Extended Key Usage Constraints
draft-housley-spasm-eku-constraints-00

INTERNET-DRAFT                                                R. Housley
Intended Status: Standards Track                          Vigil Security
Updates: RFC 5280 (if approved)
Expires: 14 November 2016                                    13 May 2016

                     Extended Key Usage Constraints
                 draft-housley-spasm-eku-constraints-00

Abstract

   This document specifies the extended key usage constraints
   certificate extension, which is used to place restrictions on the key
   purpose identifiers that are authorized to appear in subsequent
   certificates in a certification path.  Restrictions apply to the
   extended key usage certificate extension, which is described in RFC
   5280.

Status of this Memo

   This Internet-Draft is submitted to IETF in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF), its areas, and its working groups.  Note that
   other groups may also distribute working documents as
   Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   The list of current Internet-Drafts can be accessed at
   http://www.ietf.org/1id-abstracts.html

   The list of Internet-Draft Shadow Directories can be accessed at
   http://www.ietf.org/shadow.html

Copyright and License Notice

   Copyright (c) 2016 IETF Trust and the persons identified as the
   document authors. All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document. Please review these documents

Housley                 Expires 14 November 2016                [Page 1]
INTERNET-DRAFT               EKU Constraints                 13 May 2016

   carefully, as they describe your rights and restrictions with respect
   to this document. Code Components extracted from this document must
   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

1  Introduction

   This document specifies the extended key usage constraints
   certificate extension, which is used to place restrictions on the key
   purpose identifiers that are authorized to appear in subsequent
   certificates in a certification path.  Restrictions apply to the
   extended key usage certificate extension, which is described in
   Section 4.2.1.12 of RFC 5280 [RFC5280].

1.1  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in RFC 2119 [RFC2119].

1.2.  ASN.1

   Certificates are generated using ASN.1 [X680], which uses the Basic
   Encoding Rules (BER) and the Distinguished Encoding Rules (DER)
   [X690].

2.  Extended Key Usage Constraints Certificate Extension

   The extended key usage (EKU) constraints certificate extension, which
   MUST be used only in a CA certificate, indicates the extended key
   usage values that are authorized to appear in subsequent certificates
   in a certification path.  Restrictions apply to the extended key
   usage certificate extension, which is described in Section 4.2.1.12
   of RFC 5280 [RFC5280].

   Restrictions are defined in terms of permitted or excluded key
   purpose identifiers.  Any key purpose identifier matching an entry in
   the excludedKeyPurposeIds field is invalid regardless of information
   appearing in the permittedKeyPurposeIds.

   Conforming CAs MUST mark this extension as critical, and conforming
   CAs MUST NOT issue certificates where this extension is an empty
   sequence.  That is, either the permittedKeyPurposeIds field or the
   excludedKeyPurposeIds field MUST be present.

   Conforming applications MUST be able to process this extension.  If
   any CA certificate in the certification path includes an EKU

Housley                 Expires 14 November 2016                [Page 2]
INTERNET-DRAFT               EKU Constraints                 13 May 2016

   constraints extension that is marked as critical, and the end-entity
   certificate includes an extended key usage certificate extension,
   then the application MUST either process the EKU constraint or reject
   the certificate.

      ekuConstraints EXTENSION ::= { SYNTAX EKUConstraints
          IDENTIFIED BY id-ce-ekuConstraints }

      id-ce-ekuConstraints OBJECT IDENTIFIER ::=  { id-ce TBD }

      EKUConstraints ::= SEQUENCE {
          permittedKeyPurposeIds   [0] KeyPurposeIds OPTIONAL,
          excludedKeyPurposeIds    [1] KeyPurposeIds OPTIONAL }

      KeyPurposeIds ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId

3.  Basic Path Validation

   Certification path validation is described in Section 6.1 of RFC 5280
   [RFC5280].  Certification path processing verifies the binding
   between the subject name and the subject public key.  The binding is
   limited by constraints that are specified in the certificates that
   comprise the path and inputs that are specified by the relying party.

   This section extends to path processing to include EKU constraints.

3.1.  Inputs

   No additional inputs are needed.

3.2. Initialization

   Two additional values are initialized.

   (l)  permitted_key_purpose_ids:  a set of key purpose identifiers;
        all of the key purpose identifiers in the end-entity certificate
        MUST be included in this set.  If the set is empty, then the
        certification path will be considered invalid if the end-entity
        certificate includes an extended key usage extension.  The
        initial value is a special value that represents the universal
        set.

   (m)  excluded_key_purpose_ids:  a set of key purpose identifiers; the
        key purpose identifiers in the end-entity certificate MUST NOT
        be included in this set.  If the set is empty, then no key
        purpose identifiers are excluded. The initial value is a is the
        empty set.

Housley                 Expires 14 November 2016                [Page 3]
INTERNET-DRAFT               EKU Constraints                 13 May 2016

3.3.  Basic Certificate Processing

   No additional processing steps are needed.

3.4. Preparation for Certificate i+1

   One additional processing step is needed.

   (p)  If a EKU constraints extension is included in the certificate,
        then modify the permitted_key_purpose_ids and
        excluded_key_purpose_ids state variables as follows:

        (1)  If permittedKeyPurposeIds is present in the certificate,
             set the permitted_key_purpose_ids state variable to the
             intersection of its previous value and the value indicated
             in the extension field.

        (2)  If excludedKeyPurposeIds is present in the certificate, set
             the excluded_key_purpose_ids state variable to the union of
             its previous value and the value indicated in the extension
             field.

3.5. Wrap-Up Procedure

   One additional processing step is needed.

   (h)  If the EKU extension is included in the end-entity certificate,
        then confirm that the values meet the restrictions in the
        permitted_key_purpose_ids and excluded_key_purpose_ids state
        variables as follows:

        (1)  If permitted_key_purpose_ids state variable is not special
             value that represents the universal set, then confirm that
             all of the key purpose identifiers are present in the set.
             If any are missing, then returning a failure indication and
             an appropriate reason.

        (2)  If excluded_key_purpose_ids state variable is not empty,
             then confirm that none of the key purpose identifiers are
             present in the set.  If any are present, then returning a
             failure indication and an appropriate reason.

3.6. Outputs

   No additional output values are returned.

Housley                 Expires 14 November 2016                [Page 4]
INTERNET-DRAFT               EKU Constraints                 13 May 2016

4.  IANA Considerations

   Please assign an object identifier for the certificate extension
   specified in this document.  Once the ASN.1 module is added, then an
   object identifier for that will be needed too.

5.  Security Considerations

   TBD

6.  Normative References

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119, DOI
              10.17487/RFC2119, March 1997, <http://www.rfc-
              editor.org/info/rfc2119>.

   [RFC5280]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
              Housley, R., and W. Polk, "Internet X.509 Public Key
              Infrastructure Certificate and Certificate Revocation List
              (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
              <http://www.rfc-editor.org/info/rfc5280>.

Appendix: ASN.1 Module

   TBD

Author's Address

   Russell Housley
   Vigil Security, LLC
   918 Spring Knoll Drive
   Herndon, VA 20170
   USA
   EMail: housley@vigilsec.com

Housley                 Expires 14 November 2016                [Page 5]