PKIX Working Group                                         A. Arsenault Internet Draft                                               Diversinet Document: draft-ietf-pkix-roadmap-09.txt                      S. Turner Expires: January, 2003                                             IECA                                                               July 2002              Internet X.509 Public Key Infrastructure: Roadmap   Status of this Memo        This document is an Internet-Draft and is in full conformance with    all provisions of Section 10 of [RFC2026].        This document is an Internet-Draft. Internet-Drafts are working    documents of the Internet Engineering Task Force (IETF), its areas,    and its working groups. Note that other groups may also distribute    working documents as Internet-Drafts.         Internet-Drafts are draft documents valid for a maximum of six    months and may be updated, replaced, or obsoleted by other documents    at any time. It is inappropriate to use Internet-Drafts as reference    material or to cite them other than as "work in progress."        The list of current Internet-Drafts can be accessed at    http://www.ietf.org/ietf/1id-abstracts.txt         The list of Internet-Draft Shadow Directories can be accessed at    http://www.ietf.org/shadow.html.        This draft is being discussed on the 'ietf-pkix' mailing list. To    subscribe, send a message to ietf-pkix-request@imc.org with the    single word subscribe in the body of the message. There is a Web    site for the mailing list at <http://www.imc.org/ietf-pkix/>.         Abstract        This document provides an overview or "roadmap" of the work done by    the IETF PKIX working group. It describes some of the terminology    used in the working group's documents, and the theory behind an    X.509-based Public Key Infrastructure, Privilege Management    Infrastructure (PMI), and Time Stamping and Data Certification    Infrastructures. It identifies each document developed by the PKIX    working group, and describes the relationships among the various    documents. It also provides advice to would-be PKIX implementors    about some of the issues discussed at length during PKIX development,    in hopes of making it easier to build implementations that will    actually interoperate.            Arsenault, Turner                                                    1  Internet-Draft                PKIX Roadmap                  July 2002    1 INTRODUCTION.....................................................3    1.1 THIS DOCUMENT..................................................3    1.2 TERMINOLOGY....................................................3    1.3 HISTORY........................................................5    2 PKI..............................................................8    2.1 THEORY.........................................................8    2.2 ARCHITECTURE MODEL.............................................9    2.3 PUBLIC KEY CERTIFICATES.......................................11    2.4 FUNCTIONS OF A PKI............................................11    2.4.1 REGISTRATION................................................11    2.4.2 INITIALIZATION..............................................12    2.4.3 CERTIFICATION...............................................12    2.4.4 KEY PAIR RECOVERY...........................................12    2.4.5 KEY GENERATION..............................................12    2.4.6 KEY UPDATE..................................................13    2.4.6.1 KEY EXPIRY................................................13    2.4.6.2 KEY COMPROMISE............................................13    2.4.7 CROSS-CERTIFICATION.........................................14    2.4.8 REVOCATION..................................................14    2.4.9 CERTIFICATE & REVOCATION NOTICE DISTRIBUTION & PUBLICATION..15    3 PMI.............................................................16    3.1 THEORY........................................................16    3.2 ARCHITECTURAL MODEL...........................................16    3.3 ATTRIBUTE CERTIFICATES........................................17    4 PKIX DOCUMENTS..................................................18    4.1 PROFILES......................................................18    4.2 OPERATIONAL PROTOCOLS.........................................22    4.3 MANAGEMENT PROTOCOLS..........................................25    4.4 POLICY OUTLINE................................................28    4.4 TIME STAMPING AND DATA CERTIFICATION..........................28    4.5 EXPIRED DRAFTS................................................32    5 IMPLEMENTATION ADVICE...........................................36    5.1 NAMES.........................................................36    5.1.1 NAME FORMS..................................................36    5.1.1.1 DISTINGUISHED NAMES.......................................36    5.1.1.2 SUBJECTALTNAME FORMS......................................37    5.1.1.2.1 INTERNET E-MAIL ADDRESSES...............................37    5.1.1.2.2 DNS NAMES...............................................38    5.1.1.2.4 URIS....................................................38    5.1.2 SCOPE OF NAMES..............................................38    5.1.3 CERTIFICATE PATH CONSTRUCTION...............................39    5.1.4 NAME CONSTRAINTS............................................40    5.1.4.1 RFC822NAMES...............................................41    5.1.4.2 DNSNAMES..................................................41    5.1.4.3 X.400 ADDRESSES...........................................42    5.1.4.5 DNS.......................................................42    5.1.4.6 URIS......................................................42    5.1.4.7 IPADDRESSES...............................................43    5.1.4.8 OTHERS....................................................43    5.1.5 WILDCARDS IN NAME FORMS.....................................43    5.1.6 NAME ENCODING...............................................44    5.2 POP...........................................................44    5.2.1 POP FOR SIGNING KEYS........................................44  Arsenault, Turner                                                    2  Internet-Draft                PKIX Roadmap                  July 2002    5.2.2 POP FOR KEY MANAGEMENT KEYS.................................45    5.3 KEY USAGE BITS................................................47    5.4 NON-REPUDIATION...............................................48    5.5 TRUST MODELS..................................................49    5.5.1 HIERARCHICAL................................................49    5.5.2 LOCAL/FEDERATION............................................49    5.5.3 ROOT REPOSITORY.............................................50    5.5.4 RP'S PERSPECTIVE............................................50    6 REFERENCES......................................................50    7 SECURITY CONSIDERATIONS.........................................54    8 ACKNOWLEDGEMENTS................................................55    9 AUTHOR'S ADDRESSES..............................................55         1 Introduction     1.1 This Document        This document is an informational Internet-Draft that provides a    "roadmap" to the documents produced by the PKIX working group. It is    intended to provide information; there are no requirements or    specifications in this document.        Section 1.2 of this document defines key terms used in this document.    Section 1.3 covers some of the basic history behind the PKIX working    group. Section 2 covers Public Key Infrastructure (PKI) theory and    functions. Section 3 covers Privilege Management Infrastructure (PMI)    theory and functions. Section 4 provides an overview of the various    PKIX documents. It identifies which documents address which areas,    and describes the relationships among the various documents. Section    5 contains "Advice to implementors." Its primary purpose is to    capture some of the major issues discussed by the PKIX working group,    as a way of explaining why some of the requirements and    specifications say what they say. This explaination should cut down    on the number of misinterpretations of the documents, and help    developers build interoperable implementations. Section 6 contains a    list of contributors we wish to thank. Section 7 provides a list    references. Section 8 discusses security considerations, and Section    9 provides contact information for the editors.         1.2 Terminology        There are a number of terms used and misused throughout PKI-related,    PMI-related, and Time Stamp and Data Certification literature. To    limit confusion caused by some of those terms, used throughout this    document, we will use the following terms in the following ways:          - Attribute Authority (AA) - An authority trusted by one or more        users to create and sign attribute certificates. It is important        to note that the AA is responsible for the attribute        certificates during their whole lifetime, not just for issuing        them.  Arsenault, Turner                                                    3  Internet-Draft                PKIX Roadmap                  July 2002            - Attribute Certificate (AC) - A data structure containing a set of        attributes for an end-entity and some other information, which        is digitally signed with the private key of the AA which issued        it.            - Certificate - Can refer to either an AC or a public key        certificate. Where there is no distinction made the context        should be assumed that the term could apply to both an AC or a        public key certificate.            - Certification Authority (CA) - An authority trusted by one or        more users to create and assign public key certificates.        Optionally the CA may create the user's keys. It is important to        note that the CA is responsible for the public key certificates        during their whole lifetime, not just for issuing them.            - Certificate Policy (CP) - A named set of rules that indicates the        applicability of a public key certificate to a particular        community or class of application with common security        requirements. For example, a particular certificate policy might        indicate applicability of a type of public key certificate to        the authentication of electronic data interchange transactions        for the trading of goods within a given price range.            - Certification Practice Statement (CPS) - A statement of the        practices which a CA employs in issuing public key certificates.            - End-entity - A subject of a certificate who is not a CA in the        PKI or an AA in the PMI. (An EE from the PKI can be an AA in the        PMI.)            - Public Key Certificate (PKC) - A data structure containing the        public key of an end-entity and some other information, which is        digitally signed with the private key of the CA which issued it.            - Public Key Infrastructure (PKI) - The set of hardware, software,        people, policies and procedures needed to create, manage, store,        distribute, and revoke PKCs based on public-key cryptography.            - Privilege Management Infrastructure (PMI) - A collection of ACs,        with their issuing AA's, subjects, relying parties, and        repositories, is referred to as a Privilege Management        Infrastructure.            - Registration Authority (RA) - An optional entity given        responsibility for performing some of the administrative tasks        necessary in the registration of subjects, such as: confirming        the subject's identity; validating that the subject is entitled        to have the values requested in a PKC; and verifying that the        subject has possession of the private key associated with the        public key requested for a PKC.        Arsenault, Turner                                                    4  Internet-Draft                PKIX Roadmap                  July 2002      - Relying party - A user or agent (e.g., a client or server) who        relies on the data in a certificate in making decisions.            - Root CA - A CA that is directly trusted by an EE; that is,        securely acquiring the value of a Root CA public key requires        some out-of-band step(s). This term is not meant to imply that a        Root CA is necessarily at the top of any hierarchy, simply that        the CA in question is trusted directly. Note that the term        'trust anchor' is commonly used with the same meaning as 'root        CA' in this document.            - Subordinate CA - A "subordinate CA" is one that is not a Root CA        for the EE in question. Often, a subordinate CA will not be a        Root CA for any entity but this is not mandatory.            - Subject - A subject is the entity (AA, CA, or EE) named in a        certificate, either a PKC or AC. Subjects can be human users,        computers (as represented by Domain Name Service (DNS) names or        Internet Protocol (IP) addresses), or even software agents.            - Time Stamp Authority (TSA) - A TSA is a trusted Third Party who        provides a "proof-of-existence" for a particular datum prior to        an instant in time.