draft-ietf-sip-eku-02.txt   draft-ietf-sip-eku-03.txt 
SIP WG S. Lawrence SIP WG S. Lawrence
Internet-Draft Bluesocket Inc. Internet-Draft Nortel Networks, Inc.
Updates: 3261 (if approved) V. Gurbani Intended status: Standards Track V. Gurbani
Intended status: Standards Track Bell Laboratories, Alcatel-Lucent Expires: April 9, 2009 Bell Laboratories, Alcatel-Lucent
Expires: January 12, 2009 July 11, 2008 October 06, 2008
Using Extended Key Usage (EKU) for Session Initiation Protocol (SIP) Using Extended Key Usage (EKU) for Session Initiation Protocol (SIP)
X.509 Certificates X.509 Certificates
draft-ietf-sip-eku-02 draft-ietf-sip-eku-03
Status of this Memo Status of this Memo
By submitting this Internet-Draft, each author represents that any By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79. aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that Task Force (IETF), its areas, and its working groups. Note that
skipping to change at page 1, line 36 skipping to change at page 1, line 36
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt. http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
This Internet-Draft will expire on January 12, 2009. This Internet-Draft will expire on April 9, 2009.
Copyright Notice Copyright Notice
Copyright (C) The IETF Trust (2008). Copyright (C) The IETF Trust (2008).
Abstract Abstract
This memo documents an extended key usage (EKU) X.509 certificate This memo documents an extended key usage (EKU) X.509 certificate
extension for identifying the holder of a certificate as extension for identifying the holder of a certificate as
authoritative for a Session Initiation Protocol (SIP) service in the authoritative for a Session Initiation Protocol (SIP) service in the
skipping to change at page 2, line 14 skipping to change at page 2, line 14
Table of Contents Table of Contents
1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Key Words . . . . . . . . . . . . . . . . . . . . . . . . 3 1.1. Key Words . . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Abstract syntax notation . . . . . . . . . . . . . . . . . 3 1.2. Abstract syntax notation . . . . . . . . . . . . . . . . . 3
2. Problem statement . . . . . . . . . . . . . . . . . . . . . . 3 2. Problem statement . . . . . . . . . . . . . . . . . . . . . . 3
3. Restricting usage to SIP . . . . . . . . . . . . . . . . . . . 4 3. Restricting usage to SIP . . . . . . . . . . . . . . . . . . . 4
3.1. Extended Key Usage values for SIP domains . . . . . . . . 4 3.1. Extended Key Usage values for SIP domains . . . . . . . . 4
4. Using the SIP EKU in a certificate . . . . . . . . . . . . . . 5 4. Using the SIP EKU in a certificate . . . . . . . . . . . . . . 5
5. Guidelines for a Certification Authority . . . . . . . . . . . 6 5. Implications for a Certification Authority . . . . . . . . . . 6
6. Security Considerations . . . . . . . . . . . . . . . . . . . 6 6. Security Considerations . . . . . . . . . . . . . . . . . . . 6
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 6
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 7 8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 6
9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 7
9.1. Normative References . . . . . . . . . . . . . . . . . . . 7 9.1. Normative References . . . . . . . . . . . . . . . . . . . 7
9.2. Informative References . . . . . . . . . . . . . . . . . . 8 9.2. Informative References . . . . . . . . . . . . . . . . . . 7
Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 8 Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 8
Intellectual Property and Copyright Statements . . . . . . . . . . 10 Intellectual Property and Copyright Statements . . . . . . . . . . 10
1. Terminology 1. Terminology
1.1. Key Words 1.1. Key Words
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [1]. document are to be interpreted as described in RFC 2119 [1].
1.2. Abstract syntax notation 1.2. Abstract syntax notation
All X.509 certificate X.509 [4] extensions are defined using ASN.1 All X.509 certificate X.509 [4] extensions are defined using ASN.1
X.680 [5], X.690 [6]. X.680 [5], X.690 [6].
2. Problem statement 2. Problem statement
Consider the SIP [2] trapezoid shown in Figure 1. Consider the SIP RFC 3261 [2] trapezoid shown in Figure 1.
Proxy-A.example.com Proxy-B.example.net Proxy-A.example.com Proxy-B.example.net
+-------+ +-------+ +-------+ +-------+
| Proxy |--------------------| Proxy | | Proxy |--------------------| Proxy |
+----+--+ +---+---+ +----+--+ +---+---+
| | | |
| | | |
| | | |
| +---+ | +---+
0---0 | | 0---0 | |
/-\ |___| /-\ |___|
+---+ / / +---+ / /
+----+ +----+
alice@example.com bob@example.net alice@example.com bob@example.net
Figure 1: SIP Trapezoid Figure 1: SIP Trapezoid
An user, alice@example.com, invites bob@example.net for a multimedia Assume that alice@example.com creates an INVITE for bob@example.net;
communication session. Her user agent routes the request to a proxy, her user agent routes the request to some proxy in her domain,
in her domain. Assume also that example.com is a large organization example.com. Suppose also that example.com is a large organization
that maintains several SIP proxies, and normal request forwarding that maintains several SIP proxies, and her INVITE arrived at an
rules cause her invitation to be sent to an outbound proxy, Proxy- outbound proxy Proxy-A.example.com. In order to route the request
A.example.com. This proxy uses RFC 3263 [7] resolution to discover onward, Proxy-A uses RFC 3263 [7] resolution and finds that Proxy-
that Proxy-B.example.net offers TLS support and can accept the B.example.net is a valid proxy for example.net that uses TLS. Proxy-
request on behalf of the example.net domain. Proxy-A establishes a A.example.com requests a TLS connection to Proxy-B.example.net, and
TLS connection to Proxy-B, each proxy presents a X.509 certificate to in the TLS handshake each presents a certificate to authenticate that
authenticate and protect the confidentiality of the connection. This connection. The validation of these certificates by each proxy to
is the basic mututal authentication model explored in depth in [8]. determine whether or not their peer is authoritative for the
appropriate SIP domain is defined in Domain Certificates in the
However, there arise certain cases where one SIP proxy needs to know Session Initiation Protocol (SIP) [8].
whether it has reached an authoritative proxy in target SIP domain.
For instance, billing transactions may be triggered when an
authoritative SIP proxy in one domain sends messages to its
equivalent in another domain. In Figure 1, Proxy-A.example.com
performs certain DNS queries to arrive at Proxy-B.example.net.
Because of the answers to the DNS queries, Proxy-A has a certain
expectation that Proxy-B is a valid proxy in the example.net domain
and is authorized to receive inbound requests targeted to that
domain.
The problem for Proxy-B is different: it accepts a connection from a A SIP domain name is frequently textually identical to the same DNS
specific host (Proxy-A.example.com) but what it needs to determine is name used for other purposes. For example, the DNS name example.com
whether or not that connection can be treated as coming can serve as a SIP domain name, an email domain name, and a web
authoritatively from a particular SIP domain. If Proxy-B receives a service name. Since these different services within a single
certificate tha only contains the identity "sip:Proxy-A.example.com", organization might be administered independently and hosted
it is unable to make a determination that Proxy-A is authorized to separately, it is desirable that a certificate be able to bind the
act as a SIP outbound proxy for the example.com domain (note that DNS name to its usage as a SIP domain name without creating the
example.com domain may use different inbound proxies, so SIP DNS implication that the entity presenting the certificate is also
resolution of "sip:example.com" may not lead to "Proxy- authoritative for some other purpose. A mechanism is needed to allow
A.example.com".) Certificate usage in SIP cannot require that every the certificate issued to a proxy to be restricted such that the
outbound proxy for a domain also serve as its inbound proxy. Thus, subject name(s) it contains are valid only for use in SIP. In our
there is a need for an extra attribute that allows an inbound proxy example, Proxy-B possesses a certificate making it authoritative as a
to know that its peer is an authorized proxy for that domain. This SIP server for the domain example.net; furthermore, it has a policy
document discusses such an attribute as part of the X.509 certificate that requires the client's SIP domain be authenticated through a
exchanged by the proxies when a TLS connection is first established. similar certificate. Proxy-A is authoritative as a SIP server for
the domain example.com; when Proxy-A makes a TLS connection to
Proxy-B, the latter accepts the connection based on its policy.
3. Restricting usage to SIP 3. Restricting usage to SIP
This memo defines a certificate profile for binding a SIP domain name This memo defines a certificate profile for restricting the usage of
to an entity. A SIP domain name is frequently textually identical to a domain name binding to usage as a SIP domain name. RFC 5280 [3]
the same DNS name used for other purposes. For example, the DNS name Section 4.2.1.12 defines a mechanism for this purpose: an "Extended
example.com may serve as a SIP domain name, an email domain name, and Key Usage" (EKU) attribute, where the purpose of the EKU extension is
web service name. Since these different services within a single described as:
organization might be administered independently and hosted
separately, it should be possible to create a certificate that binds "If the extension is present, then the certificate MUST only be
the DNS name to its usage as a SIP domain name without creating the used for one of the purposes indicated. If multiple purposes are
implication that the usage is also valid for some other purpose. indicated the application need not recognize all purposes
RFC5280 [3] section 4.2.1.12 defines a mechanism for this purpose: indicated, as long as the intended purpose is present.
an "Extended Key Usage" attribute. Certificates whose purpose is to Certificate using applications MAY require that the extended key
bind a SIP domain identity without binding other non-SIP identities usage extension be present and that a particular purpose be
MUST include an id-kp-SIPdomain attribute. indicated in order for the certificate to be acceptable to that
application."
A certificate whose purpose is to bind a SIP domain identity without
binding other non-SIP identities MUST include an id-kp-SIPdomain
attribute in the Extended Key Usage extension value (see
Section 3.1).
3.1. Extended Key Usage values for SIP domains 3.1. Extended Key Usage values for SIP domains
RFC 5280 [3] specifies the EKU X.509 certificate Extension for use in RFC 5280 [3] specifies the EKU X.509 certificate Extension for use in
the Internet. The extension indicates one or more purposes for which the Internet. The extension indicates one or more purposes for which
the certified public key may be used. The EKU extension can be used the certified public key is valid. The EKU extension can be used in
in conjunction with the key usage extension, which indicates how the conjunction with the key usage extension, which indicates how the
public key in the certificate may be used, in a more basic public key in the certificate may be used, in a more basic
cryptographic way. cryptographic way.
The EKU extension syntax is repeated here for convenience: The EKU extension syntax is repeated here for convenience:
ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId ExtKeyUsageSyntax ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
KeyPurposeId ::= OBJECT IDENTIFIER KeyPurposeId ::= OBJECT IDENTIFIER
This specification defines the KeyPurposeId id-kp-sipDomain. This specification defines the KeyPurposeId id-kp-sipDomain.
Inclusion of this KeyPurposeId in a certificate indicates that the
use of any Subject names in the certificate is restricted to use by a
SIP service (along with any usages allowed by other EKU values).
id-kp OBJECT IDENTIFIER ::= id-kp OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) 3 } security(5) mechanisms(5) pkix(7) 3 }
id-kp-sipDomain OBJECT IDENTIFIER ::= { id-kp VALUE-TBD } id-kp-sipDomain OBJECT IDENTIFIER ::= { id-kp 20 }
Inclusion of this KeyPurposeId in a certificate indicates that any
DNS subject names in the certificate are intended to identify the
holder as authoritative for a SIP service in the domain named by the
subjectAltName values. Whether or not to include this restriction is
up to the certificate issuer, but if it is included, it SHOULD be
marked as critical.
This is so that implementations that understand this extension
will honor it while those that do not are not impeded by its
presence.
See Section 4 for how the presence of an id-kp-sipDomain value
affects the interpretation of the certificate.
4. Using the SIP EKU in a certificate 4. Using the SIP EKU in a certificate
Section 7.1 of [8] contains two steps for finding an identity (or a Section 7.1 of Domain Certificates in the Session Initiation Protocol
set of identities) in an X.509 certificate. In order to determine [8] contains the steps for finding an identity (or a set of
whether the SIP entity presenting the certificate is authoritative identities) in an X.509 certificate for SIP. In order to determine
for its domain, implementations MUST perform the step given below whether the usage of a certificate is restricted, implementations
first, and then proceed with the steps in Section 7.1 of [8]. MUST perform the step given below as a part of the certificate
validation:
The Extended Key Usage value(s), if any, MUST be examined to The Extended Key Usage value(s), if any, MUST be examined:
determine whether or not the certificate is valid for use in SIP
(note that in the steps below, we assume that the certificate is
otherwise valid following the checks in RFC5280 [3]):
o If the certificate does not contain any EKU values (the Extended o If the certificate does not contain any EKU values (the Extended
Key Usage extension does not exist), it is a matter of local Key Usage extension does not exist), it is a matter of local
policy whether or not to accept the certificate for use as a SIP policy whether or not to accept the certificate for use as a SIP
certificate. certificate.
o If the certificate contains the id-kp-sipDomain EKU extension, o If the certificate contains the id-kp-sipDomain EKU extension,
then the certificate MUST be acceptable as valid for use as a SIP then the certificate MUST be accepted as valid for use as a SIP
certificate. certificate.
o If the certificate does not contain the id-kp-sipDomain EKU value, o If the certificate does not contain the id-kp-sipDomain EKU value,
but does contain the id-kp-anyExtendedKeyUsage EKU value, it is a but does contain the id-kp-anyExtendedKeyUsage EKU value, it is a
matter of local policy whether or not to accept it for use as a matter of local policy whether or not to accept it for use as a
SIP certificate. SIP certificate.
o If the certificate does not contain the id-kp-sipDomain EKU value, o If the certificate does not contain the id-kp-sipDomain EKU value,
but does contain either the id-kp-serverAuth or id-kp-clientAuth but does contain either the id-kp-serverAuth or id-kp-clientAuth
EKU values, it is a matter of local policy whether or not to EKU values, it is a matter of local policy whether or not to
accept it for use as a SIP certificate. accept it for use as a SIP certificate.
id-kp-serverAuth and id-kp-clientAuth EKU values are defined in id-kp-serverAuth and id-kp-clientAuth EKU values are defined in
Section 4.2.1.12 of RFC 5280 [3]. Section 4.2.1.12 of RFC 5280 [3].
o If EKU extension exists but does not contain any of the id-kp- o If EKU extension exists but does not contain any of the id-kp-
sipDomain, id-kp-anyExtendedKeyUsage, id-kp-serverAuth, or id-kp- sipDomain, id-kp-anyExtendedKeyUsage, id-kp-serverAuth, or id-kp-
clientAuth EKU values, then the certificate MUST NOT be considered clientAuth EKU values, then the certificate MUST NOT be accepted
acceptable as being authoritative for the domain portion of the as valid for use as a SIP certificate.
SIP domain identities contained in the certificate.
The term "SIP domain identity" is defined in RFC XXXX [8].
5. Guidelines for a Certification Authority 5. Implications for a Certification Authority
The procedures and practices employed by the certification authority The procedures and practices employed by a certification authority
MUST ensure that the correct values for the EKU extension and MUST ensure that the correct values for the EKU extension and
subjectAltName are inserted in each certificate that is issued. For subjectAltName are inserted in each certificate that is issued. For
certificates that indicate authority over a SIP domain, but not over certificates that indicate authority over a SIP domain, but not over
services other than SIP, certificate authorities SHOULD include the services other than SIP, certificate authorities MUST include the id-
id-kp-sipDomain EKU extension. kp-sipDomain EKU extension.
6. Security Considerations 6. Security Considerations
This memo defines an EKU X.509 certificate extension that enables the This memo defines an EKU X.509 certificate extension that restricts
holder of a certificate to be authoritative for a SIP service the the usage of a certificate to a SIP service belonging to an
belonging to an autonomous domain. Relying parties may execute autonomous domain. Relying parties may execute applicable policies
applicable policies (such as those related to billing) on receiving a (such as those related to billing) on receiving a certificate with
certificate with the id-kp-sipDomain EKU value. An id-kp-sipDomain the id-kp-sipDomain EKU value. An id-kp-sipDomain EKU value does not
EKU value does not introduce any new security or privacy concerns. introduce any new security or privacy concerns.
At the very most, it simply allows the relying party to know that the
holder of the certificate is authoritative for the SIP service in a
certain domain. In the absence of the id-kp-sipDomain EKU value,
this information can be collected over time by a peer in any case.
7. IANA Considerations 7. IANA Considerations
The id-kp-sipDomain purpose requires an object idenitifier (OID). The id-kp-sipDomain purpose requires an object identifier (OID). The
The objects are defined in an arc delegated by IANA to the PKIX objects are defined in an arc delegated by IANA to the PKIX working
working group. No further action is necessary by IANA. group. No further action is necessary by IANA.
8. Acknowledgments 8. Acknowledgments
The following IETF contributors provided substantive input to this The following IETF contributors provided substantive input to this
document: Jeroen van Bemmel, Michael Hammer, Cullen Jennings, Paul document: Jeroen van Bemmel, Michael Hammer, Cullen Jennings, Paul
Kyzivat, Derek MacDonald, Dave Oran, Jon Peterson, Eric Rescorla, Kyzivat, Derek MacDonald, Dave Oran, Jon Peterson, Eric Rescorla,
Jonathan Rosenberg, Russ Housley, and Stephen Kent. Jonathan Rosenberg, Russ Housley, Paul Hoffman, and Stephen Kent.
Sharon Boyen and Trevor Freeman reviewed the document and facilitated Sharon Boyen and Trevor Freeman reviewed the document and facilitated
the discussion on id-kp-anyExtendedKeyUsage, id-kpServerAuth and id- the discussion on id-kp-anyExtendedKeyUsage, id-kpServerAuth and id-
kp-ClientAuth purposes in certificates. kp-ClientAuth purposes in certificates.
9. References 9. References
9.1. Normative References 9.1. Normative References
[1] Bradner, S., "Key words for use in RFCs to Indicate Requirement [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement
skipping to change at page 8, line 20 skipping to change at page 7, line 47
(BER), Canonical Encoding Rules (CER) and Distinguished Encoding (BER), Canonical Encoding Rules (CER) and Distinguished Encoding
Rules (DER)", ITU-T Recommendation X.690, 1994. Rules (DER)", ITU-T Recommendation X.690, 1994.
[7] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol [7] Rosenberg, J. and H. Schulzrinne, "Session Initiation Protocol
(SIP): Location SIP Servers", RFC 3263, June 2002. (SIP): Location SIP Servers", RFC 3263, June 2002.
9.2. Informative References 9.2. Informative References
[8] Gurbani, V., Lawrence, S., and A. Jeffrey, "Domain Certificates [8] Gurbani, V., Lawrence, S., and A. Jeffrey, "Domain Certificates
in the Session Initiation Protocol (SIP)", in the Session Initiation Protocol (SIP)",
draft-ietf-sip-domain-certs-01.txt (work in progress), draft-ietf-sip-domain-certs-03.txt (work in progress),
July 2008. July 2008.
Appendix A. ASN.1 Module Appendix A. ASN.1 Module
SIPDomainCertExtn SIPDomainCertExtn
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-sip-domain-extns2007(VALUE-TBD) } id-mod-sip-domain-extns2007(VALUE-TBD) }
DEFINITIONS IMPLICIT TAGS ::= DEFINITIONS IMPLICIT TAGS ::=
skipping to change at page 9, line 4 skipping to change at page 8, line 32
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) 3 } security(5) mechanisms(5) pkix(7) 3 }
id-aca OBJECT IDENTIFIER ::= id-aca OBJECT IDENTIFIER ::=
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) 10 } security(5) mechanisms(5) pkix(7) 10 }
-- Extended Key Usage Values -- Extended Key Usage Values
id-kp-sipDomain OBJECT IDENTIFIER ::= { id-kp 20 } id-kp-sipDomain OBJECT IDENTIFIER ::= { id-kp 20 }
END END
Authors' Addresses Authors' Addresses
Scott Lawrence Scott Lawrence
Bluesocket Inc. Nortel Networks, Inc.
10 North Ave. 600 Technology Park
Burlington, MA 01803 Billerica, MA 01821
USA USA
Phone: +1 781 229 0533 Phone: +1 978 248 5508
Email: slawrence@bluesocket.com Email: scott.lawrence@nortel.com
Vijay K. Gurbani Vijay K. Gurbani
Bell Laboratories, Alcatel-Lucent Bell Laboratories, Alcatel-Lucent
2701 Lucent Lane 1960 Lucent Lane
Room 9F-546 Room 9C-533
Lisle, IL 60532 Naperville, IL 60566
USA USA
Phone: +1 630 224-0216 Phone: +1 630 224-0216
Email: vkg@alcatel-lucent.com Email: vkg@alcatel-lucent.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The IETF Trust (2008). Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions This document is subject to the rights, licenses and restrictions
 End of changes. 29 change blocks. 
122 lines changed or deleted 101 lines changed or added

This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/