An Attribute for Attestation to the Possession of a Private Key

Internet-Draft	Attestation to Private Key Possession	January 2025
Housley	Expires 6 July 2025	[Page]

Abstract

This document specifies an attribute for attestation to the possession of a private key. As part of X.509 certificate enrollment, a Certification Authority (CA) typically demands proof that the subject has possession of the private key that corresponds to the to-be-certified public key. In some cases, CAs might accept an attestation from the subject. For example, when a subject needs separate certificates for a signature and key establishment, an attestation that can be validated with the previously issued signature certificate might be adequate for subsequent issuance of the key establishment certificate.¶

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶

This Internet-Draft will expire on 6 July 2025.¶

Copyright Notice

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶

1. Introduction

This document specifies an attribute for attestation to the possession of a private key. As part of X.509 certificate [RFC5280] enrollment, a Certification Authority (CA) typically demands proof that the subject has possession of the private key that corresponds to the to-be-certified public key. In some cases, a CA might accept an attestation from the subject instead of proof of possession. [RFC6955] offers some algorithms to provide proof of possession for Diffie-Hellman private keys. However, these algorithms are not suitable for use with PKCS#10 [RFC2986]. On the other hand, the attestation attribute specified in this document is suitable for use with PKCS#10.¶

More and more, a subject needs two certificates, one for digiatal signatures, and a separate one for key establishment. For example, a subject may need a signature certificate that contains a ML-DSA public key and a key establishment certificate that contains a ML-KEM public key. For another example, a subject may need a signature certificate that contains a ECDSA public key and a key establishment certificate that contains a ECDH public key.¶

In this situation, a CA might accept an attestation that can be validated with the previously issued signature certificate might be adequate for subsequent issuance of the key establishment certificate.¶

When using the attribute for attestation to the possession of the key establishment private key, the process for a subject to obtain two certificates is:¶

The subject generates the signature key pair.¶
The subject composes a PKCS#10 Certificate Signing Request (CSR) in the usual manner. It includes a signature that is produced with the private key from step 1.¶
The subject sends the CSR to the CA, and it gets back a signature certificate.¶
The subject generates the key establishment key pair.¶
The subject composes a PKCS#10 CSR containing the key establishment public key. The CSR attributes include the attestation attribute that is specified in Section 2 of this document. The subject name matches the one from step 2, and it includes a signature that is produced with the private key from step 1.¶
The subject sends the CSR to the CA, and it gets back a key establishment certificate.¶

1.1. ASN.1

The attestation attribute is generated using ASN.1 [X680], using the Distinguished Encoding Rules (DER) [X690].¶

1.2. Terminology

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all capitals, as shown here.¶

2. Attribute for Attestation to the Possession of a Private Key

The attribute for attestation to the possession of a private key is included in a certificate request to attest that the subject of the signature certificate that is used to validate the signature on the certificate request also has possession of the private key that corresponds to the public key in the restificate request.¶

The subject in the signature certificate MUST be the same as the subject name in the certificate request. If they are different, the CA MUST reject the certificate request.¶

If subject alternative names are present in the certificate request, they MUST match subject alternative names in the signature certificate. If the certificate request contains subject alternative names that are not present in the signature certificate, the CA MUST reject the certificate request.¶

The attribute for attestation to the possession of a private key has the following structure:¶

   id-at-privateKeyAttest OBJECT IDENTIFIER ::=
     { 1 3 6 1 4 1 22112 2 1 }

   privateKeyAttest ATTRIBUTE ::= {
     TYPE PrivateKeyAttest
     IDENTIFIED BY id-at-privateKeyAttest }

   PrivateKeyAttest ::= SEQUENCE {
     serialNumber  CertificateSerialNumber,
     issuer        [0] Name OPTIONAL,
     keyIdentifier [1] KeyIdentifier OPTIONAL }

The components of the PrivateKeyAttest SEQUENCE have the following semantics:¶

serialNumber:

the serial number of the signature certificate.¶

issuer:

the issuer name of the signature certificate. If the issuer of the key establishment certificate will be the same as the issuer of the signature certificate, then this component is omitted.¶

keyIdentifier:

the key identifier for the public key in the signature certificate. If the issuer of the key establishment certificate will be the same as the issuer of the signature certificate, then this component is omitted.¶

3. Conventions for PKCS#10

This section specifies the conventions for using the attribute for attestation to the possession of a private key with PKCS#10 [RFC2986] when requesting a key establisment certificate.¶

The PKCS#10 CertificationRequest always has three components, as follows:¶

certificationRequestInfo:

the subject name MUST be the same as the subject name in the signature certificate, the subjectPKInfo MUST contain the public key for the key establishment algorithm, and the attributes MUST include privateKeyAttest attribute as specified in Section 2 of this document.¶

signatureAlgorithm:

the signature algorithm MUST be one that can be validated with the public key in the signature certificate.¶

signature:

the signature over certificationRequestInfo MUST validate with the public key in the signature certificate.¶

4. Conventions for CRMF

This section specifies the conventions for using the attribute for attestation to the possession of a private key with the Certificate Request Message Format (CRMF) [RFC4211] when requesting a key establisment certificate.¶

The following ASN.1 types are defined for use with CRMF. They have exactly the same semantics and syntax as the attribute discussed above, but they offer a similar naming convention to the Registration Controls in [RFC4211].¶

  regCtrl-privateKeyAttest ATTRIBUTE ::= privateKeyAttest

  id-regCtrl-privateKeyAttest OBJECT IDENTIFIER ::=
    id-at-privateKeyAttest

The CRMF CertificationRequest always has three components, as follows:¶

certReq:

the certTemplate MUST include the subject and the publicKey components. The same subject name MUST match the subject name in the signature certificate, and the publicKey MUST contain the public key for the key establishment algorithm.¶

popo:

the ProofOfPossession MUST use the signature CHOICE, the poposkInput MUST be present, POPOSigningKeyInput.authInfo MUST use the sender CHOICE, the sender MUST set to the subject name that appears in the signature certificate, the publicKey MUST contain a copy of the public key from the certTemplate, the algorithmIdentifier MUST identify a signture algorithm that can be validated with the public key in the signature certificate, and signature over the poposkInput MUST validate with the public key in the signature certificate.¶

regInfo:

the attributes MUST include privateKeyAttest attribute as specified in Section 2 of this document.¶

5. Security Considerations

The subject is signing an attestation that is has possession of the key establishment private key instead of providing some other form of proof. If the subject has lost control of the signature private key, then the attestation could be generated by some other party. Timely revocation of the compromised signature certificate is the only protection against such loss of control.¶

The signature key pair and the key establishment key pair are expected to have roughly the same security strength. To ensure that the signature on the attestation is not the weak part of the certificate enrollment, the signature key pair SHOULD be at least as strong as the key establishment key pair.¶

8. References

8.1. Normative References

[RFC2119]: Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997, <https://www.rfc-editor.org/rfc/rfc2119>.
[RFC2986]: Nystrom, M. and B. Kaliski, "PKCS #10: Certification Request Syntax Specification Version 1.7", RFC 2986, DOI 10.17487/RFC2986, November 2000, <https://www.rfc-editor.org/rfc/rfc2986>.
[RFC4211]: Schaad, J., "Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF)", RFC 4211, DOI 10.17487/RFC4211, September 2005, <https://www.rfc-editor.org/rfc/rfc4211>.
[RFC5280]: Cooper, D., Santesson, S., Farrell, S., Boeyen, S., Housley, R., and W. Polk, "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, <https://www.rfc-editor.org/rfc/rfc5280>.
[RFC5912]: Hoffman, P. and J. Schaad, "New ASN.1 Modules for the Public Key Infrastructure Using X.509 (PKIX)", RFC 5912, DOI 10.17487/RFC5912, June 2010, <https://www.rfc-editor.org/rfc/rfc5912>.
[RFC8174]: Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.
[X680]: ITU-T, "Information technology -- Abstract Syntax Notation One (ASN.1): Specification of basic notation", ITU-T Recommendation X.680, ISO/IEC 8824-1:2021, February 2021, <https://www.itu.int/rec/T-REC-X.680>.
[X690]: ITU-T, "Information technology -- ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)", ITU-T Recommendation X.690, ISO/IEC 8825-1-2021, February 2021, <https://www.itu.int/rec/T-REC-X.690>.

8.2. Informative References

[RFC6955]: Schaad, J. and H. Prafullchandra, "Diffie-Hellman Proof-of-Possession Algorithms", RFC 6955, DOI 10.17487/RFC6955, May 2013, <https://www.rfc-editor.org/rfc/rfc6955>.

Appendix A. ASN.1 Module

This ASN.1 Module builds upon the conventions established in [RFC5912].¶

<CODE STARTS>

 PrivateKeyAttest-2025
   { iso(1) identified-organization(3) dod(6) internet(1) security(5)
     mechanisms(5) pkix(7) id-mod(0) id-mod-private-key-attest-2025(TBD0) }

 DEFINITIONS IMPLICIT TAGS ::= BEGIN

 EXPORTS ALL;

 IMPORTS
   ATTRIBUTE
   FROM PKIX-CommonTypes-2009 -- in [RFC5912]
     { iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) pkix(7) id-mod(0)
       id-mod-pkixCommon-02(57) }

   CertificateSerialNumber, Name, id-pkix
   FROM PKIX1Explicit-2009  -- in [RFC5912]
     { iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) pkix(7) id-mod(0)
       id-mod-pkix1-explicit-02(51) }

   KeyIdentifier
   FROM PKIX1Implicit-2009 -- in [RFC5912]
     { iso(1) identified-organization(3) dod(6) internet(1)
       security(5) mechanisms(5) pkix(7) id-mod(0)
       id-mod-pkix1-implicit-02(59) } ;

 --
 -- Private Key Attestation Attribute
 --

 id-at-privateKeyAttest OBJECT IDENTIFIER ::=
   { 1 3 6 1 4 1 22112 2 1 }

 privateKeyAttest ATTRIBUTE ::= {
   TYPE PrivateKeyAttest
   IDENTIFIED BY id-at-privateKeyAttest }

 PrivateKeyAttest ::= SEQUENCE {
   serialNumber  CertificateSerialNumber,
   issuer        [0] Name OPTIONAL,
   keyIdentifier [1] KeyIdentifier OPTIONAL }

 --
 -- Registration Control Support
 --

 RegControlSet ATTRIBUTE ::= { regCtrl-privateKeyAttest, ... }

 regCtrl-privateKeyAttest ATTRIBUTE ::= privateKeyAttest

 id-regCtrl-privateKeyAttest OBJECT IDENTIFIER ::=
   id-at-privateKeyAttest

 END

<CODE ENDS>