[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Enterprise-only or more...

To: ietf-trust-anchor@xxxxxxxx
Subject: RE: Enterprise-only or more...
From: Russ Housley <housley@xxxxxxxxxxxx>
Date: Tue, 10 Jul 2007 11:55:38 -0400
In-reply-to: <>
List-archive: <http://www.vpnc.org/ietf-trust-anchor/mail-archive/>
List-id: <ietf-trust-anchor.vpnc.org>
List-unsubscribe: <mailto:ietf-trust-anchor-request@vpnc.org?body=unsubscribe>
References: <> <AE1B6FDD5E39704DB2F38B6FC77D59A20102B363@xxxxxxxxxxxxxxxxxxxxxxxxxxx> <A15AC0FBACD3464E95961F7C0BCD1FF0D148832C@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx oft.com> <>
Sender: owner-ietf-trust-anchor@xxxxxxxxxxxxx

Clearly, a trust anchor contains a public key that is used tovalidate digital signatures. A trust anchor public key may be usedin two different ways to support digital signature validation. Inthe first approach, the trust anchor public key is used directly tovalidate the digital signature. In the second approach, the trustanchor public key is used to validate a certification path. I'mthinking about an X.509 certification path, but this model seems towork with other certification approaches as well. When used with acertification path, the subject public key in the final certificatein the certification path is used to validate the digitalsignature. Of course, such a certified public key can be used forthings other than digital signature, including key transport and keyagreement. In X.509, the choices are constrained by the key usagecertificate extension.

All trust anchors used in the X.509 context consist of the followingcomponents:

- a public key signature algorithm identifier and associatedpublic key, which

     may optionally include parameters;

- a distinguished name for use in certification path validationand construction;- a public key identifier to aid path construction and for use insignatures

     that are to be validated directly with the trust anchor public key;

- a list of applications (perhaps admitting all applications)with which the trust

     anchor can be used; and

- optional X.509 certification path validation input values, someof which also

     serve as constraints on the use of the public key when used directly to
     validate digital signatures.

A similar set of components needs to be specified for any othercontexts that we want to support (PGP, DNSSEC, etc.).

One might also want a human readable trust anchor title to help withdisplay of the trust anchor store to users.

Depending on the approach taken in the trust anchor managementprotocol, a trust anchor might also include a sequence number forreplay detection.


Russ

References:
- Re: Enterprise-only or more...
  - From: Stephen Kent
- RE: Enterprise-only or more...
  - From: Thomas Hardjono
- RE: Enterprise-only or more...
  - From: Stephen Kent

Prev by Date: Very eary cut at strawman draft charter...
Next by Date: Re: Distribution of trust anchor policy
Previous by thread: RE: Enterprise-only or more...
Next by thread: RE: Enterprise-only or more...
Index(es):
- Date
- Thread