Using OpenPGP Keys for Transport Layer Security (TLS) Authentication
RFC 5081

• Status
• IESG evaluation record
• IESG writeups
• Email expansions
• History

• Versions
• 11

Document	Type		RFC - Experimental (November 2007; No errata) Obsoleted by RFC 6091 Was draft-ietf-tls-openpgp-keys (tls WG)
	Last updated		2015-10-14
	Stream		IETF
	Formats		plain text pdf html bibtex
	Reviews		SECDIR Early Review
Stream	WG state		(None)
	Document shepherd		No shepherd assigned
IESG	IESG state		RFC 5081 (Experimental)
	Consensus Boilerplate		Unknown
	Telechat date
	Responsible AD		Russ Housley
	Send notices to		(None)

Network Working Group                               N. Mavrogiannopoulos
Request for Comments: 5081                                   Independent
Category: Experimental                                     November 2007

  Using OpenPGP Keys for Transport Layer Security (TLS) Authentication

Status of This Memo

   This memo defines an Experimental Protocol for the Internet
   community.  It does not specify an Internet standard of any kind.
   Discussion and suggestions for improvement are requested.
   Distribution of this memo is unlimited.

Abstract

   This memo proposes extensions to the Transport Layer Security (TLS)
   protocol to support the OpenPGP key format.  The extensions discussed
   here include a certificate type negotiation mechanism, and the
   required modifications to the TLS Handshake Protocol.

Table of Contents

   1. Introduction ....................................................2
   2. Terminology .....................................................2
   3. Changes to the Handshake Message Contents .......................2
      3.1. Client Hello ...............................................2
      3.2. Server Hello ...............................................3
      3.3. Server Certificate .........................................3
      3.4. Certificate Request ........................................4
      3.5. Client Certificate .........................................5
      3.6. Other Handshake Messages ...................................5
   4. Security Considerations .........................................5
   5. IANA Considerations .............................................6
   6. Acknowledgements ................................................6
   7. References ......................................................6
      7.1. Normative References .......................................6
      7.2. Informative References .....................................7

Mavrogiannopoulos             Experimental                      [Page 1]
RFC 5081                   Using OpenPGP Keys              November 2007

1.  Introduction

   The IETF has two sets of standards for public key certificates, one
   set for use of X.509 certificates [PKIX] and one for OpenPGP
   certificates [OpenPGP].  At the time of writing, TLS [TLS] standards
   are defined to use only X.509 certificates.  This document specifies
   a way to negotiate use of OpenPGP certificates for a TLS session, and
   specifies how to transport OpenPGP certificates via TLS.  The
   proposed extensions are backward compatible with the current TLS
   specification, so that existing client and server implementations
   that make use of X.509 certificates are not affected.

2.  Terminology

   The term "OpenPGP key" is used in this document as in the OpenPGP
   specification [OpenPGP].  We use the term "OpenPGP certificate" to
   refer to OpenPGP keys that are enabled for authentication.

   This document uses the same notation and terminology used in the TLS
   Protocol specification [TLS].

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   document are to be interpreted as described in [RFC2119].

3.  Changes to the Handshake Message Contents

   This section describes the changes to the TLS handshake message
   contents when OpenPGP certificates are to be used for authentication.

3.1.  Client Hello

   In order to indicate the support of multiple certificate types,
   clients MUST include an extension of type "cert_type" (see Section 5)
   to the extended client hello message.  The hello extension mechanism
   is described in [TLSEXT].

   This extension carries a list of supported certificate types the
   client can use, sorted by client preference.  This extension MUST be
   omitted if the client only supports X.509 certificates.  The
   "extension_data" field of this extension contains a
   CertificateTypeExtension structure.

Mavrogiannopoulos             Experimental                      [Page 2]
RFC 5081                   Using OpenPGP Keys              November 2007

      enum { client, server } ClientOrServerExtension;

      enum { X.509(0), OpenPGP(1), (255) } CertificateType;

      struct {
         select(ClientOrServerExtension) {
            case client:
               CertificateType certificate_types<1..2^8-1>;
            case server:
               CertificateType certificate_type;
         }
      } CertificateTypeExtension;

   No new cipher suites are required to use OpenPGP certificates.  All

Show full document text