| rfc9829v1.txt | rfc9829.txt | |||
|---|---|---|---|---|
| skipping to change at line 78 ¶ | skipping to change at line 78 ¶ | |||
| Section 5.2.3 of [RFC5280] describes the value of the Certificate | Section 5.2.3 of [RFC5280] describes the value of the Certificate | |||
| Revocation List (CRL) Number extension as a monotonically increasing | Revocation List (CRL) Number extension as a monotonically increasing | |||
| sequence number, which "allows users to easily determine when a | sequence number, which "allows users to easily determine when a | |||
| particular CRL supersedes another CRL". In other words, in Public | particular CRL supersedes another CRL". In other words, in Public | |||
| Key Infrastructures (PKIs) in which it is possible for Relying | Key Infrastructures (PKIs) in which it is possible for Relying | |||
| Parties (RPs) to encounter multiple usable CRLs, the CRL Number | Parties (RPs) to encounter multiple usable CRLs, the CRL Number | |||
| extension is a means for an RP to determine which CRLs to rely upon. | extension is a means for an RP to determine which CRLs to rely upon. | |||
| In the Resource Public Key Infrastructure (RPKI), a well-formed | In the Resource Public Key Infrastructure (RPKI), a well-formed | |||
| Manifest fileList contains exactly one entry for its associated CRL, | manifest fileList contains exactly one entry for its associated CRL, | |||
| together with a collision-resistant message digest of that CRL's | together with a collision-resistant message digest of that CRL's | |||
| contents (see Section 2.2 of [RFC6481] and Section 2 of [RFC9286]). | contents (see Section 2.2 of [RFC6481] and Section 2 of [RFC9286]). | |||
| Additionally, the target of the CRL Distribution Points extension in | Additionally, the target of the CRL Distribution Points extension in | |||
| an RPKI Resource Certificate is the same CRL object listed on the | an RPKI Resource Certificate is the same CRL object listed on the | |||
| issuing Certification Authorities (CAs) current manifest (see | issuing Certification Authorities (CAs) current manifest (see | |||
| Section 4.8.6 of [RFC6487]). Together, these properties guarantee | Section 4.8.6 of [RFC6487]). Together, these properties guarantee | |||
| that RPKI RPs will always be able to unambiguously identify exactly | that RPKI RPs will always be able to unambiguously identify exactly | |||
| one current CRL for each RPKI CA. Thus, in the RPKI, the ordering | one current CRL for each RPKI CA. Thus, in the RPKI, the ordering | |||
| functionality provided by CRL Numbers is fully subsumed by | functionality provided by CRL Numbers is fully subsumed by | |||
| monotonically increasing Manifest Numbers (Section 4.2.1 of | monotonically increasing manifest numbers (Section 4.2.1 of | |||
| [RFC9286]), thereby obviating the need for RPKI RPs to process CRL | [RFC9286]), thereby obviating the need for RPKI RPs to process CRL | |||
| Number extensions at all. | Number extensions at all. | |||
| Therefore, although the CRL Number extension is mandatory in RPKI | Therefore, although the CRL Number extension is mandatory in RPKI | |||
| CRLs for compliance with the X.509 v2 CRL Profile (Section 5 of | CRLs for compliance with the X.509 v2 CRL Profile (Section 5 of | |||
| [RFC5280]), any use of this extension by RPKI RPs merely adds | [RFC5280]), any use of this extension by RPKI RPs merely adds | |||
| complexity and fragility to RPKI Resource Certificate path | complexity and fragility to RPKI Resource Certificate path | |||
| validation. This document mandates that RPKI RPs ignore the CRL | validation. This document mandates that RPKI RPs ignore the CRL | |||
| Number extension. | Number extension. | |||
| skipping to change at line 141 ¶ | skipping to change at line 141 ¶ | |||
| 2. Summary | 2. Summary | |||
| This document clarifies that, in the RPKI, there is exactly one CRL | This document clarifies that, in the RPKI, there is exactly one CRL | |||
| that is appropriate and relevant for determining the revocation | that is appropriate and relevant for determining the revocation | |||
| status of a given resource certificate. It is the unique CRL object | status of a given resource certificate. It is the unique CRL object | |||
| that is simultaneously: | that is simultaneously: | |||
| * the target of the certificate's CRL Distribution Points extension, | * the target of the certificate's CRL Distribution Points extension, | |||
| and | and | |||
| * listed in the issuing CA's current Manifest fileList and has a | * listed in the issuing CA's current manifest fileList and has a | |||
| matching hash (see Section 4.2.1 of [RFC9286]). | matching hash (see Section 4.2.1 of [RFC9286]). | |||
| In particular, a resource certificate cannot be validated without | In particular, a resource certificate cannot be validated without | |||
| recourse to the current Manifest of the certificate's issuer. | consulting the current manifest of the certificate's issuer. | |||
| 3. Updates to RFC 6487 | 3. Updates to RFC 6487 | |||
| 3.1. Updates to Section 5 | 3.1. Updates to Section 5 | |||
| This section updates Section 5 of [RFC6487] as follows: | This section updates Section 5 of [RFC6487] as follows: | |||
| * First change: | * First change: | |||
| OLD | OLD | |||
| skipping to change at line 188 ¶ | skipping to change at line 188 ¶ | |||
| NEW | NEW | |||
| | An RPKI CA MUST include exactly two extensions in every CRL | | An RPKI CA MUST include exactly two extensions in every CRL | |||
| | that it issues: an Authority Key Identifier (AKI) and a CRL | | that it issues: an Authority Key Identifier (AKI) and a CRL | |||
| | Number. No other CRL extensions are allowed. | | Number. No other CRL extensions are allowed. | |||
| | | | | |||
| | - RPs MUST process the AKI extension. | | - RPs MUST process the AKI extension. | |||
| | | | | |||
| | - RPs MUST ignore the CRL Number extension except for checking | | - RPs MUST ignore the CRL Number extension except for checking | |||
| | that it is marked as non-critical and contains a non- | | that it is marked as non-critical and contains a non- | |||
| | negative integer less than or equal to 2^(159-1). | | negative integer less than or equal to 2^159-1. | |||
| 3.2. Update to Section 7.2 | 3.2. Update to Section 7.2 | |||
| This section updates Section 7.2 of [RFC6487] as follows: | This section updates Section 7.2 of [RFC6487] as follows: | |||
| OLD | OLD | |||
| | 5. The issuer has not revoked the certificate. A revoked | | 5. The issuer has not revoked the certificate. A revoked | |||
| | certificate is identified by the certificate's serial number | | certificate is identified by the certificate's serial number | |||
| | being listed on the issuer's current CRL, as identified by the | | being listed on the issuer's current CRL, as identified by the | |||
| | CRLDP of the certificate, the CRL is itself valid, and the | | CRLDP of the certificate, the CRL is itself valid, and the | |||
| | public key used to verify the signature on the CRL is the same | | public key used to verify the signature on the CRL is the same | |||
| | public key used to verify the certificate itself. | | public key used to verify the certificate itself. | |||
| NEW | NEW | |||
| | 5. The issuer has not revoked the certificate. A revoked | | 5. The issuer has not revoked the certificate. A revoked | |||
| | certificate is identified by the certificate's serial number | | certificate is identified by the certificate's serial number | |||
| | being listed on the issuer's current CRL, as identified by the | | being listed on the issuer's current CRL, as identified by the | |||
| | issuer's current Manifest and the CRLDP of the certificate. | | issuer's current manifest and the CRLDP of the certificate. | |||
| | The CRL is itself valid and the public key used to verify the | | The CRL is itself valid and the public key used to verify the | |||
| | signature on the CRL is the same public key used to verify the | | signature on the CRL is the same public key used to verify the | |||
| | certificate itself. | | certificate itself. | |||
| 4. Operational Considerations | 4. Operational Considerations | |||
| This document has no additional operational considerations compared | This document has no additional operational considerations beyond | |||
| to Section 9 of [RFC6487]. | those described in Section 9 of [RFC6487]. | |||
| 5. Security Considerations | 5. Security Considerations | |||
| The Security Considerations of [RFC3779], [RFC5280], and [RFC6487] | The Security Considerations of [RFC3779], [RFC5280], and [RFC6487] | |||
| apply to Resource Certificates and CRLs. | apply to Resource Certificates and CRLs. | |||
| This document explicates that, in the RPKI, the CRL listed on the | This document explicates that, in the RPKI, the CRL listed on the | |||
| certificate issuer's current Manifest is the one relevant and | certificate issuer's current manifest is the one relevant and | |||
| appropriate for determining the revocation status of a resource | appropriate for determining the revocation status of a resource | |||
| certificate. By way of the hash in the manifest's fileList this | certificate. The hash in the manifest's fileList provides a | |||
| provides a cryptographic guarantee on the Certification Authority's | cryptographic guarantee on the Certification Authority's intent that | |||
| intent that this is the most recent CRL and removes possible replay | this is the most recent CRL and removes possible replay vectors. | |||
| vectors. | ||||
| 6. IANA Considerations | 6. IANA Considerations | |||
| This document has no IANA actions. | This document has no IANA actions. | |||
| 7. References | 7. References | |||
| 7.1. Normative References | 7.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| End of changes. 9 change blocks. | ||||
| 13 lines changed or deleted | 12 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||