Trust Anchor Management Problem Statement

Slides:



Advertisements
Similar presentations
RPKI Standards Activity Geoff Huston APNIC February 2010.
Advertisements

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.
Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
1 Lecture 13: Public Key Infrastructure terms PKI trust models –monopoly with registration authorities with delegated certificate authorities –oligarchy.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Trusted Archive Protocol (TAP) Carl Wallace
Long-term Archive Service Requirements draft-ietf-ltans-reqs-00.txt.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
Digital Certificates Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
Trust Anchor Management Problem Statement 69 th IETF Trust Anchor Management BOF Carl Wallace.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
NENA Development Conference | October 2014 | Orlando, Florida Security Certificates Between i3 ESInet’s and FE’s Nate Wilcox Emergicom, LLC Brian Rosen.
General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Evaluating trusted electronic documents Petr Švéda Security and Protection of Information ‘03 © 2003 Petr Švéda, FI MU.
1 PKI Disaster Recovery and Key Rollover Bull S.A.S.
Security in ebXML Messaging CPP/CPA Elements. Elements of Security P rivacy –Protect against information being disclosed or revealed to any entity not.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.
Bridge Certification Architecture A Brief Overview by Tim Sigmon May, 2000.
SonOf3039 Status Russ Housley Security Area Director.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Comments on draft-ietf-pkix-rfc3280bis-01.txt IETF PKIX Meeting Paris - August 2005 Denis Pinkas
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
TAG Presentation 18th May 2004 Paul Butler
Key management issues in PGP
Alternative Governance Models for PKI
Trusted? 05/4/2016 Charles Sheehe, CCSDS Security Working Group GRC POC All information covered is from public sources.
Computer and Network Security
Chapter 5 Network Security Protocols in Practice Part I
Training for developers of X-Road interfaces
Authority Recognition GGF9
Cryptography and Network Security
TAG Presentation 18th May 2004 Paul Butler
Goals of soBGP Verify the origin of advertisements
Authentication Applications
Public Key Infrastructure (PKI)
Delay-Tolerant Security Key Administration (DTKA)
S/MIME T ANANDHAN.
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
APNIC Trial of Certification of IP Addresses and ASes
Security in ebXML Messaging
زير ساخت كليد عمومي و گواهي هويت
Security at the Application Layer: PGP and S/MIME
APNIC Trial of Certification of IP Addresses and ASes
ELECTRONIC MAIL SECURITY
Secure Electronic Transaction (SET) University of Windsor
جايگاه گواهی ديجيتالی در ايران
Resource Certificate Profile
ELECTRONIC MAIL SECURITY
Digital Certificates and X.509
CS 465 Certificates Last Updated: Oct 14, 2017.
SharePoint Online Authentication Patterns
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006
PKI (Public Key Infrastructure)
Kerberos and X.509 Fourth Edition by William Stallings
Remote ATtestation ProcedureS (RATS)
National Trust Platform
Presentation transcript:

Trust Anchor Management Problem Statement 69th IETF Trust Anchor Management BOF Carl Wallace

What are trust anchors? Trust anchors (TAs) are trusted public keys with with associated information Used for signature verification Associated information varies with TA purpose RFC3280 requires issuer name, public key algorithm, public key and optionally, the public key parameters associated with the public key to support certification path validation TAs are used for various purposes Certification path validation Verification of signed objects, including firmware, timestamps, OCSP responses, keys, etc. TAs are maintained in trust anchor stores, which are sets of one or more trust anchors

Problem statement There is currently no standard mechanism for managing trust anchor stores Proprietary means abound Remote management can be difficult (and is generally beyond the reach of PKI policy authorities) Some application-specific standards are being developed (draft-ietf-dnsext-trustupdate-timers) No standard representation for trust anchors Self-signed certificates are a de facto means of installing names and keys for use with PKI However, self-signed certificates do not provide hooks for TA management Uniform representation may not be necessary even if common management means are used

General Proposal Define a protocol for managing trust anchor stores Generic trust anchor representation requirements include trust anchor name, public key information and trust anchor usage Enable add/remove/query operations on trust anchor stores Primary aim is to reduce reliance on out-of-band trust mechanisms After initial trust anchors have been installed, out-of-band means should not be necessary

Functional properties Transport independent Applicable to push or pull contexts Applicable to session-oriented or store-and-forward contexts Support limited recognition of a trust anchor Contrast with cross-certificates that establish relationships that impact all of a PKI’s relying parties Ability to limit recognition to a single device, application or community would be useful in some contexts Enable secure transfer of authority over a trust anchor store from one owner to another Re-key or transition from one TA manager to another Transfer requires consent and cooperation Reduce the number of public keys that require out-of-band verification Ideally, out-of-band verification (i.e., verifying trust anchor fingerprint with a trust source) occurs only during TA store initialization

Functional properties (continued) Define standard format for reporting trust anchor store contents Simply generating a report of the contents of some trust anchor stores is difficult Support authentication of store associated with the report Support disaster recovery (i.e., loss or compromise of trust anchor private key) Including recovery from compromise of keys verified via out-of-band means and keys used to generate trust anchor management messages Enable representation of a trust anchor’s authority Minimally, represent authority to conduct trust anchor management operations Namespaces, policies, etc. in certification path validation context Enable delegation of authority A trust anchor should be able to delegate all, some or none of its authority (including authority to conduct trust anchor management operations) Assuming a trust anchor manager is represented as a trust anchor

Functional properties (continued) Enable usage of trust anchors to verify certification paths in accord with RFC3280 For path validation purposes, trust anchor representation must include public key, distinguished name, etc. Other certificate extensions may be useful as well, i.e., SIA, name constraints, key usage, certificate policies Enable usage of trust anchors to verify signatures on objects other than certificates and CRLs Firmware packages, trust anchor management messages, etc. Enable representation of trust anchors that cannot be used to verify certification paths Some trust anchors may only be authorized to produce particular types of objects, such as firmware packages Guard against replay of old trust anchor management messages

Security Considerations No need for confidentiality Transaction integrity is required Clear subordination rules are required Requires at least one key to be installed during TA store initialization Verified using out-of-band means Could then be used to manage trust store contents

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.