Application of Attribute Certificates in S/MIME

1
Application of Attribute Certificates in S/MIME
47th IETF Conference Adelaide, March 2000

• Greg Colla Michael Zolotarev
• Baltimore Technologies

2
Overview
Attribute Certificates S/MIME

• S/MIME and PK Certificates
• S/MIME Problems
• Secure mail requirements
• Possible solutions
• E-mail Attribute Certificates
• Practical Implementation
• Issues

3
S/MIME Certificate Usage
Attribute Certificates S/MIME
Verification check signers e-mail address
against senders address Encryption obtaining
encryptees public key certificate
4
S/MIME Problems
Attribute Certificates S/MIME

• Multiple e-mail addresses
• User has multiple e-mail addresses
• Maintenance of e-mail addresses
• Change company name (and Internet domain)
• Security Proxy
• a proxy signs and decrypts on behalf of many
  users
• Privacy/Spam

5
Essential Requirements
Attribute Certificates S/MIME
6
Solution Criteria
Attribute Certificates S/MIME

• Cryptographically bound association between an
  e-mail address and a public key
• Unambiguous reference from e-mail address to PK
  certificate(s)
• Dynamic extension of address set
• Practical aspects
• Generation, distribution, publication, retrieval,
  verification
• Minimum of changes to current standards
• Utilize existing infrastructure

7
Overview of Possible Solutions
Attribute Certificates S/MIME

• Embed e-mail address into entitys cert
• One e-mail address per certificate, each with
  same public key
• One certificate with multiple e-mail addresses
• Address?PKC association signed by entity
• Authenticated attributes
• Address?PKC association signed by TTP
• Attribute Certificate

8
Attribute Certificates
Attribute Certificates S/MIME

• Flexible
• Scalable
• Standards Based
• Available Infrastructure

Owner
E-mail address
Other Attributes
Signature
TTP (AA)
9
E-mail Attribute Certificates
Attribute Certificates S/MIME
Cryptographically bind e-mail addresses
with Gateways PK certificate
10
E-mail Attribute Certificates
Attribute Certificates S/MIME

• Cryptographically bind e-mail addresses
• with entitys PK certificate

11
Practical Implementation (1/5)
Attribute Certificates S/MIME

• Generation
• Generation by an Attribute Authority(AA)
• TTP attests that the address is associated with
  the entity
• Request
• By or on behalf of entity
• Automatically by security proxy
• By relying party (LAAP)

12
Practical Implementation (2/5)
Attribute Certificates S/MIME

• Distribution Retrieval
• Generate by AA, publish in LDAP
• Distribute as part of signed message
• Retrieval based on e-mail address
• Validity Revocation
• Validity as long as the PKC e-mail address
  remain valid
• Revocation use available standards

13
Practical Implementation (3/5)Retrieving
attribute and PK certificates from LDAP
Attribute Certificates S/MIME

• Use the from or to address from message as a
  search index
• Request the directory to retrieve all attribute
  certificates from the matching entries
• Out of all returned attribute certificates,
  select those with required e-mail address
• Retrieve PK certificates referenced by selected
  attribute certificates

Alices new LDAP entry
cnAlicemailalice_at_foo.commailalice_at_dev.foo.com
certificateattributeCertificate
14
Practical Implementation (4/5)
Message Verification Walkthrough
Attribute Certificates S/MIME

• Retrieve e-mail AC(s) using senders address as
  index
• Retrieve PKC(s) referenced by AC(s)
• Identify signing certificate
• Validate ...
• Validate the message

15
Practical Implementation (5/5)
Message Encryption Walkthrough
Attribute Certificates S/MIME

• Retrieve e-mail AC(s) using recipients address
  as index
• Validate ...
• Retrieve PKC(s) referenced by valid e-mail AC(s)
• Validate ...
• Encrypt the message using valid encryption
  certificate(s)

16
Other Considerations
Attribute Certificates S/MIME

• Privacy
• Remove private information from PK certificate
• Different access control on PK certificate than
  e-mail AC in directory
• Different directories for email ACs and PKCs
• Security
• Need to ensure that content of e-mail AC is valid
• bill.clinton_at_whitehouse.gov

17
Comparison with existing Infrastructure
Attribute Certificates S/MIME

• Existing
• Multiple addresses in certificate
• Re-issue keys in new certificate with new e-mail
  address
• Supported by existing PK and S/MIME
  infrastructure
• Difficult for large number of e-mail addresses
  (ie security proxies)
• Difficult to separate internal and external
  e-mail addresses
• Contra to legislation in some countries

• Proposed
• Store E-mail address in e-mail AC, which
  references PKC
• Issue e-mail ACs as required
• Flexible method for maintaining e-mail addresses
• Infrastructure available
• Supplements current S/MIME infrastructure
• Supports security proxies
• Defined mechanism to retrieve PKCs from
  directory, AA
• Additions required to processing modules logic

18
Summary
Attribute Certificates S/MIME

• Maintenance of e-mail addresses limits S/MIME
  usability
• Attribute Certificates cryptographically bind
  e-mail addresses with PK certificates
• E-mail Attribute Certificates provide a flexible
  solution for maintaining e-mail addresses
• Supplements current infrastructure
• Localized modifications required to S/MIME
  components to utilize E-mail ACs
• E-mail ACs can be used to solve other S/MIME
  limitations