draft-ietf-smime-certdist-02.txt   draft-ietf-smime-certdist-03.txt 
Internet Draft Jim Schaad Internet Draft Jim Schaad
draft-ietf-smime-certdist-02.txt Microsoft draft-ietf-smime-certdist-03.txt Microsoft
October 12, 1998 February 25, 1999
Expires in six months Expires in six months
Certificate Distribution Specification Certificate Distribution Specification
Status of this memo Status of this memo
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft and is in full conformance with all
provisions of Section 10 of RFC2026. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference material time. It is inappropriate to use Internet-Drafts as reference material
or to cite them other than as "work in progress." or to cite them other than as "work in progress."
To learn the current status of any Internet-Draft, please check the To learn the current status of any Internet-Draft, please check the
skipping to change at line 35 skipping to change at line 36
ftp.isi.edu (US West Coast). ftp.isi.edu (US West Coast).
Abstract Abstract
Current methods of publishing certificates in directory services are Current methods of publishing certificates in directory services are
restricted to just certificates. This document provides a method of restricted to just certificates. This document provides a method of
publishing certificates with secondary support information such as the publishing certificates with secondary support information such as the
SMimeCapabilities attribute (containing bulk algorithm support) in a SMimeCapabilities attribute (containing bulk algorithm support) in a
way that is both authenticated and bound to a given certificate. way that is both authenticated and bound to a given certificate.
This draft is being discussed on the 'ietf-smime' mailing list. To This draft is being discussed on the "ietf-smime" mailing list. To
join the list, send a message to <ietf-smime-request@imc.org> with the join the list, send a message to <ietf-smime-request@imc.org> with the
single word 'subscribe' in the body of the message. Also, there is a single word "subscribe" in the body of the message. Also, there is a
Web site for the mailing list at <http://www.imc.org/ietf-smime>. Web site for the mailing list at <http://www.imc.org/ietf-smime>.
1. Introduction 1. Introduction
This document discusses a new method of publishing certificates in a This document discusses a new method of publishing certificates in a
directory to provide authenticated attributes as part of the directory to provide authenticated attributes as part of the
certificate publishing process. This allows for the addition of certificate publishing process. This allows for the addition of
information such as the SMimeCapabilities attribute from [SMIME] which information such as the SMimeCapabilities attribute from [SMIME] which
contains information about the bulk encryption algorithms supported by contains information about the bulk encryption algorithms supported by
the End-Entity's cryptography module. the End-Entity's cryptography module.
skipping to change at line 106 skipping to change at line 107
a directory). a directory).
Using signed objects for certificate distribution has the benefit of Using signed objects for certificate distribution has the benefit of
allowing additional information such as the SMimeCapabilities allowing additional information such as the SMimeCapabilities
attribute to be carried as part of the package. It also allows for attribute to be carried as part of the package. It also allows for
the inclusion of additional certificates to be used in verifying the the inclusion of additional certificates to be used in verifying the
encryption certificate used to build an encrypted object. However, it encryption certificate used to build an encrypted object. However, it
has the drawback that the initialization process is done via a one-on- has the drawback that the initialization process is done via a one-on-
one process. one process.
3. SMimeEncryptionCerts 3. SMimeEncryptCerts
When publishing one's own encryption certificates, it is often When publishing one's own encryption certificates, it is often
advisable to publish a wide selection of certificates to insure advisable to publish a wide selection of certificates to insure
maximum interoperability. This section describes an attribute that maximum interoperability. This section describes an attribute that
may be used to both identify the set of encryption certificates and may be used to both identify the set of encryption certificates and
establish the set of bulk encryption algorithms supported by each of establish the set of bulk encryption algorithms supported by each of
the certificates. the certificates.
The SMimeEncryptionCerts attribute is used to identify one's own The SMimeEncryptCerts attribute is used to identify one's own
encryption certificates to the other party. This attribute is a encryption certificates to the other party. This attribute is a
sequence so that more than one encryption certificate can be sequence so that more than one encryption certificate can be
identified in a single SignerInfo object. Each certificate is then identified in a single SignerInfo object. Each certificate is then
given a set of capabilities so senders can identify the correct given a set of capabilities so senders can identify the correct
certificate to use for specific capabilities. certificate to use for specific capabilities.
The structure and OID for the SMimeEncryptionCerts attribute are: The structure and OID for the SMimeEncryptCerts attribute are:
id-aa-smimeEncryptionCerts OBJECT IDENTIFIER ::= { iso(1) id-aa-smimeEncryptCerts OBJECT IDENTIFIER ::= { iso(1)
member-body(2) us(840) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-aa(2) 13 } smime(16) id-aa(2) 13 }
SMimeEncryptionCert ::= SEQUENCE { SMimeEncryptCert ::= SEQUENCE {
hash Hash, hash Hash,
capabilities SMIMECapabilities capabilities SMIMECapabilities
} }
SMimeEncryptionCerts ::= SEQUENCE OF SMimeEncryptionCert SMimeEncryptCerts ::= SEQUENCE OF SmimeEncryptCert
Hash ::= OCTET STRING - SHA1 hash of the certificate Hash ::= OCTET STRING - SHA1 hash of the certificate
When a certificate appears in an SMimeEncryptionCerts attribute, the When a certificate appears in an SMimeEncryptCerts attribute, the
certificate MUST be included SignedData object. The order of certificate MUST be included SignedData object. The order of
certificates in the SMimeEncryptionCerts attribute is the preferred certificates in the SMimeEncryptCerts attribute is the preferred order
order of use by the sender. It is expected that the preferred of use by the sender. It is expected that the preferred certificate
certificate in the SMIMEEncrpytionKeyPreference would be the first in the SMIMEEncrpytionKeyPreference would be the first certificate in
certificate in the SMimeEncryptionCerts attribute. the SMimeEncryptCerts attribute.
If present, the SMimeEncryptionCerts attribute MUST be an If present, the SMimeEncryptCerts attribute MUST be an authenticated
authenticated attribute; it MUST NOT be an unauthenticated attribute. attribute; it MUST NOT be an unauthenticated attribute. CMS defines
CMS defines authenticatedAttributes as a SET OF AuthAttribute. A authenticatedAttributes as a SET OF AuthAttribute. A SignerInfo MUST
SignerInfo MUST NOT include multiple instances of the NOT include multiple instances of the SMimeEncryptCerts attribute. CMS
SMimeEncryptionCerts attribute. CMS defines the ASN.1 syntax for the defines the ASN.1 syntax for the authenticated attributes to include
authenticated attributes to include attrValues SET OF AttributeValue. attrValues SET OF AttributeValue. A SMimeEncryptCerts attribute MUST
A SMimeEncryptionCerts attribute MUST only include a single instance only include a single instance of AttributeValue. There MUST NOT be
of AttributeValue. There MUST NOT be zero or multiple instances of zero or multiple instances of AttributeValue present in the attrValues
AttributeValue present in the attrValues SET OF AttributeValue. SET OF AttributeValue.
4. SMimeCertificatePublish Object 4. SMimeCertificatePublish Object
The structure of the SMimeCertificatePublish object is defined in this The structure of the SMimeCertificatePublish object is defined in this
section. This object has the benefit that it is published into a section. This object has the benefit that it is published into a
directory service (and thus is available to all parties) and it directory service (and thus is available to all parties) and it
contains a signed object that allows it to carry the additional contains a signed object that allows it to carry the additional
information desired to increase interoperability. information desired to increase interoperability.
This section describes the LDAP directory schema, the body content and This section describes the LDAP directory schema, the body content and
skipping to change at line 189 skipping to change at line 190
4.1 Signed Content 4.1 Signed Content
The SMimeCertificatePublish object is explicitly designed to carry no The SMimeCertificatePublish object is explicitly designed to carry no
body content. All information is carried in the signed attribute body content. All information is carried in the signed attribute
section of the SignerInfo. section of the SignerInfo.
The following object identifier is used to distinguish the content of The following object identifier is used to distinguish the content of
a SMimeCertificatePublish: a SMimeCertificatePublish:
id-ct-publishCert OBJECT IDENTIFIER ::= { iso(1) member-body(2) id-ct-publishCert OBJECT IDENTIFIER ::= { iso(1) member-body(2)
us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-ct(1) 3 } us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-ct(1)
3)
When creating a SMimeCertificatePublish object, the eContent of the When creating a SMimeCertificatePublish object, the eContent of the
Signed-Data object is omitted and the eContentType OID is set to Signed-Data object is omitted and the eContentType OID is set to id-
id-ct-publishCert. Note this is different from an empty content, ct- publishCert. Note this is different from an empty content, which
which would be represented as an octet string containing zero bytes. would be represented as an octet string containing zero bytes. The
The hash of the body (used in the id-message-digest attribute) is set hash of the body (used in the id-message-digest attribute) is set to
to the initialization value of the hash function. (This is expected the initialization value of the hash function. (This is expected to
to provide the same result as if you had hashed a body containing provide the same result as if you had hashed a body containing exactly
exactly 0 bytes.) 0 bytes.)
4.2 Signed Attributes 4.2 Signed Attributes
The signed attributes section MUST be present in the SignerInfo The signed attributes section MUST be present in the SignerInfo
object, and the following signed attributes MUST be present: The object, and the following signed attributes MUST be present: The
signing-time attribute (from [CMS]), the SMimeCapabilities and signing-time attribute (from [CMS]), the SMimeCapabilities and
SMIMEEncryptionKeyPreference (from [SMIME]). SMIMEEncryptionKeyPreference (from [SMIME]).
4.3 CertificateSet 4.3 CertificateSet
skipping to change at line 241 skipping to change at line 243
with one of the names found in the certificate. Thus if an RFC822 with one of the names found in the certificate. Thus if an RFC822
name was used to do the directory look-up, the RFC822 name would be in name was used to do the directory look-up, the RFC822 name would be in
the SubjectAltName extension on the certificate. the SubjectAltName extension on the certificate.
The steps for extracting the encryption certificate from a The steps for extracting the encryption certificate from a
SMimeCertificatePublish object are as follows: SMimeCertificatePublish object are as follows:
1. Verify that the SMimeCertificatePublish object contains a valid 1. Verify that the SMimeCertificatePublish object contains a valid
signature and the certificate used to sign the message can be signature and the certificate used to sign the message can be
validated. validated.
a) Certificate validates -- goto 2.
b) Certificate fails validation -- stop.
2. Does the certificate used to sign the SMimeCertificatePublish 2. Does the certificate used to sign the SMimeCertificatePublish
object "match" the intended recipient of the encryption object. object "match" the intended recipient of the encryption object? If
a) "Match" found -- goto step 6. so, proceed to step 6 else step 3.
b) No "Match" found -- stop.
3. Does the certificate referenced in the SMIMEEncryptionKeyPreference 3. Does the certificate referenced in the SMIMEEncryptionKeyPreference
attribute "match" the intended recipient of the encryption object? attribute "match" the intended recipient of the encryption object?
a) "Match" found -- goto step 4. If so, proceed to step 4, else stop with failure.
b) No "Match" found -- stop.
4. Validate the reference encryption certificate. 4. Validate the referenced encryption certificate.
a) Validation succeedes -- goto step 5
b) Validation fails -- stop.
5. Compare the signing certificate to the set of certificates used to 5. Compare the signing certificate to the set of certificates used to
verify the encryption certificate. Is the signing certificate in verify the encryption certificate. Is the signing certificate in
the set of verification certificates? If yes then the encryption the set of verification certificates? If yes then the encryption
certificate has been located. If no, no encryption certificate was certificate has been located. If no, no encryption certificate was
found. found.
6. Locate the encryption certificate using the 6. Locate the encryption certificate using the
SMIMEEncryptionKeyPreference attribute in the signed attributes of SMIMEEncryptionKeyPreference attribute in the signed attributes of
the SMimeCertificatePublish object. the SMimeCertificatePublish object.
skipping to change at line 302 skipping to change at line 298
4.6 MIME Encoding 4.6 MIME Encoding
The application/pkcs7-mime-publish type is used to carry The application/pkcs7-mime-publish type is used to carry
SMimeCertificatePublish objects as mime objects. The optional "name" SMimeCertificatePublish objects as mime objects. The optional "name"
parameter SHOULD be emitted as part of the Content-Type field. The parameter SHOULD be emitted as part of the Content-Type field. The
file extension for the file name SHOULD be ". p7p". file extension for the file name SHOULD be ". p7p".
A. ASN Module A. ASN Module
CertPublish DEFINITIONS IMPLICIT TAGS ::= SMimeCertDistributionSyntax
{ iso(1) member-body(2) us(840) rsadsi(113549)
pkcs(1) pkcs-9(9) smime(16) modules(0) <TBD> }
DEFINITIONS IMPLICIT TAGS ::=
BEGIN BEGIN
-- EXPORTS All
-- The types and values defined in this module are exported for use
-- in the other ASN.1 modules. Other applications may use them for
-- their own purposes.
IMPORTS IMPORTS
Cryptographic Message Syntax (CMS) -- SMime Cryptographic Message Format
ContentInfo ContentInfo
FROM CryptographicMessageSyntax { iso(1) member-body(2) us(840) FROM CryptographicMessageSyntax { iso(1) member-body(2)
rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) modules(0) CMS(1) }; us(840) rsadsi(113549) pkcs(1) pkcs-9(9) smime(16)
modules(0) cms(1) }
SMIMECapability ::= SEQUENCE { -- SecureMimeMessageV3
capabilityID OBJECT IDENTIFIER, SMIMECapabilities
parameters ANY DEFINED BY capabilityID OPTIONAL } FROM SecureMimeMessageV3 { iso(1) member-body(2) us(840)
rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) modules(0)
smime(4)};
SMIMECapabilities ::= SEQUENCE OF SMIMECapability -- S/MIME Object Identifier Registry
id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) us(840)
rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) }
id-aa-smimeEncryptionCerts OBJECT IDENTIFIER ::= { iso(1) -- Authenticated Attribute identifing Encryption Certificates
member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) -- Value is a single SMimeEncryptCerts
id-aa(2) 13 }
SMimeEncryptionCert ::= SEQUENCE { id-aa-smimeEncryptCerts OBJECT IDENTIFIER ::= { id-smime id-aa(2) 13
}
SMimeEncryptCerts ::= SEQUENCE OF SMimeEncryptCert
SMimeEncryptCert ::= SEQUENCE {
hash Hash, hash Hash,
capabilities SMIMECapabilities capabilities SMIMECapabilities
} }
SMimeEncrpytionCerts ::= SEQUENCE OF SMimeEncryptionCert Hash ::= OCTET STRING -- SHA1 hash of the certificate
Hash ::= OCTET STRING -- SHA1 hash of a certificate -- Content Type of Certificate publish message.
-- Signed content is detatched and empty
id-ct-publishCert OBJECT IDENTIFIER ::= { id-smime id-ct(1) 3 }
SMimeCertificatePublish ::= ContentInfo SMimeCertificatePublish ::= ContentInfo
id-ct-publishCert OBJECT IDENTIFIER ::= {iso(1) member-body(2) END -- of SMimeCertDistributionSyntax
us(840) rsadsi(113549) pkcs(1) pkcs9(9) smime(16) id-ct(1) 3 }
END
B. Backwards Compatibility B. Backwards Compatibility
The SMimeCertificatePublish object is based on work previously done at The SMimeCertificatePublish object is based on work previously done at
both Microsoft and Netscape. both Microsoft and Netscape.
Both of these companies have implemented a version of Both of these companies have implemented a version of
userSMimeCertificate in their mail LDAP directory structures. userSMimeCertificate in their mail LDAP directory structures.
Microsoft has also put the property into its MAPI based directory Microsoft has also put the property into its MAPI based directory
schema. schema.
Both companies use a ContentInfo object containing a SignedData object Both companies use a ContentInfo object containing a SignedData object
with one SignerInfo object. In both cases however the eContent is with one SignerInfo object. In both cases however the eContent is
tagged with id-data not id-ct-publishCert. The actual content is tagged with id-data not id-ct-publishCert. The actual content is
omitted from the SMimeCertificatePublish object. omitted from the SMimeCertificatePublish object.
In the case of both companies, clients who implement this feature In the case of both companies, clients who implement this feature
require that the end-entity is the signer of the object, the CA is not require that the end-entity is the signer of the object; the CA is not
permitted to sign and publish the object. permitted to sign and publish the object.
Microsoft has also produced an early version of the SMimeEncryptCerts
attribute. The syntax for this structure is
id-Microsoft-SMimeEncryptCert OBJECT IDENTIFIER ::= {1 3 6 1 4 1 311
16 4}
Microsoft-SMimeEncryptionert ::= IssuerAndSerialNumber
A description of IssuerAndSerialNumber can be find in [CMS].
C. Registration of MIME C. Registration of MIME
To: ietf-types@iana.org To: ietf-types@iana.org
Subject: Registration of MIME media type application/pkcs7-mime- Subject: Registration of MIME media type application/pkcs7-mime-
publish publish
MIME media type name: application MIME media type name: application
MIME subtype name: pkcs7-mime-publish MIME subtype name: pkcs7-mime-publish
skipping to change at line 387 skipping to change at line 410
Published specification: this document Published specification: this document
Applications that use this media type: Secure Internet mail and other Applications that use this media type: Secure Internet mail and other
secure data transports. secure data transports.
Additional information: Additional information:
File extension (s): p7p File extension (s): p7p
Macintosh File Type Code (s): - Macintosh File Type Code (s): -
Person and email address to contact for further information: Person and email address to contact for further information: Jim
Jim Schaad, jimsch@microsoft.com Schaad, jimsch@microsoft.com
Intended usage: COMMON Intended usage: COMMON
D. Open Issues D. Open Issues
- There are no current open issues. - Need Example Message
E. Changes
As stated at the August IETF Working group meeting, I now consider the
issue on content for an SMimeCertificatePublish object to be closed.
There has been no communications about this being a desired goal or
suggesting what should be included here.
All attempts to allow for RAs to do publishing of
SMimeCertificatePublish objects on behalf of the end-user are being
terminated. The reason for this is two-fold.
1) There appears to be no good way of identifying which RA
certificates would be allowed to do the publishing without the
introduction of a new certificate extension specifically for that
purpose. This is something that I just cannot think of as good at
this point in time.
2) Allowing CAs to either directly or indirectly (through an RA
certificate) do the publishing seems must to liberal. If this was
to continue then a good set of restrictions would need to be
developed as part of the change.
References References
CMS "Cryptographic Message Syntax", Internet Draft ietf-draft- CMS "Cryptographic Message Syntax", Internet Draft ietf-draft-
smime-cms smime-cms
MUSTSHOULD "Key words for use in RFCs to Indicate Requirement Levels", MUSTSHOULD "Key words for use in RFCs to Indicate Requirement Levels",
RFC 2119 RFC 2119
LDAPV3 "Lightweight Directory Access Protocol (v3): Attribute Syntax LDAPV3 "Lightweight Directory Access Protocol (v3): Attribute Syntax
Definitions", RFC 2252 Definitions", RFC 2252
SMIME "S/MIME Version 3 Message Specification", Internet Draft ietf- SMIME "S/MIME Version 3 Message Specification", Internet Draft ietf-
draft-smime-msg draft-smime-msg
SMIMECERT "S/MIME Version 3 Certificate Handling", Internet Draft SMIMECERT "S/MIME Version 3 Certificate Handling", Internet Draft
ietf-draft-smime-cert ietf-draft-smime-cert
Security Considerations Security Considerations
Something goes here about making sure that you have the correct Something goes here about making sure that you have the correct
certificate and that no substitutions are done when getting certificate and that no substitutions are done when getting
certificates and information from the directory service. certificates and information from the directory service.
Author Address Author Address
Jim Schaad Jim Schaad
Microsoft Microsoft
One Microsoft Way One Microsoft Way
Redmond, WA 98052-6399 Redmond, WA 98052-6399
Jimsch@Microsoft.com Jimsch@Microsoft.com
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/