Hash Of Root Key Certificate Extension
draft-ietf-lamps-hash-of-root-key-cert-extn-07

[Ballot comment]
Thank you for addressing my Discuss (and Comment) points!

It looks like the ASN.1 module changes from the -05 to the -06
left a stale definition of HashAlgorithmId (but if it is not stale
then the import of DIGEST-ALGORITHM would need to be restored).

[Ballot discuss]
After further reflection, I think we need to resurrect the discussion
sparked by DKG's last-call review.  Specifically, in Section 5 when we
consider the case that there is not a directory service/repository
available, we give guidance to "the recipient" and "recipients".  But in
at least some cases, there are two tiers of recipients/relying parties,
that have different properties, as in the web PKI situation.
Specifically, web server operators rely on root CAs to certify the
certificates that they present to TLS clients.  But we also consider the
TLS clients themselves, which may not have a direct path to receiving
the updated root CA self-signed certificate, and because of the
different ways these different types of recipient rely on root CA
information, the order in which they update can cause breakage.  We do
not necessarily need to present a clear solution that will always avoid
this breakage, but I do think we need to at least discuss the
possibility of such scenarios.

To consider a concrete case, consider a system with a TLS client ("A"),
a TLS server ("B"), and the root CA ("C").  C issues (potentially via
intermediates) an end-entity certificate for B, and we consider a case
where A initiates TLS connections to B.  Initially, C has the root
CA/key at C1, and is initiating a transition to C2; before the
transition both A and B have C1 in their trusted store.  When A receives
C2, it can perform the requisite validation and add C2 to its trust
store for use potentially validating incoming certificate chains.  When
B receives C2, it can similarly perform the requisite validation and add
C2 to its trust store, but B's trust store is used for validating
*outgoing* certificate chains, not (just) incoming ones.  If B were to
keep C2 in its trust store and construct an outgoing certificate chain
based on C2 (and omitting oldWithNew and newWithOld), before A has
received C2, then the TLS handshake fails!

If A had access to C2, or to oldWithnew/NewWithOld, then it would still
be able to validate B's certificate chain, but this document (and RFC
4210) do not give guidance that B should transmit newWithOld to A,
leaving open this scenario for breakage.

My current inclination is to add some text to this document acknowleding
the potential for a chain of relying parties, and recommending that the
"intermediate parties" in the scenario make newWithOld/oldWithNew available until
the notAfter time from oldWithNew, but I am of course open to further
discussion/suggestions.


Separately, I just want to quickly check that the id-ce-hashOfRootKey
OID has been properly allocated and recorded, as I couldn't find
evidence to indicate that in a quick search.  I assume this is the
origin of the CTIA acknowledgment that Alissa mentions, but there's not
quite enough there to connect the dots.

[Ballot comment]
Section 1.1

Please use the boilerplate from RFC 8174 (yes, I read the shepherd writeup).

Section 1.2

side note: this claim about "always encoded with DER" seems a bit
optimistic unless scoped down to a specific context.

Section 5

  After issuing the oldWithNew and newWithOld certificates, the Root CA
  MUST stop using the old private key to sign certificates.

Isn't this only relevant for newWithOld?  We don't need to use the old
private key to sign certificates to make a certification of the old key
signed by the new key.

  Changing names from one generation to another can lead to confusion
  when reviewing the history of a trust anchor store.  To assist with
  such review, a recipient MAY create an audit entry to capture the old
  and replacement self-signed certificates.

It seems like there may be non-name changes that might also cause
confusion (or worse); do we want to mention this possibility and/or the
recipient's duty to check for unexpected changes?

Section 6

I think some explicit guidance is needed about there being a critical
operational issue in the (unexpected) case of the cryptographic
breakdown of the hash function used to compute HashedRootKey.  The
current discussion of needing a hash function that is preimage-resistant
is good, of course, but some indication of the consequences if a has
function becomes bad during the course of use (or a bad hash function is
chosen initially) seems to be in order.

I also agree with the secdir reviewer that some guidance about how to
know that the first trasition is complete would be nice (in the absence
of the RFC 4210 transition process), but understand that such guidance
is hard to give.

[Ballot comment]
THank you for writing this -- I was initially fairly uncomfortable that this could be used if a CA's keys were ever compromised by an attacker to persist their access (they could publish a new certificate to a captive population listing a new key which they control), but I *think* that this is addressed / is true of the current situation. Things like RFC5011 include hold-down timers to mitigate this type of isse, but I *think* that this isn't needed here, because this isn't (from what I parse) rollover, just an assertion of what to expect for the next key (delivered though some other means).

[Ballot comment]
Useful stuff and well written; thanks very much.

I, too, wonder why this isn't Proposed Standard (and why the shepherd writeup doesn't explain that).

[Ballot comment]
Why is the intended status informational? Unfortunately, this is not further explained in the shepherd write-up. What was the discussion in the group and why was informational selected? As this doc defines a protocol extension, informational does not seem appropriate for me. Should it be experimental instead?

Quick question/comment: The document mentions two “error” cases where a new self-signed certificate needs to be deployed. If that is an option that always need to be taken into account, the benefits of this mechanism are less clear to me. What is the exact attack scenarios this mechanism tries to protect?

[Ballot comment]
I would appreciate if one could explain why this document is being published as an informational one. I am sure there are reasons, but they are not evident from the writeup.

(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has reviewed draft-ietf-lamps-hash-of-root-key-cert-extn-02, which is currently in Last Call, and has the following comments:

We understand that this document doesn't require any registry actions.

While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, we do not object.

If this assessment is not accurate, please respond as soon as possible.

Thank you,

Sabrina Tanamal
Senior IANA Services Specialist

The following Last Call announcement was sent out (ends 2019-01-10):

From: The IESG
To: IETF-Announce
CC: lamps-chairs@ietf.org, ekr@rtfm.com, draft-ietf-lamps-hash-of-root-key-cert-extn@ietf.org, spasm@ietf.org, Tim Hollebeek , tim.hollebeek@digicert.com
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (Hash Of Root Key Certificate Extension) to Informational RFC


The IESG has received a request from the Limited Additional Mechanisms for
PKIX and SMIME WG (lamps) to consider the following document: - 'Hash Of Root
Key Certificate Extension'
  as Informational RFC

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2019-01-10. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


  This document specifies the Hash Of Root Key certificate extension.
  This certificate extension is carried in the self-signed certificate
  for a trust anchor, which is often called a Root Certification
  Authority (CA) certificate.  This certificate extension unambiguously
  identifies the next public key that will be used by the trust anchor
  at some point in the future.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-lamps-hash-of-root-key-cert-extn/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-lamps-hash-of-root-key-cert-extn/ballot/


No IPR declarations have been submitted directly on this I-D.

(1) What type of RFC is being requested (BCP, Proposed Standard, Internet Standard, Informational, Experimental, or Historic)?  Why is this the proper type of RFC?  Is this type of RFC indicated in the title page header?

  Informational.  Yes, the title page indicates that type of RFC.
 

(2) The IESG approval announcement includes a Document Announcement Write-Up.  Please provide such a Document Announcement Write-Up.  Recent examples can be found in the "Action" announcements for approved documents.  The approval announcement contains the following sections:

  Technical Summary:

  This document specifies the Hash Of Root Key certificate extension.
  This certificate extension is carried in the self-signed certificate
  for a trust anchor, which is often called a Root Certification
  Authority (CA) certificate.  This certificate extension unambiguously
  identifies the next public key that will be used by the trust anchor
  at some point in the future.

  Working Group Summary:

    There is consensus for this document in the LAMPS WG.

  Document Quality:

    This extension is part of the specifications that will be used
    in at least one new PKI.  In addition, the Secure Electronic
    Transaction (SET) specification published by MasterCard and VISA
    in 1997 includes a very similar certificate extension.  The SET
    certificate extension has essentially the same semantics, but the
    syntax fairly different.

  Personnel:

    Tim Hollebeek is the document shepherd.
    Eric Rescorla is the responsible area director.


(3) Briefly describe the review of this document that was performed by the Document Shepherd.  If this version of the document is not ready for publication, please explain why the document is being forwarded to the IESG.

  The document shepherd and other LAMPS WG participants reviewed the
  document during WG Last Call.  All issues raised have been resolved.


(4) Does the document Shepherd have any concerns about the depth or breadth of the reviews that have been performed?

  No concerns.


(5) Do portions of the document need review from a particular or from broader perspective, e.g., security, operational complexity, AAA, DNS, DHCP, XML, or internationalization?  If so, describe the review that took place.

  No special review needed.


(6) Describe any specific concerns or issues that the Document Shepherd has with this document that the Responsible Area Director and/or the IESG should be aware of?  For example, perhaps he or she is uncomfortable with certain parts of the document, or has concerns whether there really is a need for it.  In any event, if the WG has discussed those issues and has indicated that it still wishes to advance the document, detail those concerns here.

  No concerns.


(7) Has each author confirmed that any and all appropriate IPR disclosures required for full conformance with the provisions of BCP 78 and BCP 79 have already been filed.  If not, explain why?

  The author explicitly stated that he is unaware of any unexpired
  IPR related to this document.


(8) Has an IPR disclosure been filed that references this document?  If so, summarize any WG discussion and conclusion regarding the IPR disclosures.

  No IPR disclosures have been submitted against this Internet-Draft.


(9) How solid is the WG consensus behind this document?  Does it represent the strong concurrence of a few individuals, with others being silent, or does the WG as a whole understand and agree with it?

  There is consensus for this Informational document in the LAMPS WG.


(10) Has anyone threatened an appeal or otherwise indicated extreme discontent?  If so, please summarise the areas of conflict in separate email messages to the Responsible Area Director.  (It should be in a separate email because this questionnaire is publicly available.)

  No one has threatened an appeal.


(11) Identify any ID nits the Document Shepherd has found in this document.  (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts Checklist).  Boilerplate checks are not enough; this check needs to be thorough.

  IDnits 2.16.0 is reporting an error in the RFC 2119 boilerplate
  because there is not a space between the two references in
  "[RFC2119][RFC8174]".


(12) Describe how the document meets any required formal review criteria, such as the MIB Doctor, media type, and URI type reviews.

  None needed.


(13) Have all references within this document been identified as either normative or informative?

  Yes, the references are divided into normative and informative.


(14) Are there normative references to documents that are not ready for advancement or are otherwise in an unclear state?  If such normative references exist, what is the plan for their completion?

  All references are already published.


(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in the Last Call procedure.

  There are no downward references.


(16) Will publication of this document change the status of any existing RFCs?  Are those RFCs listed on the title page header, listed in the abstract, and discussed in the introduction?  If the RFCs are not listed in the Abstract and Introduction, explain why, and point to the part of the document where the relationship of this document to the other RFCs is discussed.  If this information is not in the document, explain why the WG considers it unnecessary.

  Publication of this document will not change the status of any
  other document.


(17) Describe the Document Shepherd's review of the IANA considerations section, especially with regard to its consistency with the body of the document.  Confirm that all protocol extensions that the document makes are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly identified.
Confirm that newly created IANA registries include a detailed specification of the initial contents for the registry, that allocations procedures for future registrations are defined, and a reasonable name for the new registry has been suggested (see RFC 5226).

  No IANA updates or additions are needed.


(18) List any new IANA registries that require Expert Review for future allocations.  Provide any public guidance that the IESG would find useful in selecting the IANA Experts for these new registries.

  No new IANA registries are needed.


(19) Describe reviews and automated checks performed by the Document Shepherd to validate sections of the document written in a formal language, such as XML code, BNF rules, MIB definitions, etc.

  ASN.1 is used, and the module in Appendix A compiles without
  errors or warnings.