Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 1 | NDN Certificate Format Version 2.0 |
| 2 | ================================== |
| 3 | |
| 4 | .. contents:: |
| 5 | |
| 6 | Since signature verification is a common operation in NDN applications, it is |
| 7 | important to define a common certificate format to standardize the public key |
| 8 | authentication procedure. As every NDN data packet is signed, a data packet |
| 9 | that carries a public key as content is conceptually a certificate. However, |
| 10 | the specification of a data packet is not sufficient to be the specification of |
| 11 | a common certificate format, as it requires additional components. For example, |
| 12 | a certificate may follow a specific naming convention and may need to include |
| 13 | validity period, revocation information, etc. This specification defines |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 14 | naming and structure of the NDN certificates and is complementary to NDN packet |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 15 | specification. |
| 16 | |
| 17 | :: |
| 18 | |
| 19 | Overview of NDN certificate format |
| 20 | +--------------------------+ |
| 21 | | Name | |
| 22 | +--------------------------+ |
| 23 | | MetaInfo | |
| 24 | |+------------------------+| |
| 25 | || ContentType: KEY(2) || |
| 26 | |+------------------------+| |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 27 | |+------------------------+| |
| 28 | || FreshnessPeriod: >~ 1h || |
| 29 | |+------------------------+| |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 30 | +--------------------------+ |
| 31 | | Content | |
| 32 | |+------------------------+| |
| 33 | || Public Key || |
| 34 | |+------------------------+| |
| 35 | +--------------------------+ |
| 36 | | SignatureInfo | |
| 37 | |+------------------------+| |
| 38 | || SignatureType: ... || |
| 39 | || KeyLocator: ... || |
| 40 | || ValidityPeriod: ... || |
| 41 | || ... || |
| 42 | |+------------------------+| |
| 43 | +--------------------------+ |
| 44 | | SignatureValue | |
| 45 | +--------------------------+ |
| 46 | |
| 47 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 48 | CertificateV2 ::= DATA-TLV TLV-LENGTH |
| 49 | Name (= /<NameSpace>/KEY/[KeyId]/[IssuerId]/[Version]) |
| 50 | MetaInfo (.ContentType = KEY, |
| 51 | .FreshnessPeriod >~ 1h)) |
| 52 | Content (= X509PublicKeyContent) |
| 53 | SignatureInfo (= CertificateV2SignatureInfo) |
| 54 | SignatureValue |
| 55 | |
| 56 | X509PublicKeyContent ::= CONTENT-TLV TLV-LENGTH |
| 57 | BYTE+ (= public key bits in PKCS#8 format) |
| 58 | |
| 59 | CertificateV2SignatureInfo ::= SIGNATURE-INFO-TYPE TLV-LENGTH |
| 60 | SignatureType |
| 61 | KeyLocator |
| 62 | ValidityPeriod |
| 63 | ... optional critical or non-critical extension blocks ... |
| 64 | |
| 65 | |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 66 | Name |
| 67 | ---- |
| 68 | |
Yingdi Yu | 7f8e8fe | 2015-11-04 12:24:11 -0800 | [diff] [blame] | 69 | The name of a certificate consists of five parts as shown below: |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 70 | |
| 71 | :: |
| 72 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 73 | /<SubjectName>/KEY/[KeyId]/[IssuerId]/[Version] |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 74 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 75 | A certificate name starts with the subject to which a public key is bound. The following parts |
| 76 | include the keyword ``KEY`` component, KeyId, IssuerId, and version components. |
| 77 | |
| 78 | ``KeyId`` is an opaque name component to identify an instance of the public key for the |
| 79 | certificate namespace. The value of `Key ID` is controlled by the namespace owner and can be |
| 80 | an 8-byte random number, SHA-256 digest of the public key, timestamp, or a simple numerical |
| 81 | identifier. |
| 82 | |
| 83 | ``Issuer Id`` is an opaque name component to identify issuer of the certificate. The value is |
| 84 | controlled by the certificate issuer and, similar to KeyId, can be an 8-byte random number, |
| 85 | SHA-256 digest of the issuer's public key, or a simple numerical identifier. |
| 86 | |
| 87 | |
Yingdi Yu | 7f8e8fe | 2015-11-04 12:24:11 -0800 | [diff] [blame] | 88 | For example, |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 89 | |
| 90 | :: |
| 91 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 92 | /edu/ucla/cs/yingdi/KEY/%03%CD...%F1/%9F%D3...%B7/%FD%d2...%8E |
| 93 | \_________________/ \___________/ \___________/\___________/ |
| 94 | Certificate Namespace Key Id Issuer Id Version |
| 95 | (Identity) |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 96 | |
| 97 | |
| 98 | MetaInfo |
| 99 | -------- |
| 100 | |
| 101 | The ``ContentType`` of certificate is set to ``KEY`` (2). |
| 102 | |
| 103 | The ``FreshnessPeriod`` of certificate must be explicitly specified. The |
| 104 | recommended value is 1 hour (3,600,000 milliseconds). |
| 105 | |
| 106 | Content |
| 107 | ------- |
| 108 | |
| 109 | By default, the content of a certificate is the public key encoded in |
| 110 | `X509PublicKey <https://tools.ietf.org/html/rfc5280#section-4.1.2.7>`__ format. |
| 111 | |
| 112 | SignatureInfo |
| 113 | ------------- |
| 114 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 115 | The SignatureInfo block of a certificate is required to include the ``ValidityPeriod`` field. |
| 116 | ``ValidityPeriod`` includes two sub TLV fields: ``NotBefore`` and ``NotAfter``, which carry two |
| 117 | UTC timestamps in ISO 8601 compact format (``yyyymmddTHHMMSS``, e.g., "20020131T235959"). |
| 118 | ``NotBefore`` indicates when the certificate takes effect while ``NotAfter`` indicates when the |
| 119 | certificate expires. |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 120 | |
| 121 | .. note:: |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 122 | Using ISO style string is the convention of specifying the validity period of certificate, |
| 123 | which has been adopted by many certificate systems, such as X.509, PGP, and DNSSEC. |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 124 | |
| 125 | :: |
| 126 | |
| 127 | ValidityPeriod ::= VALIDITY-PERIOD-TYPE TLV-LENGTH |
| 128 | NotBefore |
| 129 | NotAfter |
| 130 | |
| 131 | NotBefore ::= NOT-BEFORE-TYPE TLV-LENGTH |
| 132 | BYTE{15} |
| 133 | |
| 134 | NotAfter ::= NOT-AFTER-TYPE TLV-LENGTH |
| 135 | BYTE{15} |
| 136 | |
| 137 | For each TLV, the TLV-TYPE codes are assigned as below: |
| 138 | |
| 139 | +---------------------------------------------+-------------------+----------------+ |
| 140 | | TLV-TYPE | Assigned code | Assigned code | |
| 141 | | | (decimal) | (hexadecimal) | |
| 142 | +=============================================+===================+================+ |
| 143 | | ValidityPeriod | 253 | 0xFD | |
| 144 | +---------------------------------------------+-------------------+----------------+ |
| 145 | | NotBefore | 254 | 0xFE | |
| 146 | +---------------------------------------------+-------------------+----------------+ |
| 147 | | NotAfter | 255 | 0xFF | |
| 148 | +---------------------------------------------+-------------------+----------------+ |
| 149 | |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 150 | Extensions |
| 151 | ~~~~~~~~~~ |
| 152 | |
| 153 | A certificate may optionally carry some extensions in SignatureInfo. An extension |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 154 | could be either critical or non-critical depends on the TLV-TYPE code convention. A |
| 155 | critical extension implies that if a validator cannot recognize or parse the |
| 156 | extension, the validator must reject the certificate. A non-critical extension |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 157 | implies that if a validator cannot recognize or cannot parse the extension, the |
| 158 | validator may ignore the extension. |
| 159 | |
| 160 | The TLV-TYPE code range [256, 512) is reserved for extensions. The last bit of a |
| 161 | TLV-TYPE code indicates whether the extension is critical or not: ``1`` for critical |
| 162 | while ``0`` for non-critical. If an extension could be either critical or |
| 163 | non-critical, the extension should be allocated with two TLV-TYPE codes which only |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 164 | differ at the last bit. |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 165 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 166 | Extensions |
| 167 | ---------- |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 168 | |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 169 | We list currently defined extensions: |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 170 | |
| 171 | +---------------------------------------------+-------------------+----------------+ |
| 172 | | TLV-TYPE | Assigned code | Assigned code | |
| 173 | | | (decimal) | (hexadecimal) | |
| 174 | +=============================================+===================+================+ |
Zhiyi Zhang | f4bb5c7 | 2015-08-19 19:02:51 -0700 | [diff] [blame] | 175 | | AdditionalDescription (non-critical) | 258 | 0x0102 | |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 176 | +---------------------------------------------+-------------------+----------------+ |
Yingdi Yu | fba8a63 | 2015-06-08 22:25:54 -0700 | [diff] [blame] | 177 | |
| 178 | AdditionalDescription |
| 179 | ~~~~~~~~~~~~~~~~~~~~~ |
| 180 | |
| 181 | ``AdditionalDescription`` is a non-critical extension that provides additional |
| 182 | information about the certificate. The information is expressed as a set of |
| 183 | key-value pairs. Both key and value are UTF-8 strings, e.g., |
| 184 | ``("Organization", "UCLA")``. The issuer of a certificate can specify arbitrary |
| 185 | key-value pair to provide additional description about the certificate. |
| 186 | |
| 187 | :: |
| 188 | |
| 189 | AdditionalDescription ::= ADDITIONAL-DESCRIPTION-TYPE TLV-LENGTH |
| 190 | DescriptionEntry+ |
| 191 | |
| 192 | DescriptionEntry ::= DESCRIPTION-ENTRY-TYPE TLV-LENGTH |
| 193 | DescriptionKey |
| 194 | DescriptionValue |
| 195 | |
| 196 | DescriptionKey ::= DESCRIPTION-KEY-TYPE TLV-LENGTH |
| 197 | BYTE+ |
| 198 | |
| 199 | DescriptionValue ::= DESCRIPTION-VALUE-TYPE TLV-LENGTH |
| 200 | BYTE+ |
| 201 | |
| 202 | +---------------------------------------------+-------------------+----------------+ |
| 203 | | TLV-TYPE | Assigned code | Assigned code | |
| 204 | | | (decimal) | (hexadecimal) | |
| 205 | +=============================================+===================+================+ |
| 206 | | DescriptionEntry | 512 | 0x0200 | |
| 207 | +---------------------------------------------+-------------------+----------------+ |
| 208 | | DescriptionKey | 513 | 0x0201 | |
| 209 | +---------------------------------------------+-------------------+----------------+ |
| 210 | | DescriptionValue | 514 | 0x0202 | |
| 211 | +---------------------------------------------+-------------------+----------------+ |