draft-ietf-sip-eku-00.txt   draft-ietf-sip-eku-01.txt 
SIP WG S. Lawrence SIP WG S. Lawrence
Internet-Draft Bluesocket Inc. Internet-Draft Bluesocket Inc.
Updates: 3261 (if approved) V. Gurbani Updates: 3261 (if approved) V. Gurbani
Intended status: Standards Track Bell Laboratories, Alcatel-Lucent Intended status: Standards Track Bell Laboratories, Alcatel-Lucent
Expires: May 11, 2008 November 8, 2007 Expires: August 21, 2008 February 18, 2008
Using Extended Key Usage (EKU) for Session Initiation Protocol (SIP) Using Extended Key Usage (EKU) for Session Initiation Protocol (SIP)
X.509 Certificates X.509 Certificates
draft-ietf-sip-eku-00 draft-ietf-sip-eku-01
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on May 11, 2008. This Internet-Draft will expire on August 21, 2008.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
Abstract Abstract
This memo documents an extended key usage (EKU) X.509 certificate This memo documents an extended key usage (EKU) X.509 certificate
extension for identifying the holder of a certificate as extension for identifying the holder of a certificate as
authoritative for a Session Initiation Protocol (SIP) service in the authoritative for a Session Initiation Protocol (SIP) service in the
domain named by the DNS name in the certificate. domain named by the DNS name in the certificate.
Table of Contents Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Key Words . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Key Words . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Abstract syntax notation . . . . . . . . . . . . . . . . . 3 1.2. Abstract syntax notation . . . . . . . . . . . . . . . . . 3
2. Problem statement . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem statement . . . . . . . . . . . . . . . . . . . . . . 3
3. Restricting usage to SIP . . . . . . . . . . . . . . . . . . . 4 3. Restricting usage to SIP . . . . . . . . . . . . . . . . . . . 4
3.1. Extended Key Usage values for SIP domains . . . . . . . . 4 3.1. Extended Key Usage values for SIP domains . . . . . . . . 4
4. Using the SIP EKU in a certificate . . . . . . . . . . . . . . 5 4. Using the SIP EKU in a certificate . . . . . . . . . . . . . . 5
5. Guidelines for a Certification Authority . . . . . . . . . . . 6 5. Guidelines for a Certification Authority . . . . . . . . . . . 6
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7
8.1. Normative References . . . . . . . . . . . . . . . . . . . 7 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
8.2. Informative References . . . . . . . . . . . . . . . . . . 7 9.1. Normative References . . . . . . . . . . . . . . . . . . . 7
9.2. Informative References . . . . . . . . . . . . . . . . . . 8
Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 8 Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8
Intellectual Property and Copyright Statements . . . . . . . . . . 10 Intellectual Property and Copyright Statements . . . . . . . . . . 10
1. Terminology 1. Terminology
1.1. Key Words 1.1. Key Words
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
skipping to change at page 4, line 5 skipping to change at page 4, line 5
is a valid proxy for example.net that uses TLS. proxyA.example.com is a valid proxy for example.net that uses TLS. proxyA.example.com
requests a TLS connection to proxyB.example.net, and each presents a requests a TLS connection to proxyB.example.net, and each presents a
certificate to authenticate that connection. This is the basic certificate to authenticate that connection. This is the basic
mutual authentication model explored in depth in [8]. mutual authentication model explored in depth in [8].
However, there arise certain cases where one SIP proxy needs to know However, there arise certain cases where one SIP proxy needs to know
whether it has reached an authoritative proxy in target SIP domain. whether it has reached an authoritative proxy in target SIP domain.
For instance, billing transactions may be triggered when an For instance, billing transactions may be triggered when an
authoritative SIP proxy in one domain sends messages to its authoritative SIP proxy in one domain sends messages to its
equivalent in another domain. In Figure 1, proxyA.example.com equivalent in another domain. In Figure 1, proxyA.example.com
performs certain DNS manipulations to arrive at proxyB.example.net. performs certain DNS queries to arrive at proxyB.example.net.
Because of these DNS machinations, proxyA has a certain expectation Because of the answers to the DNS queries, proxyA has a certain
that proxyB is a valid proxy in the example.net domain and is expectation that proxyB is a valid proxy in the example.net domain
authorized to receive inbound requests targeted to that domain. and is authorized to receive inbound requests targeted to that
domain.
However, the problem for proxyB is different; it is presented with a However, the problem for proxyB is different; it is presented with a
connection from a specific host, but what it needs to determine is connection from a specific host, but what it needs to determine is
whether or not that connection can be treated as coming from a whether or not that connection can be treated as coming from a
particular SIP domain. If it receives a certificate that contains particular SIP domain. If it receives a certificate that contains
only the name proxyA.example.com, then it cannot determine that only the name proxyA.example.com, then it cannot determine that
proxyA is authorized to act as a SIP outbound proxy for example.com, proxyA is authorized to act as a SIP outbound proxy for example.com,
because example.com may use different systems for inbound messages so because example.com may use different systems for inbound messages so
SIP DNS resolution of example.com may not lead to proxyA.example.com SIP DNS resolution of example.com may not lead to proxyA.example.com
(if this is the case, proxyB should not reuse this connection if it (if this is the case, proxyB should not reuse this connection if it
skipping to change at page 4, line 32 skipping to change at page 4, line 33
certificate based binding of the SIP domain name to a particular certificate based binding of the SIP domain name to a particular
connection. connection.
Thus, there is a need for an extra attribute that allows a proxy to Thus, there is a need for an extra attribute that allows a proxy to
know that its peer is an authorized proxy for that domain. This memo know that its peer is an authorized proxy for that domain. This memo
discusses such an attribute as part of the X.509 certificate discusses such an attribute as part of the X.509 certificate
exchanged by the proxies when a TLS connection is first established. exchanged by the proxies when a TLS connection is first established.
3. Restricting usage to SIP 3. Restricting usage to SIP
The intent of this draft is to define certificate profile for binding This memo defines a certificate profile for binding a SIP domain name
a SIP domain name to a connection. A SIP domain name is frequently to an entity. A SIP domain name is frequently textually identical to
textually identical to the same DNS name used for other purposes. the same DNS name used for other purposes. For example, the DNS name
For example, the DNS name example.com may serve as a SIP domain name, example.com may serve as a SIP domain name, an email domain name, and
an email domain name, and web service name. Since these different web service name. Since these different services within a single
services within a single organization may well be administered organization might be administered independently and hosted
independently and hosted separately, it should be possible to create separately, it should be possible to create a certificate that binds
a certificate that binds the DNS name to its usage as a SIP domain the DNS name to its usage as a SIP domain name without creating the
name without creating the implication that the usage is also valid implication that the usage is also valid for some other purpose. RFC
for some other purpose. RFC 3280 [3] section 4.2.1.13 defines a 3280 [3] section 4.2.1.13 defines a mechanism for this purpose: an
mechanism for this purpose: an "Extended Key Usage" attribute. "Extended Key Usage" attribute. Certificates whose purpose is to
Certificates whose purpose is to bind a SIP domain identity without bind a SIP domain identity without binding other non-SIP identities
binding other non-SIP identities MUST include an id-kp-SIPdomain MUST include an id-kp-SIPdomain attribute.
attribute.
3.1. Extended Key Usage values for SIP domains 3.1. Extended Key Usage values for SIP domains
RFC 3280 [3] specifies the EKU X.509 certificate Extension for use in RFC 3280 [3] specifies the EKU X.509 certificate Extension for use in
the Internet. The extension indicates one or more purposes for which the Internet. The extension indicates one or more purposes for which
the certified public key may be used. The EKU extension can be used the certified public key may be used. The EKU extension can be used
in conjunction with the key usage extension, which indicates how the in conjunction with the key usage extension, which indicates how the
public key in the certificate may be used, in a more basic public key in the certificate may be used, in a more basic
cryptographic way. cryptographic way.
The EKU extension syntax is repeated here for convenience: The EKU extension syntax is repeated here for convenience:
ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
KeyPurposeId ::= OBJECT IDENTIFIER KeyPurposeId ::= OBJECT IDENTIFIER
This specification defines the KeyPurposeId id-kp-sipDomain. This specification defines the KeyPurposeId id-kp-sipDomain.
Inclusion of this KeyPurposeId in a certificate indicates that any Inclusion of this KeyPurposeId in a certificate indicates that any
DNS Subject names in the certificate are intended to identify the DNS Subject names in the certificate are intended to identify the
holder as authoritative for a SIP service in the domain named by the holder as authoritative for a SIP service in the domain named by the
DNS name(s) in question. Whether or not to include this restriction subjectAltName values. Whether or not to include this restriction is
is up to the certificate issuer, but if it is included, it MUST be up to the certificate issuer, but if it is included, it MUST be
marked as critical so that implementations that do not understand it marked as critical so that implementations that do not understand it
will not accept the certificate for any other purpose. will not accept the certificate for any other purpose.
id-kp OBJECT IDENTIFIER ::= id-kp OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) 3 } security(5) mechanisms(5) pkix(7) 3 }
id-kp-sipDomain OBJECT IDENTIFIER ::= { id-kp VALUE-TBD } id-kp-sipDomain OBJECT IDENTIFIER ::= { id-kp VALUE-TBD }
See Section 4 for how the presence of an id-kp-sipDomain value See Section 4 for how the presence of an id-kp-sipDomain value
affects the interpretation of the certificate. affects the interpretation of the certificate.
4. Using the SIP EKU in a certificate 4. Using the SIP EKU in a certificate
Section 7.1 of [8] contains two steps for finding an identity (or a Section 7.1 of [8] contains two steps for finding an identity (or a
set of identities) in an X.509 certificate. In order to determine set of identities) in an X.509 certificate. In order to determine
whether a SIP proxy is authoritative for its domain, implementations whether a SIP proxy is authoritative for its domain, implementations
MUST perform the step given below first, and then proceed with the MUST perform the step given below first, and then proceed with the
steps in Section 7.1 of [8]. steps in Section 7.1 of [8].
The key usage value(s), if any, MUST be examined to determine whether The Extended Key Usage value(s), if any, MUST be examined to
or not the certificate is valid for use in SIP: determine whether or not the certificate is valid for use in SIP:
o If the certificate contains any EKU extension other than id-kp-
sipDomain, and does not contain the id-kp-sipDomain extension,
then the certificate MUST NOT be accepted as valid for use as a
SIP certificate, and none of the identities it contains are
acceptable for SIP domain authentication.
o If the certificate contains the id-kp-anyExtendedKeyUsage
extension and also contains the id-kp-sipDomain extension, then
the certificate can be used as a SIP certificate. Furthermore, it
can also be used for any other application that the key usage
extension permits.
o If the certificate does not contain any EKU values, it is a matter o If the certificate does not contain any EKU values (the Extended
of local policy whether or not to accept it for use as a SIP Key Usage extension does not exist), it is a matter of local
policy whether or not to accept the certificate for use as a SIP
certificate. certificate.
A summary of the logic flow for peer certificate validation follows: o If the certificate contains the id-kp-sipDomain EKU extension,
then the certificate MUST be accepted as valid for use as a SIP
1. If no EKU extension, apply local policy and accept the
certificate. certificate.
2. If EKU is present and contains id-kp-sipDomain, accept the o If the certificate does not contain the id-kp-sipDomain EKU value,
certificate. but does contain the id-kp-anyExtendedKeyUsage EKU value, it is a
matter of local policy whether or not to accept it for use as a
SIP certificate.
3. If any EKU is present and contains both id-kp-anyExtendedKeyUsage o If the certificate does not contain the id-kp-sipDomain EKU value,
and id-kp-sipDomain, accept the certificate. but does contain either the id-kp-serverAuth or id-kp-clientAuth
EKU values, it is a matter of local policy whether or not to
accept it for use as a SIP certificate.
4. If any EKU is present but does not include id-kp-sipDomain, o If EKU extension exists but does not contain any of the id-kp-
reject the certificate. sipDomain, id-kp-anyExtendedKeyUsage, id-kp-serverAuth, or id-kp-
clientAuth EKU values, then the certificate MUST NOT be accepted
as valid for use as a SIP certificate.
5. Guidelines for a Certification Authority 5. Guidelines for a Certification Authority
The procedures and practices employed by the certification authority The procedures and practices employed by the certification authority
MUST ensure that the correct values for the EKU extension and MUST ensure that the correct values for the EKU extension and
subjectAltName are inserted in each certificate that is issued. For subjectAltName are inserted in each certificate that is issued. For
certificates that indicate authority over a SIP domain, but not over certificates that indicate authority over a SIP domain, but not over
services other than SIP, certificate authorities MUST include the id- services other than SIP, certificate authorities MUST include the id-
kp-sipDomain EKU extension. kp-sipDomain EKU extension.
skipping to change at page 7, line 5 skipping to change at page 6, line 43
holder of a certificate to be authoritative for a SIP service holder of a certificate to be authoritative for a SIP service
belonging to an autonomous domain. Relying parties may execute belonging to an autonomous domain. Relying parties may execute
applicable policies (such as those related to billing) on receiving a applicable policies (such as those related to billing) on receiving a
certificate with the id-kp-sipDomain EKU value. An id-kp-sipDomain certificate with the id-kp-sipDomain EKU value. An id-kp-sipDomain
EKU value does not introduce any new security or privacy concerns. EKU value does not introduce any new security or privacy concerns.
At the very most, it simply allows the relying party to know that the At the very most, it simply allows the relying party to know that the
holder of the certificate is authoritative for the SIP service in a holder of the certificate is authoritative for the SIP service in a
certain domain. In the absence of the id-kp-sipDomain EKU value, certain domain. In the absence of the id-kp-sipDomain EKU value,
this information can be collected over time by a peer in any case. this information can be collected over time by a peer in any case.
7. Acknowledgments 7. IANA Considerations
The id-kp-sipDomain purpose requires an object idenitifier (OID).
The objects are defined in an arc delegated by IANA to the PKIX
working group. No further action is necessary by IANA.
8. Acknowledgments
The following IETF contributors provided substantive input to this The following IETF contributors provided substantive input to this
document: Jeroen van Bemmel, Michael Hammer, Cullen Jennings, Paul document: Jeroen van Bemmel, Michael Hammer, Cullen Jennings, Paul
Kyzivat, Derek MacDonald, Dave Oran, Jon Peterson, Eric Rescorla, Kyzivat, Derek MacDonald, Dave Oran, Jon Peterson, Eric Rescorla,
Jonathan Rosenberg, Russ Housley, and Stephen Kent. Special Jonathan Rosenberg, Russ Housley, and Stephen Kent.
acknowledgement is due to Sharon Boyen for reviewing the document and
pointing out the role of id-kp-anyExtendedKeyUsage in certificates.
8. References Sharon Boyen and Trevor Freeman reviewed the document and facilitated
the discussion on id-kp-anyExtendedKeyUsage, id-kpServerAuth and id-
kp-ClientAuth purposes in certificates.
8.1. Normative References 9. References
9.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", RFC 2119, March 1997. Levels", RFC 2119, March 1997.
[2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., [2] Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A.,
Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP: Peterson, J., Sparks, R., Handley, M., and E. Schooler, "SIP:
Session Initiation Protocol", RFC 3261, June 2002. Session Initiation Protocol", RFC 3261, June 2002.
[3] Housley, R., Polk, W., Ford, W., and D. Solo, "Internet X.509 [3] Housley, R., Polk, W., Ford, W., and D. Solo, "Internet X.509
Public Key Infrastructure Certificate and Certificate Revocation Public Key Infrastructure Certificate and Certificate Revocation
skipping to change at page 7, line 47 skipping to change at page 8, line 5
X.680, July 1994. X.680, July 1994.
[6] International Telecommunications Union, "Information Technology [6] International Telecommunications Union, "Information Technology
- ASN.1 encoding rules: Specification of Basic Encoding Rules - ASN.1 encoding rules: Specification of Basic Encoding Rules
(BER), Canonical Encoding Rules (CER) and Distinguished Encoding (BER), Canonical Encoding Rules (CER) and Distinguished Encoding
Rules (DER)", ITU-T Recommendation X.690, 1994. Rules (DER)", ITU-T Recommendation X.690, 1994.
[7] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol [7] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol
(SIP): Location SIP Servers", RFC 3263, June 2002. (SIP): Location SIP Servers", RFC 3263, June 2002.
8.2. Informative References 9.2. Informative References
[8] Gurbani, V., Lawrence, S., and A. Jeffrey, "Domain Certificates [8] Gurbani, V., Lawrence, S., and A. Jeffrey, "Domain Certificates
in the Session Initiation Protocol (SIP)", in the Session Initiation Protocol (SIP)",
draft-ietf-sip-domain-certs-00.txt (work in progress), draft-ietf-sip-domain-certs-00.txt (work in progress),
November 2007. November 2007.
Appendix A. ASN.1 Module Appendix A. ASN.1 Module
SIPDomainCertExtn SIPDomainCertExtn
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
skipping to change at page 10, line 7 skipping to change at page 10, line 7
2701 Lucent Lane 2701 Lucent Lane
Room 9F-546 Room 9F-546
Lisle, IL 60532 Lisle, IL 60532
USA USA
Phone: +1 630 224-0216 Phone: +1 630 224-0216
Email: vkg@alcatel-lucent.com Email: vkg@alcatel-lucent.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The IETF Trust (2007). Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors contained in BCP 78, and except as set forth therein, the authors
retain all their rights. retain all their rights.
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
 End of changes. 20 change blocks. 
61 lines changed or deleted 64 lines changed or added

This html diff was produced by rfcdiff 1.34. The latest version is available from http://tools.ietf.org/tools/rfcdiff/