RFC 3157 (rfc3157) - Page 2 of 20


Securely Available Credentials - Requirements



Alternative Format: Original Text Document



RFC 3157                 SACRED - Requirements               August 2001


   In simple models, users and other entities (e.g., computers like
   routers) are provided with credentials, and these credentials stay in
   one place.  However, the number, and more importantly the number of
   different types, of devices that can be used to access the Internet
   is increasing.  It is now possible to access Internet services and
   accounts using desktop computers, laptop computers, wireless phones,
   pagers, personal digital assistants (PDAs) and other types of
   devices.  Further, many users want to access private information and
   secure services from a number of different devices, and want access
   to the same information from any device.  Similarly credentials may
   have to be moved between routers when they are upgraded.

   This document identifies a set of requirements for credential
   mobility.  The Working Group will also produce companion documents,
   which describe a framework for secure credential mobility, and a set
   of protocols for accomplishing this goal.

   The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and "MAY"
   in this document are to be interpreted as described in [RFC 2119].

1.1 Background and Motivation

   In simple models of Internet use, users and other entities are
   provided with credentials, and these credentials stay in one place.
   For example, Mimi generates a public and private key on her desktop
   computer, provides the public key to a Certification Authority (CA)
   to be included in a certificate, and keeps the private key on her
   computer.  It never has to be moved.

   However, Mimi may want to able to send signed e-mail messages from
   her desktop computer when she is in the office, and from her laptop
   computer when she is on the road, and she does not want message
   recipients to know the difference.  In order to do this, she must
   somehow make her private key available on both devices - that is,
   that credential must be moved.

   Similarly, Will may want to retrieve and read encrypted e-mail from
   either his wireless phone or from his two-way pager.  He wants to use
   whichever device he has with him at the moment, and does not want to
   be denied access to his mail or to be unable to decrypt important
   messages simply because he has the wrong device.  Thus, he must be
   able to have the same private key available on both devices.

   The following scenario relating to routers has also been offered:
   "Once upon a time, a router generated a keypair.  The administrators
   transferred the public key of that router to a lot of other (peer)
   routers and used that router to encrypt traffic to the other routers.
   And this was good for many years.  Then one day, the network



Arsenault & Farrell          Informational