| rfc9295.original | rfc9295.txt | |||
|---|---|---|---|---|
| LAMPS S. Turner | Internet Engineering Task Force (IETF) S. Turner | |||
| Internet-Draft sn3rd | Request for Comments: 9295 sn3rd | |||
| Updates: 8410 (if approved) S. Josefsson | Updates: 8410 S. Josefsson | |||
| Intended status: Standards Track SJD AB | Category: Standards Track SJD AB | |||
| Expires: 1 January 2023 D. McCarney | ISSN: 2070-1721 D. McCarney | |||
| Square Inc. | Square Inc. | |||
| T. Ito | T. Ito | |||
| SECOM CO., LTD. | SECOM CO., LTD. | |||
| 30 June 2022 | September 2022 | |||
| Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm | Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm | |||
| Identifiers | Identifiers | |||
| draft-ietf-lamps-8410-ku-clarifications-02 | ||||
| Abstract | Abstract | |||
| This document updates RFC 8410 to clarify existing and specify | This document updates RFC 8410 to clarify existing semantics, and | |||
| missing semantics for key usage bits when used in certificates that | specify missing semantics, for key usage bits when used in | |||
| support the Ed25519, Ed448, X25519, and X448 Elliptic Curve | certificates that support the Ed25519, Ed448, X25519, and X448 | |||
| Cryptography algorithms. | Elliptic Curve Cryptography algorithms. | |||
| About This Document | ||||
| This note is to be removed before publishing as an RFC. | ||||
| Status information for this document may be found at | ||||
| https://datatracker.ietf.org/doc/draft-ietf-lamps-8410-ku- | ||||
| clarifications/. | ||||
| Source for this draft and an issue tracker can be found at | ||||
| https://github.com/lamps-wg/8410-ku-clarifications. | ||||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This is an Internet Standards Track document. | |||
| provisions of BCP 78 and BCP 79. | ||||
| Internet-Drafts are working documents of the Internet Engineering | This document is a product of the Internet Engineering Task Force | |||
| Task Force (IETF). Note that other groups may also distribute | (IETF). It represents the consensus of the IETF community. It has | |||
| working documents as Internet-Drafts. The list of current Internet- | received public review and has been approved for publication by the | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Internet Engineering Steering Group (IESG). Further information on | |||
| Internet Standards is available in Section 2 of RFC 7841. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | Information about the current status of this document, any errata, | |||
| and may be updated, replaced, or obsoleted by other documents at any | and how to provide feedback on it may be obtained at | |||
| time. It is inappropriate to use Internet-Drafts as reference | https://www.rfc-editor.org/info/rfc9295. | |||
| material or to cite them other than as "work in progress." | ||||
| This Internet-Draft will expire on 1 January 2023. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
| license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
| and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
| extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
| described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
| provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
| in the Revised BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Terminology | |||
| 3. New Section 5 for RFC 8410 . . . . . . . . . . . . . . . . . 3 | 3. New Section 5 for RFC 8410 | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 5 | 4. Security Considerations | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 5 | 5. IANA Considerations | |||
| 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 6. References | |||
| 6.1. Normative References . . . . . . . . . . . . . . . . . . 5 | 6.1. Normative References | |||
| 6.2. Informative References . . . . . . . . . . . . . . . . . 5 | 6.2. Informative References | |||
| Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 5 | Acknowledgments | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 | Authors' Addresses | |||
| 1. Introduction | 1. Introduction | |||
| [RFC8410] specifies the syntax and semantics for the Subject Public | [RFC8410] specifies the syntax and semantics for the Subject Public | |||
| Key Information field in certificates that support Ed25519, Ed448, | Key Information field in certificates that support Ed25519, Ed448, | |||
| X25519, and X448 Elliptic Curve Cryptography (ECC) algorithms. As | X25519, and X448 Elliptic Curve Cryptography (ECC) algorithms. As | |||
| part of these semantics, it defines what combinations are permissible | part of these semantics, it defines what combinations are permissible | |||
| for the values of the key usage extension [RFC5280]. [RFC8410] did | for the values of the keyUsage extension [RFC5280]. [RFC8410] did | |||
| not define what values are not permissible nor did it refer to | not define what values are not permissible, nor did it refer to | |||
| keyEncipherment or dataEncipherment. [ERRATA] has also been | keyEncipherment or dataEncipherment. [Err5696] has also been | |||
| submitted to clarify that keyCertSign is always set in certification | submitted to clarify that keyCertSign is always set in certification | |||
| authority certificates. To address these changes, this document | authority certificates. To address these changes, this document | |||
| replaces Section 5 of [RFC8410] with Section 3. | replaces Section 5 of [RFC8410] with Section 3. | |||
| 2. Terminology | 2. Terminology | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| skipping to change at page 3, line 22 ¶ | skipping to change at line 94 ¶ | |||
| 3. New Section 5 for RFC 8410 | 3. New Section 5 for RFC 8410 | |||
| The intended application for the key is indicated in the keyUsage | The intended application for the key is indicated in the keyUsage | |||
| certificate extension. | certificate extension. | |||
| If the keyUsage extension is present in a certificate that indicates | If the keyUsage extension is present in a certificate that indicates | |||
| id-X25519 or id-X448 in SubjectPublicKeyInfo, then the following MUST | id-X25519 or id-X448 in SubjectPublicKeyInfo, then the following MUST | |||
| be present: | be present: | |||
| keyAgreement; | keyAgreement | |||
| one of the following MAY also be present: | One of the following MAY also be present: | |||
| encipherOnly; or | encipherOnly | |||
| decipherOnly; | decipherOnly | |||
| and the following MUST NOT be present: | and any of the following MUST NOT be present: | |||
| digitalSignature; | digitalSignature | |||
| nonRepudiation; | nonRepudiation | |||
| keyEncipherment; | keyEncipherment | |||
| dataEncipherment; | dataEncipherment | |||
| keyCertSign; and | keyCertSign | |||
| cRLSign. | cRLSign | |||
| If the keyUsage extension is present in an end-entity certificate | If the keyUsage extension is present in an end-entity certificate | |||
| that indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then | that indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then | |||
| the keyUsage extension MUST contain at least one of the following: | the keyUsage extension MUST contain at least one of the following: | |||
| nonRepudiation; | nonRepudiation | |||
| digitalSignature; and | digitalSignature | |||
| cRLSign; | cRLSign | |||
| and the following MUST NOT be present: | and any of the following MUST NOT be present: | |||
| keyEncipherment; | keyEncipherment | |||
| dataEncipherment; | dataEncipherment | |||
| keyAgreement; | keyAgreement | |||
| keyCertSign; | keyCertSign | |||
| encipherOnly; and | encipherOnly | |||
| decipherOnly. | decipherOnly | |||
| If the keyUsage extension is present in a CRL issuer certificate that | If the keyUsage extension is present in a CRL issuer certificate that | |||
| indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then the | indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then the | |||
| keyUsage extension MUST contain: | keyUsage extension MUST contain: | |||
| ~~ cRLSign; ~~ | cRLSign | |||
| and zero or more of the following: | and zero or more of the following: | |||
| ~~ nonRepudiation; and digitalSignature; ~~ | nonRepudiation | |||
| digitalSignature | ||||
| and the following MUST NOT be present: | and any of the following MUST NOT be present: | |||
| ~~ keyEncipherment; dataEncipherment; keyAgreement; encipherOnly; and | keyEncipherment | |||
| decipherOnly; ~~ | dataEncipherment | |||
| keyAgreement | ||||
| encipherOnly | ||||
| decipherOnly | ||||
| and if the CRL issuer is also a certification authority, then the | and if the CRL issuer is also a certification authority, then the | |||
| keyUsage extension MUST also contain: | keyUsage extension MUST also contain: | |||
| ~~ keyCertSign. ~~ | keyCertSign | |||
| If the keyUsage extension is present in a certification authority | If the keyUsage extension is present in a certification authority | |||
| certificate that indicates id-Ed25519 or id-Ed448 in | certificate that indicates id-Ed25519 or id-Ed448 in | |||
| SubjectPublicKeyInfo, then the keyUsage extension MUST contain: | SubjectPublicKeyInfo, then the keyUsage extension MUST contain: | |||
| keyCertSign | keyCertSign | |||
| and zero or more of the following: | and zero or more of the following: | |||
| nonRepudiation; | nonRepudiation | |||
| digitalSignature; and | digitalSignature | |||
| cRLSign; | cRLSign | |||
| and the following MUST NOT be present: | and any of the following MUST NOT be present: | |||
| keyEncipherment; | keyEncipherment | |||
| dataEncipherment; | dataEncipherment | |||
| keyAgreement; | keyAgreement | |||
| encipherOnly; and | encipherOnly | |||
| decipherOnly. | decipherOnly | |||
| 4. Security Considerations | 4. Security Considerations | |||
| This document introduces no new security considerations beyond those | This document introduces no new security considerations beyond those | |||
| found in [RFC8410]. | found in [RFC8410]. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| This document has no IANA actions. | This document has no IANA actions. | |||
| 6. References | 6. References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/rfc/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | |||
| <https://www.rfc-editor.org/rfc/rfc5280>. | <https://www.rfc-editor.org/info/rfc5280>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| May 2017, <https://www.rfc-editor.org/rfc/rfc8174>. | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| [RFC8410] Josefsson, S. and J. Schaad, "Algorithm Identifiers for | [RFC8410] Josefsson, S. and J. Schaad, "Algorithm Identifiers for | |||
| Ed25519, Ed448, X25519, and X448 for Use in the Internet | Ed25519, Ed448, X25519, and X448 for Use in the Internet | |||
| X.509 Public Key Infrastructure", RFC 8410, | X.509 Public Key Infrastructure", RFC 8410, | |||
| DOI 10.17487/RFC8410, August 2018, | DOI 10.17487/RFC8410, August 2018, | |||
| <https://www.rfc-editor.org/rfc/rfc8410>. | <https://www.rfc-editor.org/info/rfc8410>. | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [ERRATA] Liao, L., "Errata 5696", 17 April 2019, | [Err5696] RFC Errata, Erratum ID 5696, RFC 8410, | |||
| <https://www.rfc-editor.org/errata/eid5696>. | <https://www.rfc-editor.org/errata/eid5696>. | |||
| Acknowledgments | Acknowledgments | |||
| We would like to thank Russ Housley, Mike Jenkins, and Corey Bonnell | We would like to thank Russ Housley, Mike Jenkins, and Corey Bonnell | |||
| for the comments. | for their comments. | |||
| Authors' Addresses | Authors' Addresses | |||
| Sean Turner | Sean Turner | |||
| sn3rd | sn3rd | |||
| Email: sean@sn3rd.com | Email: sean@sn3rd.com | |||
| Simon Josefsson | Simon Josefsson | |||
| SJD AB | SJD AB | |||
| Email: simon@josefsson.org | Email: simon@josefsson.org | |||
| End of changes. 32 change blocks. | ||||
| 95 lines changed or deleted | 86 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||