[stir] Questions about stir-certificates
Martin Thomson <martin.thomson@gmail.com> Tue, 11 July 2017 06:15 UTC
Return-Path: <martin.thomson@gmail.com>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 472EE13144A for <stir@ietfa.amsl.com>; Mon, 10 Jul 2017 23:15:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S5qcDIIq9SUa for <stir@ietfa.amsl.com>; Mon, 10 Jul 2017 23:15:16 -0700 (PDT)
Received: from mail-it0-x22a.google.com (mail-it0-x22a.google.com [IPv6:2607:f8b0:4001:c0b::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4376F131447 for <stir@ietf.org>; Mon, 10 Jul 2017 23:15:16 -0700 (PDT)
Received: by mail-it0-x22a.google.com with SMTP id m84so9662192ita.0 for <stir@ietf.org>; Mon, 10 Jul 2017 23:15:16 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=eqSS244M4nJcCweclTDZf8Y8rbx3YXdeelzxA+vvA1M=; b=AXCoG2d69lfTpjBCCRnBCVXOr9PLhUGNngJZZVeVTmz9iF1xRqElzVdqlGYjBcZCia YJUyou7ei0Zxo3oe7Sk+biqJjteODcpbJ+ZJLNjw7DKkf3OM8sFKP2JRvrRrJe+sS/Mf 2liPCyMujEzcRJudhNYYNdNGGAbEFYqDf43utHGtzEP3uQN0sT0J7lsuWZkWZ+86Y6Ws mJOgGWGdAk3K1NI8lST2a6It/dhwrOXe3m0ZJhmU9HMOnVs5wf/IS/5kqmaKqeNLyvKU va2K5Jyt10k4xHTys9Epcfo8IR3RoMLbV7mjPDBNzd3Ggidt9qfF6ahlwVn6IFcE1b/w D4eQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=eqSS244M4nJcCweclTDZf8Y8rbx3YXdeelzxA+vvA1M=; b=PGwLZVZtkADnoYZQR4uHXv1BoBlrvECBibktw0n8HIQtUFfMN3m3vg2vf4wNrcUdwu 5O1HwH0boyp9LVqQ/Jp5nuArp5o7Emj6zOAkOZg+cnvvz5Qg1GPaKJvTuK0IkQ6cyeZj ZXHJscm1FqVLdtFH5OwEa3u5BT0yyW9jLUG8q9fuhPVV8EY2YONmgHCyGAlEaTlNPwDU XdzRA7RCm49FdRN7gVEI/GFgzmEB5z+RZExHtKOOFhgNi6wG4ZtyPkDXPc/EcsmBQbBQ G02P57MdHKmYd9JEXOVhSCTjy8bAb5R3Z6wCt2UY0B/qI6KTd/kDkRlht4ndyjckO9wW gfFA==
X-Gm-Message-State: AIVw110u5BPpEPaxqozIdjGE81gN8f97Yt1gi+5YqJV9aAHFQiV+R01P vw1gGs937qVBTMYq9huurTevrQYRIHyIW38=
X-Received: by 10.36.110.23 with SMTP id w23mr15658458itc.24.1499753715224; Mon, 10 Jul 2017 23:15:15 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.107.164.26 with HTTP; Mon, 10 Jul 2017 23:15:14 -0700 (PDT)
From: Martin Thomson <martin.thomson@gmail.com>
Date: Tue, 11 Jul 2017 16:15:14 +1000
Message-ID: <CABkgnnX+2OShX6ekdD7ajdqceqy0mbMKRo1nGxe3anmQoB57xA@mail.gmail.com>
To: stir@ietf.org
Content-Type: text/plain; charset="UTF-8"
Archived-At: <https://mailarchive.ietf.org/arch/msg/stir/v757aC-X1DTVP_VoI1r4J3iFbQg>
Subject: [stir] Questions about stir-certificates
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/stir/>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 11 Jul 2017 06:15:18 -0000
In looking at the drafts in ACME, a few questions came up about the structure of the certificate. The current draft describes a single non-critical extension that includes a mix of service provider codes and telephone numbers (both single and ranges). For the ACME drafts, it seems like we have two basic models in mind here: 1. A service provider gains a certificate that is allocated to their code. As I understand it, SHAKEN assumes that this will not be further constrained by telephone numbers, but the basic model allows for this to also list a set of numbers for which the service provider can speak. The certification authority is presumably also similarly constrained, but that might be addressed with provisioning. This is the acme-service-provider draft. 2. An individual gains a certificate for a single telephone number. This is the acme-telephone draft. If I guess the rationale correctly, the reason that telephone numbers don't use an otherName in subjectAltName is that SAN doesn't allow for progressive restriction down the certification path. A certification authority can't issue a name^Wnumber-constrained subordinate using subjectAltName. The new field allows for two different meanings: that the certificate holder can speak for the telephone numbers that are included, and that a certification authority can issue a certificate for those telephone numbers. The first question is whether this delegation makes any sense for service provider codes. A service provider that signs a subordinate (such as an enterprise that operates a PBX) is hardly going to allow that subordinate to use their service provider code. In light of that, it seems like subjectAltName is entirely appropriate place to put a service provider code. Right now, the rules for subordinates are somewhat arbitrary: they apply to numbers, but not service provider codes, yet the two are bundled in the same extension. I really don't think that it's a great design choice to bundle service provider codes with telephone numbers as TNAuthList does currently. It seems arbitrary. I'll concede that this might seem partly an aesthetic objection, but the two are entirely different things with different rules. Given that the authority to sign for a telephone number is most often a consequence of being a particular service provider (and having a valid code) rather than a direct and independent authority. Even if they are retained as a single structure, mixing the two is unnecessary. It would be easier to process if this were structured with the two separate so that consumers can ignore the branch they don't care about, e.g.: TNAuthList ::= SEQUENCE { spc ServiceProviderCode (1..MAX) OPTIONAL, tnSet TNEntry (1..MAX) OPTIONAL } TNEntry ::= CHOICE { range [0] TelephoneNumberRange, one [1] TelephoneNumber } It's also unclear to me whether a certificate that includes AIA for telephone numbers also effectively constrains subordinates to comply with that set. The document doesn't say. On the assumption that it does, what happens when the resource identified in the AIA changes? There's a possibility that changes in the referenced resource could invalidate subordinates. Doesn't this put AIA on the critical path? (Nit: please cite RFC 7230 or RFC 2818 for HTTPS when talking about AIA.) The draft is unclear on how uniqueness is managed for service provider codes, or even if uniqueness is a requirement. Is this a property of the certification path in that a trust anchor will be connected to a particular country prefix (or set thereof), or is there something more concrete? Other questions: How does one add `count` to a number containing "*" or "#"? Does the addition of `count` treat the `start` as an integer? What does a `count` of 0 mean? How do I express that all numbers in the +1 prefix are covered? Assuming ignorance of the NANP, do I need to list "10"+10, "100"+100", "1000"+1000 and every length up to the full 15 digit E.164 number separately? (The NANP is perhaps a bad example, try finding solid information on the numbering plan for +257). Did the working group consider a number prefix in addition to the range, to allow for saying "+1..." as a single rule? I know many places that this would be sufficient, even though I know that prefixes are - in general - not sufficient. Why does JWTClaimName use IA5String rather than UTF8String? If you need constraints on valid characters, prose is a better choice. RFC 7519 permits any Unicode string by not constraining the format of the name.
- [stir] Questions about stir-certificates Martin Thomson
- Re: [stir] Questions about stir-certificates Peterson, Jon
- Re: [stir] Questions about stir-certificates Chris Wendt
- Re: [stir] Questions about stir-certificates David Bryan
- Re: [stir] Questions about stir-certificates Martin Thomson
- Re: [stir] Questions about stir-certificates Gorman, Pierce A [CTO]
- Re: [stir] Questions about stir-certificates Gorman, Pierce A [CTO]
- Re: [stir] Questions about stir-certificates David Bryan
- Re: [stir] Questions about stir-certificates Paul Kyzivat
- Re: [stir] Questions about stir-certificates Gorman, Pierce A [CTO]
- Re: [stir] Questions about stir-certificates Paul Kyzivat
- Re: [stir] Questions about stir-certificates Richard Shockey
- Re: [stir] Questions about stir-certificates Chris Wendt
- Re: [stir] Questions about stir-certificates Paul Kyzivat
- Re: [stir] Questions about stir-certificates Richard Shockey
- Re: [stir] Questions about stir-certificates Gorman, Pierce A [CTO]
- Re: [stir] Questions about stir-certificates Richard Shockey
- Re: [stir] Questions about stir-certificates Paul Kyzivat
- Re: [stir] Questions about stir-certificates Sean Turner
- Re: [stir] Questions about stir-certificates Martin Thomson
- Re: [stir] Questions about stir-certificates Paul Kyzivat
- Re: [stir] Questions about stir-certificates Martin Thomson
- Re: [stir] Questions about stir-certificates Paul Kyzivat
- Re: [stir] Questions about stir-certificates Sean Turner
- Re: [stir] Questions about stir-certificates Sean Turner
- Re: [stir] Questions about stir-certificates Martin Thomson
- Re: [stir] Questions about stir-certificates Sean Turner
- Re: [stir] Questions about stir-certificates Keith Drage