1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005

2 2 eID validations services Introduction eID CA profile and hierarchy eID Repository eID LDAP eID CRL/delta CRL eID OCSP Q&A

3 3 Introduction eID Card Manufacturer eID Certificate Authority Citizen Belgian National Register Belgian municipalities PUK & PIN

4 4 Chain of Trust Belgium Root CA Belgium Root CA off line CA Tree structure Relying party trusts the Belgium Root CA key Belgium Root CA issues Citizen CA certificates Relying party verifies certificate along a certificate path leading to the root. Citizen CA Auth. Citizen cert. Sign. Citizen cert. eID CA profile and hierarchy

5 5 Certificate Serial Number (unique) Unique name identifying certificate owner Certificate usage (Sign./Auth.) Validity period (5 year) Public key Issuer name & signature Technical information Version (3) Signature algorithm Authority info access … Subject: Serial Number = G = John Fitzgerald SN = Doe CN = John Doe (Signature) C = BE Public key: Validity: 1/07/ :03:00 1/07/ :03:00 Certificate Serial Number: 3214 Issuer: CA-Name Signature: CA Digital signature

6 6 eID CA profile and hierarchy Authentication CertificateSignature Certificate

7 7 eID CA profile and hierarchy Citizen CA CRL distribution pointCitizen CA Authority Key identifier

8 8 eID CA profile and hierarchy Citizen Certificates Authority Information access Citizen Certificates CDP

9 9 eID repository eID CSP repository links: is the eID CSP web site Certificate Status Web Service: provide real time certificate status Certificate Status Web Service Certificate Revocation List (CRL) Lookup Service ldap.eid.belgium.be port 389 The new eID government web site: With link to Fedict and RRN web sites Certipost eID web shop

10 eID repository

11 eID LDAP eID LDAP is the CA public directory: Accessible by using LDAP v2 on the host ldap.eid.belgium.be port 389 base dc=eid, dc=belgium, dc=be

12 eID CRL/ ΔCRL Used to validate certificates Include information such Issuer of the CRL Type of signature applied on the CRL Date and Time when the CRL is issued Date and Time of the next CRL update List of revoked certificates (Serial Number, Revocation date)

13 Certificate revocation list profile eID CRL/ ΔCRL Versionv2 Signaturesha1RSA Issuer ThisUpdate NextUpdate + 7 days RevokedCertificates UserCertificate RevocationDate CrlEntryExtensions CRL Reason CodecertificateHold(6) (for suspended certificates) Note: Otherwise NOT included! CrlExtensions Authority Key Identifiernon-critical CRL Numbernon-critical

14 Certificate revocation list profile eID CRL/ ΔCRL

15 Delta CRL profile eID CRL/ ΔCRL

16 eID CRL/ ΔCRL CRL/Delta CRL process

17 eID CRL/ ΔCRL Current CRL size for the Citizen CA 2004 is about 3,04 MB Estimated entry per future CRL/ ΔCRL size is about 38 bytes / entry  CRL size for citizen certificates: 580 MB  Needs CRL splitting schema by generating several Citizen CA’s  Each CA will issue its own CRL and ΔCRL  size issue ! 3 options to mitigate it: Use ΔCRL Generate several CA certificates Use OCSP

18 eID OCSP The OCSP is OCSP V1 compliant (RFC2560). Suspended certificates will be marked as revoked since the “Suspended” status is currently not supported by OCSP. Goodif the certificate is issued by the CA and if the certificate is valid Revokedif the certificate is issued by the CA and the status of the certificate is revoked or the certificate is suspended Unknownif the certificate is not issued by the CA

19 eID OCSP Applications or relying party Citizen CA OCSP responder CRL OCSP Client Cert #123 Alice OCSP Request: Cert #123 Belgium Root CA CA DB Provide real-time status information Decrease risk of using revoked certificates Return status good, revoked or unknown Use of OCSP URL from certificate to gain access to the responder ΔCRL Web status

20 OCSP versus CRL/ΔCRL Your application (Offline) Certificate Revocation List Online Certificate Status Protocol eID Validation Services Back-officeCitizen

21 OCSP versus CRL/ΔCRL OCSPCRL/Delta CRL Access method Online:  Transaction based relying on the OCSP server availability  About no delays between requests and answers  Gets the effective and current certificates status  Requesting service must be able to perform an online OCSP request Offline:  Download of the last CRL/DeltaCRL before any validation  Local transaction  Not synchronised with the online status; maximum of 3 hours of delay if each DeltaCRL is fetched Access protocolHTTPHTTP(s)/LDAP Local storage neededNO Very limited as transaction based YES Need to download and store locally at least the last CRL/DeltaCRL; It is disk storage consuming; Internet bandwidthLOW As transaction based HIGH It will require a high bandwidth for downloading CRL’s. As every eID citizen’s certificate is first suspended before being optionally activated  large CRL file Signed answerYES Answers are signed by the OSCP responder private key YES CRL and Delta CRL are signed by the issuing CA private key

22 OCSP versus CRL/ΔCRL E.g. eID OCSP validations services could be used daily in conjonction with CRL/ ΔCRL as back up Choice between OCSP and CRL/ ΔCRL is depending on your business, on your risk assessment, …  Most probably a balance between the 2 protocols

23 Thank You !