]> Credential Confirmation with DNS Transmute
orie@transmute.industries
Security Secure Patterns for Internet CrEdentials Digital Credentials TLS Authentication Record Domain Binding Confirmation Claim Digital Crededentials on the Internet often JSON Web Token (JWT) and CBOR Web Token (CWT), which depends on third parties to certify the keys used. This document improves on that situation by enabling the administrators of domain names to specify the keys used in that domain's digital credentials. This is accomplished by describing how to discover thumbprints for proof-of-possession keys, as described in RFC 7800 and RFC 8747, using TLSA Records as described in RFC 6698. This approach can be leveraged to develop revocation and assurance capabilities for digital credentials. About This Document The latest revision of this draft can be found at . Status information for this document may be found at . Discussion of this document takes place on the Secure Patterns for Internet CrEdentials Working Group mailing list (), which is archived at . Subscribe at . Source for this draft and an issue tracker can be found at .
Introduction JSON Web Token (JWT) and CBOR Web Token (CWT) based digital credential formats can express claims made by an Issuer (iss) and a Subject (sub). The confirmation claim (cnf) can be used to bind proof-of-possession keys to the Subject claim (sub), which can be a string or URI. In cases where the Subject is a URL, the JSON Web Key Thumbprint (jkt) or COSE Key Thumbprint (ckt) can be published to the Domain Name System (DNS). This document describes how digital credentials can leverage specifications developed to support Internet X.509 Public Key Infrastructure Certificate (PKIX), Transport Layer Security (TLS), DNS-Based Authentication of Named Entities (DANE), in order to enable conceptually similar functionality, based on JSON Object Signing and Encryption (JOSE) and CBOR Object Signing and Encryption (COSE).
Terminology The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 when, and only when, they appear in all capitals, as shown here. JWT is described in , CWT is described in . Confirmation claim cnf is described in and . JWT, CWT and CNF related claims such as iss, sub, and nonce are shared by both token formats. TLSA Resource Record and related terminology are described in . This document does not introduce new terminology.
Confirmation Claim This section provides a summary of the confirmation claim and its possible structures in JOSE and COSE, and does not alter or extend the definition of cnf in or . The confirmation claim is an object or map, supporting one or more confirmation methods. The following informative example of a decoded JWT claimset is provided:
Confirmation claim in JOSE
A similar example of a CWT claimset, is provided in Extended Diagnostic Notation (EDN), see for more details.
Confirmation claim in COSE
In order to be compatible with , the value of the confirmation claim must be reducible to a hash in a verifiable way. For JWK and COSE_Key, the hash is produced according to and respectively. For JKT and CKT, the hash is already present, but must be converted to hexadecimal before use in TLSA Records. For JWE and Encrypted_COSE_Key, the key must be decrypted and then the process for JWK and COSE_Key is applied.
Key Binding The confirmation claim can be used to establish key binding, as described in , and . Publishing a confirmation key associated with a subject, and using globally unique identifiers to identify subjects has additional impact on privacy and traceability. See this document's privacy considerations for additional details.
Confirmation Claim Record This section describes the structure of the confirmation claim record. As described in , there are several components of a TLSA record, including:
  • TLSA Certificate Usages
  • TLSA Selectors
  • TLSA Matching Types
Until the associated IANA registries contain an entry specific to this draft, the value reserved for private use (255) MUST be used. Similar to the process for deriving a prefxied DNS domain name as described in , the structure of the confirmation claim needs to be converted to a prefixed DNS domain name. In JOSE, the string claim names are used, but in COSE the integer values are used. For example: The COSE credential claimset:
Example COSE Claimset
Produces the following prefixed DNS domain name: The following command can be run to retrieve the confirmation claim record:
Example cnf query
The following informative example of an answer is provided:
Example cnf query answer
The JOSE credential claimset:
Example JOSE Claimset
Produces the following prefixed DNS domain name: The following command can be run to retrieve the confirmation claim record:
Example cnf query
The following informative example of an answer is provided:
Example cnf query answer
In both of the preceeding examples, the claimset contained a key, but the tlsa cnf record contained a thumbprint. In order to match the claimset confirmation method to the hash retrieved from the cnf record, the process described in Section 1 MUST be followed. Section 5 of describes a mechanism for embedding a key identifier in certificate logs which enables several useful properties for digital credentials. In particular, the organization identifiers associated with a digitial emblem can be discovered through distribution of certificate transparency logs. This approach could be extended to feeds of related credential information, by replacing the key identifier with a merkle root for another transparency system. Enabling the holder of a digital emblem to disclose several credentials, potentially with distinct trust chains, which can be useful in cross border scenarios. Future work from the IETF SCITT or KEY TRANS working groups could provide useful building blocks for extending Certificate Transparency based discoverability of digital credentials. TODO: Consider merkle root instead of single key thumbprint, confirm multiple keys with a single record. TODO: Consider relationship to Key Transparency, Metadata & Capability Discovery, Certificate Transparency. TODO: Consider BBS / accumulator alternatives to set membership with merkle proofs.
Usage
Before Issuance The issuer needs to first authenticate the subject, and establishing that they control a confirmation key. There are several established mechanisms which might be relevant to this step, including and . At this stage the issuer SHOULD perform the following additional actions:
  • Resolve the subject's confirmation claim record as described in Section 2
  • Confirm the record contains a thumbprint which matches confirmation claim as described in Section 1
This step is not always required, because of the timing and availability issues associated with setting the confirmation claim record.
After Verification After verifying the presentation of a digital credential which included a confirmation claim, the verifier has confirmed the issuer's signature matches their public key, and that the subject's confirmation key is in their possession. Additional validation checks MUST be performed first, including reviewing the valid from and valid until related claims, and checking the At this stage the verifier SHOULD perform the following additional actions:
  • Convert the verified claim set to the confirmation claim record, and resolve it as described in Section 2.
  • Verify that the confirmation claim record contains a hash that matches the confirmation claim in the credential as described in Section 1.
Revocation This section builds on the After Verification process described above, and applies it to the concrete use case of Subject initiated credential revocation. In the event that a device or service controlling the proof-of-possession key for a credential is stolen or compromised, the subject can revoke the confirmation claim the issuer commited to, by deleteing the associated confirmation record. After deleting the record, the subject can contact the issuer and obtain a fresh credential with a new confirmation key, and add a new confirmation record to their domain name. Due to the timeing and availability constraints of the DNS, verifiers can still be deceived by presentations of the stolen credential. The utility of this subject directed revocation depends on the responsiveness and realtime revocation capabilities of the issuer. For example, if an issuer could revoke the credential in 5 minutes, and the DNS takes 30 minutes to update, the issuer should be contacted to revoke the credential first. However, if the issuer can only revoke credentials in a 24 hour window, and the DNS takes 30 minutes to propagate the subject's revocation of the credential, the subject should revoke the credential first, and then contact the issuer.
Assurance This section builds on the Before Isssunace process described above, and applies it to the concrete use case of providing the issuer with increased assurance that a subject identified with a URL and presenting a given public key, controls the associated domain, and the associated private key. In this case, the DNS enables the subject to publish and unpublish the thumbprint of the public key they wish to use for digital credentials on the associated domain. This approach could be extended to other protocols, and is inspired by similar approaches to demonstrating control of resources or proving possession for example Automated Certificate Management Environment (acme) and DNS-Based Authentication of Named Entities (DANE).
Digital Emblems One use case for confirming credentials via DNS is enabling digital emblems or badges. describes the challenge of recognizing if a person, organization, vehicle, or asset is recognized or protected under international laws. proposes a JSON Web Token based solution to this challenge similar to the approach described in this draft. Using confirmation methods with digital emblems can help protect them against forgery or theft, by requiring an attacker to gain control of both the digital infrastructure where the emblem is published and any cryptographic key material associated with the confirmation method for the credential. This specification currently extends the TLSA record for digital credential use cases, however it is possible that more fit for purpose DNS Resource Record (RR) types might be created to support digitial emblems in the future.
Privacy Considerations As noted in , A proof-of-possession key can be used as a correlation handle if the same key is used with multiple parties. Thus, for privacy reasons, it is recommended that different proof-of-possession keys be used when interacting with different parties. By publishing the confirmation key thumbprint, a domain operator is intentionaly enabling this type of correlation. Resolving confirmation key thumbprints at the time of verification reveals timing information related to credential processing. TODO: additional privacy considerations.
Security Considerations The security considerations of , , , , and apply. After verification of a credential which includes a confirmation claim or a key binding token, it is essential that the verifier confirm the key is still published under the domain associated with the subject. Prior to the issuance or digital credentials it is essential that the issuer obtain proof that the subject of the credential controls the associated proof of possession key. TODO: additional security considerations.
Internationalization Considerations This specification is not limited to URLs that rely on HTTPS. Considerations for international domain names in and both apply. For example: ☕.example becomes xn--53h.example when converting from a subject identifier to a TLSA record. TODO: additional i18n considerations.
IANA Considerations This document has no IANA actions.
Implementation Status Note to RFC Editor: Please remove this section as well as references to before AUTH48. This section records the status of known implementations of the protocol defined by this specification at the time of posting of this Internet-Draft, and is based on a proposal described in . The description of implementations in this section is intended to assist the IETF in its decision processes in progressing drafts to RFCs. Please note that the listing of any individual implementation here does not imply endorsement by the IETF. Furthermore, no effort has been spent to verify the information presented here that was supplied by IETF contributors. This is not intended as, and must not be construed to be, a catalog of available implementations or their features. Readers are advised to note that other implementations may exist. According to , "this will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature. It is up to the individual working groups to use this information as they see fit".
Transmute Prototype Organization: Transmute Industries Inc Name: https://github.com/transmute-industries/jwt.vc Description: An application demonstrating the concepts is available at https://jwt.vc Maturity: Prototype Coverage: The current version ('main') implements a post verification check similar to the one described in this document. License: Apache-2.0 Implementation Experience: No interop testing has been done yet. The code works as proof of concept, but is not yet production ready. Contact: Orie Steele (orie@transmute.industries)
Acknowledgments TODO acknowledge. Thanks to the authors of the following drafts:
--back
References Normative References JSON Web Token (JWT) JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted. CBOR Web Token (CWT) CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR), and CBOR Object Signing and Encryption (COSE) is used for added application-layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/value pair consisting of a claim name and a claim value. CWT is derived from JSON Web Token (JWT) but uses CBOR rather than JSON. Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs) This specification describes how to declare in a JSON Web Token (JWT) that the presenter of the JWT possesses a particular proof-of- possession key and how the recipient can cryptographically confirm proof of possession of the key by the presenter. Being able to prove possession of a key is also sometimes described as the presenter being a holder-of-key. Proof-of-Possession Key Semantics for CBOR Web Tokens (CWTs) This specification describes how to declare in a CBOR Web Token (CWT) (which is defined by RFC 8392) that the presenter of the CWT possesses a particular proof-of-possession key. Being able to prove possession of a key is also sometimes described as being the holder-of-key. This specification provides equivalent functionality to "Proof-of-Possession Key Semantics for JSON Web Tokens (JWTs)" (RFC 7800) but using Concise Binary Object Representation (CBOR) and CWTs rather than JavaScript Object Notation (JSON) and JSON Web Tokens (JWTs). The DNS-Based Authentication of Named Entities (DANE) Transport Layer Security (TLS) Protocol: TLSA Encrypted communication on the Internet often uses Transport Layer Security (TLS), which depends on third parties to certify the keys used. This document improves on that situation by enabling the administrators of domain names to specify the keys used in that domain's TLS servers. This requires matching improvements in TLS client software, but no change in TLS server software. [STANDARDS-TRACK] JWK Thumbprint URI This specification registers a kind of URI that represents a JSON Web Key (JWK) Thumbprint value. JWK Thumbprints are defined in RFC 7638. This enables JWK Thumbprints to be used, for instance, as key identifiers in contexts requiring URIs. CBOR Object Signing and Encryption (COSE) Key Thumbprint SECOM CO., LTD. Transmute This specification defines a method for computing a hash value over a COSE Key. It defines which fields in a COSE Key structure are used in the hash computation, the method of creating a canonical form of the fields, and how to hash the byte sequence. The resulting hash value can be used for identifying or selecting a key that is the subject of the thumbprint. Key words for use in RFCs to Indicate Requirement Levels In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements. Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings. Informative References Improving Awareness of Running Code: The Implementation Status Section This document describes a simple process that allows authors of Internet-Drafts to record the status of known implementations by including an Implementation Status section. This will allow reviewers and working groups to assign due consideration to documents that have the benefit of running code, which may serve as evidence of valuable experimentation and feedback that have made the implemented protocols more mature. This process is not mandatory. Authors of Internet-Drafts are encouraged to consider using the process for their documents, and working groups are invited to think about applying the process to all of their protocol specifications. This document obsoletes RFC 6982, advancing it to a Best Current Practice. Mapping Characters for Internationalized Domain Names in Applications (IDNA) 2008 In the original version of the Internationalized Domain Names in Applications (IDNA) protocol, any Unicode code points taken from user input were mapped into a set of Unicode code points that "made sense", and then encoded and passed to the domain name system (DNS). The IDNA2008 protocol (described in RFCs 5890, 5891, 5892, and 5893) presumes that the input to the protocol comes from a set of "permitted" code points, which it then encodes and passes to the DNS, but does not specify what to do with the result of user input. This document describes the actions that can be taken by an implementation between receiving user input and passing permitted code points to the new IDNA protocol. This document is not an Internet Standards Track specification; it is published for informational purposes. OAuth 2.0 Demonstrating Proof of Possession (DPoP) This document describes a mechanism for sender-constraining OAuth 2.0 tokens via a proof-of-possession mechanism on the application level. This mechanism allows for the detection of replay attacks with access and refresh tokens. OAuth 2.0 Attestation-Based Client Authentication MATTR This specification defines an extension to the OAuth 2 protocol as defined in [RFC6749] which enables a Client Instance to include a key-bound attestation in interactions with an Authorization Server or a Resource Server. This new method enables Client Instances involved in a client deployment that is traditionally viewed as a public client, to be able to utilize this key-bound attestation to authenticate. CBOR Extended Diagnostic Notation (EDN): Application-Oriented Literals, ABNF, and Media Type Universität Bremen TZI The Concise Binary Object Representation, CBOR (STD 94, RFC 8949), defines a "diagnostic notation" in order to be able to converse about CBOR data items without having to resort to binary data. This document specifies how to add application-oriented extensions to the diagnostic notation. It then defines two such extensions for text representations of epoch-based date/times and of IP addresses and prefixes (RFC 9164). A few further additions close some gaps in usability. To facilitate tool interoperation, this document specifies a formal ABNF definition for extended diagnostic notation (EDN) that accommodates application- oriented literals. Transport Layer Security (TLS) Authentication with Verifiable Credential (VC) LINKS Foundation LINKS Foundation This document defines a new certificate type and extension for the exchange of Verifiable Credentials in the handshake of the Transport Layer Security (TLS) protocol. The new certificate type is intended to add the Verifiable Credentials as a new means of authentication. The resulting authentication process leverages a distributed ledger as the root of trust of the TLS endpoints' public keys. The endpoints can use different distributed ledger technologies to store their public keys and to perform the TLS handshake. High Assurance DIDs with DNS CIRA CIRA Northern Block Digital Governance Council This document outlines a method for improving the authenticity, discoverability, and portability of Decentralized Identifiers (DIDs) by utilizing the current DNS infrastructure and its technologies. This method offers a straightforward procedure for a verifier to cryptographically cross-validate a DID using data stored in the DNS, separate from the DID document. Leveraging DNS in Digital Trust: Credential Exchanges and Trust Registries CIRA CIRA NorthernBlock This memo describes an architecture for trust registry membership association and verification using Decentralized Identifiers (DIDs), trust registries, and the DNS. This architecture provides a verifier with a simple process by which to determine and verify an issuer's membership in a trust registry. The Decentralized Identifier (DID) in the DNS nic.at GmbH Danube Tech GmbH This document specifies the use of the URI Resource Record Type to publish Decentralized Identifiers (DIDs) in the DNS. UserInfo Verifiable Credentials as MLS Credentials Cisco Cisco This specification extends Message Layer Security (MLS) credentials framework with a new credential type, "UserInfoVC", based on the OpenID Connect UserInfo Verifiable Credential type "UserInfoCredential". A UserInfo Verifiable Credential encapsulates the UserInfo claims from the OpenID provider as a Verifiable Credential that can be presented to a third-party Verifier. These credentials can be easily provisioned to MLS clients using the OpenID Connect login flows, augmented with type "UserInfoCredential". The credential itself is an object associating identity attributes to the signature public key that the client will use in MLS, signed by the OpenID Provider. In situations where the OpenID Provider is distinct from the MLS Delivery Service, these credentials provide end-to-end secure identity assurance. SD-JWT-based Verifiable Credentials (SD-JWT VC) MATTR Authlete Inc. Ping Identity This specification describes data formats as well as validation and processing rules to express Verifiable Credentials with JSON payloads with and without selective disclosure based on the SD-JWT [I-D.ietf-oauth-selective-disclosure-jwt] format. Selective Disclosure CWTs (SD-CWT) mesur.io Transmute This document describes how to perform selective disclosure of claims withing a CBOR Web Token (CWT) [RFC8392] as well as how to create and verify those tokens. This document does not define any new cryptography. UTS46 n.d. Problem Statement for Digitized Emblems Johns Hopkins University Applied Physics Lab Microsoft PCH International law defines a number of emblems, such as the blue helmets of United Nations peacekeeping forces, the blue and white shield of UNESCO, and the Red Cross of the International Committee of the Red Cross, as indicative of special protections under the Geneva Conventions. Similar protections attach to journalists who wear "Press" protective emblems on the battlefield, under Article 79 of Protocol I of the Geneva Conventions and Resolution 2222 of the United Nations Security Council. The emblems of national governments and inter-governmental organizations protect diplomatic pouches, couriers, and envoys under the Vienna Convention on Diplomatic Relations. Other marks enjoy protections against mis-use under the Paris Convention, the Madrid Protocol, and the Trade-Related Aspects of Intellectual Property Rights. Such physical emblems have a number of weaknesses and do not translate to the digital realm. This document provides a summary of the problems and documents identified requirements from a number of stakeholders for a digital emblem which addresses the shortcomings of the physical emblems and makes possible the indication of protections of digital assets under international law. An Authenticated Digital EMblem - Core Specification n.d.