LAMPS P. Liu, Ed.
Internet-Draft X. Liu, Ed.
Intended status: Informational R. Yang, Ed.
Expires: 7 June 2025 Y. Zhang, Ed.
Pengcheng Laboratory
4 December 2024
Simple Local Web PKI Certificate Resource Preservation Management for
Internet Browser
draft-liu-lamps-browser-webpki-cert-preservation-01
Abstract
The management of Web PKI certificate resources presents a challenge
when the misalignment of ownership and management rights over
certificate resources of one organization creating a risk of
unilateral suspension and revocation by another competing
organizations. This situation undermines the stability of critical
infrastructure and affects the integrity of authentication systems.
To address these concerns, this document proposes a mechanism that
allows Internet browsers to create a customized management view of
certificate resources, enabling them to override verification results
from specific certification authorities as needed. This approach
enhances security, facilitates stakeholder collaboration, and
preserves the operational integrity of essential industry systems.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on 7 June 2025.
Copyright Notice
Copyright (c) 2024 IETF Trust and the persons identified as the
document authors. All rights reserved.
Liu, et al. Expires 7 June 2025 [Page 1]
Internet-Draft Certificate Preservation for Internet Br December 2024
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Design Goals . . . . . . . . . . . . . . . . . . . . . . . . 3
4. The local Web PKI certificate resource preservation mechanism
based on Internet browser . . . . . . . . . . . . . . . . 3
4.1. Local Web PKI Certificate Resource Preservation Process in
Internet Browser Certificate Verification . . . . . . . . 3
4.2. Local certificate preservation repository . . . . . . . . 5
5. Appendix A . . . . . . . . . . . . . . . . . . . . . . . . . 9
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
7. Security Considerations . . . . . . . . . . . . . . . . . . . 10
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 10
8.1. Normative References . . . . . . . . . . . . . . . . . . 10
8.2. Informative References . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 11
1. Introduction
The current SSL/TLS certificate architecture faces challenges due to
the increasing centralization of major certificate authorities (CAs),
which are controlled by a few institutions. Many critical systems
worldwide depend on these centralized CAs, making their verification
processes vulnerable to external influences from OCSP, CRL, and CT
systems that may have competing interests. This reliance can lead to
malicious revocation of certificates, rendering important industry
services inaccessible and impacting the national economy.
The misalignment of ownership and management rights over certificate
resources of one organization (can be a nation or a large group)
creates a risk of unilateral suspension and revocation by another
competing organizations (can be also a nation or a large group).
Addressing this issue requires developing a certificate resource
management technology that is compatible with existing authentication
systems while allowing organizations to replace the certificate
verification results provided by certain certification authority CAs
when necessary. Currently, no specific standards exist for these
scenarios, some Internet browsers may provide related configurations
Liu, et al. Expires 7 June 2025 [Page 2]
Internet-Draft Certificate Preservation for Internet Br December 2024
that ignore all certificate errors or are similar to whitelists.
However, generally ignoring all SSL/TLS certificate verification
errors is considered unsecure and poses serious security risks.
This document proposes a straightforward mechanism for Internet
browsers to create a local customized management view of Web PKI
certificate resources. It enables organizations to overwrite
certificate data or verification results from certain CAs when
needed, thus retaining control over their critical certificates. By
implementing this local preservation mechanism, organizations can
mitigate the risks associated with malicious revocation or the
failure to reissue expired certificates. Users can independently
assess the validity of certificates, ensuring the stable operation of
essential systems and enhancing overall network security across
various industries.
2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
3. Design Goals
The local Web PKI certificate resource preservation mechanism aims to
achieve two main goals.
1. After the basic certificate verification process defined in
RFC5280 is completed, if a specified error occurs, such as a
certificate being revoked or expired, the organizational user
(can be nation or a large group) can autonomously decide which
certificates are valid.
2. As needed, organizational user can define their own untrusted
certificates, regardless of whether they are verified as
legitimate or not during the standard verification process.
4. The local Web PKI certificate resource preservation mechanism based
on Internet browser
4.1. Local Web PKI Certificate Resource Preservation Process in
Internet Browser Certificate Verification
Liu, et al. Expires 7 June 2025 [Page 3]
Internet-Draft Certificate Preservation for Internet Br December 2024
+------------+ +-------------+ +------------+ +-------------+
|certificate | | basic | |certificate | | verification|
|chain |<-->| verification|<-->|preservation|<-->| result |
| | | (RFC5280) | | | | |
+------------+ +-------------+ +------------+ +-------------+
Figure 1: the certificate preservation process based on Internet Browser
The process of Web PKI certificate resource preservation based on
Internet Browser is shown in Figure 1. After completing basic
certificate verification following [RFC5280] in the browser, the
browser uses the "LocalCertWhiteFilters" defined in section 3.2 to
verify whether the serial number "SerialNumber" of the target leaf
certificate exists in the whitelist certificate filter item
"CertWhiteFilters" of the current local certificate preservation
repository, or whether the subject name "subjectName" of the target
leaf certificate exists in the whitelist certificate filter item
"CertWhiteFilters" of the current local certificate preservation
repository, or if the subject alternative name extension
"subjectAltName" of the target leaf certificate exists, to verify
whether the subject alternative name exists in the whitelist
certificate filter item "WhiteCertFilters" of the current local
certificate preservation repository. As long as one of the
conditions is met, it is matched to the whitelist certificate filter
item "CertWhiteFilters" of the current local certificate preservation
repository. If a specific error number "ErrorNo" is found during the
basic certificate verification process, such as the target leaf
certificate being revoked or expired, the current target leaf
certificate should be considered valid.
According to the definition of "LocalCertBlackAssertions" in
Section 3.2 of the local certificate preservation repository, verify
whether the serial number "SerialNumber" of the target leaf
certificate exists in the blacklist certificate assertion item
"CertBlackAssertions" of the current local certificate preservation
repository, or verify whether the subject name "subjectName" of the
target leaf certificate exists in the blacklist certificate assertion
item "CertBlackAssertions" of the current local certificate
preservation repository, or if the subject alternative name extension
of the target leaf certificate exists, verify whether the
"subjectAltName" exists in the blacklist certificate assertion item
"CertBlackAssertions" of the current local certificate preservation
repository, or verify whether the issuer name "Issuer" exists in the
current local certificate preservation repository's blacklist
certificate assertion item "CertBlackAssertions", Alternatively, if
the issuer alternative name extension of the target leaf certificate
exists, verify whether the "issuerAltName" exists in the current
local certificate preservation repository's blacklist certificate
Liu, et al. Expires 7 June 2025 [Page 4]
Internet-Draft Certificate Preservation for Internet Br December 2024
assertion item "CertBlackAssertions". As long as one of the
conditions is met, regardless of whether any errors occur during the
basic certificate verification process, the current target leaf
certificate should be considered invalid and the browser user should
be given a corresponding network certificate status prompt.
4.2. Local certificate preservation repository
This mechanism defines and introduces the format of the certificate
preservation repository based on JSON files. The local Web PKI
certificate resource preservation mechanism or service in the
certificate verification process of Internet browsers that comply
with this mechanism shall comply with the format specification
defined in this section. This mechanism uses ASN. 1 Specific
Encoding Rules (DER) to encode the basic fields of the following
certificate parameter items and form specific certificate parameter
data structures. ASN. 1 DER encoding is an encoding system for the
tag, length, and value of each element. For certificate preservation
repository based on JSON format files, their local whitelist
certificate filters "LocalCertWhiteFilters" and blacklist certificate
assertions "LocalCertBlackAssertions" members are specified in JSON
format [RFC8259]. JSON members not defined here are not allowed to
be used in certificate preservation repository files. The
implementation of Internet browsers must treat any deviation from
this specification as an error. For the functional version updates
related to the specifications in this document, this mechanism
increments the "Version" field in the JSON file to indicate the
version and functional differences of the local certificate
preservation repository.
The certificate preservation repository file format based on JSON
format is as follows:
{
“Version”:1,
“LocalCertWhiteFilters”:{
“ErrorNo”:ERR_CERT_REVOKED,
“CertWhiteFilters”:[],
},
“LocalCertBlackAssertions”:{
“CertBlackAssertions”:[],
}
}
The "Version" member is set to 1 and encoded as a number in this
standard version.
Liu, et al. Expires 7 June 2025 [Page 5]
Internet-Draft Certificate Preservation for Internet Br December 2024
For the local white list certificate filter "LocalCertWhiteFilters"
in the certificate preservation repository file, Internet browser
users can configure zero or more white list certificate filter items
"CertWhiteFilters" that have passed the basic certificate
verification logic, where each white list certificate filter item
"CertWhiteFilters" can include the "SerialNumber" of the certificate,
the "SerialNumber" of the certificate, and/or the "subjectName" of
the certificate. This mechanism suggests that each white list
certificate filter item should contain an explanatory note "comment",
so as to explain the relevant matching information to Internet
browser users as much as possible and facilitate their understanding.
In file format, the content of the local whitelist certificate filter
"LocalCertWhiteFilters" is represented as the values of the members
"ErrorNo" and "CertWhiteFilters". The member "ErrorNo" describes the
type of certificate error that occurs in the basic certificate
verification logic, which is a positive integer with a value of a
number in JSON format. Its default value is ERR_CERT_REVOKED (value
201, the types and value definitions of basic certificate errors
defined in this mechanism can be found in Appendix A). Any algorithm
implementation that complies with this mechanism can extend and
define its own error types. The member CertWhiteFilters is
represented by an array of zero or more objects, each object must
contain at least one of the following members, or a combination of
these members.
1. "serialNumber", the serial number, is of type INTEGER, and in
JSON format, its value is a number.
2. "subjectName", the subject name, is of type Name. In JSON
format, its value is the Base64 encoding of the certificate's
subject name, without the trailing character '='. This means
that the value of this member is an ASN. 1 byte string (OCTET
STRING) without an ASN. 1 tag and length field.
3. "subjectAltName", the alternative name for the subject, is of
type GeneralNames. In JSON format, its value is the Base64
encoding of the certificate's subject alternative name, with no
trailing character '=', meaning that the value of this member is
an ASN. 1 byte string (OCTET STRING) without an ASN. 1 tag and
length field.
4. "comment", a configuration item related annotation, whose value
is a string in JSON format, used to explain the annotation of
this configuration item.
Liu, et al. Expires 7 June 2025 [Page 6]
Internet-Draft Certificate Preservation for Internet Br December 2024
For the local blacklist certificate assertion
"LocalCertBlackAssertions" in the certificate security repository
file, Internet browser users can configure zero or more blacklist
certificate assertion device entries "CertBlackAssertions" that have
passed the basic certificate verification logic, where each blacklist
certificate assertion entry "CertBlackAssertions" can include the
"SerialNumber" of the certificate, the "subjectName" of the
certificate, the "subjectAltName" of the certificate, the "issuer"
name of the certificate, and/or the issuer alternative name
"issuerAltName" of the certificate. This mechanism recommends that
each blacklist certificate assertion item contain an explanatory not
"comment", so as to explain relevant matching information to Internet
browser users as much as possible and facilitate users'
understanding.
In terms of format, the content of "LocalCertBlackAssertions", a
local blacklist certificate assertion, is represented as the value of
a "CertBlackAssertions" member, which is an array of zero or more
objects. Each object must contain at least one of the following
members, or a combination of the following members.
1. "serialNumber", the serial number, is of type INTEGER, and in
JSON format, its value is a number.
2. "subjectName", the subject name, is of type Name. In JSON
format, its value is the Base64 encoding of the certificate's
subject name, without the trailing character '='. This means
that the value of this member is an ASN. 1 byte string (OCTET
STRING) without an ASN. 1 tag and length field.
3. "subjectAltName", the alternative name for the subject, is of
type GeneralNames. In JSON format, its value is the Base64
encoding of the certificate's subject alternative name, with no
trailing character '=', meaning that the value of this member is
an ASN. 1 byte string (OCTET STRING) without an ASN. 1 tag and
length field.
4. "issuerName" is of type Name, and in JSON format, its value is
the Base64 encoding of the certificate issuer's name, without the
trailing character '=', meaning that the value of this member is
an ASN. 1 byte string (OCTET STRING) without an ASN. 1 tag and
length field.
Liu, et al. Expires 7 June 2025 [Page 7]
Internet-Draft Certificate Preservation for Internet Br December 2024
5. "issuerAltName" is of type GeneralNames, with field formats
specified in RFC 5280. In JSON format, its value is the Base64
encoding of the certificate issuer's alternative name, followed
by no trailing character '=', meaning that the value of this
member is an ASN. 1 byte string (OCTET STRING) without an ASN. 1
tag and length field.
6. "comment", a configuration item related annotation, whose value
is a string in JSON format, used to explain the annotation of
this configuration item.
It should be noted that in actual systems, multiple local certificate
preservation repository files based on JSON format may be supported
for simultaneous use. To ensure consistency in local functionality,
the configuration of multiple local certificate preservation
repository files must ensure that there are no conflicts. In other
words, the Internet browser should check the local white list
certificate filter "LocalCertWhiteFilters" field and the local black
list certificate assertion "LocalCertBlackAssertions" field in each
local certificate preservation repository file to ensure that there
are no overlapping configuration entries, and also ensure that there
are no overlapping configuration entries in the local white list
certificate filter "LocalCertWhiteFilters" field and the local black
list certificate assertion "LocalCertBlackAssertions" field between
different local certificate preservation repository files. If a
conflict is detected, an error should be reported to the user who
created the relevant local certificate preservation repository file.
Internet browsers should de duplicate multiple local certificate
preservation repository files as a collection. If there is any
overlap between the local white list certificate filter
“LocalCertWhiteFilters” field and the local black list certificate
assertion “LocalCertBlackAssertions” field between the local
certificate preservation repository files, the entire collection must
be rejected.
The summary of all members and types supported by the JSON format
local certificate preservation repository file in this mechanism is
as follows:
Liu, et al. Expires 7 June 2025 [Page 8]
Internet-Draft Certificate Preservation for Internet Br December 2024
{
“Version”:Type Int,
“LocalCertWhiteFilters”: {
“ErrorNo”: Type Int,
“CertWhiteFilters”[
{
“serialNumber”: Type Int,
“subjectName”: "",
“subjectAltName”: "",
“comment”: Type String,
}
],
},
“LocalCertBlackAssertions”:{
“CertBlackAssertions”:[
{
“serialNumber”: Type Int,
“subjectName”: "",
“subjectAltName”: "",
“issuerName”: "",
“issuerAltName”: "",
“comment”: Type String,
}
],
}
}
5. Appendix A
The meaning of the following errors can be literally seen from common
browsers.
ERR_CERT_INVALID:201,
ERR_SSL_PINNED_KEY_NOT_IN_CERT_CHAIN:202,
ERR_CERT_REVOKED:203,
ERR_CERT_AUTHORITY_INVALID:204,
ERR_CERT_COMMON_NAME_INVALID:205,
ERR_CERT_WEAK_SIGNATURE_ALGORITHM:206,
ERR_CERT_DATE_INVALID:207,
ERR_CERT_VALIDITY_TOO_LONG:208,
ERR_CERT_NO_REVOCATION_MECHANISM:209,
ERR_CERT_UNABLE_TO_CHECK_REVOCATION:210,
ERR_CERTIFICATE_TRANSPARENCY_REQUIRED:211,
ERR_CERT_SYMANTEC_LEGACY:212,
ERR_CERT_NAME_CONSTRAINT_VIOLATION:213,
ERR_CERT_KNOWN_INTERCEPTION_BLOCKED:214,
ERR_CERT_WEAK_KEY:215,
ERR_CERT_STATUS_NON_UNIQUE_NAME:216,
Liu, et al. Expires 7 June 2025 [Page 9]
Internet-Draft Certificate Preservation for Internet Br December 2024
6. IANA Considerations
This memo includes no request to IANA.
7. Security Considerations
This mechanism defines the reference specification for the Internet
browser to locally preserve and manage the customized Web PKI
certificate resources, and provides a simple mechanism to enable the
Internet browser (in its implementation form, it may also be a
browser proxy) to establish a local customized management view of the
Web PKI certificate resources, and to overwrite the certificate data
or verification results published by certain certification authority
CAs when necessary. This mechanism addresses the security issues of
domain name certificate resources in network infrastructure, namely
the risk of unilateral suspension and revocation of certificate
ownership due to the mismatch between ownership and management rights
of certificate resources; Cleverly resolving the contradiction
between unity and autonomy, key infrastructure improvement and
stability, compatible with the contradiction between existing and
smooth substitution, compatible with existing authentication systems,
enabling stakeholders in the network to smoothly replace existing
authentication, cope with the impact of malicious revocation of
important industry certificates, and ensure the safe and normal
operation of important industry systems. For this reason, Internet
browsers (relying parties or their agents) conforming to this
mechanism can autonomously decide and process any certificate and its
verification results asserted by the local certificate preservation
database according to local management requirements. This mechanism
is applicable to the implementation and application of the Internet
browser certificate resource preservation system based on Web PKI,
and it is applicable to ensuring the smooth operation of the secure
network access related to the business of an organization, without
being subject to the management and control of other organizations
that may have competitive interests; The Internet browser local
certificate preservation specifications defined in this section are
universal, and can also be applied to other similar network security
applications and environments of different types based on PKI
mechanism.
8. References
8.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
.
Liu, et al. Expires 7 June 2025 [Page 10]
Internet-Draft Certificate Preservation for Internet Br December 2024
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, .
8.2. Informative References
[RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
Housley, R., and W. Polk, "Internet X.509 Public Key
Infrastructure Certificate and Certificate Revocation List
(CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
.
Authors' Addresses
Penghui Liu (editor)
Pengcheng Laboratory
No.2 Xingke 1 Street
Shenzhen
518055
China
Email: liuph@pcl.ac.cn
Xiang Liu (editor)
Pengcheng Laboratory
No.2 Xingke 1 Street
Shenzhen
518055
China
Email: liux15@pcl.ac.cn
Rongwei Yang (editor)
Pengcheng Laboratory
No.2 Xingke 1 Street
Shenzhen
518055
China
Email: yangrw@pcl.ac.cn
Yu Zhang (editor)
Pengcheng Laboratory
No.2 Xingke 1 Street
Shenzhen
518055
China
Email: zhangy08@pcl.ac.cn
Liu, et al. Expires 7 June 2025 [Page 11]