| Internet-Draft | EKU for Attestation Keys | March 2025 |
| Fiset, et al. | Expires 21 September 2025 | [Page] |
As described in [RFC5280], key usages are specified in X.509 certificates using the certificate extensions "Key Usage" and "Extended Key Usage". This document defines an Extended Key Usage (EKU) relating to keys that are dedicated to the purpose of signing attestation evidence as introduced in [RFC9334].¶
This note is to be removed before publishing as an RFC.¶
Status information for this document may be found at https://datatracker.ietf.org/doc/draft-jpfiset-lamps-attestationkey-eku/.¶
Discussion of this document takes place on the Limited Additional Mechanisms for PKIX and SMIME mailing list (mailto:spasm@ietf.org), which is archived at https://mailarchive.ietf.org/arch/browse/spasm/. Subscribe at https://www.ietf.org/mailman/listinfo/spasm/.¶
Source for this draft and an issue tracker can be found at https://github.com/jpfiset/draft-jpfiset-attestationkey-eku.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 21 September 2025.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
Attesters, as defined in Remote Attestation Procedures (RATS) in [RFC9334], can use cryptographic private keys to identify the origin of the evidence and protect its integrity. Those private keys are referred to as Attestation Keys.¶
Attestation Keys can be endorsed by a Certification Authority (CA) by issuing X.509 certificates (see [RFC5280]). Those certificates SHOULD include an extended key usage to indicate that the associated key is dedicated to the purpose of attesting evidence. This allows recipients of signed evidence to trust that the associated key is controlled according to the constraints specified in this document.¶
Much of the terms used in this specification are borrowed from RATS ([RFC9334]). Readers of this specification should review the RATS architecture and its terminology to put in context the text presented in this specification.¶
Attestation Key : A key under the control of the Attester and reserved for the purpose of signing collected claims.¶
This specification defines the KeyPurposeId id-kp-attestationKey. This KeyPurposeId is reserved for Attestation Keys.¶
The term "signing attestation evidence" refers to performing a digital signature using an Attestation Key over content that includes claims about the target environment (see [RFC9334]).¶
An Attestation Key must be associated with the "digital signing" key usage, as any other keys used to performed digital signature. Furthermore, an Attestation Key MUST adhere to the following constraints:¶
An Attestation Key SHOULD be used only by an Attester to digitally sign claims that the Attester can observe in the target environment. The Attester SHOULD not use the Attestation Key for any other purpose (dedication).¶
An Attestation Key MUST not be controlled by any entity other than the associated Attester. This constraint is to ensure that other entity can not impersonate the Attester (non-repudiation).¶
When the EKU id-kp-attestationKey is included in a X.509, other considerations should be taken:¶
In [RFC9334], the Verifier is the role that consumes the evidence produced by an Attester. As part of the verification process, the Verifier assesses endorsements, among other things. A X.509 certificate containing the EKU id-kp-attestationKey is an endorsement of the Attester by the issuing authorities.¶
While assessing an endorsement provided this way, a Verifier must follow all practices to validate the veracity of the certificate.¶
Attestation Keys are instantiated and operated on by cryptographic modules. These modules MUST provide the services required to restrict the use of an Attestation Key to its associated Attester.¶
The mechanisms used to perform those restrictions are out of scope for this document.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶
For attestation evidence to be valuable, coordination between the various roles is required:¶
The cryptographic module MUST restrict the use of the Attestation Key to the associated Attester.¶
The CA MUST ensure that the Attester is the only entity that controls the Attestation Key which is subject to the issuance of a certificate.¶
A Verifier must perform the assessment of the presented evidence using all the procedures required to ascertain as to the origin and validity of the attester.¶
The risks associated with a failure of this coordination reduces the quality of the trustworthiness of the evidence.¶
The implications are outlines in the Security Considerations section in RATS ([RFC9334]).¶
IANA needs to assign an object identifier (OID) for this purpose.¶
The following ASN.1 module provides the complete definition of the Attestation Key KeyPurposeId.¶
DEFINITIONS EXPLICIT TAGS ::=
BEGIN
-- EXPORTS ALL --
-- IMPORTS NOTHING --
-- OID Arc --
id-kp OBJECT IDENTIFIER ::= {
iso(1) identified-organization(3) dod(6) internet(1)
security(5) mechanisms(5) pkix(7) kp(3) }
-- Attestation Key Extended Key Usage --
id-kp-attestationKey OBJECT IDENTIFIER ::= { id-kp XX }
END
¶
TODO acknowledge.¶