rfc9118.original   rfc9118.txt 
Network Working Group R. Housley Internet Engineering Task Force (IETF) R. Housley
Internet-Draft Vigil Security Request for Comments: 9118 Vigil Security
Updates: 8226 (if approved) 30 June 2021 Updates: 8226 August 2021
Intended status: Standards Track Category: Standards Track
Expires: 1 January 2022 ISSN: 2070-1721
Enhanced JWT Claim Constraints for STIR Certificates Enhanced JSON Web Token (JWT) Claim Constraints for Secure Telephone
draft-ietf-stir-enhance-rfc8226-04 Identity Revisited (STIR) Certificates
Abstract Abstract
RFC 8226 specifies the use of certificates for Secure Telephone RFC 8226 specifies the use of certificates for Secure Telephone
Identity Credentials, and these certificates are often called "STIR Identity Credentials; these certificates are often called "Secure
Certificates". RFC 8226 provides a certificate extension to Telephone Identity Revisited (STIR) Certificates". RFC 8226 provides
constrain the JSON Web Token (JWT) claims that can be included in the a certificate extension to constrain the JSON Web Token (JWT) claims
Personal Assertion Token (PASSporT) as defined in RFC 8225. If the that can be included in the Personal Assertion Token (PASSporT), as
PASSporT signer includes a JWT claim outside the constraint defined in RFC 8225. If the PASSporT signer includes a JWT claim
boundaries, then the PASSporT recipient will reject the entire outside the constraint boundaries, then the PASSporT recipient will
PASSporT. This document updates RFC 8226; it provides all of the reject the entire PASSporT. This document updates RFC 8226; it
capabilities available in the original certificate extension as well provides all of the capabilities available in the original
as an additional way to constrain the allowable JWT claims. The certificate extension as well as an additional way to constrain the
enhanced extension can also provide a list of claims that are not allowable JWT claims. The enhanced extension can also provide a list
allowed to be included in the PASSporT. of claims that are not allowed to be included in the PASSporT.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This is an Internet Standards Track document.
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months This document is a product of the Internet Engineering Task Force
and may be updated, replaced, or obsoleted by other documents at any (IETF). It represents the consensus of the IETF community. It has
time. It is inappropriate to use Internet-Drafts as reference received public review and has been approved for publication by the
material or to cite them other than as "work in progress." Internet Engineering Steering Group (IESG). Further information on
Internet Standards is available in Section 2 of RFC 7841.
This Internet-Draft will expire on 1 January 2022. Information about the current status of this document, any errata,
and how to provide feedback on it may be obtained at
https://www.rfc-editor.org/info/rfc9118.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents
license-info) in effect on the date of publication of this document. (https://trustee.ietf.org/license-info) in effect on the date of
Please review these documents carefully, as they describe your rights publication of this document. Please review these documents
and restrictions with respect to this document. Code Components carefully, as they describe your rights and restrictions with respect
extracted from this document must include Simplified BSD License text to this document. Code Components extracted from this document must
as described in Section 4.e of the Trust Legal Provisions and are include Simplified BSD License text as described in Section 4.e of
provided without warranty as described in the Simplified BSD License. the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology
3. Enhanced JWT Claim Constraints Syntax . . . . . . . . . . . . 3 3. Enhanced JWT Claim Constraints Syntax
4. Usage Examples . . . . . . . . . . . . . . . . . . . . . . . 5 4. Usage Examples
5. Certificate Extension Example . . . . . . . . . . . . . . . . 5 5. Certificate Extension Example
6. Guidance to Certification Authorities . . . . . . . . . . . . 7 6. Guidance to Certification Authorities
7. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 7. IANA Considerations
8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 8. Security Considerations
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 8 9. References
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 9.1. Normative References
10.1. Normative References . . . . . . . . . . . . . . . . . . 8 9.2. Informative References
10.2. Informative References . . . . . . . . . . . . . . . . . 9 Appendix A. ASN.1 Module
Appendix A. ASN.1 Module . . . . . . . . . . . . . . . . . . . . 10 Acknowledgements
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . 11 Author's Address
1. Introduction 1. Introduction
The use of certificates [RFC5280] in establishing authority over The use of certificates [RFC5280] in establishing authority over
telephone numbers is described in [RFC8226]. These certificates are telephone numbers is described in [RFC8226]. These certificates are
often called "STIR Certificates". STIR certificates are an important often called "STIR Certificates". STIR certificates are an important
element of the overall system that prevents the impersonation of element of the overall system that prevents the impersonation of
telephone numbers on the Internet. telephone numbers on the Internet.
Section 8 of [RFC8226] provides a certificate extension to constrain Section 8 of [RFC8226] provides a certificate extension to constrain
skipping to change at page 3, line 7 skipping to change at line 95
This document defines an enhanced JWTClaimConstraints certificate This document defines an enhanced JWTClaimConstraints certificate
extension, which provides all of the capabilities available in the extension, which provides all of the capabilities available in the
original certificate extension as well as an additional way to original certificate extension as well as an additional way to
constrain the allowable JWT claims. That is, the enhanced extension constrain the allowable JWT claims. That is, the enhanced extension
can provide a list of claims that are not allowed to be included in can provide a list of claims that are not allowed to be included in
the PASSporT. the PASSporT.
The Enhanced JWT Claim Constraints certificate extension is needed to The Enhanced JWT Claim Constraints certificate extension is needed to
limit the authority when a parent STIR certificate delegates to a limit the authority when a parent STIR certificate delegates to a
subordinate STIR certificate. For example, subordinate STIR certificate. For example, [RFC9060] describes the
[I-D.ietf-stir-cert-delegation] describes the situation where service situation where service providers issue a STIR certificate to
providers issue a STIR certificate to enterprises or other customers enterprises or other customers to sign PASSporTs, and the Enhanced
to sign PASSporTs, and the Enhanced JWT Claim Constraints certificate JWT Claim Constraints certificate extension can be used to prevent
extension can be used to prevent specific claims from being included specific claims from being included in PASSporTs and accepted as
in PASSporTs and accepted as valid by the PASSporT recipient. valid by the PASSporT recipient.
The JWT Claim Constraints certificate extension defined in [RFC8226] The JWT Claim Constraints certificate extension defined in [RFC8226]
provides a list of claims that must be included in a valid PASSporT provides a list of claims that must be included in a valid PASSporT
as well as a list if permitted values for selected claims. The as well as a list of permitted values for selected claims. The
Enhanced JWT Claim Constraints certificate extension defined in this Enhanced JWT Claim Constraints certificate extension defined in this
document includes those capabilities and adds a list of claims that document includes those capabilities and adds a list of claims that
must not be included in a valid PASSporT. must not be included in a valid PASSporT.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
3. Enhanced JWT Claim Constraints Syntax 3. Enhanced JWT Claim Constraints Syntax
The Enhanced JWT Claim Constraints certificate extension is non- The Enhanced JWT Claim Constraints certificate extension is non-
critical, applicable only to end-entity certificates, and defined critical, applicable only to end-entity certificates, and defined
with ASN.1 [X.680]. The syntax of the JWT claims in a PASSporT is with ASN.1 [X.680]. The syntax of the JWT claims in a PASSporT is
specified in [RFC8225]. specified in [RFC8225].
The Enhanced JWT Claim Constraints certificate extension is optional, The Enhanced JWT Claim Constraints certificate extension is optional,
but when present, it constrains the JWT claims that authentication but, when present, it constrains the JWT claims that authentication
services may include in the PASSporT objects they sign. Constraints services may include in the PASSporT objects they sign. Constraints
are applied by certificate issuers and enforced by recipients when are applied by certificate issuers and enforced by recipients when
validating PASSporT claims as follows: validating PASSporT claims as follows:
1. mustInclude indicates JWT claims that MUST appear in the PASSporT 1. mustInclude indicates JWT claims that MUST appear in the PASSporT
in addition to the iat, orig, and dest claims. The baseline in addition to the iat, orig, and dest claims. The baseline
PASSporT claims ("iat", "orig", and "dest") are considered to be PASSporT claims ("iat", "orig", and "dest") are considered to be
required by [RFC8225], and these claims SHOULD NOT be part of the required by [RFC8225], and these claims SHOULD NOT be part of the
mustInclude list. If mustInclude is absent, the iat, orig, and mustInclude list. If mustInclude is absent, the iat, orig, and
dest claims MUST appear in the PASSporT. dest claims MUST appear in the PASSporT.
2. permittedValues indicates that if the claim name is present, the 2. permittedValues indicates that, if the claim name is present, the
claim MUST exactly match one of the listed values. claim MUST exactly match one of the listed values.
3. mustExclude indicates JWT claims that MUST NOT appear in the 3. mustExclude indicates JWT claims that MUST NOT appear in the
PASSporT. The baseline PASSporT claims ("iat", "orig", and PASSporT. The baseline PASSporT claims ("iat", "orig", and
"dest") are always permitted, and these claims MUST NOT be part "dest") are always permitted, and these claims MUST NOT be part
of the mustExclude list. If one of these baseline PASSporT of the mustExclude list. If one of these baseline PASSporT
claims appears in the mustExclude list, then the certificate MUST claims appears in the mustExclude list, then the certificate MUST
be treated as if the extension was not present. be treated as if the extension was not present.
Following the precedent in [RFC8226], JWT Claim Names MUST be ASCII Following the precedent in [RFC8226], JWT Claim Names MUST be ASCII
strings, which are also known as strings using the International strings, which are also known as strings using the International
Alphabet No. 5 [ISO646]. Alphabet No. 5 [ISO646].
The Enhanced JWT Claim Constraints certificate extension is The Enhanced JWT Claim Constraints certificate extension is
identified by the following object identifier (OID): identified by the following object identifier (OID):
id-pe-eJWTClaimConstraints OBJECT IDENTIFIER ::= { id-pe TBD1 } id-pe-eJWTClaimConstraints OBJECT IDENTIFIER ::= { id-pe 33 }
The Enhanced JWT Claim Constraints certificate extension has the The Enhanced JWT Claim Constraints certificate extension has the
following syntax: following syntax:
EnhancedJWTClaimConstraints ::= SEQUENCE { EnhancedJWTClaimConstraints ::= SEQUENCE {
mustInclude [0] JWTClaimNames OPTIONAL, mustInclude [0] JWTClaimNames OPTIONAL,
-- The listed claim names MUST appear in the PASSporT -- The listed claim names MUST appear in the PASSporT
-- in addition to iat, orig, and dest. If absent, iat, orig, -- in addition to iat, orig, and dest. If absent, iat, orig,
-- and dest MUST appear in the PASSporT. -- and dest MUST appear in the PASSporT.
permittedValues [1] JWTClaimValuesList OPTIONAL, permittedValues [1] JWTClaimValuesList OPTIONAL,
skipping to change at page 5, line 12 skipping to change at line 190
JWTClaimName ::= IA5String JWTClaimName ::= IA5String
4. Usage Examples 4. Usage Examples
Consider these usage examples with a PASSporT claim called Consider these usage examples with a PASSporT claim called
"confidence" with values "low", "medium", and "high". These examples "confidence" with values "low", "medium", and "high". These examples
illustrate the constraints that are imposed by mustInclude, illustrate the constraints that are imposed by mustInclude,
permittedValues, and mustExclude: permittedValues, and mustExclude:
* If a CA issues a certificate to an authentication service that * If a certification authority (CA) issues a certificate to an
includes an Enhanced JWT Claim Constraints certificate extension authentication service that includes an Enhanced JWT Claim
that contains the mustInclude JWTClaimName "confidence", then an Constraints certificate extension that contains the mustInclude
authentication service is required to include the "confidence" JWTClaimName "confidence", then an authentication service is
claim in all PASSporTs it generates and signs. A verification required to include the "confidence" claim in all PASSporTs it
service will treat as invalid any PASSporT it receives without a generates and signs. A verification service will treat any
"confidence" PASSporT claim. PASSporT it receives without a "confidence" PASSporT claim as
invalid.
* If a CA issues a certificate to an authentication service that * If a CA issues a certificate to an authentication service that
includes an Enhanced JWT Claim Constraints certificate extension includes an Enhanced JWT Claim Constraints certificate extension
that contains the permittedValues JWTClaimName "confidence" and a that contains the permittedValues JWTClaimName "confidence" and a
permitted "high" value, then a verification service will treat as permitted "high" value, then a verification service will treat any
invalid any PASSporT it receives with a PASSporT "confidence" PASSporT it receives with a PASSporT "confidence" claim with a
claim with a value other than "high". However, a verification value other than "high" as invalid. However, a verification
service will not treat as invalid a PASSporT it receives without a service will not treat a PASSporT it receives without a PASSporT
PASSporT "confidence" claim at all, unless "confidence" also "confidence" claim at all as invalid, unless "confidence" also
appears in mustInclude. appears in mustInclude.
* If a CA issues a certificate to an authentication service that * If a CA issues a certificate to an authentication service that
includes an Enhanced JWT Claim Constraints certificate extension includes an Enhanced JWT Claim Constraints certificate extension
that contains the mustExclude JWTClaimName "confidence", then a that contains the mustExclude JWTClaimName "confidence", then a
verification service will treat as invalid any PASSporT it verification service will treat any PASSporT it receives with a
receives with a PASSporT "confidence" claim regardless of the PASSporT "confidence" claim as invalid regardless of the claim
claim value. value.
5. Certificate Extension Example 5. Certificate Extension Example
A certificate containing an example of the A certificate containing an example of the
EnhancedJWTClaimConstraints certificate extension is provided in EnhancedJWTClaimConstraints certificate extension is provided in
Figure 1. The certificate is provided in the format described in Figure 1. The certificate is provided in the format described in
[RFC7468]. The example of the EnhancedJWTClaimConstraints extension [RFC7468]. The example of the EnhancedJWTClaimConstraints extension
from the certificate is shown in Figure 2. The example imposes four from the certificate is shown in Figure 2. The example imposes three
constraints: constraints:
1. The "confidence" claim must be present in the PASSporT. 1. The "confidence" claim must be present in the PASSporT.
2. The "confidence" claim must have a value of "high" or "medium". 2. The "confidence" claim must have a value of "high" or "medium".
3. The "priority" claim must not be present in the PASSporT. 3. The "priority" claim must not be present in the PASSporT.
NOTE: This certificate in Figure 1 will need to be corrected once
IANA assigns the object identifier for the certificate extension.
-----BEGIN CERTIFICATE----- -----BEGIN CERTIFICATE-----
MIICqjCCAlCgAwIBAgIUH7Zd3rQ5AsvOlzLnzUHhrVhDSlowCgYIKoZIzj0EAwIw MIICpzCCAk2gAwIBAgIUH7Zd3rQ5AsvOlzLnzUHhrVhDSlswCgYIKoZIzj0EAwIw
KTELMAkGA1UEBhMCVVMxGjAYBgNVBAMMEUJPR1VTIFNIQUtFTiBST09UMB4XDTIx KTELMAkGA1UEBhMCVVMxGjAYBgNVBAMMEUJPR1VTIFNIQUtFTiBST09UMB4XDTIx
MDQxNTEyMTg1NloXDTIyMDQxNTEyMTg1NlowbDELMAkGA1UEBhMCVVMxCzAJBgNV MDcxNTIxNTIxNVoXDTIyMDcxNTIxNTIxNVowbDELMAkGA1UEBhMCVVMxCzAJBgNV
BAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMR4wHAYDVQQKDBVCb2d1cyBFeGFtcGxl BAgMAlZBMRAwDgYDVQQHDAdIZXJuZG9uMR4wHAYDVQQKDBVCb2d1cyBFeGFtcGxl
IFRlbGVjb20xDTALBgNVBAsMBFZvSVAxDzANBgNVBAMMBlNIQUtFTjBZMBMGByqG IFRlbGVjb20xDTALBgNVBAsMBFZvSVAxDzANBgNVBAMMBlNIQUtFTjBZMBMGByqG
SM49AgEGCCqGSM49AwEHA0IABNR6C6nBWRA/fXTglV03aXkXy8hx9oBttVLhsTZ1 SM49AgEGCCqGSM49AwEHA0IABNR6C6nBWRA/fXTglV03aXkXy8hx9oBttVLhsTZ1
IYVRBao4OZhVf/Xv1a3xLsZ6KfdhuylSeAKuCoSbVGojYDGjggERMIIBDTAMBgNV IYVRBao4OZhVf/Xv1a3xLsZ6KfdhuylSeAKuCoSbVGojYDGjggEOMIIBCjAMBgNV
HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQUDlG3dxHyzKL/FZfS HRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIHgDAdBgNVHQ4EFgQUDlG3dxHyzKL/FZfS
PI7rpuueRbswHwYDVR0jBBgwFoAUlToKtrQeFrwwyXpMj1qu3TQEeoEwQgYJYIZI PI7rpuueRbswHwYDVR0jBBgwFoAUlToKtrQeFrwwyXpMj1qu3TQEeoEwQgYJYIZI
AYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9y AYb4QgENBDUWM1RoaXMgY2VydGlmaWNhdGUgY2Fubm90IGJlIHRydXN0ZWQgZm9y
IGFueSBwdXJwb3NlLjAWBggrBgEFBQcBGgQKMAigBhYEMTIzNDBRBgsrBgEFBQcB IGFueSBwdXJwb3NlLjAWBggrBgEFBQcBGgQKMAigBhYEMTIzNDBOBggrBgEFBQcB
l4+jcARCMECgDjAMFgpjb25maWRlbmNloSAwHjAcFgpjb25maWRlbmNlMA4MBGhp IQRCMECgDjAMFgpjb25maWRlbmNloSAwHjAcFgpjb25maWRlbmNlMA4MBGhpZ2gM
Z2gMBm1lZGl1baIMMAoWCHByaW9yaXR5MAoGCCqGSM49BAMCA0gAMEUCIQC1AR9y Bm1lZGl1baIMMAoWCHByaW9yaXR5MAoGCCqGSM49BAMCA0gAMEUCIQCbNR4QK1um
WWHoUWH3KZ0UIvBamAThQvjJCyKWuHQIyR6LSAIgWhuf+di772aGlWhMpv5uSua5 +0vq2CE1B1/W3avYeREsPi/7RKHffL+5eQIgarHot+X9Rl7SOyNBq5X5JyEMx0SQ
ljiGsKx+dMEIE2uU978= hRLkCY3Zoz2OCNQ=
-----END CERTIFICATE----- -----END CERTIFICATE-----
Figure 1. Example Certificate. Figure 1: Example Certificate
0 64: SEQUENCE { 0 64: SEQUENCE {
2 14: [0] { 2 14: [0] {
4 12: SEQUENCE { 4 12: SEQUENCE {
6 10: IA5String 'confidence' 6 10: IA5String 'confidence'
: } : }
: } : }
18 32: [1] { 18 32: [1] {
20 30: SEQUENCE { 20 30: SEQUENCE {
22 28: SEQUENCE { 22 28: SEQUENCE {
skipping to change at page 6, line 52 skipping to change at line 275
: } : }
: } : }
: } : }
52 12: [2] { 52 12: [2] {
54 10: SEQUENCE { 54 10: SEQUENCE {
56 8: IA5String 'priority' 56 8: IA5String 'priority'
: } : }
: } : }
: } : }
Figure 2. Example EnhancedJWTClaimConstraints extension. Figure 2: Example EnhancedJWTClaimConstraints Extension
6. Guidance to Certification Authorities 6. Guidance to Certification Authorities
The EnhancedJWTClaimConstraints extension specified in this document The EnhancedJWTClaimConstraints extension specified in this document
and the JWTClaimConstraints extension specified in [RFC8226] MUST NOT and the JWTClaimConstraints extension specified in [RFC8226] MUST NOT
both appear in the same certificate. both appear in the same certificate.
If the situation calls for mustExclude constraints, then the If the situation calls for mustExclude constraints, then the
EnhancedJWTClaimConstraints extension is the only extension that can EnhancedJWTClaimConstraints extension is the only extension that can
express the constraints. express the constraints.
On the other hand, if the situation does not call for mustExclude On the other hand, if the situation does not call for mustExclude
constraints, then either the EnhancedJWTClaimConstraints extension or constraints, then either the EnhancedJWTClaimConstraints extension or
the JWTClaimConstraints extension can express the constraints. Until the JWTClaimConstraints extension can express the constraints. Until
such time as the EnhancedJWTClaimConstraints become widely such time as support for the EnhancedJWTClaimConstraints extension
implemented, the use of the JWTClaimConstraints extension may be more becomes widely implemented, the use of the JWTClaimConstraints
likely to be implemented. This guess is based on the presumption extension may be more likely to be supported. This guess is based on
that the first specified extension will be implemented more widely in the presumption that the first specified extension will be
the next few years. implemented more widely in the next few years.
7. IANA Considerations 7. IANA Considerations
This document makes use of object identifiers for the Enhanced JWT This document makes use of object identifiers for the Enhanced JWT
Claim Constraints certificate extension defined in Section 3 and the Claim Constraints certificate extension defined in Section 3 and the
ASN.1 module identifier defined in Appendix A. Therefore, IANA is ASN.1 module identifier defined in Appendix A. Therefore, IANA has
asked to made the following assignments within the SMI Numbers made the following assignments within the "Structure of Management
Registry. Information (SMI) Numbers (MIB Module Registrations)" registry.
For the Enhanced JWT Claim Constraints certificate extension in the For the Enhanced JWT Claim Constraints certificate extension in the
"SMI Security for PKIX Certificate Extension" (1.3.6.1.5.5.7.1) "SMI Security for PKIX Certificate Extension" (1.3.6.1.5.5.7.1)
registry: registry:
TBD1 id-pe-eJWTClaimConstraints +=========+============================+
| Decimal | Description |
+=========+============================+
| 33 | id-pe-eJWTClaimConstraints |
+---------+----------------------------+
Table 1
For the ASN.1 module identifier in the "SMI Security for PKIX Module For the ASN.1 module identifier in the "SMI Security for PKIX Module
Identifier" (1.3.6.1.5.5.7.0) registry: Identifier" (1.3.6.1.5.5.7.0) registry:
TBD2 id-mod-eJWTClaimConstraints-2021 +=========+==================================+
| Decimal | Description |
+=========+==================================+
| 101 | id-mod-eJWTClaimConstraints-2021 |
+---------+----------------------------------+
Table 2
8. Security Considerations 8. Security Considerations
For further information on certificate security and practices, see For further information on certificate security and practices, see
[RFC5280], especially the Security Considerations section. [RFC5280], especially the Security Considerations section.
Since non-critical certificate extension are ignored by Since non-critical certificate extensions are ignored by
implementations that do not recognize the extension object identifier implementations that do not recognize the extension object identifier
(OID), constraints on PASSporT validation will only be applied by (OID), constraints on PASSporT validation will only be applied by
relying parties that recognize the EnhancedJWTClaimConstraints relying parties that recognize the EnhancedJWTClaimConstraints
extension. extension.
The Enhanced JWT Claim Constraints certificate extension can be used The Enhanced JWT Claim Constraints certificate extension can be used
by certificate issuers to provide limits on the acceptable PASSporTs by certificate issuers to provide limits on the acceptable PASSporTs
that can be accepted by verification services. Enforcement of these that can be accepted by verification services. Enforcement of these
limits depends upon proper implementation by the verification limits depends upon proper implementation by the verification
services. The digital signature on the PASSportT data structure will services. The digital signature on the PASSporT data structure will
be valid even if the limits are violated. be valid even if the limits are violated.
Use of the Enhanced JWT Claim Constraints certificate extension Use of the Enhanced JWT Claim Constraints certificate extension
permittedValues constraint is most useful when the claim definition permittedValues constraint is most useful when the claim definition
allows a specified set of values. In this way, all of the values allows a specified set of values. In this way, all of the values
that are not listed in the JWTClaimValuesList are prohibited in a that are not listed in the JWTClaimValuesList are prohibited in a
valid PASSporT. valid PASSporT.
Certificate issuers must take care when imposing constraints on the Certificate issuers must take care when imposing constraints on the
PASSporT claims and the claim values that can successfully validated; PASSporT claims and the claim values that can be successfully
some combinations can prevent any PASSporT from being successfully validated; some combinations can prevent any PASSporT from being
validated by the certificate. For example, an entry in mustInclude successfully validated by the certificate. For example, an entry in
and an entry in mustExclude for the same claim will prevent mustInclude and an entry in mustExclude for the same claim will
successful validation on any PASSporT. prevent successful validation on any PASSporT.
Certificate issuers SHOULD NOT include an entry in mustExclude for Certificate issuers SHOULD NOT include an entry in mustExclude for
the "rcdi" claim for a certificate that will be used with the the "rcdi" claim for a certificate that will be used with the
PASSporT Extension for Rich Call Data defined in PASSporT Extension for Rich Call Data defined in [STIR-PASSPORT-RCD].
[I-D.ietf-stir-passport-rcd]. Excluding this claim would prevent the Excluding this claim would prevent the integrity protection mechanism
integrity protection mechanism from working properly. from working properly.
Certificate issuers must take care when performing certificate Certificate issuers must take care when performing certificate
renewal [RFC4949] to include exactly the same Enhanced JWT Claim renewal [RFC4949] to include exactly the same Enhanced JWT Claim
Constraints certificate extension in the new certificate as the old Constraints certificate extension in the new certificate as the old
one. Renewal usually takes place before the old certificate expires, one. Renewal usually takes place before the old certificate expires,
so there is a period of time where both the new certificate and the so there is a period of time where both the new certificate and the
old certificate are valid. If different constraints appear in the old certificate are valid. If different constraints appear in the
two certificates with the same public key, some PASSporTs might be two certificates with the same public key, some PASSporTs might be
valid when one certificate is used and invalid when the other one is valid when one certificate is used and invalid when the other one is
used. used.
9. Acknowledgements 9. References
Many thanks to Chris Wendt for his insight into the need for the for
the Enhanced JWT Claim Constraints certificate extension.
Thanks to Ben Campbell, Theresa Enghardt, Ben Kaduk, Erik Kline, Eric
Vyncke, and Rob Wilton for their thoughtful review and comments. The
document is much better as a result of their efforts.
10. References
10.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
skipping to change at page 9, line 34 skipping to change at line 407
[RFC8225] Wendt, C. and J. Peterson, "PASSporT: Personal Assertion [RFC8225] Wendt, C. and J. Peterson, "PASSporT: Personal Assertion
Token", RFC 8225, DOI 10.17487/RFC8225, February 2018, Token", RFC 8225, DOI 10.17487/RFC8225, February 2018,
<https://www.rfc-editor.org/info/rfc8225>. <https://www.rfc-editor.org/info/rfc8225>.
[RFC8226] Peterson, J. and S. Turner, "Secure Telephone Identity [RFC8226] Peterson, J. and S. Turner, "Secure Telephone Identity
Credentials: Certificates", RFC 8226, Credentials: Certificates", RFC 8226,
DOI 10.17487/RFC8226, February 2018, DOI 10.17487/RFC8226, February 2018,
<https://www.rfc-editor.org/info/rfc8226>. <https://www.rfc-editor.org/info/rfc8226>.
[X.680] International Telecommunication Union, "Information [X.680] ITU-T, "Information technology - Abstract Syntax Notation
Technology - Abstract Syntax Notation One (ASN.1): One (ASN.1): Specification of basic notation", ITU-T
Specification of basic notation", ISO/IEC 8824-1, August Recommendation X.680, February 2021.
2021.
10.2. Informative References
[I-D.ietf-stir-cert-delegation]
Peterson, J., "STIR Certificate Delegation", Work in
Progress, Internet-Draft, draft-ietf-stir-cert-delegation-
04, 22 February 2021, <https://www.ietf.org/archive/id/
draft-ietf-stir-cert-delegation-04.txt>.
[I-D.ietf-stir-passport-rcd] 9.2. Informative References
Wendt, C. and J. Peterson, "PASSporT Extension for Rich
Call Data", Work in Progress, Internet-Draft, draft-ietf-
stir-passport-rcd-11, 29 March 2021,
<https://www.ietf.org/archive/id/draft-ietf-stir-passport-
rcd-11.txt>.
[ISO646] International Organization for Standardization, [ISO646] ISO, "Information technology - ISO 7-bit coded character
"Information processing - ISO 7-bit coded character set set for information interchange", ISO/IEC 646:1991,
for information interchange", ISO/IEC 646:1991, December December 1991.
1991.
[RFC4949] Shirey, R., "Internet Security Glossary, Version 2", [RFC4949] Shirey, R., "Internet Security Glossary, Version 2",
FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007, FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007,
<https://www.rfc-editor.org/info/rfc4949>. <https://www.rfc-editor.org/info/rfc4949>.
[RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX, [RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX,
PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468, PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468,
April 2015, <https://www.rfc-editor.org/info/rfc7468>. April 2015, <https://www.rfc-editor.org/info/rfc7468>.
[RFC9060] Peterson, J., "Secure Telephone Identity Revisited (STIR)
Certificate Delegation", RFC 9060, DOI 10.17487/RFC9060,
August 2021, <https://www.rfc-editor.org/rfc/rfc9060>.
[STIR-PASSPORT-RCD]
Wendt, C. and J. Peterson, "PASSporT Extension for Rich
Call Data", Work in Progress, Internet-Draft, draft-ietf-
stir-passport-rcd-12, 12 July 2021,
<https://datatracker.ietf.org/doc/html/draft-ietf-stir-
passport-rcd-12>.
Appendix A. ASN.1 Module Appendix A. ASN.1 Module
This appendix provides the ASN.1 [X.680] definitions for the Enhanced This appendix provides the ASN.1 [X.680] definitions for the Enhanced
JWT Claim Constraints certificate extension. The module defined in JWT Claim Constraints certificate extension. The module defined in
this appendix are compatible with the ASN.1 specifications published this appendix is compatible with the ASN.1 specifications published
in 2015. in 2015.
This ASN.1 module imports ASN.1 from [RFC5912]. This ASN.1 module imports ASN.1 from [RFC5912].
<CODE BEGINS> <CODE BEGINS>
EnhancedJWTClaimConstraints-2021 EnhancedJWTClaimConstraints-2021
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-eJWTClaimConstraints-2021(TBD2) } id-mod-eJWTClaimConstraints-2021(101) }
DEFINITIONS EXPLICIT TAGS ::= BEGIN DEFINITIONS EXPLICIT TAGS ::= BEGIN
IMPORTS IMPORTS
id-pe id-pe
FROM PKIX1Explicit-2009 -- From RFC 5912 FROM PKIX1Explicit-2009 -- From RFC 5912
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkix1-explicit-02(51) } id-mod-pkix1-explicit-02(51) }
skipping to change at page 11, line 6 skipping to change at line 473
{ iso(1) identified-organization(3) dod(6) internet(1) { iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) id-mod(0) security(5) mechanisms(5) pkix(7) id-mod(0)
id-mod-pkixCommon-02(57) } ; id-mod-pkixCommon-02(57) } ;
-- Enhanced JWT Claim Constraints Certificate Extension -- Enhanced JWT Claim Constraints Certificate Extension
ext-eJWTClaimConstraints EXTENSION ::= { ext-eJWTClaimConstraints EXTENSION ::= {
SYNTAX EnhancedJWTClaimConstraints SYNTAX EnhancedJWTClaimConstraints
IDENTIFIED BY id-pe-eJWTClaimConstraints } IDENTIFIED BY id-pe-eJWTClaimConstraints }
id-pe-eJWTClaimConstraints OBJECT IDENTIFIER ::= { id-pe TBD1 } id-pe-eJWTClaimConstraints OBJECT IDENTIFIER ::= { id-pe 33 }
EnhancedJWTClaimConstraints ::= SEQUENCE { EnhancedJWTClaimConstraints ::= SEQUENCE {
mustInclude [0] JWTClaimNames OPTIONAL, mustInclude [0] JWTClaimNames OPTIONAL,
-- The listed claim names MUST appear in the PASSporT -- The listed claim names MUST appear in the PASSporT
-- in addition to iat, orig, and dest. If absent, iat, orig, -- in addition to iat, orig, and dest. If absent, iat, orig,
-- and dest MUST appear in the PASSporT. -- and dest MUST appear in the PASSporT.
permittedValues [1] JWTClaimValuesList OPTIONAL, permittedValues [1] JWTClaimValuesList OPTIONAL,
-- If the claim name is present, the claim MUST contain one -- If the claim name is present, the claim MUST contain one
-- of the listed values. -- of the listed values.
mustExclude [2] JWTClaimNames OPTIONAL } mustExclude [2] JWTClaimNames OPTIONAL }
skipping to change at page 11, line 35 skipping to change at line 502
claim JWTClaimName, claim JWTClaimName,
values SEQUENCE SIZE (1..MAX) OF UTF8String } values SEQUENCE SIZE (1..MAX) OF UTF8String }
JWTClaimNames ::= SEQUENCE SIZE (1..MAX) OF JWTClaimName JWTClaimNames ::= SEQUENCE SIZE (1..MAX) OF JWTClaimName
JWTClaimName ::= IA5String JWTClaimName ::= IA5String
END END
<CODE ENDS> <CODE ENDS>
Acknowledgements
Many thanks to Chris Wendt for his insight into the need for the for
the Enhanced JWT Claim Constraints certificate extension.
Thanks to Ben Campbell, Theresa Enghardt, Ben Kaduk, Erik Kline, Éric
Vyncke, and Rob Wilton for their thoughtful review and comments. The
document is much better as a result of their efforts.
Author's Address Author's Address
Russ Housley Russ Housley
Vigil Security, LLC Vigil Security, LLC
516 Dranesville Road 516 Dranesville Road
Herndon, VA, 20170 Herndon, VA 20170
United States of America United States of America
Email: housley@vigilsec.com Email: housley@vigilsec.com
 End of changes. 43 change blocks. 
147 lines changed or deleted 151 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/