RFC 3157 (rfc3157) - Page 2 of 20
Securely Available Credentials - Requirements
Alternative Format: Original Text Document
RFC 3157 SACRED - Requirements August 2001
In simple models, users and other entities (e.g., computers like
routers) are provided with credentials, and these credentials stay in
one place. However, the number, and more importantly the number of
different types, of devices that can be used to access the Internet
is increasing. It is now possible to access Internet services and
accounts using desktop computers, laptop computers, wireless phones,
pagers, personal digital assistants (PDAs) and other types of
devices. Further, many users want to access private information and
secure services from a number of different devices, and want access
to the same information from any device. Similarly credentials may
have to be moved between routers when they are upgraded.
This document identifies a set of requirements for credential
mobility. The Working Group will also produce companion documents,
which describe a framework for secure credential mobility, and a set
of protocols for accomplishing this goal.
The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and "MAY"
in this document are to be interpreted as described in [RFC 2119].
1.1 Background and Motivation
In simple models of Internet use, users and other entities are
provided with credentials, and these credentials stay in one place.
For example, Mimi generates a public and private key on her desktop
computer, provides the public key to a Certification Authority (CA)
to be included in a certificate, and keeps the private key on her
computer. It never has to be moved.
However, Mimi may want to able to send signed e-mail messages from
her desktop computer when she is in the office, and from her laptop
computer when she is on the road, and she does not want message
recipients to know the difference. In order to do this, she must
somehow make her private key available on both devices - that is,
that credential must be moved.
Similarly, Will may want to retrieve and read encrypted e-mail from
either his wireless phone or from his two-way pager. He wants to use
whichever device he has with him at the moment, and does not want to
be denied access to his mail or to be unable to decrypt important
messages simply because he has the wrong device. Thus, he must be
able to have the same private key available on both devices.
The following scenario relating to routers has also been offered:
"Once upon a time, a router generated a keypair. The administrators
transferred the public key of that router to a lot of other (peer)
routers and used that router to encrypt traffic to the other routers.
And this was good for many years. Then one day, the network
Arsenault & Farrell Informational