| draft-ietf-dnsext-rfc2538bis-05.txt | draft-ietf-dnsext-rfc2538bis-06.txt | |||
|---|---|---|---|---|
| Network Working Group S. Josefsson | Network Working Group S. Josefsson | |||
| Expires: March 12, 2006 | Obsoletes: 2538 (if approved) | |||
| Expires: March 19, 2006 | ||||
| Storing Certificates in the Domain Name System (DNS) | Storing Certificates in the Domain Name System (DNS) | |||
| draft-ietf-dnsext-rfc2538bis-05 | draft-ietf-dnsext-rfc2538bis-06 | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, each author represents that any | By submitting this Internet-Draft, each author represents that any | |||
| applicable patent or other IPR claims of which he or she is aware | applicable patent or other IPR claims of which he or she is aware | |||
| have been or will be disclosed, and any of which he or she becomes | have been or will be disclosed, and any of which he or she becomes | |||
| aware will be disclosed, in accordance with Section 6 of BCP 79. | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 1, line 33 | skipping to change at page 1, line 34 | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on March 12, 2006. | This Internet-Draft will expire on March 19, 2006. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (C) The Internet Society (2005). | Copyright (C) The Internet Society (2005). | |||
| Abstract | Abstract | |||
| Cryptographic public keys are frequently published and their | Cryptographic public keys are frequently published and their | |||
| authenticity demonstrated by certificates. A CERT resource record | authenticity demonstrated by certificates. A CERT resource record | |||
| (RR) is defined so that such certificates and related certificate | (RR) is defined so that such certificates and related certificate | |||
| skipping to change at page 2, line 20 | skipping to change at page 2, line 20 | |||
| 2.2. Text Representation of CERT RRs . . . . . . . . . . . . . 5 | 2.2. Text Representation of CERT RRs . . . . . . . . . . . . . 5 | |||
| 2.3. X.509 OIDs . . . . . . . . . . . . . . . . . . . . . . . . 6 | 2.3. X.509 OIDs . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 3. Appropriate Owner Names for CERT RRs . . . . . . . . . . . . . 6 | 3. Appropriate Owner Names for CERT RRs . . . . . . . . . . . . . 6 | |||
| 3.1. Content-based X.509 CERT RR Names . . . . . . . . . . . . 7 | 3.1. Content-based X.509 CERT RR Names . . . . . . . . . . . . 7 | |||
| 3.2. Purpose-based X.509 CERT RR Names . . . . . . . . . . . . 8 | 3.2. Purpose-based X.509 CERT RR Names . . . . . . . . . . . . 8 | |||
| 3.3. Content-based OpenPGP CERT RR Names . . . . . . . . . . . 9 | 3.3. Content-based OpenPGP CERT RR Names . . . . . . . . . . . 9 | |||
| 3.4. Purpose-based OpenPGP CERT RR Names . . . . . . . . . . . 9 | 3.4. Purpose-based OpenPGP CERT RR Names . . . . . . . . . . . 9 | |||
| 3.5. Owner names for IPKIX, ISPKI, and IPGP . . . . . . . . . . 10 | 3.5. Owner names for IPKIX, ISPKI, and IPGP . . . . . . . . . . 10 | |||
| 4. Performance Considerations . . . . . . . . . . . . . . . . . . 10 | 4. Performance Considerations . . . . . . . . . . . . . . . . . . 10 | |||
| 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 5. Contributors . . . . . . . . . . . . . . . . . . . . . . . . . 10 | |||
| 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10 | 6. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 11 | |||
| 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 | |||
| 9. Changes since RFC 2538 . . . . . . . . . . . . . . . . . . . . 12 | 9. Changes since RFC 2538 . . . . . . . . . . . . . . . . . . . . 12 | |||
| Appendix A. Copying conditions . . . . . . . . . . . . . . . . . 12 | Appendix A. Copying conditions . . . . . . . . . . . . . . . . . 12 | |||
| 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 | 10. References . . . . . . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 10.1. Normative References . . . . . . . . . . . . . . . . . . . 13 | 10.1. Normative References . . . . . . . . . . . . . . . . . . . 13 | |||
| 10.2. Informative References . . . . . . . . . . . . . . . . . . 13 | 10.2. Informative References . . . . . . . . . . . . . . . . . . 14 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 15 | Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 15 | |||
| Intellectual Property and Copyright Statements . . . . . . . . . . 16 | Intellectual Property and Copyright Statements . . . . . . . . . . 16 | |||
| 1. Introduction | 1. Introduction | |||
| Public keys are frequently published in the form of a certificate and | Public keys are frequently published in the form of a certificate and | |||
| their authenticity is commonly demonstrated by certificates and | their authenticity is commonly demonstrated by certificates and | |||
| related certificate revocation lists (CRLs). A certificate is a | related certificate revocation lists (CRLs). A certificate is a | |||
| binding, through a cryptographic digital signature, of a public key, | binding, through a cryptographic digital signature, of a public key, | |||
| a validity interval and/or conditions, and identity, authorization, | a validity interval and/or conditions, and identity, authorization, | |||
| skipping to change at page 5, line 11 | skipping to change at page 5, line 11 | |||
| The PGP type indicates an OpenPGP packet as described in [6] and its | The PGP type indicates an OpenPGP packet as described in [6] and its | |||
| extensions and successors. Two uses are to transfer public key | extensions and successors. Two uses are to transfer public key | |||
| material and revocation signatures. The data is binary, and MUST NOT | material and revocation signatures. The data is binary, and MUST NOT | |||
| be encoded into an ASCII armor. An implementation SHOULD process | be encoded into an ASCII armor. An implementation SHOULD process | |||
| transferable public keys as described in section 10.1 of [6], but it | transferable public keys as described in section 10.1 of [6], but it | |||
| MAY handle additional OpenPGP packets. | MAY handle additional OpenPGP packets. | |||
| The IPKIX, ISPKI and IPGP types indicate a URL which will serve the | The IPKIX, ISPKI and IPGP types indicate a URL which will serve the | |||
| content that would have been in the "certificate, CRL or URL" field | content that would have been in the "certificate, CRL or URL" field | |||
| of the corresponding (PKIX, SPKI or PGP) packet types. These types | of the corresponding types; PKIX, SPKI or PGP, respectively. The | |||
| are known as "indirect". These packet types MUST be used when the | IPKIX, ISPKI and IPGP types are known as "indirect". These types | |||
| content is too large to fit in the CERT RR, and MAY be used at the | MUST be used when the content is too large to fit in the CERT RR, and | |||
| implementer's discretion. They SHOULD NOT be used where the entire | MAY be used at the implementer's discretion. They SHOULD NOT be used | |||
| UDP packet would have fit in 512 bytes. | where the DNS message is 512 bytes or smaller, and could thus be | |||
| expected to fit a UDP packet. | ||||
| The URI private type indicates a certificate format defined by an | The URI private type indicates a certificate format defined by an | |||
| absolute URI. The certificate portion of the CERT RR MUST begin with | absolute URI. The certificate portion of the CERT RR MUST begin with | |||
| a null terminated URI [5] and the data after the null is the private | a null terminated URI [5] and the data after the null is the private | |||
| format certificate itself. The URI SHOULD be such that a retrieval | format certificate itself. The URI SHOULD be such that a retrieval | |||
| from it will lead to documentation on the format of the certificate. | from it will lead to documentation on the format of the certificate. | |||
| Recognition of private certificate types need not be based on URI | Recognition of private certificate types need not be based on URI | |||
| equality but can use various forms of pattern matching so that, for | equality but can use various forms of pattern matching so that, for | |||
| example, subtype or version information can also be encoded into the | example, subtype or version information can also be encoded into the | |||
| URI. | URI. | |||
| skipping to change at page 6, line 41 | skipping to change at page 6, line 42 | |||
| == 0x 03 55 04 27 | == 0x 03 55 04 27 | |||
| 3. Appropriate Owner Names for CERT RRs | 3. Appropriate Owner Names for CERT RRs | |||
| It is recommended that certificate CERT RRs be stored under a domain | It is recommended that certificate CERT RRs be stored under a domain | |||
| name related to their subject, i.e., the name of the entity intended | name related to their subject, i.e., the name of the entity intended | |||
| to control the private key corresponding to the public key being | to control the private key corresponding to the public key being | |||
| certified. It is recommended that certificate revocation list CERT | certified. It is recommended that certificate revocation list CERT | |||
| RRs be stored under a domain name related to their issuer. | RRs be stored under a domain name related to their issuer. | |||
| Following some of the guidelines below may result in the use in DNS | Following some of the guidelines below may result in DNS names with | |||
| names with characters that require DNS quoting as per section 5.1 of | characters that require DNS quoting as per section 5.1 of RFC 1035 | |||
| RFC 1035 [2]. | [2]. | |||
| The choice of name under which CERT RRs are stored is important to | The choice of name under which CERT RRs are stored is important to | |||
| clients that perform CERT queries. In some situations, the clients | clients that perform CERT queries. In some situations, the clients | |||
| may not know all information about the CERT RR object it wishes to | may not know all information about the CERT RR object it wishes to | |||
| retrieve. For example, a client may not know the subject name of an | retrieve. For example, a client may not know the subject name of an | |||
| X.509 certificate, or the e-mail address of the owner of an OpenPGP | X.509 certificate, or the e-mail address of the owner of an OpenPGP | |||
| key. Further, the client might only know the hostname of a service | key. Further, the client might only know the hostname of a service | |||
| that uses X.509 certificates or the Key ID of an OpenPGP key. | that uses X.509 certificates or the Key ID of an OpenPGP key. | |||
| Therefore, two owner name guidelines are defined: content-based owner | Therefore, two owner name guidelines are defined: content-based owner | |||
| skipping to change at page 10, line 11 | skipping to change at page 10, line 11 | |||
| auxiliary data that may be available. In this case, use of an owner | auxiliary data that may be available. In this case, use of an owner | |||
| name identical to the key fingerprint and the key ID expressed in | name identical to the key fingerprint and the key ID expressed in | |||
| hexadecimal [15] is recommended. Example: | hexadecimal [15] is recommended. Example: | |||
| $ORIGIN example.org. | $ORIGIN example.org. | |||
| 0424D4EE81A0E3D119C6F835EDA21E94B565716F IN CERT PGP ... | 0424D4EE81A0E3D119C6F835EDA21E94B565716F IN CERT PGP ... | |||
| F835EDA21E94B565716F IN CERT PGP ... | F835EDA21E94B565716F IN CERT PGP ... | |||
| B565716F IN CERT PGP ... | B565716F IN CERT PGP ... | |||
| If the same key material is stored for several owner names, the use | If the same key material is stored for several owner names, the use | |||
| of CNAME may be used to avoid data duplication. Note that CNAME is | of CNAME may help to avoid data duplication. Note that CNAME is not | |||
| not always applicable, because it maps one owner name to the other | always applicable, because it maps one owner name to the other for | |||
| for all purposes, which may be sub-optimal when two keys with the | all purposes, which may be sub-optimal when two keys with the same | |||
| same Key ID are stored. | Key ID are stored. | |||
| 3.5. Owner names for IPKIX, ISPKI, and IPGP | 3.5. Owner names for IPKIX, ISPKI, and IPGP | |||
| These types are stored under the same owner names, both purpose- and | These types are stored under the same owner names, both purpose- and | |||
| content-based, as the PKIX, SPKI and PGP types. | content-based, as the PKIX, SPKI and PGP types. | |||
| 4. Performance Considerations | 4. Performance Considerations | |||
| Current Domain Name System (DNS) implementations are optimized for | The Domain Name System (DNS) protocol was designed for small | |||
| small transfers, typically not more than 512 bytes including | transfers, typically below 512 bytes. While larger transfers will | |||
| overhead. While larger transfers will perform correctly and work is | perform correctly and work is underway to make larger transfers more | |||
| underway to make larger transfers more efficient, it is still | efficient, it is still advisable at this time to make every | |||
| advisable at this time to make every reasonable effort to minimize | reasonable effort to minimize the size of certificates stored within | |||
| the size of certificates stored within the DNS. Steps that can be | the DNS. Steps that can be taken may include using the fewest | |||
| taken may include using the fewest possible optional or extension | possible optional or extension fields and using short field values | |||
| fields and using short field values for necessary variable length | for necessary variable length fields. | |||
| fields. | ||||
| The RDATA field in the DNS protocol may only hold data of size 65535 | The RDATA field in the DNS protocol may only hold data of size 65535 | |||
| octets (64kb) or less. This means that each CERT RR MUST NOT contain | octets (64kb) or less. This means that each CERT RR MUST NOT contain | |||
| more than 64kb of payload, even if the corresponding certificate or | more than 64kb of payload, even if the corresponding certificate or | |||
| certificate revocation list is larger. This document addresses this | certificate revocation list is larger. This document addresses this | |||
| by defining "indirect" data types for each normal type. | by defining "indirect" data types for each normal type. | |||
| Deploying CERT RRs to support digitally signed e-mail change the | ||||
| access patterns of DNS lookups from per-domain to per-user. If | ||||
| digitally signed e-mail, and a key/certificate lookup based on CERT | ||||
| RRs, is deployed on a wide scale, this may lead to an increased DNS | ||||
| load, with potential performance and cache effectiveness | ||||
| consequencess. Whether this load increase will be noticable or not | ||||
| is not known. | ||||
| 5. Contributors | 5. Contributors | |||
| The majority of this document is copied verbatim from RFC 2538, by | The majority of this document is copied verbatim from RFC 2538, by | |||
| Donald Eastlake 3rd and Olafur Gudmundsson. | Donald Eastlake 3rd and Olafur Gudmundsson. | |||
| 6. Acknowledgements | 6. Acknowledgements | |||
| Thanks to David Shaw and Michael Graff for their contributions to | Thanks to David Shaw and Michael Graff for their contributions to | |||
| earlier works that motivated, and served as inspiration for, this | earlier works that motivated, and served as inspiration for, this | |||
| document. | document. | |||
| This document was improved by suggestions and comments from Olivier | This document was improved by suggestions and comments from Olivier | |||
| Dubuisson, Peter Koch, Olaf M. Kolkman, Ben Laurie, Edward Lewis, | Dubuisson, Peter Koch, Olaf M. Kolkman, Ben Laurie, Edward Lewis, | |||
| Marcos Sanz, Jason Sloderbeck, Samuel Weiler, and Florian Weimer. No | Douglas Otis, Marcos Sanz, Jason Sloderbeck, Samuel Weiler, and | |||
| doubt the list is incomplete. We apologize to anyone we left out. | Florian Weimer. No doubt the list is incomplete. We apologize to | |||
| anyone we left out. | ||||
| 7. Security Considerations | 7. Security Considerations | |||
| By definition, certificates contain their own authenticating | By definition, certificates contain their own authenticating | |||
| signature. Thus, it is reasonable to store certificates in non- | signature. Thus, it is reasonable to store certificates in non- | |||
| secure DNS zones or to retrieve certificates from DNS with DNS | secure DNS zones or to retrieve certificates from DNS with DNS | |||
| security checking not implemented or deferred for efficiency. The | security checking not implemented or deferred for efficiency. The | |||
| results may be trusted if the certificate chain is verified back to a | results may be trusted if the certificate chain is verified back to a | |||
| known trusted key and this conforms with the user's security policy. | known trusted key and this conforms with the user's security policy. | |||
| skipping to change at page 11, line 32 | skipping to change at page 11, line 39 | |||
| verifying the certificate chain if this conforms with the user's | verifying the certificate chain if this conforms with the user's | |||
| security policy. | security policy. | |||
| If an organization chooses to issue certificates for its employees, | If an organization chooses to issue certificates for its employees, | |||
| placing CERT RR's in the DNS by owner name, and if DNSSEC (with NSEC) | placing CERT RR's in the DNS by owner name, and if DNSSEC (with NSEC) | |||
| is in use, it is possible for someone to enumerate all employees of | is in use, it is possible for someone to enumerate all employees of | |||
| the organization. This is usually not considered desirable, for the | the organization. This is usually not considered desirable, for the | |||
| same reason enterprise phone listings are not often publicly | same reason enterprise phone listings are not often publicly | |||
| published and are even mark confidential. | published and are even mark confidential. | |||
| When the URI type is used, it should be understood that it introduces | Using the URI type introduces another level of indirection that may | |||
| an additional indirection that may allow for a new attack vector. | open a new vulnerability. One method to secure that indirection is | |||
| One method to secure that indirection is to include a hash of the | to include a hash of the certificate in the URI itself. | |||
| certificate in the URI itself. | ||||
| If DNSSEC is used, then the non-existence of a CERT RR and, | If DNSSEC is used, then the non-existence of a CERT RR and, | |||
| consequently, certificates or revocation lists can be securely | consequently, certificates or revocation lists can be securely | |||
| asserted. Without DNSSEC, this is not possible. | asserted. Without DNSSEC, this is not possible. | |||
| 8. IANA Considerations | 8. IANA Considerations | |||
| Certificate types 0x0000 through 0x00FF and 0xFF00 through 0xFFFF can | Certificate types 0x0000 through 0x00FF and 0xFF00 through 0xFFFF can | |||
| only be assigned by an IETF standards action [7]. This document | only be assigned by an IETF standards action [7]. This document | |||
| assigns 0x0001 through 0x0006 and 0x00FD and 0x00FE. Certificate | assigns 0x0001 through 0x0006 and 0x00FD and 0x00FE. Certificate | |||
| types 0x0100 through 0xFEFF are assigned through IETF Consensus [7] | types 0x0100 through 0xFEFF are assigned through IETF Consensus [7] | |||
| based on RFC documentation of the certificate type. The availability | based on RFC documentation of the certificate type. The availability | |||
| of private types under 0x00FD and 0x00FE should satisfy most | of private types under 0x00FD and 0x00FE ought to satisfy most | |||
| requirements for proprietary or private types. | requirements for proprietary or private types. | |||
| The CERT RR reuses the DNS Security Algorithm Numbers registry. In | The CERT RR reuses the DNS Security Algorithm Numbers registry. In | |||
| particular, the CERT RR requires that algorithm number 0 remain | particular, the CERT RR requires that algorithm number 0 remain | |||
| reserved, as described in Section 2. The IANA is directed to | reserved, as described in Section 2. The IANA is directed to | |||
| reference the CERT RR as a user of this registry and value 0, in | reference the CERT RR as a user of this registry and value 0, in | |||
| particular. | particular. | |||
| 9. Changes since RFC 2538 | 9. Changes since RFC 2538 | |||
| End of changes. | ||||
This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ | ||||