Extended Key Usage (EKU) for Session Initiation Protocol (SIP) X.509 Certificates
draft-ietf-sip-eku-08

The intended status of this changed to Experimental during IESG discussion (see the resolution of several of the DISCUSSes captured in the tracker). The status in the tracker was not updated correctly before the approval was issued.

[Ballot discuss]
The id-kp-serverAuth and id-kp-clientAuth EKU values seem an odd fit for SIP EKU, but this specification permits acceptance as a matter of local policy.  Since there os no installed base that is already accepting these OIDs to authenticate SIP proxies, I  believe we should remove support for these OIDs.

[Ballot comment]
The OID needed for the ASN.1 module identifier is:
  id-mod-sip-domain-extns2007  OBJECT IDENTIFIER ::= { id-mod 62 }

  I see no reason to include id-pe and id-aca in the module.

[Ballot discuss]
It is my understanding that the installed base does not use either
  id-kp-serverAuth and id-kp-clientAuth values.  The only reason to
  include them is to support an installed base.

[Ballot comment]
Bernard Aboba  done an O&M Area review of the document which said:

Previous EKU extensions (such as [RFC 4334]) have not been widely
deployed, due to the additional operational complexity they would
have introduced, and the limited benefits.

Given this, and the potential interoperability impact of this document,
the Experimental classification would probably be more appropriate.

[Ballot comment]
The text says...
  Consider the SIP RFC 3261 [2] trapezoid shown in Figure 1.
...but the figure does not show a trapezoid.
I guess there is an implied dotted line between alice and bob?


No doubt Appendix A needs the BSD license applied.

[Ballot comment]
1. I support the DISCUSS by Alexey about possibly approving this document at Experimental only, taking into accound that EKU did not enjoy wide deployment yet

2. Section 3

"A Certificate Authority issuing a certificate whose purpose is to
bind a SIP domain identity without binding other non-SIP identities
MUST include an id-kp-SIPdomain attribute in the Extended Key Usage extension value (see Section 3.1)."

Question: What is the definition of "SIP domain identity"?  This is not included in the terminology section.

3. Section 4

"Section 7.1 of Domain Certificates in the Session Initiation Protoco [8] contains the steps for finding an identity (or a set of
identities) in an X.509 certificate for SIP.  In order to determine
whether the usage of a certificate is restricted to serve as a SIP
certificate only, implementations MUST perform the step given below as a part of the certificate validation:"

Not sure how the first sentence relates to the rest of the paragraph. Is the intent to suggest that the process for finding the identity needs to be carried out in order to make the determination?  If so, then [8] would be a normative reference.

4. "If the certificate does not contain any EKU values (the Extended Key Usage extension does not exist), it is a matter of local policy whether or not to accept the certificate for use as a SIP certificate."

There are a large number of existing certificates issued without these EKUs. In situations in which these existing certificates are expected, leaving their acceptance up to "local policy" would seem likely to create an interoperability problem.

5.  " If the certificate contains the id-kp-sipDomain EKU extension, then implementations MUST consider the certificate acceptable for use as a SIP certificate."

I presume that this means "implementations of this specification", correct? Pre-existing implementations don't know about these EKU extensions, and so will make their determination based on other factors.


6. "If EKU extension exists but does not contain any of the id-kp-sipDomain, id-kp-anyExtendedKeyUsage, id-kp-serverAuth, or id-kp-clientAuth EKU values, then implementations MUST NOT consider the certificate as acceptable for use as a SIP certificate."

Here I think you're referring to pre-existing implementations as well,
correct?

[Ballot discuss]
This DISCUSS and COMMENT is partly based on the OPS-DIR review performed by Bernard Aboba.


In situations where there are pre-existing certificates without the EKU extensions, this specification could result in interoperability problems if the "local policy" is not carefully implemented.  One concern is that the language on "local policy" could be used by implementers to justify refusing to support existing certificate formats.

I do not think that the document adequately addresses how to manage the transition.  For example, during an interim period, it would be necessary for implementations to support both legacy certificates as well as certificates with the new extensions.  At some point, once the legacy certificates have expired, "local policy" could be changed to require only certificates with extensions.

The document is missing an operational considerations section and and there seems to be quite a lot of operational implications. For example it does not discuss what kinds of "local policy" are appropriate in various situations or how the "local policy" can be configured or managed.  It does not discuss how certificate interoperability issues can be dealt with, or how operational problems could be diagnosed. Some additional discussion in this area would be needed.

[Ballot comment]
1. I support the DISCUSS by Alexey about possibly approving this document at Experimental only, taking into accound that EKU did not enjoy wide deployment yet

2. Section 3

"A Certificate Authority issuing a certificate whose purpose is to
bind a SIP domain identity without binding other non-SIP identities
MUST include an id-kp-SIPdomain attribute in the Extended Key Usage extension value (see Section 3.1)."

Question: What is the definition of "SIP domain identity"?  This is not included in the terminology section.

3. Section 4

"Section 7.1 of Domain Certificates in the Session Initiation Protoco [8] contains the steps for finding an identity (or a set of
identities) in an X.509 certificate for SIP.  In order to determine
whether the usage of a certificate is restricted to serve as a SIP
certificate only, implementations MUST perform the step given below as a part of the certificate validation:"

Not sure how the first sentence relates to the rest of the paragraph. Is the intent to suggest that the process for finding the identity needs to be carried out in order to make the determination?  If so, then [8] would be a normative reference.

4. "If the certificate does not contain any EKU values (the Extended Key Usage extension does not exist), it is a matter of local policy whether or not to accept the certificate for use as a SIP certificate."

There are a large number of existing certificates issued without these EKUs. In situations in which these existing certificates are expected, leaving their acceptance up to "local policy" would seem likely to create an interoperability problem.

5.  " If the certificate contains the id-kp-sipDomain EKU extension, then implementations MUST consider the certificate acceptable for use as a SIP certificate."

I presume that this means "implementations of this specification", correct? Pre-existing implementations don't know about these EKU extensions, and so will make their determination based on other factors.


6. "If EKU extension exists but does not contain any of the id-kp-sipDomain, id-kp-anyExtendedKeyUsage, id-kp-serverAuth, or id-kp-clientAuth EKU values, then implementations MUST NOT consider the certificate as acceptable for use as a SIP certificate."

Here I think you're referring to pre-existing implementations as well,
correct?

[Ballot discuss]
This DISCUSS and COMMENT is partly based on the OPS-DIR review performed by Bernard Aboba.

1. In situations where there are pre-existing certificates without the EKU extensions, this specification could result in interoperability problems if the "local policy" is not carefully implemented.  One concern is that the language on "local policy" could be used by implementers to justify refusing to support existing certificate formats.

I do not think that the document adequately addresses how to manage the transition.  For example, during an interim period, it would be necessary for implementations to support both legacy certificates as well as certificates with the new extensions.  At some point, once the legacy certificates have expired, "local policy" could be changed to require only certificates with extensions.

The document is missing an operational considerations section and and there seems to be quite a lot of operational implications. For example it does not discuss what kinds of "local policy" are appropriate in various situations or how the "local policy" can be configured or managed.  It does not discuss how certificate interoperability issues can be dealt with, or how operational problems could be diagnosed. Some additional discussion in this area would be needed.

[Ballot discuss]
This is a DISCUSS DISCUSS and I intend to clear it after/during the IESG telechat. Bernard Aboba  done an O&M Area review of the document which said:

Previous EKU extensions (such as [RFC 4334]) have not been widely
deployed, due to the additional operational complexity they would
have introduced, and the limited benefits.

Given this, and the potential interoperability impact of this document,
the Experimental classification would probably be more appropriate.

[Ballot discuss]
This is a discuss-discuss; I intend to clear on the call (if not before) after discussion of this relatively minor point.

The id-kp-serverAuth and id-kp-clientAuth EKU values seem an odd fit for SIP EKU, but this specification permits acceptance as a matter of local policy.  Is there an installed base that is already accepting these OIDs to authenticate SIP proxies?

[Ballot comment]
The OID needed for the ASN.1 module identifier is:
  id-mod-sip-domain-extns2007  OBJECT IDENTIFIER ::= { id-mod 62 }

  I see no reason to include id-pe and id-aca in the module.

[Ballot discuss]
IANA says:

IESG/Russ/Authors,

We understand that draft-ietf-sip-eku-05.txt doesn't ask for any
IANA actions. But Russ, should we have a pointer to the pkix
registry in http://www.iana.org/assignments/smi-numbers?

Thanks,

Amanda Baber
IANA

IANA comments/question for Russ:

We understand that draft-ietf-sip-eku-05.txt doesn't ask for any
IANA actions. But should we have a pointer to the pkix
registry in http://www.iana.org/assignments/smi-numbers?

PROTO writeup for http://www.ietf.org/internet-drafts/draft-ietf-sip-eku-04: "Using
Extended Key Usage (EKU) for Session Initiation Protocol (SIP) X.509 Certificates"

  (1.a)  Who is the Document Shepherd for this document?  Has the
          Document Shepherd personally reviewed this version of the
          document and, in particular, does he or she believe this
          version is ready for forwarding to the IESG for publication?

Keith Drage

The document has been reviewed and is ready for forwarding to IESG for publication.

Document history:

- The document was separated out from draft-gurbani-sip-domain-certs-06
which was submitted 9th July 2007 and expired 10th January 2008.
- draft-ietf-sip-eku-00 was submitted 8th November 2007 and expires 11th
May 2008.
- draft-ietf-sip-eku-01 was submitted 18th February 2008 and expired 21st
August 2008.
- draft-ietf-sip-eku-02 was submitted 11th July 2008 and expires 12 January
2009.
- draft-ietf-sip-eku-03 was submitted 6th October 2008 and expires 9th
April 2009.
- draft-ietf-sip-eku-04 was submitted 7th April 2009 and expires 9th
October 2009.

The document forms a normative dependency from draft-ietf-sip-domain-certs aside from
being usable in its own right.

WGLC was announced in the SIP WG on 22nd February 2008 to complete 7th March 2008 on -00
version.

Review was made and comments were received from: John Elwell, Eric Rescorla.

  (1.b)  Has the document had adequate review both from key WG members
          and from key non-WG members?  Does the Document Shepherd have
          any concerns about the depth or breadth of the reviews that
          have been performed?

The document has had adequate review from working group members.

  (1.c)  Does the Document Shepherd have concerns that the document
          needs more review from a particular or broader perspective,
          e.g., security, operational complexity, someone familiar with
          AAA, internationalization, or XML?

The document shepherd considers that no external review from an external specialist is
necessary, apart from as follows.

The document has been reviewed by members of the PKIX working group on a number of
occasions, primarily Stephen Kent.

The document has not had a separate security review, and that should therefore occur,
although it has been reviewed by the security advisor to the RAI area.

  (1.d)  Does the Document Shepherd have any specific concerns or
          issues with this document that the Responsible Area Director
          and/or the IESG should be aware of?  For example, perhaps he
          or she is uncomfortable with certain parts of the document, or
          has concerns whether there really is a need for it.  In any
          event, if the WG has discussed those issues and has indicated
          that it still wishes to advance the document, detail those
          concerns here.  Has an IPR disclosure related to this document
          been filed?  If so, please include a reference to the
          disclosure and summarize the WG discussion and conclusion on
          this issue.

The document shepherd has no specific concerns with any aspects of this document.

There have been no IPR disclosures on this document.

  (1.e)  How solid is the WG consensus behind this document?  Does it
          represent the strong concurrence of a few individuals, with
          others being silent, or does the WG as a whole understand and
          agree with it?

Full consensus exists on this document.

  (1.f)  Has anyone threatened an appeal or otherwise indicated extreme
          discontent?  If so, please summarize the areas of conflict in
          separate email messages to the Responsible Area Director.  (It
          should be in a separate email because this questionnaire is
          entered into the ID Tracker.)

None indicated.

  (1.g)  Has the Document Shepherd personally verified that the
          document satisfies all ID nits?  (See
          http://www.ietf.org/ID-Checklist.html and
          http://tools.ietf.org/tools/idnits/.)  Boilerplate checks are
          not enough; this check needs to be thorough.  Has the document
          met all formal review criteria it needs to, such as the MIB
          Doctor, media type, and URI type reviews?  If the document
          does not already indicate its intended status at the top of
          the first page, please indicate the intended status here.

The document has been reviewed against the guidelines in RFC 4485 and it is believed
that the document is conformant with those guidelines.

For ID-NITS the checks against idnits 2.11.08 report NITS as follows.

    Summary: 1 error (**), 0 warnings (==), 3 comments (--).

The error relates to an indication that it does not contain an "Introduction".
However document does contain an early section "Problem Statement" which serves
exactly this function.

  (1.h)  Has the document split its references into normative and
          informative?  Are there normative references to documents that
          are not ready for advancement or are otherwise in an unclear
          state?  If such normative references exist, what is the
          strategy for their completion?  Are there normative references
          that are downward references, as described in [RFC3967]?  If
          so, list these downward references to support the Area
          Director in the Last Call procedure for them [RFC3967].

The document has separate sections for normative and informative references. The
normative references have been checked and found to be normative.

  (1.i)  Has the Document Shepherd verified that the document's IANA
          Considerations section exists and is consistent with the body
          of the document?  If the document specifies protocol
          extensions, are reservations requested in appropriate IANA
          registries?  Are the IANA registries clearly identified?  If
          the document creates a new registry, does it define the
          proposed initial contents of the registry and an allocation
          procedure for future registrations?  Does it suggest a
          reasonable name for the new registry?  See [RFC2434].  If the
          document describes an Expert Review process, has the Document
          Shepherd conferred with the Responsible Area Director so that
          the IESG can appoint the needed Expert during IESG Evaluation?

The document has no IANA registration requirements. The object identifiers forms part of
the existing allocation made by IANA to the PKIX working group.

  (1.j)  Has the Document Shepherd verified that sections of the
          document that are written in a formal language, such as XML
          code, BNF rules, MIB definitions, etc., validate correctly in
          an automated checker?

The document defines an object identifier using the formal language ASN.1. This
definition is trivial and has been confirmed by visual inspection.

  (1.k)  The IESG approval announcement includes a Document
          Announcement Write-Up.  Please provide such a Document
          Announcement Write-Up.  Recent examples can be found in the
          "Action" announcements for approved documents.  The approval
          announcement contains the following sections:

          Technical Summary
            Relevant content can frequently be found in the abstract
            and/or introduction of the document.  If not, this may be
            an indication that there are deficiencies in the abstract
            or introduction.

          Working Group Summary
            Was there anything in the WG process that is worth noting?
            For example, was there controversy about particular points
            or were there decisions where the consensus was
            particularly rough?

          Document Quality
            Are there existing implementations of the protocol?  Have a
            significant number of vendors indicated their plan to
            implement the specification?  Are there any reviewers that
            merit special mention as having done a thorough review,
            e.g., one that resulted in important changes or a
            conclusion that the document had no substantive issues?  If
            there was a MIB Doctor, Media Type, or other Expert Review,
            what was its course (briefly)?  In the case of a Media Type
            Review, on what date was the request posted?

          Personnel
            Who is the Document Shepherd for this document?  Who is the
            Responsible Area Director?  If the document requires IANA
            experts(s), insert 'The IANA Expert(s) for the registries
            in this document are .'

Technical summary.

This memo documents an extended key usage (EKU) X.509 certificate extension for
restricting the applicability of a certificate to use with a Session Initiation
Protocol (SIP) service.  As such, in addition to providing rules for SIP
implementations, this memo also provides guidance to issuers of certificates for
use with SIP.

Working group summary.

There is consensus in the working group to publish this document.

Document Quality

There has been no indication of implementation.

Personnel

The document shepherd for this document was Keith Drage. The responsible Area Director
was Cullen Jennings. 'The IANA Expert(s) for the registries in this document are .