Browse Prior Art Database

Securely Available Credentials - Requirements (RFC3157)

IP.com Disclosure Number: IPCOM000005339D
Original Publication Date: 2001-Aug-01
Included in the Prior Art Database: 2001-Aug-22
Document File: 21 page(s) / 46K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

A. Arsenault: AUTHOR [+2]

Abstract

This document describes requirements to be placed on Securely Available Credentials (SACRED) protocols.

This text was extracted from a ASCII document.
This is the abbreviated version, containing approximately 7% of the total text.

Network Working Group A. Arsenault Request for Comments: 3157 Diversinet Category: Informational S. Farrell Baltimore Technologies

August 2001

Securely Available Credentials Requirements

Status of this Memo

This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2001). All Rights Reserved.

Abstract

This document describes requirements to be placed on Securely Available Credentials (SACRED) protocols.

Table Of Contents

1. Introduction.................................................1 2. Framework Requirements.......................................4 3. Protocol Requirements........................................7 4. Security Considerations.....................................10 References.....................................................12 Acknowledgements...............................................12 Authors' Addresses.............................................13 Appendix A: A note on SACRED vs. hardware support..............14 Appendix B: Additional Use Cases...............................14 Full Copyright Statement.......................................20

1. Introduction

"Credentials" are information that can be used to establish the identity of an entity, or help that entity communicate securely. Credentials include such things as private keys, trusted roots, tickets, or the private part of a Personal Security Environment (PSE) [RFC2510] that is, information used in secure communication on the Internet. Credentials are used to support various Internet protocols, e.g., S/MIME, IPSec and TLS.

Arsenault Farrell Informational [Page 1]

RFC 3157 SACRED Requirements August 2001

In simple models, users and other entities (e.g., computers like routers) are provided with credentials, and these credentials stay in one place. However, the number, and more importantly the number of different types, of devices that can be used to access the Internet is increasing. It is now possible to access Internet services and accounts using desktop computers, laptop computers, wireless phones, pagers, personal digital assistants (PDAs) and other types of devices. Further, many users want to access private information and secure services from a number of different devices, and want access to the same information from any device. Similarly credentials may have to be moved between routers when they are upgraded.

This document identifies a set of requirements for credential mobility. The Working Group will also produce companion documents, which describe a framework for secure credential mobility, and a set of protocols for accomplishing this goal.

The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and "MAY" in this document are to be interpreted as described in [RFC2119...