draft-ietf-trans-rfc6962-bis-02.txt   draft-ietf-trans-rfc6962-bis-03.txt 
Public Notary Transparency Working Group B. Laurie Public Notary Transparency Working Group B. Laurie
Internet-Draft A. Langley Internet-Draft A. Langley
Intended status: Standards Track E. Kasper Intended status: Standards Track E. Kasper
Expires: October 19, 2014 Google Expires: November 2, 2014 Google
R. Stradling R. Stradling
Comodo Comodo
April 17, 2014 May 1, 2014
Certificate Transparency Certificate Transparency
draft-ietf-trans-rfc6962-bis-02 draft-ietf-trans-rfc6962-bis-03
Abstract Abstract
This document describes an experimental protocol for publicly logging This document describes an experimental protocol for publicly logging
the existence of Transport Layer Security (TLS) certificates as they the existence of Transport Layer Security (TLS) certificates as they
are issued or observed, in a manner that allows anyone to audit are issued or observed, in a manner that allows anyone to audit
certificate authority (CA) activity and notice the issuance of certificate authority (CA) activity and notice the issuance of
suspect certificates as well as to audit the certificate logs suspect certificates as well as to audit the certificate logs
themselves. The intent is that eventually clients would refuse to themselves. The intent is that eventually clients would refuse to
honor certificates that do not appear in a log, effectively forcing honor certificates that do not appear in a log, effectively forcing
skipping to change at page 1, line 43 skipping to change at page 1, line 43
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 19, 2014. This Internet-Draft will expire on November 2, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2014 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 12, line 40 skipping to change at page 12, line 40
3.2.2. Redacting Domain Name Labels in Precertificates 3.2.2. Redacting Domain Name Labels in Precertificates
When creating a Precertificate, the CA MAY substitute one or more of When creating a Precertificate, the CA MAY substitute one or more of
the complete leftmost labels in each DNS-ID with the literal string the complete leftmost labels in each DNS-ID with the literal string
"(PRIVATE)". For example, if a certificate contains a DNS-ID of "(PRIVATE)". For example, if a certificate contains a DNS-ID of
"top.secret.example.com", then the corresponding Precertificate could "top.secret.example.com", then the corresponding Precertificate could
contain "(PRIVATE).example.com" instead. Labels in a CN-ID [RFC6125] contain "(PRIVATE).example.com" instead. Labels in a CN-ID [RFC6125]
MUST remain unredacted. MUST remain unredacted.
When a Precertificate contains one or more redacted labels, an When a Precertificate contains one or more redacted labels, an
extension (OID 1.3.6.1.4.1.11129.6, whose extnValue OCTET STRING extension (OID 1.3.6.1.4.1.11129.2.4.6, whose extnValue OCTET STRING
contains an ASN.1 SEQUENCE OF INTEGERs) MUST be added to the contains an ASN.1 SEQUENCE OF INTEGERs) MUST be added to the
corresponding certificate: the first INTEGER indicates the number of corresponding certificate: the first INTEGER indicates the number of
labels redacted in the Precertificate's first DNS-ID; the second labels redacted in the Precertificate's first DNS-ID; the second
INTEGER does the same for the Precertificate's second DNS-ID; etc. INTEGER does the same for the Precertificate's second DNS-ID; etc.
There MUST NOT be more INTEGERs than there are DNS-IDs. If there are There MUST NOT be more INTEGERs than there are DNS-IDs. If there are
fewer INTEGERs than there are DNS-IDs, the shortfall is made up by fewer INTEGERs than there are DNS-IDs, the shortfall is made up by
implicitly repeating the last INTEGER. Each INTEGER MUST have a implicitly repeating the last INTEGER. Each INTEGER MUST have a
value of zero or more. The purpose of this extension is to enable value of zero or more. The purpose of this extension is to enable
TLS clients to accurately reconstruct the Precertificate from the TLS clients to accurately reconstruct the Precertificate from the
certificate without having to perform any guesswork. certificate without having to perform any guesswork.
3.2.3. Using a Name-Constrained Intermediate CA 3.2.3. Using a Name-Constrained Intermediate CA
An intermediate CA certificate or Precertificate that contains the An intermediate CA certificate or Precertificate that contains the
Name Constraints extension (see Section 4.2.1.10 of [RFC5280]) MAY be Name Constraints extension (see Section 4.2.1.10 of [RFC5280]) MAY be
logged in place of end-entity certificates issued by that logged in place of end-entity certificates issued by that
intermediate CA, as long as all of the following conditions are met: intermediate CA, as long as all of the following conditions are met:
o there MUST be an extension (OID 1.3.6.1.4.1.11129.7, whose o there MUST be an extension (OID 1.3.6.1.4.1.11129.2.4.7, whose
extnValue OCTET STRING contains ASN.1 NULL data (0x05 0x00)). extnValue OCTET STRING contains ASN.1 NULL data (0x05 0x00)).
This extension is an explicit indication that it is acceptable to This extension is an explicit indication that it is acceptable to
not log certificates issued by this intermediate CA. not log certificates issued by this intermediate CA.
o permittedSubtrees MUST specify one or more dNSNames. o permittedSubtrees MUST specify one or more dNSNames.
o excludedSubtrees MUST specify the entire IPv4 and IPv6 address o excludedSubtrees MUST specify the entire IPv4 and IPv6 address
ranges. ranges.
Below is an example Name Constraints extension that meets these Below is an example Name Constraints extension that meets these
conditions: conditions:
SEQUENCE { SEQUENCE {
OBJECT IDENTIFIER '2 5 29 30' OBJECT IDENTIFIER '2 5 29 30'
OCTET STRING, encapsulates { OCTET STRING, encapsulates {
SEQUENCE { SEQUENCE {
[0] { [0] {
SEQUENCE { SEQUENCE {
[1] 'example.com' [2] 'example.com'
} }
}
[1] { [1] {
SEQUENCE { SEQUENCE {
[7] 00 00 00 00 00 00 00 00 [7] 00 00 00 00 00 00 00 00
} }
SEQUENCE { SEQUENCE {
[7] [7]
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
} }
} }
} }
} }
} }
}
3.3. Structure of the Signed Certificate Timestamp 3.3. Structure of the Signed Certificate Timestamp
enum { certificate_timestamp(0), tree_hash(1), (255) } enum { certificate_timestamp(0), tree_hash(1), (255) }
SignatureType; SignatureType;
enum { v1(0), (255) } enum { v1(0), (255) }
Version; Version;
struct { struct {
opaque key_id[32]; opaque key_id[32];
 End of changes. 9 change blocks. 
8 lines changed or deleted 8 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/