-
Notifications
You must be signed in to change notification settings - Fork 1
/
draft-ietf-anima-brski-async-enroll-05.txt
1680 lines (1121 loc) · 67.9 KB
/
draft-ietf-anima-brski-async-enroll-05.txt
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
ANIMA WG D. von Oheimb, Ed.
Internet-Draft S. Fries
Intended status: Standards Track H. Brockhaus
Expires: 8 September 2022 Siemens
E. Lear
Cisco Systems
7 March 2022
BRSKI-AE: Alternative Enrollment Protocols in BRSKI
draft-ietf-anima-brski-async-enroll-05
Abstract
This document enhances Bootstrapping Remote Secure Key Infrastructure
(BRSKI, [RFC8995]) to allow employing alternative enrollment
protocols, such as CMP.
Using self-contained signed objects, the origin of enrollment
requests and responses can be authenticated independently of message
transfer. This supports end-to-end security and asynchronous
operation of certificate enrollment and provides flexibility where to
authenticate and authorize certification requests.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 8 September 2022.
Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved.
von Oheimb, et al. Expires 8 September 2022 [Page 1]
Internet-Draft BRSKI-AE March 2022
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
1.1. Motivation . . . . . . . . . . . . . . . . . . . . . . . 3
1.2. Supported environment . . . . . . . . . . . . . . . . . . 5
1.3. List of application examples . . . . . . . . . . . . . . 6
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 6
3. Requirements discussion and mapping to solution elements . . 7
4. Adaptations to BRSKI . . . . . . . . . . . . . . . . . . . . 10
4.1. Architecture . . . . . . . . . . . . . . . . . . . . . . 10
4.2. Message exchange . . . . . . . . . . . . . . . . . . . . 13
4.2.1. Pledge - Registrar discovery and voucher exchange . . 13
4.2.2. Registrar - MASA voucher exchange . . . . . . . . . . 13
4.2.3. Pledge - Registrar - RA/CA certificate enrollment . . 13
4.2.4. Pledge - Registrar - enrollment status telemetry . . 16
4.2.5. Addressing scheme enhancements . . . . . . . . . . . 16
4.3. Domain registrar support of alternative enrollment
protocols . . . . . . . . . . . . . . . . . . . . . . . . 16
5. Examples for signature-wrapping using existing enrollment
protocols . . . . . . . . . . . . . . . . . . . . . . . . 17
5.1. Instantiation to EST (informative) . . . . . . . . . . . 17
5.2. Instantiation to CMP (normative if CMP is chosen) . . . . 18
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18
7. Security Considerations . . . . . . . . . . . . . . . . . . . 19
8. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 19
9. References . . . . . . . . . . . . . . . . . . . . . . . . . 19
9.1. Normative References . . . . . . . . . . . . . . . . . . 19
9.2. Informative References . . . . . . . . . . . . . . . . . 20
Appendix A. Using EST for certificate enrollment . . . . . . . . 21
Appendix B. Application examples . . . . . . . . . . . . . . . . 22
B.1. Rolling stock . . . . . . . . . . . . . . . . . . . . . . 23
B.2. Building automation . . . . . . . . . . . . . . . . . . . 23
B.3. Substation automation . . . . . . . . . . . . . . . . . . 24
B.4. Electric vehicle charging infrastructure . . . . . . . . 24
B.5. Infrastructure isolation policy . . . . . . . . . . . . . 24
B.6. Sites with insufficient level of operational security . . 25
Appendix C. History of changes TBD RFC Editor: please delete . . 25
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 29
von Oheimb, et al. Expires 8 September 2022 [Page 2]
Internet-Draft BRSKI-AE March 2022
1. Introduction
1.1. Motivation
BRSKI, as defined in [RFC8995], specifies a solution for secure
automated zero-touch bootstrapping of new devices, so-called pledges.
This includes the discovery of the registrar in the target domain,
time synchronization, and the exchange of security information
necessary to establish mutual trust between pledges and the target
domain.
A pledge gains trust in the target domain via the domain registrar as
follows. It obtains security information about the domain,
specifically a domain certificate to be trusted, by requesting a
voucher object defined in [RFC8366]. Such a voucher is a self-
contained signed object originating from a Manufacturer Authorized
Signing Authority (MASA). Therefore, the voucher may be provided in
online mode (synchronously) or offline mode (asynchronously). The
pledge can authenticate the voucher because it is shipped with a
trust anchor of its manufacturer such that it can validate signatures
(including related certificates) by the MASA.
Trust by the target domain in a pledge is established by providing
the pledge with a domain-specific LDevID certificate. The
certification request of the pledge is signed using its IDevID secret
and can be validated by the target domain using the trust anchor of
the pledge manufacturer, which needs to pre-installed in the domain.
For enrolling devices with LDevID certificates, BRSKI typically
utilizes Enrollment over Secure Transport (EST) [RFC7030]. EST has
its specific characteristics, detailed in Appendix A. In particular,
it requires online or on-site availability of the RA for performing
the data origin authentication and final authorization decision on
the certification request. This type of enrollment can be called
'synchronous enrollment'. For various reasons, it may be preferable
to use alternative enrollment protocols such as the Certificate
Management Protocol (CMP) [RFC4210] profiled in
[I-D.ietf-lamps-lightweight-cmp-profile] or Certificate Management
over CMS (CMC) [RFC5272]. that are more flexible and independent of
the transfer mechanism because they represent certification request
messages as authenticated self-contained objects.
Depending on the application scenario, the required RA/CA components
may not be part of the registrar. They even may not be available on-
site but rather be provided by remote backend systems. The registrar
or its deployment site may not have an online connection with them or
the connectivity may be intermittent. This may be due to security
requirements for operating the backend systems or due to site
von Oheimb, et al. Expires 8 September 2022 [Page 3]
Internet-Draft BRSKI-AE March 2022
deployments where on-site or always-online operation may be not
feasible or too costly. In such scenarios, the authentication and
authorization of certification requests will not or can not be
performed on-site at enrollment time. In this document, enrollment
that is not performed in a (time-wise) consistent way is called
_asynchronous enrollment_. Asynchronous enrollment requires a store-
and-forward transfer of certification requests along with the
information needed for authenticating the requester. This allows
offline processing the request.
Application scenarios may also involve network segmentation, which is
utilized in industrial systems to separate domains with different
security needs. Such scenarios lead to similar requirements if the
TLS connection carrying the requester authentication is terminated
and thus request messages need to be forwarded on further channels
before the registrar/RA can authorize the certification request. In
order to preserve the requester authentication, authentication
information needs to be retained and ideally bound directly to the
certification request.
There are basically two approaches for forwarding certification
requests along with requester authentication information:
* A trusted component (e.g., a local RA) in the target domain is
needed that forwards the certification request combined with the
validated identity of the requester (e,g., its IDevID certificate)
and an indication of successful verification of the proof-of-
possession (of the corresponding private key) in a way preventing
changes to the combined information. When connectivity is
available, the trusted component forwards the certification
request together with the requester information (authentication
and proof-of-possession) for further processing. This approach
offers only hop-by-hop security. The backend PKI must rely on the
local pledge authentication result provided by the local RA when
performing the authorization of the certification request. In
BRSKI, the EST server is such a trusted component, being co-
located with the registrar in the target domain.
* Involved components use authenticated self-contained objects for
the enrollment, directly binding the certification request and the
requester authentication in a cryptographic way. This approach
supports end-to-end security, without the need to trust in
intermediate domain components. Manipulation of the request and
the requester identity information can be detected during the
validation of the self-contained signed object.
von Oheimb, et al. Expires 8 September 2022 [Page 4]
Internet-Draft BRSKI-AE March 2022
Focus of this document is the support of alternative enrollment
protocols that allow using authenticated self-contained objects for
device credential bootstrapping. This enhancement of BRSKI is named
BRSKI-AE, where AE stands for alternative enrollment protocols and
for asynchronous enrollment. This specification carries over the
main characteristics of BRSKI, namely that the pledge obtains trust
anchor information for authenticating the domain registrar and other
target domain components as well as a domain-specific X.509 device
certificate (the LDevID certificate) along with the corresponding
private key (the LDevID secret) and certificate chain.
The goals are to enhance BRSKI to
* support alternative enrollment protocols,
* support end-to-end security for enrollment, and
* make it applicable to scenarios involving asynchronous enrollment.
This is achieved by
* extending the well-known URI approach with an additional path
element indicating the enrollment protocol being used, and
* defining a certificate waiting indication and handling, for the
case that the certifying component is (temporarily) not available.
This specification can be applied to both synchronous and
asynchronous enrollment.
In contrast to BRSKI, this specification supports offering multiple
enrollment protocols on the infrastructure side, which enables
pledges and their developers to pick the preferred one.
1.2. Supported environment
BRSKI-AE is intended to be used in domains that may have limited
support of on-site PKI services and comprises application scenarios
like the following.
* There are requirements or implementation restrictions that do not
allow using EST for enrolling an LDevID certificate.
* Pledges and/or the target domain already have an established
certificate management approach different from EST that shall be
reused (e.g., in brownfield installations).
von Oheimb, et al. Expires 8 September 2022 [Page 5]
Internet-Draft BRSKI-AE March 2022
* There is no registration authority available on site in the target
domain. Connectivity to an off-site RA is intermittent or
entirely offline. A store-and-forward mechanism is used for
communicating with the off-site services.
* Authoritative actions of a local RA are limited and may not be
sufficient for authorizing certification requests by pledges.
Final authorization is done by an RA residing in the operator
domain.
1.3. List of application examples
Bootstrapping can be handled in various ways, depending on the
application domains. The informative Appendix B provides
illustrative examples from various industrial control system
environments and operational setups. They motivate the support of
alternative enrollment protocols, based on the following examples of
operational environments:
* Rolling stock
* Building automation
* Electrical substation automation
* Electric vehicle charging infrastructures
* Infrastructure isolation policy
* Sites with insufficient level of operational security
2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
This document relies on the terminology defined in [RFC8995] and
[IEEE.802.1AR_2009].The following terms are defined in addition:
EE: End entity, in the BRSKI context called pledge. It is the
entity that is bootstrapped to the target domain. It holds a
public-private key pair, for which it requests a public-key
certificate. An identifier for the EE is given as the subject
name of the certificate.
von Oheimb, et al. Expires 8 September 2022 [Page 6]
Internet-Draft BRSKI-AE March 2022
RA: Registration authority, an optional system component to which a
CA delegates certificate management functions such as
authenticating requesters and performing authorization checks on
certification requests.
CA: Certification authority, issues certificates and provides
certificate status information.
target domain: The set of entities that share a common local trust
anchor, independent of where the entities are deployed.
site: Describes the locality where an entity, e.g., pledge,
registrar, RA, CA, is deployed. Different sites can belong to the
same target domain.
on-site: Describes a component or service or functionality available
in the target deployment site.
off-site: Describes a component or service or functionality
available in an operator site different from the target deployment
site. This may be a central site or a cloud service, to which
only a temporary connection is available.
asynchronous communication: Describes a time-wise interrupted
communication between a pledge (EE) and a registrar or PKI
component.
synchronous communication: Describes a time-wise uninterrupted
communication between a pledge (EE) and a registrar or PKI
component.
authenticated self-contained object: Describes in this context an
object that is cryptographically bound to the IDevID certificate
of a pledge. The binding is assumed to be provided through a
digital signature of the actual object using the IDevID secret.
3. Requirements discussion and mapping to solution elements
There were two main drivers for the definition of BRSKI-AE:
* The solution architecture may already use or require a certificate
management protocol other than EST. Therefore, this other
protocol should be usable for requesting LDevID certificates.
* The domain registrar may not be the (final) point that
authenticates and authorizes certification requests and the pledge
may not have a direct connection to it. Therefore, certification
requests should be self-contained signed objects.
von Oheimb, et al. Expires 8 September 2022 [Page 7]
Internet-Draft BRSKI-AE March 2022
Based on the intended target environment described in Section 1.2 and
the application examples described in Appendix B, the following
requirements are derived to support authenticated self-contained
objects as containers carrying certification requests.
At least the following properties are required:
* proof-of-possession: demonstrates access to the private key
corresponding to the public key contained in a certification
request. This is typically achieved by a self-signature using the
corresponding private key.
* proof-of-identity: provides data origin authentication of the
certification request. This typically is achieved by a signature
using the IDevID secret of the pledge.
Here is an incomplete list of solution examples, based on existing
technology described in IETF documents:
* Certification request objects: Certification requests are data
structures protecting only the integrity of the contained data and
providing proof-of-possession for a (locally generated) private
key. Examples for certification request data structures are:
- PKCS#10 [RFC2986]. This certification request structure is
self-signed to protect its integrity and prove possession of
the private key that corresponds to the public key included in
the request.
- CRMF [RFC4211]. Also this certificate request message format
supports integrity protection and proof-of-possession,
typically by a self-signature generated over (part of) the
structure with the private key corresponding to the included
public key. CRMF also supports further proof-of-possession
methods for types of keys that do not support any signature
algorithm.
The integrity protection of certification request fields includes
the public key because it is part of the data signed by the
corresponding private key. Yet note that for the above examples
this is not sufficient to provide data origin authentication,
i.e., proof-of-identity. This extra property can be achieved by
an additional binding to the IDevID of the pledge. This binding
to source authentication supports the authorization decision for
the certification request. The binding of data origin
authentication to the certification request may be delegated to
the protocol used for certificate management.
von Oheimb, et al. Expires 8 September 2022 [Page 8]
Internet-Draft BRSKI-AE March 2022
* Solution options for proof-of-identity: The certification request
should be bound to an existing authenticated credential (here, the
IDevID certificate) to enable a proof of identity and, based on
it, an authorization of the certification request. The binding
may be achieved through security options in an underlying
transport protocol such as TLS if the authorization of the
certification request is (completely) done at the next
communication hop. This binding can also be done in a transport-
independent way by wrapping the certification request with
signature employing an existing IDevID. the BRSKI context, this
will be the IDevID. This requirement is addressed by existing
enrollment protocols in various ways, such as:
- EST [RFC7030] utilizes PKCS#10 to encode the certification
request. The Certificate Signing Request (CSR) optionally
provides a binding to the underlying TLS session by including
the tls-unique value in the self-signed PKCS#10 structure. The
tls-unique value results from the TLS handshake. Since the TLS
handshake includes client authentication and the pledge
utilizes its IDevID for it, the proof-of-identity is provided
by such a binding to the TLS session. This can be supported
using the EST /simpleenroll endpoint. Note that the binding of
the TLS handshake to the CSR is optional in EST. As an
alternative to binding to the underlying TLS authentication in
the transport layer, [RFC7030] sketches wrapping the CSR with a
Full PKI Request message using an existing certificate.
- SCEP [RFC8894] supports using a shared secret (passphrase) or
an existing certificate to protect CSRs based on SCEP Secure
Message Objects using CMS wrapping ([RFC5652]). Note that the
wrapping using an existing IDevID in SCEP is referred to as
renewal. Thus SCEP does not rely on the security of the
underlying transfer.
- CMP [RFC4210] supports using a shared secret (passphrase) or an
existing certificate, which may be an IDevID credential, to
authenticate certification requests via the PKIProtection
structure in a PKIMessage. The certification request is
typically encoded utilizing CRMF, while PKCS#10 is supported as
an alternative. Thus CMP does not rely on the security of the
underlying transfer protocol.
von Oheimb, et al. Expires 8 September 2022 [Page 9]
Internet-Draft BRSKI-AE March 2022
- CMC [RFC5272] also supports utilizing a shared secret
(passphrase) or an existing certificate to protect
certification requests, which can be either in CRMF or PKCS#10
structure. The proof-of-identity can be provided as part of a
FullCMCRequest, based on CMS [RFC5652] and signed with an
existing IDevID secret. Thus CMC does not rely on the security
of the underlying transfer protocol.
4. Adaptations to BRSKI
In order to support alternative enrollment protocols, asynchronous
enrollment, and more general system architectures, BRSKI-AE lifts
some restrictions of BRSKI [RFC8995]. This way, authenticated self-
contained objects such as those described in Section 3 above can be
used for certificate enrollment.
The enhancements needed are kept to a minimum in order to ensure
reuse of already defined architecture elements and interactions. In
general, the communication follows the BRSKI model and utilizes the
existing BRSKI architecture elements. In particular, the pledge
initiates communication with the domain registrar and interacts with
the MASA as usual.
4.1. Architecture
The key element of BRSKI-AE is that the authorization of a
certification request MUST be performed based on an authenticated
self-contained object. The certification request is bound in a self-
contained way to a proof-of-origin based on the IDevID.
Consequently, the authentication and authorization of the
certification request MAY be done by the domain registrar and/or by
other domain components. These components may be offline or reside
in some central backend of the domain operator (off-site) as
described in Section 1.2. The registrar and other on-site domain
components may have no or only temporary (intermittent) connectivity
to them. The certification request MAY also be piggybacked on
another protocol.
This leads to generalizations in the placement and enhancements of
the logical elements as shown in Figure 1.
von Oheimb, et al. Expires 8 September 2022 [Page 10]
Internet-Draft BRSKI-AE March 2022
+------------------------+
+--------------Drop-Ship--------------->| Vendor Service |
| +------------------------+
| | M anufacturer| |
| | A uthorized |Ownership|
| | S igning |Tracker |
| | A uthority | |
| +--------------+---------+
| ^
| |
V |
+--------+ ......................................... |
| | . . | BRSKI-
| | . +------------+ +------------+ . | MASA
| Pledge | . | Join | | Domain <-----+
| | . | Proxy | | Registrar/ | .
| <-------->............<-------> Enrollment | .
| | . | BRSKI-AE | Proxy/LRA | .
| IDevID | . | | +------^-----+ .
| | . +------------+ | .
| | . | .
+--------+ ...............................|.........
on-site "domain" components |
| e.g., RFC 4210,
| RFC 7030, ...
.............................................|.....................
. +---------------------------+ +--------v------------------+ .
. | Public-Key Infrastructure <-----+ Registration Authority | .
. | PKI CA +-----> PKI RA | .
. +---------------------------+ +---------------------------+ .
...................................................................
off-site or central "domain" components
Figure 1: Architecture overview using off-site PKI components
The architecture overview in Figure 1 has the same logical elements
as BRSKI, but with more flexible placement of the authentication and
authorization checks on certification requests. Depending on the
application scenario, the registrar MAY still do all of these checks
(as is the case in BRSKI), or part of them, or none of them.
The following list describes the on-site components in the target
domain of the pledge shown in Figure 1.
* Join Proxy: same functionality as described in BRSKI [RFC8995].
von Oheimb, et al. Expires 8 September 2022 [Page 11]
Internet-Draft BRSKI-AE March 2022
* Domain Registrar / Enrollment Proxy / LRA: in BRSKI-AE, the domain
registrar has mostly the same functionality as in BRSKI, namely to
facilitate the communication of the pledge with the MASA and the
PKI. Yet in contrast to BRSKI, the registrar offers different
enrollment protocols and MAY act as a local registration authority
(LRA) or simply as an enrollment proxy. In such cases, the domain
registrar forwards the certification request to some off-site RA
component, which performs at least part of the authorization.
This also covers the case that the registrar has only intermittent
connection and forwards the certification request to the RA upon
re-established connectivity.
Note: To support alternative enrollment protocols, the URI scheme
for addressing the domain registrar is generalized (see
Section 4.2.5).
The following list describes the components provided by the vendor or
manufacturer outside the target domain.
* MASA: general functionality as described in BRSKI [RFC8995]. The
voucher exchange with the MASA via the domain registrar is
performed as described in BRSKI.
Note: The interaction with the MASA may be synchronous (voucher
request with nonce) or asynchronous (voucher request without
nonce).
* Ownership tracker: as defined in BRSKI.
The following list describes the target domain components that can
optionally be operated in the off-site backend of the target domain.
* PKI RA: Performs certificate management functions for the domain
as a centralized public-key infrastructure for the domain
operator. As far as not already done by the domain registrar, it
performs the final validation and authorization of certification
requests.
* PKI CA: Performs certificate generation by signing the certificate
structure requested in already authenticated and authorized
certification requests.
Based on the diagram in Section 2.1 of BRSKI [RFC8995] and the
architectural changes, the original protocol flow is divided into
three phases showing commonalities and differences to the original
approach as follows.
* Discovery phase: same as in BRSKI steps (1) and (2)
von Oheimb, et al. Expires 8 September 2022 [Page 12]
Internet-Draft BRSKI-AE March 2022
* Voucher exchange phase: same as in BRSKI steps (3) and (4).
* Enrollment phase: step (5) is changed to employing an alternative
enrollment protocol that uses authenticated self-contained
objects.
4.2. Message exchange
The behavior of a pledge described in Section 2.1 of BRSKI [RFC8995]
is kept with one exception. After finishing the Imprint step (4),
the Enroll step (5) MUST be performed with an enrollment protocol
utilizing authenticated self-contained objects. Section 5 discusses
selected suitable enrollment protocols and options applicable.
4.2.1. Pledge - Registrar discovery and voucher exchange
The discovery phase and voucher exchange are applied as specified in
[RFC8995].
4.2.2. Registrar - MASA voucher exchange
This voucher exchange is performed as specified in [RFC8995].
4.2.3. Pledge - Registrar - RA/CA certificate enrollment
As stated in Section 3, the enrollment MUST be performed using an
authenticated self-contained object providing not only proof-of-
possession but also proof-of-identity (source authentication).
von Oheimb, et al. Expires 8 September 2022 [Page 13]
Internet-Draft BRSKI-AE March 2022
+--------+ +------------+ +------------+
| Pledge | | Domain | | Operator |
| | | Registrar | | RA/CA |
| | | (JRC) | | (OPKI) |
+--------+ +------------+ +------------+
/--> | |
[Optional request of CA certificates] | |
|---------- CA Certs Request ------------>| |
| [if connection to operator domain is available] |
| |-Request CA Certs ->|
| |<-CA Certs Response-|
|<-------- CA Certs Response--------------| |
/--> | |
[Optional request of attributes to be included in Cert Request] |
|---------- Attribute Request ----------->| |
| [if connection to operator domain is available] |
| |-Attribute Request->|
| |<- Attrib Response -|
|<--------- Attribute Response -----------| |
/--> | |
[Certification request] | |
|-------------- Cert Request ------------>| |
| [when connection to off-site components is unavailable] |
|<----- optional: Cert Waiting Response --| |
| | |
|-------optional: Cert Polling ---------->| |
| | |
| [when connection to off-site components is available] |
| |--- Cert Request -->|
| |<-- Cert Response --|
|<------------- Cert Response ------------| |
/--> | |
[Optional certificate confirmation] | |
|-------------- Cert Confirm ------------>| |
| |--- Cert Confirm -->|
| |<-- PKI Confirm ----|
|<------------- PKI/Registrar Confirm ----| |
Figure 2: Certificate enrollment
The following list provides an abstract description of the flow
depicted in Figure 2.
* CA Cert Request: The pledge optionally requests the latest
relevant CA certificates. This ensures that the pledge has the
complete set of current CA certificates beyond the pinned-domain-
cert (which is contained in the voucher and may be just the domain
registrar certificate).
von Oheimb, et al. Expires 8 September 2022 [Page 14]
Internet-Draft BRSKI-AE March 2022
* CA Cert Response: It MUST contain the current root CA certificate,
which typically is the LDevID trust anchor, and any additional
certificates that the pledge may need to validate certificates.
* Attribute Request: Typically, the automated bootstrapping occurs
without local administrative configuration of the pledge.
Nevertheless, there are cases in which the pledge may also include
additional attributes specific to the target domain into the
certification request. To get these attributes in advance, the
attribute request can be used.
* Attribute Response: It MUST contain the attributes to be included
in the subsequent certification request.
* Cert Request: This certification request MUST contain the
authenticated self-contained object ensuring both proof-of-
possession of the corresponding private key and proof-of-identity
of the requester.
* Cert Response: The certification response message MUST contain on
success the requested certificate and MAY include further
information, like certificates of intermediate CAs.
* Cert Waiting Response: Optional waiting indication for the pledge,
which SHOULD poll for a Cert Response after a given time. To this
end, a request identifier is necessary. The request identifier
may be either part of the enrollment protocol or can be derived
from the certification request.
* Cert Polling: This SHOULD be used by the pledge in reaction to a
Cert Waiting Response to query the registrar whether the
certification request meanwhile has been processed. It MUST be
answered either by another Cert Waiting, or the Cert Response.
* Cert Confirm: An optional confirmation sent after the requested
certificate has been received and validated. It contains a
positive or negative confirmation by the pledge whether the
certificate was successfully enrolled and fits its needs.
* PKI/Registrar Confirm: An acknowledgment by the PKI or registrar
that MUST be sent on reception of the Cert Confirm.
The generic messages described above may be implemented using various
enrollment protocols supporting authenticated self-contained objects,
as described in Section 3. Examples are available in Section 5.
von Oheimb, et al. Expires 8 September 2022 [Page 15]
Internet-Draft BRSKI-AE March 2022
4.2.4. Pledge - Registrar - enrollment status telemetry
The enrollment status telemetry is performed as specified in
[RFC8995]. In BRSKI this is described as part of the enrollment
phase, but due to the generalization on the enrollment protocol
described in this document it fits better as a separate step here.
4.2.5. Addressing scheme enhancements
BRSKI-AE provides generalizations to the addressing scheme defined in
BRSKI [RFC8995] to accommodate alternative enrollment protocols that
use authenticated self-contained objects for certification requests.
As this is supported by various existing enrollment protocols, they
can be directly employed (see also Section 5).
The addressing scheme in BRSKI for certification requests and the
related CA certificates and CSR attributes retrieval functions uses
the definition from EST [RFC7030]; here on the example of simple
enrollment: "/.well-known/est/simpleenroll". This approach is
generalized to the following notation: "/.well-known/<enrollment-
protocol>/<request>" in which <enrollment-protocol> refers to a
certificate enrollment protocol. Note that enrollment is considered
here a message sequence that contains at least a certification
request and a certification response. The following conventions are
used in order to provide maximal compatibility to BRSKI:
* <enrollment-protocol>: MUST reference the protocol being used,
which MAY be CMP, CMC, SCEP, EST [RFC7030] as in BRSKI, or a newly
defined approach.
Note: additional endpoints (well-known URIs) at the registrar may
need to be defined by the enrollment protocol being used.
* <request>: if present, the <request> path component MUST describe,
depending on the enrollment protocol being used, the operation
requested. Enrollment protocols are expected to define their
request endpoints, as done by existing protocols (see also
Section 5).
4.3. Domain registrar support of alternative enrollment protocols
Well-known URIs for various endpoints on the domain registrar are
already defined as part of the base BRSKI specification or indirectly
by EST. In addition, alternative enrollment endpoints MAY be
supported at the registrar. The pledge will recognize whether its
preferred enrollment option is supported by the domain registrar by
sending a request to its preferred enrollment endpoint and evaluating
the HTTP response status code.
von Oheimb, et al. Expires 8 September 2022 [Page 16]
Internet-Draft BRSKI-AE March 2022
The following list of endpoints provides an illustrative example for
a domain registrar supporting several options for EST as well as for
CMP to be used in BRSKI-AE. The listing contains the supported
endpoints to which the pledge may connect for bootstrapping. This
includes the voucher handling as well as the enrollment endpoints.
The CMP related enrollment endpoints are defined as well-known URIs
in CMP Updates [I-D.ietf-lamps-cmp-updates] and the Lightweight CMP
profile [I-D.ietf-lamps-lightweight-cmp-profile].
</brski/voucherrequest>,ct=voucher-cms+json
</brski/voucher_status>,ct=json
</brski/enrollstatus>,ct=json
</est/cacerts>;ct=pkcs7-mime
</est/fullcmc>;ct=pkcs7-mime
</est/csrattrs>;ct=pkcs7-mime
</cmp/initialization>;ct=pkixcmp
</cmp/p10>;ct=pkixcmp
</cmp/getcacerts>;ct=pkixcmp
</cmp/getcertreqtemplate>;ct=pkixcmp
5. Examples for signature-wrapping using existing enrollment protocols
This section maps the requirements to support proof-of-possession and
proof-of-identity to selected existing enrollment protocols.
5.1. Instantiation to EST (informative)
When using EST [RFC7030], the following aspects and constraints need
to be considered and the given extra requirements need to be
fulfilled, which adapt Section 5.9.3 of BRSKI [RFC8995]:
* proof-of-possession is provided typically by using the specified
PKCS#10 structure in the request. Together with Full PKI
requests, also CRMF can be used.
* proof-of-identity needs to be achieved by signing the
certification request object using the Full PKI Request option
(including the /fullcmc endpoint). This provides sufficient
information for the RA to authenticate the pledge as the origin of
the request and to make an authorization decision on the received
certification request. Note: EST references CMC [RFC5272] for the
definition of the Full PKI Request. For proof-of-identity, the
signature of the SignedData of the Full PKI Request is performed
using the IDevID secret of the pledge.
Note: In this case the binding to the underlying TLS connection is
not necessary.
von Oheimb, et al. Expires 8 September 2022 [Page 17]
Internet-Draft BRSKI-AE March 2022
* When the RA is temporarily not available, as per Section 4.2.3 of
[RFC7030], an HTTP status code 202 should be returned by the
registrar, and the pledge will repeat the initial Full PKI Request
5.2. Instantiation to CMP (normative if CMP is chosen)
Note: Instead of referring to CMP as specified in [RFC4210] and
[I-D.ietf-lamps-cmp-updates], this document refers to the Lightweight
CMP Profile [I-D.ietf-lamps-lightweight-cmp-profile] because the
subset of CMP defined there is sufficient for the functionality
needed here.
When using CMP, the following requirements SHALL be fulfilled:
* For proof-of-possession, the approach defined in Section 4.1.1
(based on CRMF) or Section 4.1.4 (based on PKCS#10) of the
Lightweight CMP Profile [I-D.ietf-lamps-lightweight-cmp-profile]
SHALL be applied.
* proof-of-identity SHALL be provided by using signature-based
protection of the certification request message as outlined in
Section 3.2. of [I-D.ietf-lamps-lightweight-cmp-profile] using the
IDevID secret.
* When the Cert Response from the RA/CA is not available and if
polling is supported, the registrar SHALL a Cert Waiting Response
as specified in Sections 4.4 and 5.1.2 of
[I-D.ietf-lamps-lightweight-cmp-profile].
* As far as requesting CA certificates or certificate request
attributes is supported, they SHALL be implemented as specified in
Sections 4.3.1 and 4.3.3 of
[I-D.ietf-lamps-lightweight-cmp-profile].
TBD RFC Editor: please delete /* ToDo: The following aspects need to
be further specified: * Whether to use /getcacerts or the caPubs and
extraCerts fields to return trust anchor and CA Certificates *
Whether to use /getcertreqtemplate or modify the CRMF and use
raVerified * Whether to specify the usage of /p10 */
6. IANA Considerations
This document does not require IANA actions.