul Wouters <paul.wouters@aiven.io>
Cc: draft-ietf-lamps-cmp-updates@ietf.org; lamps-chairs@ietf.org; spasm@ietf.org; housley@vigilsec.com
Betreff: Re: Paul Wouters' Discuss on draft-ietf-lamps-cmp-updates-21: (with DISCUSS and COMMENT)

I would suggest not writing anything about what CA/B forum recommends. It changes way too often and is almost sure to get misinterpreted. CA/B forum currently specify days not years. I don't think it's correct to say that they recommend a specific validity, as the BRs currently specify a hard limit max validity, counted in days.

Cheers,
Tomas

________________________________
From: Spasm <spasm-bounces@ietf.org<mailto:spasm-bounces@ietf.org>> on behalf of Brockhaus, Hendrik <hendrik.brockhaus@siemens.com<mailto:hendrik.brockhaus@siemens.com>>
Sent: Friday, June 24, 2022 9:40:32 AM
To: Paul Wouters <paul.wouters@aiven.io<mailto:paul.wouters@aiven.io>>
Cc: draft-ietf-lamps-cmp-updates@ietf.org<mailto:draft-ietf-lamps-cmp-updates@ietf.org> <draft-ietf-lamps-cmp-updates@ietf.org<mailto:draft-ietf-lamps-cmp-updates@ietf.org>>; lamps-chairs@ietf.org<mailto:lamps-chairs@ietf.org> <lamps-chairs@ietf.org<mailto:lamps-chairs@ietf.org>>; spasm@ietf.org<mailto:spasm@ietf.org> <spasm@ietf.org<mailto:spasm@ietf.org>>; housley@vigilsec.com<mailto:housley@vigilsec.com> <housley@vigilsec.com<mailto:housley@vigilsec.com>>
Subject: Re: [lamps] Paul Wouters' Discuss on draft-ietf-lamps-cmp-updates-21: (with DISCUSS and COMMENT)

CAUTION: External Sender - Be cautious when clicking links or opening attachments. Please email InfoSec@keyfactor.com<mailto:InfoSec@keyfactor.com> with any questions.


Paul



Thank you for your quick response. Please find my comments below.

I only kept the discussion on #1 and #4 in this email.



Hendrik



Von: Paul Wouters <paul.wouters@aiven.io<mailto:paul.wouters@aiven.io>>

On Thu, Jun 23, 2022 at 12:26 PM Brockhaus, Hendrik <hendrik.brockhaus@siemens.com<mailto:hendrik.brockhaus@siemens.com>> wrote:



> #1:

>              This is a
>              very sensitive service and therefore needs specific
>              authorization.  This authorization is with the CA
>              certificate itself.  Alternatively, the CA MAY delegate the
>              authorization by placing the id-kp-cmKGA extended key usage
>              in the certificate used to authenticate the origin of the
>              generated private key or the delegation MAY be determined
>              through local configuration of the end entity.
>
> These two MAYs are related, you MUST do one or the other. The text as it
> can be interpreted to not perform either MAYs.

Also including Carl's comment:
> >
> > [CW] I recognize this is a late comment and that there are no words
> > to borrow in either RFC6402 or RFC6960, but adding a security
> > consideration that highlights the need to authorize certificate
> > requests including these new EKUs (not just id-
> > kp-cmKGA) may be worthwhile. This would mirror the "therefore needs
> > specific authorization" in the above snip but apply to the act of
> > requesting delegation via the EKUs.

I rephrased the sentence and remove the 'or'.

New text:
   This is a
   very sensitive service and therefore needs specific
   authorization.  This authorization is with the CA
   certificate itself.  The CA MAY delegate the
   authorization by placing the id-kp-cmKGA extended key usage
   in the certificate used to authenticate the origin of the
   generated private key. Alternatively, the authorization MAY be determined
   through local configuration of the end entity.



I still dont think this addresses my point. Perhaps if you change "therefor needs specific authorization" to "MUST use specific authorization", then the next two MAY's are clear to be in the "either this or that" case. Following both MAY's as "do not" would then violate the above MUST.



[Hendrik]

Coming back to your original comment:

> These two MAYs are related, you MUST do one or the other. The text as it
> can be interpreted to not perform either MAYs.
Generally, as stated "This authorization is with the CA certificate itself.". That is, a CA implicitly has the key generation authority. Any kind of delegation should be optional. I believe that it is perfectly OK that a CA decides not to delegate this authorization at all and then not to use any of theses alternatives.

Maybe this makes it more clear what I try to say. I also removed the normative language, as I feel it is not required here. The new first sentence should define the CMP KGA sufficiently. The rest is meant to provide further guidance.

New text:

   CMP KGA:  CMP Key Generation Authorities are CAs or are identified by the

             id-kp-cmKGA extended key usage.  The CMP KGA knows the private

             key it generated on behalf of the end entity.  This is a

           very sensitive service and needs specific authorization, which

           by default is with the CA certificate itself.  The CA may delegate its
           authorization by placing the id-kp-cmKGA extended key usage
           in the certificate used to authenticate the origin of the
           generated private key. The authorization may also be determined
           through local configuration of the end entity.



In response to Carl's comment I propose adding a security consideration. This
inserts a new Section after Section 2.24 with the following text. I also propose
adding a sentence regarding validity periods based on the text in #2.

2.25.  Add Section 8.7 - Authorizing requests for certificates with specific EKUs

   The following subsection addresses the security considerations to follow
   when authorizing requests for certificates containing specific EKUs.

   Insert this section after new Section 8.6:

   8.7.  Authorizing requests for certificates with specific EKUs

   When a CA issues a certificate containing extended key usage extensions as
   defined in Section 4.5, this expresses delegation of an authorization that
   originally is only with the CA certificate itself. Such delegation is a very sensitive
   action in a PKI and therefore special care must be taken when approving such
   certificate requests to ensure that only legitimate entities receive a certificate
   containing such an EKU.

   Certificates containing any of the above EKUs SHOULD NOT use the 'indefinite'
   notAfter date 99991231235959Z. Recommendations on server certificate validity
   by CA-Browser Forum may be used as guidance.



Why not MUST NOT?



[Hendrik] OK, we will use the MUST NOT.



Would it make sense to add something like "At the time of writing, the CA-Browser Forum advise is to use XXXXXX".

(although I think it would increase the risk of people not checking to see if that advise has been updated)



[Hendrik] I will add a note saying:

Note: At the time of writing, the CA-Browser Forum advises using a maximum validity of one year for subscriber certificates.



>
> #4
>
>       It MAY
>       include the original PKIMessage from the EE in the generalInfo
>       field of PKIHeader of a nested message (to accommodate, for
>       example, cases in which the CA wishes to check POP or other
>       information on the original EE message).
>
> If a CA wishes to do so, it would REQUIRE this original PKIMessage. Would it
> not be better to say "It MUST include the original PKIMessage" ? It seems also
> generally better to send the originals along with the modification so that the
> next step can (optionally!) authenticate the previous step. Otherwise, there is
> a lot of implied trust that should be modeled in the Security Considerations.

You are right, if the CA wants to check the POP, it is required to provide the
original message in the PKIHeader. Generally speaking, providing the original
message is optional when the POP is set to RAVerified. Using RAVerified", the
respective RA indicates that it already verified the POP.
I rephrased the example to indicate that in case the CA policy requires to again
check the POP at CA level, the original message must be provided in the PKIHeader
by the RA.

New text:
   It MAY
   include the original PKIMessage from the EE in the generalInfo
   field of PKIHeader of a nested message. For example, this is
   REQUIRED to accommodate cases in which the CA wishes to
   check POP or other information on the original EE message.



This still has the same issue. The original PKIMessage is still MAY, which prevents the subsequent REQUIRED from always working.

The text we need should say something like (if I understood you correctly above):  "MUST be included if not RAVerified and otherwise MAY be omitted".



[Hendrik] I think we still have a misunderstanding here. When using RAVerified, id is not mandatory to provide the original message to enable the CA to also verified the POP. It is up to the CA policy to define whether (a) the CA must verify the POP itself, (b) the RA/CA must do this, or (c) only the RA performs this verification.

Therefore, providing the original request is only required if the CA needs to do the validation itself as well.

This is also covered by RFC4211 Section 4 specifying RAVerified.

      raVerified indicates that the RA has performed the POP required on

      the certificate request.  This field is used by an RA when 1) the

      CA is not required to do its own POP verification and 2) the RA

      needs to change the contents of the certReq field.  CRPs MUST

      provide a method for the RA to sign the ProofOfPossession.  A

      requestor MUST NOT set this field and an RA/CA MUST NOT accept a

      ProofOfPossession where the requestor sets this field.



BTW, the sentence we are discussing is the exact text already part of RFC4210 Section 5.1.3.4.

   The original PKIMessage from the EE MAY be

   included in the generalInfo field of PKIHeader (to accommodate, for

   example, cases in which the CA wishes to check POP or other

   information on the original EE message).





>
[...]



So I just have the #1 and #4 as needing a bit more discussion or clarification.



Paul

v2.23.0 | Report a Bug | By Email