[Docs] [txt|pdf|xml] [Tracker] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01

Network Working Group                                       E. Osterweil
Internet-Draft                                             Verisign Labs
Intended status: Informational                                   S. Rose
Expires: May 29, 2015                                      D. Montgomery
                                                       November 25, 2014

        Enterprise Requirements for Secure Email Key Management


   Individuals and organizations have expressed a wish to have the
   ability to send encrypted and/or digitally signed email end-to-end.
   One key obstacle to end-to-end email security is the difficulty in
   discovering, obtaining, and validating email credentials across
   administrative domains.  This document addresses foreseeable adoption
   obstacles for encrypted and digitally signed email in enterprises,
   and outlines requirements.  Some of the requirements below are not
   DANE specific, and all may not be solvable with a DANE solution, but
   are included for completeness and as an attempt to give a holistic
   view of enterprise email security requirements.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on May 29, 2015.

Copyright Notice

   Copyright (c) 2014 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents

Osterweil, et al.         Expires May 29, 2015                  [Page 1]

Internet-Draft  Ent Reqs for Secure Email Key Management   November 2014

   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
   2.  Requirements for Both . . . . . . . . . . . . . . . . . . . .   3
   3.  Requirements for Authorities  . . . . . . . . . . . . . . . .   3
   4.  Requirements for Relying Parties  . . . . . . . . . . . . . .   5
   5.  Other Requirements  . . . . . . . . . . . . . . . . . . . . .   6
   6.  Acknowledgements  . . . . . . . . . . . . . . . . . . . . . .   6
   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
   8.  Security Considerations . . . . . . . . . . . . . . . . . . .   7
   9.  Normative References  . . . . . . . . . . . . . . . . . . . .   7
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   7

1.  Introduction

   The management of security protections for email constituencies can
   vary by organization and by type of organization.  Some organizations
   can have large sets of users with prescribed controls and policies,
   some may have a lot of churn in their users, and there are many other
   ways in which deployments may differ.

   As a result of the variability of deployments, aligning key
   management semantics with the behaviors of email users (and their
   organizations) can be an important differentiator when administrators
   choose a solution in which to invest.  Designs and cryptographic
   protocols that do not fit the requirements of users run the risk that
   deployments may falter and/or may not gain traction.

   This document addresses foreseeable requirements for email in
   enterprises, and attempts to outline them.  This document generally
   categorizes requirements as being relevant to the domain authorities,
   the Relying Parties (RPs), or both.  In the following text, "domain
   authorities" refers to the owners of a given domain, which may not
   necessarily be the operators of the authoritative DNS servers for the
   zone(s) that make up the domain.

Osterweil, et al.         Expires May 29, 2015                  [Page 2]

Internet-Draft  Ent Reqs for Secure Email Key Management   November 2014

1.1.  Requirements Language

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   document are to be interpreted as described in RFC 2119 [RFC2119].

2.  Requirements for Both

   REQ-1  Credentials stored can be either entire credential (i.e. the
       key/certificate) or one-way hash of the credential.

          Intuition and Use Case: This can reduce the size of DNS
          responses.  Some enterprises make use of large certificates or
          large cryptograpic keys.

          Use Case: Some enterprises make use of large certificates or
          large cryptograpic keys.

   REQ-2  The Protocol MUST be able to handle the use of DNS redirection
       via CNAME/DNAME and wildcards.

          Intuition: Managing user domain names may be a different
          cardinality than number of S/MIME certificates.  For example,
          if the domain's users employ the same certificate for both
          digital signature and encryption, a DNAME record enables a
          single Resource Record (RR) for each user.

3.  Requirements for Authorities

   REQ-3  The protocol MUST support incremental rollout of DANE-centric
       cryptographic protections, whereby not all users in an enterprise
       may be cut over to a DANE solution at the same time and MUST be
       backwards compatible

          Intuition: Enterprise operations may wish be able to enroll
          subsets of all of their users in a DANE architecture without
          disrupting existing email cryptographic services for all

          Use Case: This requirement is necessary for when two
          enterprises merge and there will be a migration period as one
          unit transitions its users' credentials to a DANE based
          system.  Another example is in the inital deployment of a DANE
          solution for email, which will likely happen over an extended
          period of time in large enterprises.

Osterweil, et al.         Expires May 29, 2015                  [Page 3]

Internet-Draft  Ent Reqs for Secure Email Key Management   November 2014

   REQ-4  The protocol MUST have the ability to either scope a
       Certification Authority (CA) or local Trust Anchor (TA) in use
       for a given domain.

          Intuition: Enterprises may issue certificates from a local TA
          or global CA and prefer to authorize that certificate in DNS
          (instead of End Entity certificates for every user).

   REQ-5  The protocol SHOULD have the ability to signal that a
       particular security artifact (key or certificate) MUST NOT be
       accepted for a particular function (e.g. encryption or validating
       digital signatures).  The credential is still considered valid
       for some uses, but MUST be rejected for the given function.  Note
       that this requirement would likely rely on the use of the next
       requirement below.

          Intuition: Allows an enterprise to associate key material with
          specific functionality.

          Use Case: An enterprise may have a general office "inbox" that
          has an associated certificate so customers can send encrypted
          email.  However, the same inbox address would never send
          email, so the enterprise would want to signal that the same
          certificate will never be used to send digitally signed email
          and to reject any digital signature associated with the

   REQ-6  The protocol MUST allow for separate management, publication,
       and learning of keys that are used for signing versus encryption.

          Intuition: Separating, scaling, delegating, and general
          management for different keys in different ways and in
          different branches of the DNS allows administrators to manage
          different material in different systems if needed.  This also
          allows for an enterprise to associate credentials/key material
          with specific email functions.

          Use Case: An enterprise may issue separate encrypting and
          signature certificates to each member, and wish to denote
          their usage in the DNS so external email clients can obtain
          and use the correct certificate for a given usage.

   REQ-7  The protocol MUST have the ability to delegate authority for
       user names.

          Intuition: Some enterprises may wish to use a service

Osterweil, et al.         Expires May 29, 2015                  [Page 4]

Internet-Draft  Ent Reqs for Secure Email Key Management   November 2014

   REQ-8  The protocol MUST have the ability to manage keys in different
       ways for different user names.

          Intuition: Not all members of a medium/large enterprise may be
          migrated onto a DANE system overnight, and must operate
          alongside current email key management.  This could include
          users that use a different email security protocol.

          Use Case: This is useful when one enterprise acquires a new
          subsidiary or two enterprises merge.  Until the two email
          systems can be reconciled, both systems must be able to co-
          exist and managed by the same (newly joined) enterprise.

4.  Requirements for Relying Parties

   REQ-9  Key material for DANE-enabled email users MUST be verifiably
       discoverable and learnable using just an email address.

          Intuition: Email addresses are all the RP has, but may point
          to external management systems.

   REQ-10 The protocol SHOULD have the ability to provide opportunistic
       encryption at the user's discretion.

          Intuition: Compliance controls (for example) may mandate the
          encryption of all messages under certain circumstances.

   REQ-11 The protocol MUST support default verification configurations
       (such as enterprise TA or stapling) with user-specific overrides.
       Overrides MUST include specifying specific cryptographic
       information for specific users and disallowing users (either
       specific cryptographic or entirely).

   REQ-12 The protocol MUST be resistant to downgrade attacks targeting
       the DNS response.

          Intuition: If DNSSEC is stripped, the protocol MUST alert the
          user or refuse to send an unencrypted email message.

   REQ-13 The protocol MUST provide separate semantics to discover
       certificates that are used for specific purposes.  For example,
       encryption keys MUST be discoverable separately from signature
       keys.  Possible means includes (but not limited to) naming
       conventions, sub-typing or unique RR types for each use

          Intuition: Not all certificates for a user may be needed (or
          considered valid by policy) for all circumstances.  Fetching

Osterweil, et al.         Expires May 29, 2015                  [Page 5]

Internet-Draft  Ent Reqs for Secure Email Key Management   November 2014

          them separately can be a management, a scaling, or even a
          security concern.

5.  Other Requirements

   The requirements below are enterprise level email requirements that
   may not fit a specific role, or fit multiple roles.  Some of these
   requirements may not be solvable via a DANE solution and may be
   better suited using another method.  They are included here merely to
   document them.

   REQ-14 There MUST be the ability to signal domain wide policies with
       respect to secure email functions.

          Intuition: An enterprise may wish to publish its email
          security policy so clients can determine the security status
          of an email message.

          Use Case: An enterprise has a policy that all email messages
          must be digitally signed.  The enterpise states its policy in
          the DNS so that external recipients can determine if unsigned
          messages represent a security risk or potential phishing

   REQ-15 The protocol SHOULD have the ability to signal that a
       particular email address is not (or no longer) a valid sender for
       the given domain.

          Intuition: Allows for authenticated denial of existence of a
          network identity.

6.  Acknowledgements

   The authors of this draft would like to acknowledge the input,
   discussions and contributions from the members of the IETF DANE
   Working Group mailing list.

7.  IANA Considerations

   This document only discusses requirements for publishing and querying
   for security credentials used in email.  No new IANA actions are
   required in this document, but specifications addressing these
   requirements may have IANA required actions.

   This section should be removed in final publication.

Osterweil, et al.         Expires May 29, 2015                  [Page 6]

Internet-Draft  Ent Reqs for Secure Email Key Management   November 2014

8.  Security Considerations

   The motivation for this document is to outline requirements needed to
   facilitate the secure publication and learning of cryptographic keys
   for email, using DANE semantics.  There are numerous documents that
   more generally address security considerations for email.  By
   contrast, this document is not proposing a protocol or any facilities
   that need to be secured.  Instead, these requirements are intended to
   inform security considerations in follow-on works.

9.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, March 1997.

Authors' Addresses

   Eric Osterweil
   Verisign Labs
   Reston, VA

   Scott Rose
   100 Bureau Dr.
   Gaithersburg, MD  20899

   Email: scottr@nist.gov

   Doug Montgomery
   100 Bureau Dr.
   Gaithersburg, MD  20899

   Email: dougm@nist.gov

Osterweil, et al.         Expires May 29, 2015                  [Page 7]

Html markup produced by rfcmarkup 1.129c, available from https://tools.ietf.org/tools/rfcmarkup/