PKIX draft for Non-Repudiation certificates

Hello everybody.

It's nice to see that the non-repudiation debate is still alive.

During the IETF meeting in Chicago I proposed a new work-item for PKIX
called "Qualified Certificates".

I will now start working on this draft which I hope will be ready in its
first version before the next IETF meeting in December.

I received a lot of interest for this work in Chicago and many has promised
to contribute to the work.

I got OK from Warwick Ford to start debating topics in this draft on the
pkix list.

The basic idea is to leave PKIX part 1 as it is now and to resolve aspects
concerning non-repudiation certificates (for legal acceptance) in a new
certificate profile which fits on top of part 1.

Below follows some basic outlines for the draft which now are open for
debate on the list.

All comments are highly welcomed.

/Stefan


Stefan Santesson <stefan@xxxxxxxxxxx>
27/8/1998

This document outlines some basic considerations for an Internet draft
specifying a certificate profile for qualified certificates.
This should however not be considered as a complete list of topics to be
covered.

1. Background

Legal frameworks are currently emerging globally concerning digital
signatures and their value from a legal point of view. A common
characteristic for these frameworks is to identify some minimum
requirements for certificates which are to be considered qualified to
support digital signatures in order to make them compatible with
handwritten signatures. These requirements may emphasize different aspects
of certificate issuance such as requirements on liabilities, issuance by
accredited CA:s or information content.

The term Qualified Certificate denotes in this document a certificate which
includes a statement from the issuer that the certificate meets all
requirements, according to the legal framework under which the CA is
operating, necessary to support digital signatures for legal acceptance.

The main characteristics for Qualified Certificates according to the
proposed draft are that they:

- Are identifiable as a Qualified Certificate.
- Identifies liabilities undertaken by the issuer.
- Identifies any accreditation scheme undertaken by the issuer.
- Are issued only to natural persons (living human beings).
- Exclusively supports non-repudiation services aimed for an open public 
  environment.
- Contains an unmistakable name of the subject or an unmistakable pseudonym
  identified as such.
- Contains a minimum set of specific attribute of the subject which in 
  combination with the name forms a globally unique identity.

2. Scope

The scope of the internet draft will be to form a certificate profile,
based on PKIX part 1, which provides for interoperable coding and
interpretation of essential information elements in Qualified Certificates.

3. Policy issues

Certain policy aspects will define the context in which the profile is to
be understood and used. It will, however, be outside the scope of this
profile to specify the policies and legal frameworks that will govern
services that issues or utilizes certificates according this profile.

For the understanding of this profile it is assumed that the following
policy aspects apply for certificates which indicates the use of this profile:

1) It is assumed that the issuing CA will assume liability towards any 
   relying party who reasonably rely on a certificate, up to a certain 
   monetary amount.
2) It is assumed that the issuing CA will exclude liability for incorrect
   information in qualified certificates that has been provided by the
   certificate holder, if it can demonstrate that it has taken all
   reasonably practical measures to verify that information.
3) It is assumed that the CA will undertake to follow a publicly available
   certificate policy which is consistent with the undertaken liabilities.
4) It is assumed that the issuing CA will be obligated to assist in
   revealing the real identity of a subject, which is represented by a 
   pseudonym, to public authorities upon request.          
4) It is assumed that liabilities similar to those specified in this 
   section may be imposed automatically on the CA, according to the 
   governing legal framework within the country of issuance, if the CA 
   states in a certificate that it is intended to serve as a Qualified 
   Certificate.

4. Certificate profile

This section outlines some basic profile considerations and lists some
possible solutions.

The profile require use of X.509 v3 certificates according to PKIX part1.

4.1 Qualified Certificate statement

A Qualified Certificate shall contain a statement by the issuer that it is
intended to be a Qualified Certificate.

The statement may be expressed mainly in three ways where preferably one of
them should be selected for this profile.

1) By defining a new private extension.
2) By defining an OID for this statement (policy OID) which is indicated in 
   the policy extension filed of the certificate. 
3) By including the statement in the CA:s certificate policy.

Solution 2 will require that the policy extension indicates at least two
policy OID, one defined for the statement and one defining the liabilities,
practices and procedures undertaken by the CA

4.2 Indication of liabilities and accreditation

Liabilities and accreditation schemes undertaken by the CA shall be
specified in the certificate policy indicated in the policy extension field
and optionally by the governing legal framework.

4.3 Naming

This section includes some newly defined attribute types. Proposed coding
of attributes are for further study.

4.3.1 Issuer name

The issuer name shall contain an unmistakable name of the issuer,
identifying the organization liable for the certificate.

The country specified in issuer name denotes the country of issuance,
defining the jurisdiction for the governing legal framework.

4.3.2 Subject name

The subject name shall include:
- An unmistakable name or an unmistakable pseudonym identified as such 
- A minimum set of specific attributes which in combination with the 
  name of the subject form a globally unique identity.

4.3.2.1 Name of the subject

If the subject is represented by his/her real name the attributes surname
and givenName shall be used with the following meaning:

Surname (mandatory): The officially registered surname of the subject 
GivenName (mandatory): The officially registered given names of the subject

If the subject is represented by a pseudonym a specific pseudonym attribute
shall be used.

In addition to the attributes for real name or the attribute for pseudonym,
the commonName attribute may be used to present the subjects name or
pseudonym in a preferred presentation format.

If the commonName attribute is used the following rules apply:
- The content shall be consistent with either the real name presented in 
  the surname and givenName attributes, or the pseudonym presented in the 
  pseudonym attribute.
- The content may exclude given names which is not commonly used by the 
  subject.
- The content should be presented with given name first and surname last. 

A Qualified Certificate shall not contain both a real name and a pseudonym.

4.3.2.2 Specific attributes.

The profile shall not restrict the use of specific attributes. A globally
unique identity must however be given by combining the name of the
subscriber with a subset of the basic specific attributes defined in this
section.

Basic specific attributes:
- Country
- Nationally unique official registration number (context specified by the 
  attribute type)
- Undefined unique identifier (context specified in the certificate policy)
- Organization 
- Organizational unit
- Postal address (registered address of the subscriber)  

The country attribute specifies the context in which other basic attributes
are to be understood. I.e the registration number is a registration number
within that country and the organization is an organization or a branch
office located in that country. The country attribute does not necessarily
mach the subjects country of citizenship or country of residence. Nor does
it have to mach the country of issuance.

The country attribute is mandatory. All other basic attributes are optional.

4.3.2.3 Defined optional attributes 

Attributes in this section is defined solely for the purpose of uniform
interpretation. They do not form a complete set of allowed optional
attributes.

- Country of citizenship
- Country of residence


4.4 Key usage

The key usage extension SHALL exclusively indicate the key usage
nonRepudiation. No other key usage is allowed to be set. 


5. Security considerations

5.1 Private key policy

The legal value of a digital signature which is validated with a Qualified
Certificate will still be dependent upon the policy governing the use of
the associated private key. Both the private key holder as well as the
relying party should make reasonable sure that the private key only is used
with the consent of the legitimate key holder and only after the key
holders conscious acceptance of the signed message context.



-------------------------------------------------------------------
Stefan Santesson                <stefan@xxxxxxxxxxx>
Accurata Systemsäkerhet AB     
Lotsgatan 27 D                  Tel. +46-40 152211              
216 42  Malmö                   Fax. +46-40 150790              
Sweden                        Mobile +46-70 5247799

PGP fingerprint: 89BC 6C79 5B3D 591B 8547  1512 7D11 DBF4 528F 29A0
-------------------------------------------------------------------