[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

WG Advice on Reviving a multikey certificate I-D

To: <ietf-pkix@xxxxxxx>
Subject: WG Advice on Reviving a multikey certificate I-D
From: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>
Date: Wed, 1 Apr 2009 21:48:23 +0200
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Quite some time ago the following I-D was written and then left to
expire (probably due to lack of interest):
http://www.potaroo.net/ietf/all-ids/draft-lin-mpk-app-00.txt

It seems that there is a class of applications that could use this scheme
as an alternative to multiple certificates and that are devices that are
to be pre-configured with device certificates.  Such devices include
mobile phones and routers (work is currently performed by IEEE).

The router people are currently thinking in terms of hosting a single
authentication certificate which in SOHO configurations would be
used "as-is" as an easier alternative to shared secrets.  However,
for enterprise use, it is likely that corporate IT would like to unify
the equipment to an in-house PKI.  Although you could use the
authentication certificate for credential bootstrapping, a better
solution is making in-device key-generation with attested public
keys.  This calls for device attestation keys which in some way
must be distinguishable from authentication keys.

To avoid that devices get "split personalities" it would be nice to
put the attestation key in the same certificate as normally used for
authentications.  Since attestations is something very specific not
associated with standard applications, there is no impediment
having to dig out the public key from a certificate in a slightly
unusual way, it is just 20 lines extra to 2000 you already got :-)

TrustedComputingGroup have addressed this topic using a virtual
orgy of keys and certificates.  I prefer simpler solutions.

One Device => One Certificate => One ID

I started with this issue (multiple keys) using DIAS scheme:
http://webpki.org/papers/keygen2/keygen2-fips140-2.pdf
but unfortunately DIAS does not translate well to ECDSA, but
MPK certificates look like a *very* good alternative.

So, how should I proceed with this I-D?
Anybody out there interested?

I don't intend to change anything in the expired I-D except for
application space and minor stuff.

One of the original authors have indicated interest in a revival.

Anders

Prev by Date: Re: OCSP RFC (RFC 2560) Dependence on SHA-1
Previous by thread: Certificate definitions
Index(es):
- Date
- Thread