LAMPS | A. Melnikov, Ed. |
Internet-Draft | Isode Ltd |
Intended status: Standards Track | W. Chuang, Ed. |
Expires: October 17, 2017 | Google, Inc. |
April 15, 2017 |
Internationalized Email Addresses in X.509 certificates
draft-ietf-lamps-eai-addresses-09
This document defines a new name form for inclusion in the otherName field of an X.509 Subject Alternative Name and Issuer Alternate Name extension that allows a certificate subject to be associated with an Internationalized Email Address.
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."
This Internet-Draft will expire on October 17, 2017.
Copyright (c) 2017 IETF Trust and the persons identified as the document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.
[RFC5280] defines rfc822Name subjectAltName choice for representing [RFC5321] email addresses. This form is restricted to a subset of US-ASCII characters and thus can't be used to represent Internationalized Email addresses [RFC6531]. To facilitate use of these Internationalized Email addresses with X.509 certificates, this document specifies a new name form in otherName so that subjectAltName and issuerAltName can carry them. In addition this document calls for all email address domain in X.509 certificates to conform to IDNA2008 [RFC5890].
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
The formal syntax use the Augmented Backus-Naur Form (ABNF) [RFC5234] notation.
The GeneralName structure is defined in [RFC5280], and supports many different names forms including otherName for extensibility. This section specifies the SmtpUTF8Name name form of otherName, so that Internationalized Email addresses can appear in the subjectAltName of a certificate, the issuerAltName of a certificate, or anywhere else that GeneralName is used.
id-on-SmtpUTF8Name OBJECT IDENTIFIER ::= { id-on 9 }
SmtpUTF8Name ::= UTF8String (SIZE (1..MAX))
When the subjectAltName (or issuerAltName) extension contains an Internationalized Email address, the address MUST be stored in the SmtpUTF8Name name form of otherName. The format of SmtpUTF8Name is defined as the ABNF rule SmtpUTF8Mailbox. SmtpUTF8Mailbox is a modified version of the Internationalized Mailbox which was defined in Section 3.3 of [RFC6531] which was itself derived from SMTP Mailbox from Section 4.1.2 of [RFC5321]. [RFC6531] defines the following ABNF rules for Mailbox whose parts are modified for internationalization: <Local-part>, <Dot-string>, <Quoted-string>, <QcontentSMTP>, <Domain>, and <Atom>. In particular, <Local-part> was updated to also support UTF8-non-ascii. UTF8-non-ascii was described by Section 3.1 of [RFC6532]. Also, sub-domain was extended to support U-label, as defined in [RFC5890].
This document further refines Internationalized [RFC6531] Mailbox ABNF rules and calls this SmtpUTF8Mailbox. In SmtpUTF8Mailbox, sub-domain that encode non-ASCII characters SHALL use U-label Unicode native character labels and MUST NOT use A-label [RFC5890]. This restriction prevents having to determine which label encoding A- or U-label is present in the Domain. As per Section 2.3.2.1 of [RFC5890], U-label use UTF-8 [RFC3629] with Normalization Form C and other properties specified there. In SmtpUTF8Mailbox, sub-domain that encode ASCII character labels SHALL use NR-LDH restrictions as specified by section 2.3.1 of [RFC5890] and SHALL be restricted to lower case letters. One suggested approach to apply these sub-domains restriction is to restrict sub-domain so that labels not start with two letters followed by two hyphen-minus characters. Consistent with the treatment of rfc822Name in [RFC5280], SmtpUTF8Name is an envelope <Mailbox> and has no phrase (such as a common name) before it, has no comment (text surrounded in parentheses) after it, and is not surrounded by "<" and ">".
Due to operational reasons described shortly and name constraint compatibility reasons described in its section, SmtpUTF8Name subjectAltName MUST only be used when the local part of the email address contains UTF-8. When the local-part is ASCII, rfc822Name subjectAltName MUST be used instead of SmtpUTF8Name. The use of rfc822Name rather than SmtpUTF8Name is currently more likely to be supported. Also use of SmtpUTF8Name incurs higher byte representation overhead due to encoding with otherName and the additional OID needed. This may be offset if domain requires non-ASCII characters as SmtpUTF8Name supports U-label whereas rfc822Name supports A-label.
SmtpUTF8Name is encoded as UTF8String. The UTF8String encoding MUST NOT contain a Byte-Order- Mark (BOM) [RFC3629] to aid consistency across implementations particularly for comparison.
To facilitate comparison between email addresses, all email address domain in X.509 certificates MUST conform to IDNA2008 [RFC5890]. Otherwise non-conforming email address domains introduces the possibility of conversion errors between alternate forms. This applies to SmtpUTF8Mailbox and rfc822Name in subjectAltName, issuerAltName and anywhere else that GeneralName is used.
In equivalence comparison with SmtpUTF8Name, there may be some setup work to enable the comparison i.e. processing of the SmtpUTF8Name content or the email address that is being compared against. The process for setup for comparing with SmtpUTF8Name is split into domain steps and local- part steps. The comparison form for local-part always is UTF-8. The comparison form for domain depends on context. While some contexts such as certificate path validation in [RFC5280] specify transforming domain to A-label, this document RECOMMENDS transforming to UTF-8 U-label instead. This reduces the likelihood of errors by reducing conversions as more implementations natively support U-label domains.
Comparison of two SmtpUTF8Name is straightforward with no setup work needed. They are considered equivalent if there is an exact octet-for-octet match. Comparison with other email address forms such as Internationalized email address or rfc822Name requires additional setup steps. Domain setup is particularly important for forms that may contain A- or U-label such as International email address, or A-label only forms such as rfc822Name. This document specifies the process to transform the domain to U-label. (To convert the domain to A-label, follow the process specified in section 7.5 and 7.2 in [RFC5280]) The first step is to detect A-label by using section 5.1 of [RFC5891]. Next if necessary, transform the A-label to U-label Unicode as specified in section 5.2 of [RFC5891]. Finally if necessary convert the Unicode to UTF-8 as specified in section 3 of [RFC3629]. For ASCII NR-LDH labels, upper case letters are converted to lower case letters. In setup for SmtpUTF8Mailbox, the email address local-part MUST conform to the requirements of [RFC6530] and [RFC6531], including being a string in UTF-8 form. In particular, the local-part MUST NOT be transformed in any way, such as by doing case folding or normalization of any kind. The <Local-part> part of an Internationalized email address is already in UTF-8. For rfc822Name the local-part, which is IA5String (ASCII), trivially maps to UTF-8 without change. Once setup is complete, they are again compared octet-for-octet.
To summarize non-normatively, the comparison steps including setup are:
This specification expressly does not define any wildcards characters and SmtpUTF8Name comparison implementations MUST NOT interpret any character as wildcards. Instead, to specify multiple email addresses through SmtpUTF8Name, the certificate SHOULD use multiple subjectAltNames or issuerAltNames to explicitly carry those email addresses.
This section updates [RFC5280] name constraints to work with SmtpUTF8Name subjectAltName. In the following, a CA or path verifier implementation that follows this specification is called SmtpUTF8Name aware.
SmtpUTF8Name aware path validators MUST be able to apply name constraint to the subject distinguished name and both forms of subject alternative name. That is rfc822Name name constraint applies to emailAddress subject distinguished name, and to SmtpUTF8Name and rfc822Name subject alternative name, as mentioned in Section 4.2.1.10 of [RFC5280]. Constraint comparison with SmtpUTF8Name subjectAltName uses the matching procedure defined by Section 5 including any setup steps. The lack of a SmtpUTF8Name name constraint form is intentional and motivated as described next.
This specification requires that SmtpUTF8Name aware CAs continue to issue certificates with rfc822Name name constraints form due to compatibility concerns with legacy systems. Using rfc822Name name constraints allows backwards compatibility with legacy path verifiers that only understand rfc822Name form, yet is forward compatible by being able to describe the intent of the CA to constrain both rfc822Name and SmtpUTF8Name subjectAltName to SmtpUTF8Name aware path verifiers. Oblivious legacy path verifier will not see the SmtpUTF8Name subjectAltName (nor the unknown otherNames), and thereby prevent the use of an unconstrained SmtpUTF8Name subjectAltName. Other implementations may detect an unknown otherNames, along with the critical bit set on the name constraints extension and then fail path verification. This too prevents use of an unconstrained SmtpUTF8Name subjectAltName. A legacy CA will use rfc822Name name constraints. As the CA's intent is to constrain all email addresses matching the constraint, this will be forward compatible with a SmtpUTF8Name aware path verifiers that applies the name constraint to either forms rfc822Name and SmtpUTF8Name subjectAltName.
The representation of name constraints are specified in Section 4.2.1.10 of [RFC5280] and there MAY represent a particular mailbox, all addresses at a host, or all mailboxes in a domain by specifying the complete email address, a host name, or a domain. This specification modifies [RFC5280] name constraint to only require with a MAY that it represents all addresses at a host or all mailboxes in a domain, and require with a MAY NOT that it represent a particular mailbox. This is motivated by rfc822Name name constraints inability to represent a specific mailbox with a UTF-8 email local part email address. Certificate issuers should be aware of this lessened support.
+-------------------------------------------------------------------+ | Root CA Cert | +-------------------------------------------------------------------+ | v +-------------------------------------------------------------------+ | Intermediate CA Cert | | Permitted | | rfc822Name: elementary.school.example.com (1) | | | | rfc822Name: xn--pss25c.example.com (2) | | | +-------------------------------------------------------------------+ | v +-------------------------------------------------------------------+ | Entity Cert (w/explicitly permitted subjects) | | SubjectAltName Extension | | rfc822Name: student@elemenary.school.example.com (1) | | SmtpUTF8Name: u+5B66u+751F@elementary.school.example.com (1) | | | | rfc822Name: student@xn--pss25c.example.com (2) | | SmtpUTF8Name: u+533Bu+751F@xn--pss25c.example.com (2) | | | +-------------------------------------------------------------------+
The name constraint requirement with SmtpUTF8Name subject alternative name is illustrated in the non-normative diagram Figure 1. The first example (1) illustrates a permitted rfc822Name ASCII only hostname name constraint, and the corresponding valid rfc822Name subjectAltName and SmtpUTF8Name subjectAltName email addresses. The second example (2) illustrates a permitted rfc822Name hostname name constraint with A-label, and the corresponding valid rfc822Name subjectAltName and SmtpUTF8Name subjectAltName email addresses.
Name constraints with SmtpUTF8Name and rfc822Name
Figure 1
Use for SmtpUTF8Name for certificate subjectAltName (and issuerAltName) will incur many of the same security considerations of Section 8 in [RFC5280] but is further complicated by permitting non-ASCII characters in the email address local-part. This complication, as mentioned in Section 4.4 of [RFC5890] and in Section 4 of [RFC6532], is that use of Unicode introduces the risk of visually similar and identical characters which can be exploited to deceive the recipient. The former document references some means to mitigate against these attacks.
in Section Section 3 and the ASN.1 module identifier defined in Section Appendix A. IANA is kindly requested to make the following assignments for:
[RFC5912] | Hoffman, P. and J. Schaad, "New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)", RFC 5912, DOI 10.17487/RFC5912, June 2010. |
The following ASN.1 module normatively specifies the SmtpUTF8Name structure. This specification uses the ASN.1 definitions from [RFC5912] with the 2002 ASN.1 notation used in that document. [RFC5912] updates normative documents using older ASN.1 notation.
LAMPS-EaiAddresses-2016 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-lamps-eai-addresses-2016(TBD) } DEFINITIONS IMPLICIT TAGS ::= BEGIN IMPORTS OTHER-NAME FROM PKIX1Implicit-2009 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-implicit-02(59) } id-pkix FROM PKIX1Explicit-2009 { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-pkix1-explicit-02(51) } ; -- -- otherName carries additional name types for subjectAltName, -- issuerAltName, and other uses of GeneralNames. -- id-on OBJECT IDENTIFIER ::= { id-pkix 8 } SmtpUtf8OtherNames OTHER-NAME ::= { on-SmtpUTF8Name, ... } on-SmtpUTF8Name OTHER-NAME ::= { SmtpUTF8Name IDENTIFIED BY id-on-SmtpUTF8Name } id-on-SmtpUTF8Name OBJECT IDENTIFIER ::= { id-on 9 } SmtpUTF8Name ::= UTF8String (SIZE (1..MAX)) END
Figure 2
This non-normative example demonstrates using SmtpUTF8Name as an otherName in GeneralName to encode the email address "u+8001u+5E2B@example.com".
The hexadecimal DER encoding of the email address is: A022060A 2B060105 05070012 0809A014 0C12E880 81E5B8AB 40657861 6D706C65 2E636F6D The text decoding is: 0 34: [0] { 2 10: OBJECT IDENTIFIER '1 3 6 1 5 5 7 0 18 8 9' 14 20: [0] { 16 18: UTF8String '..@example.com' : } : }
Figure 3
The example was encoded on the OSS Nokalva ASN.1 Playground and the above text decoding is an output of Peter Gutmann's "dumpasn1" program.
Thank you to Magnus Nystrom for motivating this document. Thanks to Russ Housley, Nicolas Lidzborski, Laetitia Baudoin, Ryan Sleevi, Sean Leonard, Sean Turner, John Levine, and Patrik Falstrom for their feedback. Also special thanks to John Klensin for his valuable input on internationalization, Unicode and ABNF formatting, to Jim Schaad for his help with the ASN.1 example and his helpful feedback, and to Viktor Dukhovni for his help with name constraints.