Re: (long) RE: [ebxml-cppa] Purpose of CertificateRef inCollaborationRole

[Arvola Chan <arvola@tibco.com>]

Peter:

 

My comments are inline. I can send a preliminary draft of my updates to the 1.0 spec to you and Hima by the end of today, to give you an idea of the extent of my changes. I still plan to take another pass over the document tomorrow though.

 

Regards,

-Arvola

-----Original Message-----
From: Peter Ogden <pogden@cyclonecommerce.com>
To: Arvola Chan <arvola@tibco.com>; Dale Moberg <dmoberg@cyclonecommerce.com>; ebXML-CPPA (E-mail) <ebxml-cppa@lists.oasis-open.org>
Date: Tuesday, December 18, 2001 12:14 PM
Subject: RE: (long) RE: [ebxml-cppa] Purpose of CertificateRef in CollaborationRole

Hi Arvola,

 

Rather than doing away with the DefaultSigningCertificateRef in CollaborationRole, why don't we rename it something like "ApplicationCertificateRef", or "BusinessProcessCertificateRef" - that way, it is available to negotiated and agreed upon (even though it won't be used by the MSH, which my comments in the text will reflect).

 

<ac>

Yes, I agree.

</ac>

 

Regarding the cert refs in DocExchange: the 04 draft schema has a single EncryptionCertificateRef under DigitalEnvelope. Are planning to add another, much like you did for NonRepudiation?

 

<ac>

Last week, Hima and Cliff from Sybase responded to my post for a draft appendix to explain how a CPA should be used in conjunction with the ebXML Messaging Service. They pointed out that when persistent encryption is used for a synchronous response, then the original sender's encryption certificate also needs to be obtainable from the DocExchange element. Please see my response to Hima's and Cliff's comments in

 

http://lists.oasis-open.org/archives/ebxml-cppa/200112/msg00051.html

 

I think we need an InitiatorCertificateRef and a ResponderCertificateRef, both in NonRepudiation and DocExchange. In the latter case, the sender uses the ResponderCertificateRef to encrypt the request while the receiver uses the InitiatorCertificateRef to encrypt the synchronous response.

</ac>

 

Also, I gather from your last paragraph below that you intend for the initiatorCertifcateRef to be used for signing requests and asynchronous responses, and that the responderCertificateRef would be used for signing synchronous responses. Would it work just as well to suggest that the initiatorCertificateRef be used for requests and the responderCertificateRef be used for all responses (both synch and asynch)? It just seems more logical to tie the use of the cert to its role in the message exchange rather than to the "synchronicity" of the protocol.

 

<ac>

When sync response is not in use, the receiver is supposed to return the response over a separate delivery channel. The choice of that delivery channel is governed by the Action element in the response ebXML message. Therefore, the signing and encryption certificates for the asynchronous response message should be obtained from the DocExchange associated with this other DeliveryChannel.

</ac>

 

Finally (and this is a nit), would you mind initial-casing the NR certifcate ref names (InitiatorCertificateRef and ResponderCertificateRef)? Just to be consistent with the others ...

 

<ac>

Yes, I will adopt the convention of naming elements with an upper case first letter.

</ac>

 

Respectfully,

 

Peter

-----Original Message-----
From: Arvola Chan [mailto:arvola@tibco.com]
Sent: Tuesday, December 18, 2001 12:11 PM
To: Dale Moberg; ebXML-CPPA (E-mail)
Cc: Peter Ogden
Subject: Re: (long) RE: [ebxml-cppa] Purpose of CertificateRef in CollaborationRole

Dale:

 

I was assuming that if certificate references are missing from the NonRepudiation element, then perhaps the certificate reference included in the CollaborationRole element may be used as the default. I agree that this is a confusing optimization and that we should do away with the defaultSigningCertificateRef attribute.

 

I think many implementations will want the MSH to sign on behalf of the applications. Therefore, the certificate references in the NonRepudiation element should be usable by the MSH for signing purposes. Otherwise, where are we recording the signing certificate that the MSH will be using?

 

In the 1.0 spec, section 7.6.5 NonRepudiation element, it is stated:

 

"If the NonRepudiation element is omitted, the Messages are not digitally signed."

 

The NonRepudiation and DigitalEnvelope elements under DocExchange may be referenced by a DeliveryChannel that is used synchronously. Therefore, each of NonRepudation and DigitalEnvelope should contain two certificate references, one is required for the normal case, the other is optionally used for signing or encrypting responses that must be returned synchronously.

 

-Arvola

 

-----Original Message-----
From: Dale Moberg <dmoberg@cyclonecommerce.com>
To: ebXML-CPPA (E-mail) <ebxml-cppa@lists.oasis-open.org>
Cc: Peter Ogden <pogden@cyclonecommerce.com>; Arvola Chan <arvola@tibco.com>
Date: Tuesday, December 18, 2001 10:15 AM
Subject: (long) RE: [ebxml-cppa] Purpose of CertificateRef in CollaborationRole

 

 PeterOgden> Can anyone provide any thoughts or historical perspective on the intended use of the CertificateRef that exists in the CollaborationRole element?  

 

D ale tries>> 

  

I think there may be at present 8  possibly distinct

PartyId certificates that pertain to the CPP or CPA!!

(Yikes, and this does not even count the certificates

that will be referenced in the TrustAnchor element)

 

1. The signing certificates used to sign the CPP or CPA

(I think this will normally be found within a KeyInfo element in the relevant signatures.

Not further discussed.)

2. The certificate for the PartyInfo application layer certificate,

    used by the party for certificate-dependent security operations.

3. The certificate used by a SSL server to authenticate itself.

4. The certificate used by  a SSL client to authenticate itself.

5. The certificate to be used in the KeyExchange function for digital envelopes

6. The certificate to be used in NonRepudiationofOrigin signatures

7. The certificate to be used in NonRepudiationofReceipt signatures

8. The certificate to be used in ebXML Messaging signing of a message

 

Unfortunately, it is not likely that the same certificate

will be used, if all these

capabilities are specified or in CPP (or CPA template)

or subject to an agreement in a CPA.

It is also not likely that distinct certificates will be used

for each of these functions!

 

I believe that in Tokyo representatives of financial groups introduced the

requirement that payloads be signable or enveloped

by "applications," and that it could not be assumed that

a MSH could carry out that signing on behalf of the application

(that is, access to the private key might not be available to the MSH).

[Maryann Hondo at IBM would probably remember the details here.]

So payloads could be submitted to a MSH that already were signed

or enveloped. A MSH would follow packaging formats to send that payload

within an ebXML message. I think that is why a certificateref occurs

under the CollaborationRole-- to allow the agreement to be made on

certificates pertaining to application applied security properties.

 

One defect even in this approach is that some PKI installations want

distinct signing and enveloping certificates-- for example,  when there is

escrow for the enveloping certificate. To make this work, the

KeyInfo element would have to contain both a signing and

an enveloping certificate. While this is possible, the CPP and CPA

do not explicitly indicate what kind of certificates are in

the KeyInfo element. Even with the new  element flavors

(of CertificateRef.type) , I don't think we indicate what certificates

are present. I think the presumption is that the MSH does

not explicitly use these certificates, so it has not been a priority

to mark all these distinctions.

 

So given that we do have a certificate for a CollaborationRole, for

situations where MSH security operations only have one

keypair, the same certificate could be used for digital enveloping,

signing, or (less likely) the transport server  or client side

authentication. I think that is where the "default" interpretation

is coming from; I am not certain where it originated. Possibly

this interpretation should be eliminated.

 As an "optimization" it may be creating

more confusion than it is worth.

 

After all, if the same certificate

is used throughout, we would at most only be repeating the use

of a reference to its ID value-- not the whole certificate!

 

 I think I would support the

idea of restricting the CollaborationRole certificateref to

having the unique function of pointing to certificates used

by layers above the MSH. If so, it should be an optional

(0 or 1) element.

 

 

 PeterOgden" Arvola recently renamed it "DefaultSigningCertificateRef",  

 which would indicate that it can be used whenever a signing cert is needed.  \"

 

Dale>OK, maybe we should rethink this.

 

  

PeterOgden> "But the list archive has several threads which indicate that CertificateRef(s)  

 under DocExchange/../NonRepudiation are to be used for this purpose. 

  Furthermore, section 7.5.3.3 of the v1.0 CPPA spec, which pertains to the  

 CertificateRef in the CollaborationRole, contains the following note:

Note: This certId attribute relates to the authorizing role in the  

 Process Specification while the certificates identified in the  

 delivery-channel description relate to Message exchanges. " 

---

 " This seems to imply that the CertRef in the CollaborationRole element  

 is to be used by some business process, not by a messaging service.  

 Is this still a valid comment? "

 

Yes, I think it is valid. I think the default certificate concept may be one we need

to give up on, even though it might have been simpler. I think using the flavored

approach to CertificateRef that Arvola has introduced means we should probably

just drop the default interpretation.

 

Arvola, do you think we should retain the DefaultSigningCertificateRef idea or

rename it to something like "ApplicationLayerCertificateRef"?