📄 rfc3280.txt
字号:
Network Working Group R. HousleyRequest for Comments: 3280 RSA LaboratoriesObsoletes: 2459 W. PolkCategory: Standards Track NIST W. Ford VeriSign D. Solo Citigroup April 2002 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) ProfileStatus of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.Copyright Notice Copyright (C) The Internet Society (2002). All Rights Reserved.Abstract This memo profiles the X.509 v3 certificate and X.509 v2 Certificate Revocation List (CRL) for use in the Internet. An overview of this approach and model are provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail, and required extensions are defined. An algorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices.Table of Contents 1 Introduction . . . . . . . . . . . . . . . . . . . . . . 4 2 Requirements and Assumptions . . . . . . . . . . . . . . 5 2.1 Communication and Topology . . . . . . . . . . . . . . 6 2.2 Acceptability Criteria . . . . . . . . . . . . . . . . 6 2.3 User Expectations . . . . . . . . . . . . . . . . . . . 7 2.4 Administrator Expectations . . . . . . . . . . . . . . 7 3 Overview of Approach . . . . . . . . . . . . . . . . . . 7Housley, et. al. Standards Track [Page 1]
RFC 3280 Internet X.509 Public Key Infrastructure April 2002 3.1 X.509 Version 3 Certificate . . . . . . . . . . . . . . 8 3.2 Certification Paths and Trust . . . . . . . . . . . . . 9 3.3 Revocation . . . . . . . . . . . . . . . . . . . . . . 11 3.4 Operational Protocols . . . . . . . . . . . . . . . . . 13 3.5 Management Protocols . . . . . . . . . . . . . . . . . 13 4 Certificate and Certificate Extensions Profile . . . . . 14 4.1 Basic Certificate Fields . . . . . . . . . . . . . . . 15 4.1.1 Certificate Fields . . . . . . . . . . . . . . . . . 16 4.1.1.1 tbsCertificate . . . . . . . . . . . . . . . . . . 16 4.1.1.2 signatureAlgorithm . . . . . . . . . . . . . . . . 16 4.1.1.3 signatureValue . . . . . . . . . . . . . . . . . . 16 4.1.2 TBSCertificate . . . . . . . . . . . . . . . . . . . 17 4.1.2.1 Version . . . . . . . . . . . . . . . . . . . . . . 17 4.1.2.2 Serial number . . . . . . . . . . . . . . . . . . . 17 4.1.2.3 Signature . . . . . . . . . . . . . . . . . . . . . 18 4.1.2.4 Issuer . . . . . . . . . . . . . . . . . . . . . . 18 4.1.2.5 Validity . . . . . . . . . . . . . . . . . . . . . 22 4.1.2.5.1 UTCTime . . . . . . . . . . . . . . . . . . . . . 22 4.1.2.5.2 GeneralizedTime . . . . . . . . . . . . . . . . . 22 4.1.2.6 Subject . . . . . . . . . . . . . . . . . . . . . . 23 4.1.2.7 Subject Public Key Info . . . . . . . . . . . . . . 24 4.1.2.8 Unique Identifiers . . . . . . . . . . . . . . . . 24 4.1.2.9 Extensions . . . . . . . . . . . . . . . . . . . . . 24 4.2 Certificate Extensions . . . . . . . . . . . . . . . . 24 4.2.1 Standard Extensions . . . . . . . . . . . . . . . . . 25 4.2.1.1 Authority Key Identifier . . . . . . . . . . . . . 26 4.2.1.2 Subject Key Identifier . . . . . . . . . . . . . . 27 4.2.1.3 Key Usage . . . . . . . . . . . . . . . . . . . . . 28 4.2.1.4 Private Key Usage Period . . . . . . . . . . . . . 29 4.2.1.5 Certificate Policies . . . . . . . . . . . . . . . 30 4.2.1.6 Policy Mappings . . . . . . . . . . . . . . . . . . 33 4.2.1.7 Subject Alternative Name . . . . . . . . . . . . . 33 4.2.1.8 Issuer Alternative Name . . . . . . . . . . . . . . 36 4.2.1.9 Subject Directory Attributes . . . . . . . . . . . 36 4.2.1.10 Basic Constraints . . . . . . . . . . . . . . . . 36 4.2.1.11 Name Constraints . . . . . . . . . . . . . . . . . 37 4.2.1.12 Policy Constraints . . . . . . . . . . . . . . . . 40 4.2.1.13 Extended Key Usage . . . . . . . . . . . . . . . . 40 4.2.1.14 CRL Distribution Points . . . . . . . . . . . . . 42 4.2.1.15 Inhibit Any-Policy . . . . . . . . . . . . . . . . 44 4.2.1.16 Freshest CRL . . . . . . . . . . . . . . . . . . . 44 4.2.2 Internet Certificate Extensions . . . . . . . . . . . 45 4.2.2.1 Authority Information Access . . . . . . . . . . . 45 4.2.2.2 Subject Information Access . . . . . . . . . . . . 46 5 CRL and CRL Extensions Profile . . . . . . . . . . . . . 48 5.1 CRL Fields . . . . . . . . . . . . . . . . . . . . . . 49 5.1.1 CertificateList Fields . . . . . . . . . . . . . . . 50 5.1.1.1 tbsCertList . . . . . . . . . . . . . . . . . . . . 50Housley, et. al. Standards Track [Page 2]
RFC 3280 Internet X.509 Public Key Infrastructure April 2002 5.1.1.2 signatureAlgorithm . . . . . . . . . . . . . . . . 50 5.1.1.3 signatureValue . . . . . . . . . . . . . . . . . . 51 5.1.2 Certificate List "To Be Signed" . . . . . . . . . . . 51 5.1.2.1 Version . . . . . . . . . . . . . . . . . . . . . . 52 5.1.2.2 Signature . . . . . . . . . . . . . . . . . . . . . 52 5.1.2.3 Issuer Name . . . . . . . . . . . . . . . . . . . . 52 5.1.2.4 This Update . . . . . . . . . . . . . . . . . . . . 52 5.1.2.5 Next Update . . . . . . . . . . . . . . . . . . . . 53 5.1.2.6 Revoked Certificates . . . . . . . . . . . . . . . 53 5.1.2.7 Extensions . . . . . . . . . . . . . . . . . . . . 53 5.2 CRL Extensions . . . . . . . . . . . . . . . . . . . . 53 5.2.1 Authority Key Identifier . . . . . . . . . . . . . . 54 5.2.2 Issuer Alternative Name . . . . . . . . . . . . . . . 54 5.2.3 CRL Number . . . . . . . . . . . . . . . . . . . . . 55 5.2.4 Delta CRL Indicator . . . . . . . . . . . . . . . . . 55 5.2.5 Issuing Distribution Point . . . . . . . . . . . . . 58 5.2.6 Freshest CRL . . . . . . . . . . . . . . . . . . . . 59 5.3 CRL Entry Extensions . . . . . . . . . . . . . . . . . 60 5.3.1 Reason Code . . . . . . . . . . . . . . . . . . . . . 60 5.3.2 Hold Instruction Code . . . . . . . . . . . . . . . . 61 5.3.3 Invalidity Date . . . . . . . . . . . . . . . . . . . 62 5.3.4 Certificate Issuer . . . . . . . . . . . . . . . . . 62 6 Certificate Path Validation . . . . . . . . . . . . . . . 62 6.1 Basic Path Validation . . . . . . . . . . . . . . . . . 63 6.1.1 Inputs . . . . . . . . . . . . . . . . . . . . . . . 66 6.1.2 Initialization . . . . . . . . . . . . . . . . . . . 67 6.1.3 Basic Certificate Processing . . . . . . . . . . . . 70 6.1.4 Preparation for Certificate i+1 . . . . . . . . . . . 75 6.1.5 Wrap-up procedure . . . . . . . . . . . . . . . . . . 78 6.1.6 Outputs . . . . . . . . . . . . . . . . . . . . . . . 80 6.2 Extending Path Validation . . . . . . . . . . . . . . . 80 6.3 CRL Validation . . . . . . . . . . . . . . . . . . . . 81 6.3.1 Revocation Inputs . . . . . . . . . . . . . . . . . . 82 6.3.2 Initialization and Revocation State Variables . . . . 82 6.3.3 CRL Processing . . . . . . . . . . . . . . . . . . . 83 7 References . . . . . . . . . . . . . . . . . . . . . . . 86 8 Intellectual Property Rights . . . . . . . . . . . . . . 88 9 Security Considerations . . . . . . . . . . . . . . . . . 89 Appendix A. ASN.1 Structures and OIDs . . . . . . . . . . . 92 A.1 Explicitly Tagged Module, 1988 Syntax . . . . . . . . . 92 A.2 Implicitly Tagged Module, 1988 Syntax . . . . . . . . . 105 Appendix B. ASN.1 Notes . . . . . . . . . . . . . . . . . . 112 Appendix C. Examples . . . . . . . . . . . . . . . . . . . 115 C.1 DSA Self-Signed Certificate . . . . . . . . . . . . . . 115 C.2 End Entity Certificate Using DSA . . . . . . . . . . . 119 C.3 End Entity Certificate Using RSA . . . . . . . . . . . 122 C.4 Certificate Revocation List . . . . . . . . . . . . . . 126 Author Addresses . . . . . . . . . . . . . . . . . . . . . . 128Housley, et. al. Standards Track [Page 3]
RFC 3280 Internet X.509 Public Key Infrastructure April 2002 Full Copyright Statement . . . . . . . . . . . . . . . . . . 1291 Introduction This specification is one part of a family of standards for the X.509 Public Key Infrastructure (PKI) for the Internet. This specification profiles the format and semantics of certificates and certificate revocation lists (CRLs) for the Internet PKI. Procedures are described for processing of certification paths in the Internet environment. Finally, ASN.1 modules are provided in the appendices for all data structures defined or referenced. Section 2 describes Internet PKI requirements, and the assumptions which affect the scope of this document. Section 3 presents an architectural model and describes its relationship to previous IETF and ISO/IEC/ITU-T standards. In particular, this document's relationship with the IETF PEM specifications and the ISO/IEC/ITU-T X.509 documents are described. Section 4 profiles the X.509 version 3 certificate, and section 5 profiles the X.509 version 2 CRL. The profiles include the identification of ISO/IEC/ITU-T and ANSI extensions which may be useful in the Internet PKI. The profiles are presented in the 1988 Abstract Syntax Notation One (ASN.1) rather than the 1997 ASN.1 syntax used in the most recent ISO/IEC/ITU-T standards. Section 6 includes certification path validation procedures. These procedures are based upon the ISO/IEC/ITU-T definition. Implementations are REQUIRED to derive the same results but are not required to use the specified procedures. Procedures for identification and encoding of public key materials and digital signatures are defined in [PKIXALGS]. Implementations of this specification are not required to use any particular cryptographic algorithms. However, conforming implementations which use the algorithms identified in [PKIXALGS] MUST identify and encode the public key materials and digital signatures as described in that specification. Finally, three appendices are provided to aid implementers. Appendix A contains all ASN.1 structures defined or referenced within this specification. As above, the material is presented in the 1988 ASN.1. Appendix B contains notes on less familiar features of the ASN.1 notation used within this specification. Appendix C contains examples of a conforming certificate and a conforming CRL.Housley, et. al. Standards Track [Page 4]
RFC 3280 Internet X.509 Public Key Infrastructure April 2002 This specification obsoletes RFC 2459. This specification differs from RFC 2459 in five basic areas: * To promote interoperable implementations, a detailed algorithm for certification path validation is included in section 6.1 of this specification; RFC 2459 provided only a high-level description of path validation. * An algorithm for determining the status of a certificate using CRLs is provided in section 6.3 of this specification. This material was not present in RFC 2459. * To accommodate new usage models, detailed information describing the use of delta CRLs is provided in Section 5 of this specification. * Identification and encoding of public key materials and digital signatures are not included in this specification, but are now described in a companion specification [PKIXALGS]. * Four additional extensions are specified: three certificate extensions and one CRL extension. The certificate extensions are subject info access, inhibit any-policy, and freshest CRL. The freshest CRL extension is also defined as a CRL extension. * Throughout the specification, clarifications have been introduced to enhance consistency with the ITU-T X.509 specification. X.509 defines the certificate and CRL format as well as many of the extensions that appear in this specification. These changes were introduced to improve the likelihood of interoperability between implementations based on this specification with implementations based on the ITU-T specification. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.2 Requirements and Assumptions The goal of this specification is to develop a profile to facilitate the use of X.509 certificates within Internet applications for those communities wishing to make use of X.509 technology. Such applications may include WWW, electronic mail, user authentication, and IPsec. In order to relieve some of the obstacles to using X.509Housley, et. al. Standards Track [Page 5]
RFC 3280 Internet X.509 Public Key Infrastructure April 2002⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -