Network Working Group D. Linsenbardt Request for Comments: 4059 S. Pontius Category: Informational A. Sturgeon SPYRUS May 2005 Internet X.509 Public Key Infrastructure Warranty Certificate Extension Status of This Memo This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited. Copyright Notice Copyright (C) The Internet Society (2005). Abstract This document describes a certificate extension to explicitly state the warranty offered by a Certificate Authority (CA) for the certificate containing the extension. 1. Introduction The warranty certificate extension identifies the warranty policy associated with a X.509 public key certificate [X.509-97, PROFILE]. Often the Certificate Authority (CA) will obtain an insurance policy to ensure coverage of the warranty. The certificate warranty provides an extended monetary coverage for the end entities. The certificate warranty primarily concerns the use, storage, and reliance on a certificate by a subscriber, a relying party, and the CA. It is common for a CA to establish reliance limits on the use of a certificate. It is not uncommon for a CA to attempt through contractual means to exclude its liability entirely. However, this undermines the confidence that commerce requires to gainfully use certificates. Alternatively a CA may provide extended coverage for the use of the certificate. Usually, the subscriber pays for the extended warranty coverage. In turn, subscribers are covered by an appropriately drafted insurance policy. The certificate warranty is backed by an insurance policy issued by a licensed insurance company, which results in a financial backing that is far greater than that of the Linsenbardt, et al. Informational [Page 1] RFC 4059 Warranty Certificate Extension May 2005 CA. This extra financial backing provides a further element of confidence necessary to encourage the use of certificates in commerce. A relying party that has a warranty from a CA may obtain compensation from a CA depending on the conditions for such compensation expressed in either the CA's Certificate Policy, the CA's insurance policy, or both. Evidence of an extended warranty, provided through the certificate extension, will give the relying party additional confidence that compensation is possible, and therefore will enhance trust in the process. Risk for a non-subscriber relying party may be reduced by the presence of a warranty extension with an explicit warranty stated. The warranty extension allows this aspect of risk management to be automated. When a certificate contains a warranty certificate extension, the extension MUST be non-critical, and MUST contain either a NULL to indicate that no warranty is provided or base warranty data to indicate that a warranty is provided. The extension MAY contain optional qualifiers. 1.1. Conventions Used in This Document The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. Warranty Extension Format Like all X.509 certificate extensions, the warranty certificate extension is defined using ASN.1 [X.208-88, X.209-88]. The non-critical warranty extension is identified by id-pe-warranty. PKIX Object Identifier Registry id-pkix OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) } PKIX Arcs id-mod OBJECT IDENTIFIER ::= { id-pkix 0 } -- modules id-pe OBJECT IDENTIFIER ::= { id-pkix 1 } -- private certificate extensions PKIX modules id-mod-warranty-extn OBJECT IDENTIFIER ::= { id-mod 27 } id-pe-warranty OBJECT IDENTIFIER ::= { id-pe 16 } Linsenbardt, et al. Informational [Page 2] RFC 4059 Warranty Certificate Extension May 2005 A non-null warranty always includes a base warranty. The warranty information includes the period during which the warranty applies, a warranty value, and a warranty type. The warranty type tells the warranty limit against claims. The extension definition supports two alternatives: aggregated and per-transaction. With aggregation, claims are fulfilled until a ceiling value is reached. After that, no further claims are fulfilled. With per-transaction, a ceiling value is imposed on each claim, but each transaction is considered independently. The warranty extension permits inclusion of two optional warranty qualifiers. The first qualifier provides extended warranty information, the second provides a pointer to the warranty terms and conditions. When present, the extended warranty information provides information about coverage beyond the scope of the base warranty. Like the base warranty information, the extended warranty information includes the period during which the warranty applies, a warranty value, and a warranty type. When present, the terms and conditions pointer provides a reference to a document containing the terms and conditions associated with the warranty. The document may be a Certificate Policy that contains this information, a document specifically about the warranty, or a Relying Party Agreement. The pointer is always a uniform resource locator (URL). The URL MUST be a non-relative URL using the http scheme. The URL MUST follow the URL syntax and encoding rules specified in RFC 3986 [URI]. 2.1. Warranty Extension Syntax The syntax for the warranty extension is: Warranty ::= CHOICE { none NULL, -- No warranty provided wData WarrantyData } -- Explicit warranty WarrantyData ::= SEQUENCE { base WarrantyInfo, extended WarrantyInfo OPTIONAL, tcURL TermsAndConditionsURL OPTIONAL } WarrantyInfo ::= SEQUENCE { validity WarrantyValidityPeriod, amount CurrencyAmount, wType WarrantyType } Linsenbardt, et al. Informational [Page 3] RFC 4059 Warranty Certificate Extension May 2005 WarrantyValidityPeriod ::= CHOICE { sameAsCertificate NULL, explicitPeriod ValidityPeriod } ValidityPeriod ::= SEQUENCE { notBefore GeneralizedTime, notAfter GeneralizedTime } -- CurrencyAmount specifies the currency and a monetary value. -- Currency codes are defined in [ISO4217]. The monetary value -- is: amount / (10 ** amtExp10), and the exponent MUST be the -- minor unit of currency specified in [ISO4217]. CurrencyAmount ::= SEQUENCE { currency INTEGER (1..999), amount INTEGER (0..MAX), amtExp10 INTEGER (0..MAX) } WarrantyType ::= INTEGER { aggregated (0), perTransaction (1) } TermsAndConditionsURL ::= IA5String -- MUST use http scheme 2.2. Warranty Extension Semantics Warranty is a CHOICE; it is represented either by NULL or WarrantyData. If the CA selects NULL, then the CA is explicitly stating that no warranty is provided. If the CA selects WarrantyData, then the CA is explicitly stating that a warranty is provided, and the fields within the WarrantyData type MUST provide details about that warranty. WarrantyData MUST contain information about the base warranty. WarrantyData MAY contain information about an extended warranty. Both base warranty and extended warranty information is provided using the WarrantyInfo type. WarrantyData MAY contain a URL that points to the terms and conditions of the warranty. The URL is provided using the TermsAndConditionsURL type, which is an IA5 string. The IA5String MUST contain a URI [URI] using the http scheme, such as "http://www.example.com/warranty/t_and_c.html". WarrantyInfo MUST contain the warranty validity period, the currency amount of the warranty, and the type of warranty. The warranty validity period is provided using the WarrantyValidityPeriod type. The currency amount of the warranty is provided using the CurrencyAmount type. The type of warranty is provided using the WarrantyType type. Linsenbardt, et al. Informational [Page 4] RFC 4059 Warranty Certificate Extension May 2005 WarrantyValidityPeriod is a CHOICE; it is represented either by NULL or ValidityPeriod. If the CA selects NULL, then the validity periods of the warranty and the certificate MUST be exactly the same. If the CA selects ValidityPeriod, then the CA is explicitly stating a warranty validity period that is different than the validity period of the certificate. If the validity periods of the warranty and the certificate are the same, then the CA MUST select the NULL choice. The validity periods are expected to be the same in the vast majority of the cases. ValidityPeriod is a SEQUENCE of two GeneralizedTime values. The first (notBefore) GeneralizedTime value MUST indicate the date and time that the warranty becomes valid, and the second (notAfter) GeneralizedTime value MUST indicate the date and time that the warranty expires. CurrencyAmount is a SEQUENCE of three integers which together specify the currency and a monetary value. The first integer (currency) MUST indicate the currency using one of the currency codes defined in [ISO4217]. The second integer (amount) MUST indicate the value of the warranty. The third integer (amtExp10) MUST indicate the correct placement of the decimal point in the monetary value, and MUST be the minor unit of currency specified in [ISO4217]. For example $48,525.50 (in US dollars) is represented as: currency = 840 amount = 4852550 amtExp10 = 2 WarrantyType is an integer. A value of zero indicates that claims against the warranty will be aggregated, and once the value of fulfilled claims reaches the warranty currency amount, then no further claim will be fulfilled. A value of one indicates that each claim is handled independently, but no individual claim can exceed the warranty currency amount. The CA MUST select either zero or one for this integer value. 3. Security Considerations The procedures and practices employed by the CA MUST ensure that the correct values for the warranty are inserted in each issued certificate. Relying parties and users may accept or reject a particular certificate for an intended use based on the information provided in warranty extension. Incorrect representation of the actual warranty may result in otherwise avoidable warranty claims for the CA. Linsenbardt, et al. Informational [Page 5] RFC 4059 Warranty Certificate Extension May 2005 4. IANA Considerations Certificate extensions and extended key usage values are identified by object identifiers (OIDs). The OIDs used in this document are derived from X.509 [X.509-97]. No further action by the IANA is necessary for this document or any anticipated updates. 5. ASN.1 Module WarrantyExtn { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) id-mod-warranty-extn(27) } DEFINITIONS IMPLICIT TAGS ::= BEGIN -- OID Arcs id-pe OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) pkix(7) 1 } -- Warranty Extension id-pe-warranty-extn OBJECT IDENTIFIER ::= { id-pe 16 } Warranty ::= CHOICE { none NULL, -- No warranty provided wData WarrantyData } -- Explicit warranty WarrantyData ::= SEQUENCE { base WarrantyInfo, extended WarrantyInfo OPTIONAL, tcURL TermsAndConditionsURL OPTIONAL } WarrantyInfo ::= SEQUENCE { validity WarrantyValidityPeriod, amount CurrencyAmount, wType WarrantyType } WarrantyValidityPeriod ::= CHOICE { sameAsCertificate NULL, explicitPeriod ValidityPeriod } Linsenbardt, et al. Informational [Page 6] RFC 4059 Warranty Certificate Extension May 2005 ValidityPeriod ::= SEQUENCE { notBefore GeneralizedTime, notAfter GeneralizedTime } -- CurrencyAmount specifies the currency and a monetary value. -- Currency codes are defined in [ISO4217]. The monetary value -- is: amount / (10 ** amtExp10), and the exponent MUST be the -- minor unit of currency specified in [ISO4217]. CurrencyAmount ::= SEQUENCE { currency INTEGER (1..999), amount INTEGER (0..MAX), amtExp10 INTEGER (0..MAX) } WarrantyType ::= INTEGER { aggregated (0), perTransaction (1) } TermsAndConditionsURL ::= IA5String END 6. Normative References [ISO4217] ISO. "Codes for the Representation of Currencies and Funds", ISO 4217. 1995. [PROFILE] Housley, R., Ford, W., Polk, W., and D. Solo, "Internet X.509 Public Key Infrastructure Certificate and CRL Profile", RFC 2459, January 1999. [URI] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform Resource Identifier (URI): Generic Syntax", STD 66, RFC 3986, January 2005. [X.208-88] CCITT. Recommendation X.208: Specification of Abstract Syntax Notation One (ASN.1). 1988. [X.209-88] CCITT. Recommendation X.209: Specification of Basic Encoding Rules for Abstract Syntax Notation One (ASN.1). 1988. 7. Informative References [X.509-97] ITU-T. Recommendation X.509: The Directory- Authentication Framework. 1997. Linsenbardt, et al. Informational [Page 7] RFC 4059 Warranty Certificate Extension May 2005 Acknowledgements This document was developed with the expertise and support of Russ Housley, Vigil Security LLC, and Dr. Adrian McCullagh, Freehills Australia. Authors' Addresses Duane Linsenbardt SPYRUS 2355 Oakland Road Suite 1 San Jose CA 95131 USA EMail: dlinsenbardt@spyrus.com Sue Pontius SPYRUS 2355 Oakland Road Suite 1 San Jose CA 95131 USA EMail: spontius@spyrus.com Alice Sturgeon SPYRUS Suite 1502, 222 Queen St., Ottawa ON K0A 2T0 Canada EMail: asturgeon@spyrus.com Linsenbardt, et al. Informational [Page 8] RFC 4059 Warranty Certificate Extension May 2005 Full Copyright Statement Copyright (C) The Internet Society (2005). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Intellectual Property The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf- ipr@ietf.org. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Linsenbardt, et al. Informational [Page 9]