| rfc9440.original | rfc9440.txt | |||
|---|---|---|---|---|
| HTTP B. Campbell | Internet Engineering Task Force (IETF) B. Campbell | |||
| Internet-Draft Ping Identity | Request for Comments: 9440 Ping Identity | |||
| Intended status: Informational M. Bishop, Ed. | Category: Informational M. Bishop, Ed. | |||
| Expires: 18 September 2023 Akamai | ISSN: 2070-1721 Akamai | |||
| 17 March 2023 | July 2023 | |||
| Client-Cert HTTP Header Field | Client-Cert HTTP Header Field | |||
| draft-ietf-httpbis-client-cert-field-06 | ||||
| Abstract | Abstract | |||
| This document describes HTTP extension header fields that allow a TLS | This document describes HTTP extension header fields that allow a TLS | |||
| terminating reverse proxy to convey the client certificate | terminating reverse proxy (TTRP) to convey the client certificate | |||
| information of a mutually authenticated TLS connection to the origin | information of a mutually authenticated TLS connection to the origin | |||
| server in a common and predictable manner. | server in a common and predictable manner. | |||
| About This Document | ||||
| This note is to be removed before publishing as an RFC. | ||||
| Status information for this document may be found at | ||||
| https://datatracker.ietf.org/doc/draft-ietf-httpbis-client-cert- | ||||
| field-06/. | ||||
| Discussion of this document takes place on the HTTP Working Group | ||||
| mailing list (mailto:ietf-http-wg@w3.org), which is archived at | ||||
| https://lists.w3.org/Archives/Public/ietf-http-wg/. Working Group | ||||
| information can be found at https://httpwg.org/. | ||||
| Source for this draft and an issue tracker can be found at | ||||
| https://github.com/httpwg/http-extensions/labels/client-cert-field. | ||||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This document is not an Internet Standards Track specification; it is | |||
| provisions of BCP 78 and BCP 79. | published for informational purposes. | |||
| Internet-Drafts are working documents of the Internet Engineering | This document is a product of the Internet Engineering Task Force | |||
| Task Force (IETF). Note that other groups may also distribute | (IETF). It represents the consensus of the IETF community. It has | |||
| working documents as Internet-Drafts. The list of current Internet- | received public review and has been approved for publication by the | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Internet Engineering Steering Group (IESG). Not all documents | |||
| approved by the IESG are candidates for any level of Internet | ||||
| Standard; see Section 2 of RFC 7841. | ||||
| Internet-Drafts are draft documents valid for a maximum of six months | Information about the current status of this document, any errata, | |||
| and may be updated, replaced, or obsoleted by other documents at any | and how to provide feedback on it may be obtained at | |||
| time. It is inappropriate to use Internet-Drafts as reference | https://www.rfc-editor.org/info/rfc9440. | |||
| material or to cite them other than as "work in progress." | ||||
| This Internet-Draft will expire on 18 September 2023. | ||||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2023 IETF Trust and the persons identified as the | Copyright (c) 2023 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents | |||
| license-info) in effect on the date of publication of this document. | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| Please review these documents carefully, as they describe your rights | publication of this document. Please review these documents | |||
| and restrictions with respect to this document. Code Components | carefully, as they describe your rights and restrictions with respect | |||
| extracted from this document must include Revised BSD License text as | to this document. Code Components extracted from this document must | |||
| described in Section 4.e of the Trust Legal Provisions and are | include Revised BSD License text as described in Section 4.e of the | |||
| provided without warranty as described in the Revised BSD License. | Trust Legal Provisions and are provided without warranty as described | |||
| in the Revised BSD License. | ||||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction | |||
| 1.1. Requirements Notation and Conventions . . . . . . . . . . 4 | 1.1. Requirements Notation and Conventions | |||
| 1.2. Terminology and Applicability . . . . . . . . . . . . . . 4 | 1.2. Terminology and Applicability | |||
| 2. HTTP Header Fields and Processing Rules . . . . . . . . . . . 5 | 2. HTTP Header Fields and Processing Rules | |||
| 2.1. Encoding . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2.1. Encoding | |||
| 2.2. Client-Cert HTTP Header Field . . . . . . . . . . . . . . 6 | 2.2. Client-Cert HTTP Header Field | |||
| 2.3. Client-Cert-Chain HTTP Header Field . . . . . . . . . . . 6 | 2.3. Client-Cert-Chain HTTP Header Field | |||
| 2.4. Processing Rules . . . . . . . . . . . . . . . . . . . . 7 | 2.4. Processing Rules | |||
| 3. Deployment Considerations . . . . . . . . . . . . . . . . . . 8 | 3. Deployment Considerations | |||
| 3.1. Header Field Compression . . . . . . . . . . . . . . . . 8 | 3.1. Header Field Compression | |||
| 3.2. Message Header Size . . . . . . . . . . . . . . . . . . . 8 | 3.2. Message Header Size | |||
| 3.3. TLS Session Resumption . . . . . . . . . . . . . . . . . 9 | 3.3. TLS Session Resumption | |||
| 4. Security Considerations . . . . . . . . . . . . . . . . . . . 9 | 4. Security Considerations | |||
| 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10 | 5. IANA Considerations | |||
| 5.1. HTTP Field Name Registrations . . . . . . . . . . . . . . 10 | 5.1. HTTP Field Name Registrations | |||
| 6. References . . . . . . . . . . . . . . . . . . . . . . . . . 10 | 6. References | |||
| 6.1. Normative References . . . . . . . . . . . . . . . . . . 10 | 6.1. Normative References | |||
| 6.2. Informative References . . . . . . . . . . . . . . . . . 11 | 6.2. Informative References | |||
| Appendix A. Example . . . . . . . . . . . . . . . . . . . . . . 12 | Appendix A. Example | |||
| Appendix B. Select Design Considerations . . . . . . . . . . . . 14 | Appendix B. Select Design Considerations | |||
| B.1. Field Injection . . . . . . . . . . . . . . . . . . . . . 15 | B.1. Field Injection | |||
| B.2. The Forwarded HTTP Extension . . . . . . . . . . . . . . 15 | B.2. The Forwarded HTTP Extension | |||
| B.3. The Whole Certificate and Certificate Chain . . . . . . . 15 | B.3. The Whole Certificate and Certificate Chain | |||
| Appendix C. Acknowledgements . . . . . . . . . . . . . . . . . . 16 | Acknowledgements | |||
| Appendix D. Document History . . . . . . . . . . . . . . . . . . 17 | Authors' Addresses | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 19 | ||||
| 1. Introduction | 1. Introduction | |||
| A fairly common deployment pattern for HTTPS applications is to have | A fairly common deployment pattern for HTTPS applications is to have | |||
| the origin HTTP application servers sit behind a reverse proxy that | the origin HTTP application servers sit behind a reverse proxy that | |||
| terminates TLS connections from clients. The proxy is accessible to | terminates TLS connections from clients. The proxy is accessible to | |||
| the internet and dispatches client requests to the appropriate origin | the Internet and dispatches client requests to the appropriate origin | |||
| server within a private or protected network. The origin servers are | server within a private or protected network. The origin servers are | |||
| not directly accessible by clients and are only reachable through the | not directly accessible by clients and are only reachable through the | |||
| reverse proxy. The backend details of this type of deployment are | reverse proxy. The backend details of this type of deployment are | |||
| typically opaque to clients who make requests to the proxy server and | typically opaque to clients who make requests to the proxy server and | |||
| see responses as though they originated from the proxy server itself. | see responses as though they originated from the proxy server itself. | |||
| Although HTTPS is also usually employed between the proxy and the | Although HTTPS is also usually employed between the proxy and the | |||
| origin server, the TLS connection that the client establishes for | origin server, the TLS connection that the client establishes for | |||
| HTTPS is only between itself and the reverse proxy server. | HTTPS is only between itself and the reverse proxy server. | |||
| The deployment pattern is found in a number of varieties such as | The deployment pattern is found in a number of varieties such as | |||
| n-tier architectures, content delivery networks, application load | n-tier architectures, content delivery networks, application load- | |||
| balancing services, and ingress controllers. | balancing services, and ingress controllers. | |||
| Although not exceedingly prevalent, TLS client certificate | Although not exceedingly prevalent, TLS client certificate | |||
| authentication is sometimes employed and in such cases the origin | authentication is sometimes employed, and in such cases the origin | |||
| server often requires information about the client certificate for | server often requires information about the client certificate for | |||
| its application logic. Such logic might include access control | its application logic. Such logic might include access control | |||
| decisions, audit logging, and binding issued tokens or cookies to a | decisions, audit logging, and binding issued tokens or cookies to a | |||
| certificate, and the respective validation of such bindings. The | certificate, including the respective validation of such bindings. | |||
| specific details from the certificate needed also vary with the | The specific details needed from the certificate also vary with the | |||
| application requirements. In order for these types of application | application requirements. In order for these types of application | |||
| deployments to work in practice, the reverse proxy needs to convey | deployments to work in practice, the reverse proxy needs to convey | |||
| information about the client certificate to the origin application | information about the client certificate to the origin application | |||
| server. At the time of writing, a common way this information is | server. At the time of writing, a common way this information is | |||
| conveyed is by using non-standard fields to carry the certificate (in | conveyed is by using non-standard fields to carry the certificate (in | |||
| some encoding) or individual parts thereof in the HTTP request that | some encoding) or individual parts thereof in the HTTP request that | |||
| is dispatched to the origin server. This solution works but | is dispatched to the origin server. This solution works, but | |||
| interoperability between independently developed components can be | interoperability between independently developed components can be | |||
| cumbersome or even impossible depending on the implementation choices | cumbersome or even impossible depending on the implementation choices | |||
| respectively made (like what field names are used or are | respectively made (like what field names are used or are | |||
| configurable, which parts of the certificate are exposed, or how the | configurable, which parts of the certificate are exposed, or how the | |||
| certificate is encoded). A well-known predictable approach to this | certificate is encoded). A well-known predictable approach to this | |||
| commonly occurring functionality could improve and simplify | commonly occurring functionality could improve and simplify | |||
| interoperability between independent implementations. | interoperability between independent implementations. | |||
| The scope of this document is to describe existing practice while | The scope of this document is to describe existing practice while | |||
| codifying specific details sufficient to facilitate improved and | codifying specific details sufficient to facilitate improved and | |||
| lower-touch interoperability. As such, this document describes two | lower-touch interoperability. As such, this document describes two | |||
| HTTP header fields, Client-Cert and Client-Cert-Chain, which a TLS | HTTP header fields, "Client-Cert" and "Client-Cert-Chain", which a | |||
| terminating reverse proxy (TTRP) adds to requests sent to the backend | TLS terminating reverse proxy (TTRP) adds to requests sent to the | |||
| origin servers. The Client-Cert field value contains the end-entity | backend origin servers. The Client-Cert field value contains the | |||
| client certificate from the mutually authenticated TLS connection | end-entity client certificate from the mutually authenticated TLS | |||
| between the originating client and the TTRP. Optionally, the Client- | connection between the originating client and the TTRP. Optionally, | |||
| Cert-Chain field value contains the certificate chain used for | the Client-Cert-Chain field value contains the certificate chain used | |||
| validation of the end-entity certificate. This enables the backend | for validation of the end-entity certificate. This enables the | |||
| origin server to utilize the client certificate information in its | backend origin server to utilize the client certificate information | |||
| application logic. While there may be additional proxies or hops | in its application logic. While there may be additional proxies or | |||
| between the TTRP and the origin server (potentially even with | hops between the TTRP and the origin server (potentially even with | |||
| mutually authenticated TLS connections between them), the scope of | mutually authenticated TLS connections between them), the scope of | |||
| the Client-Cert header field is intentionally limited to exposing to | the Client-Cert header field is intentionally limited to exposing to | |||
| the origin server the certificate that was presented by the | the origin server the certificate that was presented by the | |||
| originating client in its connection to the TTRP. | originating client in its connection to the TTRP. | |||
| 1.1. Requirements Notation and Conventions | 1.1. Requirements Notation and Conventions | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and | |||
| "OPTIONAL" in this document are to be interpreted as described in | "OPTIONAL" in this document are to be interpreted as described in | |||
| BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all | |||
| capitals, as shown here. | capitals, as shown here. | |||
| 1.2. Terminology and Applicability | 1.2. Terminology and Applicability | |||
| This document uses the following terminology from Section 3 of | This document uses the following terminology from Section 3 of | |||
| [STRUCTURED-FIELDS] to specify syntax and parsing: List and Byte | [STRUCTURED-FIELDS] to specify syntax and parsing: List and Byte | |||
| Sequence. | Sequence. | |||
| Phrases like TLS client certificate authentication or mutually | Phrases like "TLS client certificate authentication" or "mutually | |||
| authenticated TLS are used throughout this document to refer to the | authenticated TLS" are used throughout this document to refer to the | |||
| process whereby, in addition to the normal TLS server authentication | process whereby, in addition to the normal TLS server authentication | |||
| with a certificate, a client presents its X.509 certificate [RFC5280] | with a certificate, a client presents its X.509 certificate [RFC5280] | |||
| and proves possession of the corresponding private key to a server | and proves possession of the corresponding private key to a server | |||
| when negotiating a TLS connection or the resumption of such a | when negotiating a TLS connection or the resumption of such a | |||
| connection. In contemporary versions of TLS [TLS] [TLS1.2] this | connection. In contemporary versions of TLS [TLS] [TLS1.2], mutual | |||
| requires that the client send the Certificate and CertificateVerify | authentication requires the client to send the Certificate and | |||
| messages during the handshake and for the server to verify the | CertificateVerify messages during the handshake and the server to | |||
| CertificateVerify and Finished messages. | verify the CertificateVerify and Finished messages. | |||
| HTTP/2 restricts TLS 1.2 renegotiation (Section 9.2.1 of [HTTP/2]) | HTTP/2 restricts TLS 1.2 renegotiation (Section 9.2.1 of [HTTP/2]) | |||
| and prohibits TLS 1.3 post-handshake authentication (Section 9.2.3 of | and prohibits TLS 1.3 post-handshake authentication (Section 9.2.3 of | |||
| [HTTP/2]). However, they are sometimes used to implement reactive | [HTTP/2]). However, they are sometimes used to implement reactive | |||
| client certificate authentication in HTTP/1.1 [HTTP/1.1] where the | client certificate authentication in HTTP/1.1 [HTTP/1.1] where the | |||
| server decides whether to request a client certificate based on the | server decides whether to request a client certificate based on the | |||
| HTTP request. HTTP application data sent on such a connection after | HTTP request. HTTP application data sent on such a connection after | |||
| receipt and verification of the client certificate is also mutually | receipt and verification of the client certificate is also mutually | |||
| authenticated and thus suitable for the mechanisms described in this | authenticated and thus suitable for the mechanisms described in this | |||
| document. With post-handshake authentication there is also the | document. With post-handshake authentication, there is also the | |||
| possibility, though unlikely in practice, of multiple certificates | possibility, though unlikely in practice, of multiple certificates | |||
| and certificate chains from the client on a connection, in which case | and certificate chains from the client on a connection. In this | |||
| only the certificate and chain of the last post-handshake | case, only the certificate and chain of the last post-handshake | |||
| authentication are to be utilized for the header fields described | authentication are to be utilized for the header fields described | |||
| herein. | herein. | |||
| 2. HTTP Header Fields and Processing Rules | 2. HTTP Header Fields and Processing Rules | |||
| This document designates the following headers, defined further in | This document designates the following headers, defined further in | |||
| Section 2.2 and Section 2.3 respectively, to carry the client | Sections 2.2 and 2.3, respectively, to carry the client certificate | |||
| certificate information of a mutually authenticated TLS connection. | information of a mutually authenticated TLS connection. The headers | |||
| The headers convey the information from the reverse proxy to the | convey the information from the reverse proxy to the origin server. | |||
| origin server. | ||||
| Client-Cert: The end-entity certificate used by the client in the | ||||
| TLS handshake with the reverse proxy. | ||||
| Client-Cert-Chain: The certificate chain used for validation of the | Client-Cert: | |||
| end-entity certificate provided by the client in the TLS handshake | The end-entity certificate used by the client in the TLS handshake | |||
| with the reverse proxy. | with the reverse proxy. | |||
| Client-Cert-Chain: | ||||
| The certificate chain used for validation of the end-entity | ||||
| certificate provided by the client in the TLS handshake with the | ||||
| reverse proxy. | ||||
| 2.1. Encoding | 2.1. Encoding | |||
| The headers in this document encode certificates as Byte Sequences | The headers in this document encode certificates as Byte Sequences | |||
| (Section 3.3.5 of [STRUCTURED-FIELDS]) where the value of the binary | (Section 3.3.5 of [STRUCTURED-FIELDS]) where the value of the binary | |||
| data is a DER encoded [ITU.X690.1994] X.509 certificate [RFC5280]. | data is a DER-encoded [ITU.X690] X.509 certificate [RFC5280]. In | |||
| In effect, this means that the binary DER certificate is encoded | effect, this means that the binary DER certificate is encoded using | |||
| using base64 (without line breaks, spaces, or other characters | base64 (without line breaks, spaces, or other characters outside the | |||
| outside the base64 alphabet) and delimited with colons on either | base64 alphabet) and delimited with colons on either side. | |||
| side. | ||||
| Note that certificates are often stored encoded in a textual format, | Note that certificates are often stored in an encoded textual format, | |||
| such as the one described in Section 5.1 of [RFC7468], which is | such as the one described in Section 5.1 of [RFC7468], which is | |||
| already nearly compatible with a Byte Sequence; if so, it will be | already nearly compatible with a Byte Sequence. If certificates are | |||
| sufficient to replace ---(BEGIN|END) CERTIFICATE--- with : and remove | encoded as such, it will be sufficient to replace "---(BEGIN|END) | |||
| line breaks in order to generate an appropriate item. | CERTIFICATE---" with ":" and remove line breaks in order to generate | |||
| an appropriate item. | ||||
| 2.2. Client-Cert HTTP Header Field | 2.2. Client-Cert HTTP Header Field | |||
| In the context of a TLS terminating reverse proxy deployment, the | In the context of a TLS terminating reverse proxy deployment, the | |||
| proxy makes the TLS client certificate available to the backend | proxy makes the TLS client certificate available to the backend | |||
| application with the Client-Cert HTTP header field. This field | application with the Client-Cert HTTP header field. This field | |||
| contains the end-entity certificate used by the client in the TLS | contains the end-entity certificate used by the client in the TLS | |||
| handshake. | handshake. | |||
| Client-Cert is a Byte Sequence with the value of the header encoded | Client-Cert is a Byte Sequence with the value of the header encoded | |||
| skipping to change at page 6, line 31 ¶ | skipping to change at line 233 ¶ | |||
| Figure 2 in Appendix A has an example of the Client-Cert header | Figure 2 in Appendix A has an example of the Client-Cert header | |||
| field. | field. | |||
| 2.3. Client-Cert-Chain HTTP Header Field | 2.3. Client-Cert-Chain HTTP Header Field | |||
| In the context of a TLS terminating reverse proxy deployment, the | In the context of a TLS terminating reverse proxy deployment, the | |||
| proxy MAY make the certificate chain available to the backend | proxy MAY make the certificate chain available to the backend | |||
| application with the Client-Cert-Chain HTTP header field. | application with the Client-Cert-Chain HTTP header field. | |||
| Client-Cert-Chain is a List (Section 3.1 of [STRUCTURED-FIELDS]). | Client-Cert-Chain is a List (Section 3.1 of [STRUCTURED-FIELDS]). | |||
| Each item in the list MUST be a Byte Sequence encoded as described in | Each item in the List MUST be a Byte Sequence encoded as described in | |||
| Section 2.1. The order is the same as the ordering in TLS (such as | Section 2.1. The order is the same as the ordering in TLS (as | |||
| described in Section 4.4.2 of [TLS]). | described in Section 4.4.2 of [TLS]). | |||
| Client-Cert-Chain MUST NOT appear unless Client-Cert is also present, | Client-Cert-Chain MUST NOT appear unless Client-Cert is also present, | |||
| and it does not itself include the end-entity certificate that is | and it does not itself include the end-entity certificate that is | |||
| already present in Client-Cert. The root certificate MAY be omitted | already present in Client-Cert. The root certificate MAY be omitted | |||
| from Client-Cert-Chain, provided that the target origin server is | from Client-Cert-Chain, provided that the target origin server is | |||
| known to possess the omitted trust anchor. | known to possess the omitted trust anchor. | |||
| The Client-Cert-Chain header field is only for use in HTTP requests | The Client-Cert-Chain header field is only for use in HTTP requests | |||
| and MUST NOT be used in HTTP responses. It MAY have a list of values | and MUST NOT be used in HTTP responses. It MAY have a list of values | |||
| or occur multiple times in a request. For header compression | or occur multiple times in a request. For header compression | |||
| purposes, it might be advantageous to split lists into multiple | purposes, it might be advantageous to split lists into multiple | |||
| instances. | instances. | |||
| Figure 3 in Appendix A has an example of the Client-Cert-Chain header | Figure 3 in Appendix A has an example of the Client-Cert-Chain header | |||
| field. | field. | |||
| 2.4. Processing Rules | 2.4. Processing Rules | |||
| This section outlines the applicable processing rules for a TLS | This section outlines the applicable processing rules for a TTRP that | |||
| terminating reverse proxy (TTRP) that has negotiated a mutually | has negotiated a mutually authenticated TLS connection to convey the | |||
| authenticated TLS connection to convey the client certificate from | client certificate from that connection to the backend origin | |||
| that connection to the backend origin servers. Use of the technique | servers. This technique is to be used as a configuration or | |||
| is to be a configuration or deployment option and the processing | deployment option, and the processing rules described herein are for | |||
| rules described herein are for servers operating with that option | servers operating with that option enabled. | |||
| enabled. | ||||
| A TTRP negotiates the use of a mutually authenticated TLS connection | A TTRP negotiates the use of a mutually authenticated TLS connection | |||
| with the client, such as is described in [TLS] or [TLS1.2], and | with the client, such as is described in [TLS] or [TLS1.2], and | |||
| validates the client certificate per its policy and trusted | validates the client certificate per its policy and trusted | |||
| certificate authorities. Each HTTP request on the underlying TLS | certificate authorities. Each HTTP request on the underlying TLS | |||
| connection is dispatched to the origin server with the following | connection is dispatched to the origin server with the following | |||
| modifications: | modifications: | |||
| 1. The client certificate is placed in the Client-Cert header field | 1. The client certificate is placed in the Client-Cert header field | |||
| of the dispatched request, as described in Section 2.2. | of the dispatched request, as described in Section 2.2. | |||
| skipping to change at page 8, line 9 ¶ | skipping to change at line 301 ¶ | |||
| client certificate (or lack thereof) can be conveyed by selecting | client certificate (or lack thereof) can be conveyed by selecting | |||
| response content as appropriate or with an HTTP 403 response, if the | response content as appropriate or with an HTTP 403 response, if the | |||
| certificate is deemed unacceptable for the given context. Note that | certificate is deemed unacceptable for the given context. Note that | |||
| TLS clients that rely on error indications at the TLS layer for an | TLS clients that rely on error indications at the TLS layer for an | |||
| unacceptable certificate will not receive those signals. | unacceptable certificate will not receive those signals. | |||
| When the value of the Client-Cert request header field is used to | When the value of the Client-Cert request header field is used to | |||
| select a response (e.g., the response content is access-controlled), | select a response (e.g., the response content is access-controlled), | |||
| the response MUST either be uncacheable (e.g., by sending Cache- | the response MUST either be uncacheable (e.g., by sending Cache- | |||
| Control: no-store) or be designated for selective reuse only for | Control: no-store) or be designated for selective reuse only for | |||
| subsequent requests with the same Client-Cert header value by sending | subsequent requests with the same Client-Cert header field value by | |||
| a Vary: Client-Cert response header. If a TTRP encounters a response | sending a "Vary: Client-Cert" response header. If a TTRP encounters | |||
| with a client-cert field name in the Vary header field, it SHOULD | a response with Client-Cert or Client-Cert-Chain in the Vary header | |||
| prevent the user agent from caching the response by transforming the | field (Section 12.5.5 of [HTTP]), it SHOULD prevent the user agent | |||
| value of the Vary response header field to *. | from caching the response by transforming the value of the Vary | |||
| response header field to "*". | ||||
| Forward proxies and other intermediaries MUST NOT add the Client-Cert | Forward proxies and other intermediaries MUST NOT add the Client-Cert | |||
| or Client-Cert-Chain header fields to requests, or modify an existing | or Client-Cert-Chain header fields to requests or modify an existing | |||
| Client-Cert or Client-Cert-Chain header field. Similarly, clients | Client-Cert or Client-Cert-Chain header field. Similarly, clients | |||
| MUST NOT employ the Client-Cert or Client-Cert-Chain header field in | MUST NOT employ the Client-Cert or Client-Cert-Chain header field in | |||
| requests. | requests. | |||
| 3. Deployment Considerations | 3. Deployment Considerations | |||
| 3.1. Header Field Compression | 3.1. Header Field Compression | |||
| If the connection between the TTRP and origin is capable of field | If the connection between the TTRP and origin is capable of field | |||
| compression (e.g., HPACK [HPACK] or QPACK [QPACK]), and the TTRP | compression (e.g., HPACK [HPACK] or QPACK [QPACK]), and the TTRP | |||
| multiplexes more than one client's requests into that connection, the | multiplexes more than one client's requests into that connection, the | |||
| size and variation of Client-Cert and Client-Cert-Chain field values | size and variation of Client-Cert and Client-Cert-Chain field values | |||
| can reduce compression efficiency significantly. An origin could | can reduce compression efficiency significantly. An origin could | |||
| mitigate the efficiency loss by increasing the size of the dynamic | mitigate the efficiency loss by increasing the size of the dynamic | |||
| table. If the TTRP determines that the origin dynamic table is not | table. If the TTRP determines that the origin dynamic table is not | |||
| sufficiently large, it may find it beneficial to always send the | sufficiently large, it may find it beneficial to always send the | |||
| field value as a literal, rather than entering it into the table. | field value as a literal rather than entering it into the table. | |||
| 3.2. Message Header Size | 3.2. Message Header Size | |||
| A server in receipt of a larger message header than it is willing to | A server in receipt of a larger message header than it is willing to | |||
| handle can send an HTTP 431 (Request Header Fields Too Large) status | handle can send an HTTP 431 (Request Header Fields Too Large) status | |||
| code per Section 5 of [RFC6585]. Due to the typical size of the | code per Section 5 of [RFC6585]. Due to the typical size of the | |||
| field values containing certificate data, recipients may need to be | field values containing certificate data, recipients may need to be | |||
| configured to allow for a larger maximum header size. An | configured to allow for a larger maximum header size. An | |||
| intermediary generating client certificate header fields on | intermediary generating client certificate header fields on | |||
| connections that allow for advertising the maximum acceptable header | connections that allow for advertising the maximum acceptable header | |||
| size (e.g., HTTP/2 [HTTP/2] or HTTP/3 [HTTP/3]) should account for | size (e.g., HTTP/2 [HTTP/2] or HTTP/3 [HTTP/3]) should account for | |||
| the additional size of the header of the requests it sends vs. | the additional size of the header of the requests it sends, versus | |||
| requests it receives by advertising a value to its clients that is | the requests it receives, by advertising a value to its clients that | |||
| sufficiently smaller so as to allow for the addition of certificate | is sufficiently smaller so as to allow for the addition of | |||
| data. | certificate data. | |||
| 3.3. TLS Session Resumption | 3.3. TLS Session Resumption | |||
| Some TLS implementations do not retain client certificate information | Some TLS implementations do not retain client certificate information | |||
| when resuming. Providing inconsistent values of Client-Cert and | when resuming. Providing inconsistent values of Client-Cert and | |||
| Client-Cert-Chain when resuming might lead to errors, so | Client-Cert-Chain when resuming might lead to errors, so | |||
| implementations that are unable to provide these values SHOULD either | implementations that are unable to provide these values SHOULD either | |||
| disable resumption for connections with client certificates or | disable resumption for connections with client certificates or | |||
| initially omit a Client-Cert or Client-Cert-Chain field if it might | initially omit a Client-Cert or Client-Cert-Chain field if it might | |||
| not be available after resuming. | not be available after resuming. | |||
| 4. Security Considerations | 4. Security Considerations | |||
| The header fields described herein enable a TTRP and backend or | The header fields described herein enable a TTRP and backend or | |||
| origin server to function together as though, from the client's | origin server to function together as though, from the client's | |||
| perspective, they are a single logical server-side deployment of | perspective, they are a single logical server-side deployment of | |||
| HTTPS over a mutually authenticated TLS connection. Use of the | HTTPS over a mutually authenticated TLS connection. However, use of | |||
| header fields outside that intended use case, however, may undermine | the header fields outside that intended use case may undermine the | |||
| the protections afforded by TLS client certificate authentication. | protections afforded by TLS client certificate authentication. | |||
| Therefore, steps such as those described below need to be taken to | Therefore, steps such as those described below need to be taken to | |||
| prevent unintended use, both in sending the header field and in | prevent unintended use, both in sending the header field and in | |||
| relying on its value. | relying on its value. | |||
| Producing and consuming the Client-Cert and Client-Cert-Chain header | Producing and consuming the Client-Cert and Client-Cert-Chain header | |||
| fields SHOULD be configurable options, respectively, in a TTRP and | fields SHOULD be configurable options, respectively, in a TTRP and | |||
| backend server (or individual application in that server). The | backend server (or in an individual application in that server). The | |||
| default configuration for both should be to not use the header | default configuration for both should be to not use the header | |||
| fields, thus requiring an "opt-in" to the functionality. | fields, thus requiring an "opt-in" to the functionality. | |||
| In order to prevent field injection, backend servers MUST only accept | In order to prevent field injection, backend servers MUST only accept | |||
| the Client-Cert and Client-Cert-Chain header fields from a trusted | the Client-Cert and Client-Cert-Chain header fields from a trusted | |||
| TTRP (or other proxy in a trusted path from the TTRP). A TTRP MUST | TTRP (or other proxy in a trusted path from the TTRP). A TTRP MUST | |||
| sanitize the incoming request before forwarding it on by removing or | sanitize the incoming request before forwarding it on by removing or | |||
| overwriting any existing instances of the fields. Otherwise, | overwriting any existing instances of the fields. Otherwise, | |||
| arbitrary clients can control the field values as seen and used by | arbitrary clients can control the field values as seen and used by | |||
| the backend server. It is important to note that neglecting to | the backend server. It is important to note that neglecting to | |||
| prevent field injection does not "fail safe" in that the nominal | prevent field injection does not "fail safe" in that the nominal | |||
| functionality will still work as expected even when malicious actions | functionality will still work as expected even when malicious actions | |||
| are possible. As such, extra care is recommended in ensuring that | are possible. As such, extra care is recommended in ensuring that | |||
| proper field sanitation is in place. | proper field sanitation is in place. | |||
| The communication between a TTRP and backend server needs to be | The communication between a TTRP and backend server needs to be | |||
| secured against eavesdropping and modification by unintended parties. | secured against eavesdropping and modification by unintended parties. | |||
| The configuration options and request sanitization are necessary | The configuration options and request sanitization are necessary | |||
| functionality of the respective servers. The other requirements can | functionalities of the respective servers. The other requirements | |||
| be met in a number of ways, which will vary based on specific | can be met in a number of ways, which will vary based on specific | |||
| deployments. The communication between a TTRP and backend or origin | deployments. The communication between a TTRP and backend or origin | |||
| server, for example, might be authenticated in some way with the | server, for example, might be authenticated in some way with the | |||
| insertion and consumption of the Client-Cert and Client-Cert-Chain | insertion and consumption of the Client-Cert and Client-Cert-Chain | |||
| header fields occurring only on that connection. Appendix B.3 of | header fields occurring only on that connection. Appendix B.3 of | |||
| [HTTPSIG] gives one example of this with an application of HTTP | [HTTPSIG] gives one example of this with an application of HTTP | |||
| Message Signatures. Alternatively, the network topology might | Message Signatures. Alternatively, the network topology might | |||
| dictate a private network such that the backend application is only | dictate a private network such that the backend application is only | |||
| able to accept requests from the TTRP and the proxy can only make | able to accept requests from the TTRP and the proxy can only make | |||
| requests to that server. Other deployments that meet the | requests to that server. Other deployments that meet the | |||
| requirements set forth herein are also possible. | requirements set forth herein are also possible. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| 5.1. HTTP Field Name Registrations | 5.1. HTTP Field Name Registrations | |||
| Please register the following entries in the "Hypertext Transfer | IANA has registered the following entries in the "Hypertext Transfer | |||
| Protocol (HTTP) Field Name Registry" defined by HTTP Semantics | Protocol (HTTP) Field Name Registry" defined by "HTTP Semantics" | |||
| [HTTP]: | [HTTP]: | |||
| * Field name: Client-Cert | +===================+===========+=====================+ | |||
| | Field Name | Status | Reference | | ||||
| * Status: permanent | +===================+===========+=====================+ | |||
| | Client-Cert | permanent | RFC 9440, Section 2 | | ||||
| * Specification document: Section 2 of [this document] | +-------------------+-----------+---------------------+ | |||
| | Client-Cert-Chain | permanent | RFC 9440, Section 2 | | ||||
| * Field name: Client-Cert-Chain | +-------------------+-----------+---------------------+ | |||
| * Status: permanent | ||||
| * Specification document: Section 2 of [this document] | Table 1: Hypertext Transfer Protocol (HTTP) Field | |||
| Name Registry | ||||
| 6. References | 6. References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [STRUCTURED-FIELDS] | ||||
| Nottingham, M. and P-H. Kamp, "Structured Field Values for | ||||
| HTTP", RFC 8941, DOI 10.17487/RFC8941, February 2021, | ||||
| <https://www.rfc-editor.org/rfc/rfc8941>. | ||||
| [HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | [HTTP] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | |||
| Ed., "HTTP Semantics", STD 97, RFC 9110, | Ed., "HTTP Semantics", STD 97, RFC 9110, | |||
| DOI 10.17487/RFC9110, June 2022, | DOI 10.17487/RFC9110, June 2022, | |||
| <https://www.rfc-editor.org/rfc/rfc9110>. | <https://www.rfc-editor.org/info/rfc9110>. | |||
| [ITU.X690] ITU-T, "Information technology - ASN.1 encoding rules: | ||||
| Specification of Basic Encoding Rules (BER), Canonical | ||||
| Encoding Rules (CER) and Distinguished Encoding Rules | ||||
| (DER)", ITU-T Recommendation X.690, February 2021, | ||||
| <https://www.itu.int/rec/T-REC-X.690/en>. | ||||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/rfc/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | ||||
| 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | ||||
| May 2017, <https://www.rfc-editor.org/rfc/rfc8174>. | ||||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | |||
| <https://www.rfc-editor.org/rfc/rfc5280>. | <https://www.rfc-editor.org/info/rfc5280>. | |||
| [ITU.X690.1994] | [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC | |||
| International Telecommunications Union, "Information | 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, | |||
| Technology - ASN.1 encoding rules: Specification of Basic | May 2017, <https://www.rfc-editor.org/info/rfc8174>. | |||
| Encoding Rules (BER), Canonical Encoding Rules (CER) and | ||||
| Distinguished Encoding Rules (DER)", ITU-T Recommendation | [STRUCTURED-FIELDS] | |||
| X.690, 1994. | Nottingham, M. and P-H. Kamp, "Structured Field Values for | |||
| HTTP", RFC 8941, DOI 10.17487/RFC8941, February 2021, | ||||
| <https://www.rfc-editor.org/rfc/rfc8941>. | ||||
| 6.2. Informative References | 6.2. Informative References | |||
| [HPACK] Peon, R. and H. Ruellan, "HPACK: Header Compression for | ||||
| HTTP/2", RFC 7541, DOI 10.17487/RFC7541, May 2015, | ||||
| <https://www.rfc-editor.org/info/rfc7541>. | ||||
| [HTTP/1.1] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | [HTTP/1.1] Fielding, R., Ed., Nottingham, M., Ed., and J. Reschke, | |||
| Ed., "HTTP/1.1", STD 99, RFC 9112, DOI 10.17487/RFC9112, | Ed., "HTTP/1.1", STD 99, RFC 9112, DOI 10.17487/RFC9112, | |||
| June 2022, <https://www.rfc-editor.org/rfc/rfc9112>. | June 2022, <https://www.rfc-editor.org/info/rfc9112>. | |||
| [HTTP/2] Thomson, M., Ed. and C. Benfield, Ed., "HTTP/2", RFC 9113, | [HTTP/2] Thomson, M., Ed. and C. Benfield, Ed., "HTTP/2", RFC 9113, | |||
| DOI 10.17487/RFC9113, June 2022, | DOI 10.17487/RFC9113, June 2022, | |||
| <https://www.rfc-editor.org/rfc/rfc9113>. | <https://www.rfc-editor.org/info/rfc9113>. | |||
| [HTTP/3] Bishop, M., Ed., "HTTP/3", RFC 9114, DOI 10.17487/RFC9114, | [HTTP/3] Bishop, M., Ed., "HTTP/3", RFC 9114, DOI 10.17487/RFC9114, | |||
| June 2022, <https://www.rfc-editor.org/rfc/rfc9114>. | June 2022, <https://www.rfc-editor.org/info/rfc9114>. | |||
| [HTTPSIG] Backman, A., Richer, J., and M. Sporny, "HTTP Message | [HTTPSIG] Backman, A., Ed., Richer, J., Ed., and M. Sporny, "HTTP | |||
| Signatures", Work in Progress, Internet-Draft, draft-ietf- | Message Signatures", Work in Progress, Internet-Draft, | |||
| httpbis-message-signatures-16, 6 February 2023, | draft-ietf-httpbis-message-signatures-17, 2 May 2023, | |||
| <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- | <https://datatracker.ietf.org/doc/html/draft-ietf-httpbis- | |||
| message-signatures-16>. | message-signatures-17>. | |||
| [TLS] Rescorla, E., "The Transport Layer Security (TLS) Protocol | ||||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | ||||
| <https://www.rfc-editor.org/rfc/rfc8446>. | ||||
| [TLS1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security | ||||
| (TLS) Protocol Version 1.2", RFC 5246, | ||||
| DOI 10.17487/RFC5246, August 2008, | ||||
| <https://www.rfc-editor.org/rfc/rfc5246>. | ||||
| [RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX, | ||||
| PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468, | ||||
| April 2015, <https://www.rfc-editor.org/rfc/rfc7468>. | ||||
| [HPACK] Peon, R. and H. Ruellan, "HPACK: Header Compression for | ||||
| HTTP/2", RFC 7541, DOI 10.17487/RFC7541, May 2015, | ||||
| <https://www.rfc-editor.org/rfc/rfc7541>. | ||||
| [QPACK] Krasic, C., Bishop, M., and A. Frindell, Ed., "QPACK: | [QPACK] Krasic, C., Bishop, M., and A. Frindell, Ed., "QPACK: | |||
| Field Compression for HTTP/3", RFC 9204, | Field Compression for HTTP/3", RFC 9204, | |||
| DOI 10.17487/RFC9204, June 2022, | DOI 10.17487/RFC9204, June 2022, | |||
| <https://www.rfc-editor.org/rfc/rfc9204>. | <https://www.rfc-editor.org/info/rfc9204>. | |||
| [RFC6585] Nottingham, M. and R. Fielding, "Additional HTTP Status | [RFC6585] Nottingham, M. and R. Fielding, "Additional HTTP Status | |||
| Codes", RFC 6585, DOI 10.17487/RFC6585, April 2012, | Codes", RFC 6585, DOI 10.17487/RFC6585, April 2012, | |||
| <https://www.rfc-editor.org/rfc/rfc6585>. | <https://www.rfc-editor.org/info/rfc6585>. | |||
| [RFC7239] Petersson, A. and M. Nilsson, "Forwarded HTTP Extension", | [RFC7239] Petersson, A. and M. Nilsson, "Forwarded HTTP Extension", | |||
| RFC 7239, DOI 10.17487/RFC7239, June 2014, | RFC 7239, DOI 10.17487/RFC7239, June 2014, | |||
| <https://www.rfc-editor.org/rfc/rfc7239>. | <https://www.rfc-editor.org/info/rfc7239>. | |||
| [RFC7468] Josefsson, S. and S. Leonard, "Textual Encodings of PKIX, | ||||
| PKCS, and CMS Structures", RFC 7468, DOI 10.17487/RFC7468, | ||||
| April 2015, <https://www.rfc-editor.org/info/rfc7468>. | ||||
| [RFC8705] Campbell, B., Bradley, J., Sakimura, N., and T. | [RFC8705] Campbell, B., Bradley, J., Sakimura, N., and T. | |||
| Lodderstedt, "OAuth 2.0 Mutual-TLS Client Authentication | Lodderstedt, "OAuth 2.0 Mutual-TLS Client Authentication | |||
| and Certificate-Bound Access Tokens", RFC 8705, | and Certificate-Bound Access Tokens", RFC 8705, | |||
| DOI 10.17487/RFC8705, February 2020, | DOI 10.17487/RFC8705, February 2020, | |||
| <https://www.rfc-editor.org/rfc/rfc8705>. | <https://www.rfc-editor.org/info/rfc8705>. | |||
| [TLS] Rescorla, E., "The Transport Layer Security (TLS) Protocol | ||||
| Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018, | ||||
| <https://www.rfc-editor.org/info/rfc8446>. | ||||
| [TLS1.2] Dierks, T. and E. Rescorla, "The Transport Layer Security | ||||
| (TLS) Protocol Version 1.2", RFC 5246, | ||||
| DOI 10.17487/RFC5246, August 2008, | ||||
| <https://www.rfc-editor.org/info/rfc5246>. | ||||
| Appendix A. Example | Appendix A. Example | |||
| In a hypothetical example where a TLS client presents the client and | In a hypothetical example where a TLS client would present the client | |||
| intermediate certificate from Figure 1 when establishing a mutually | and intermediate certificate from Figure 1 when establishing a | |||
| authenticated TLS connection with the TTRP, the proxy would send the | mutually authenticated TLS connection with the TTRP, the proxy would | |||
| Client-Cert field shown in Figure 2 to the backend. Note that line | send the Client-Cert field shown in Figure 2 to the backend. Note | |||
| breaks and extra spaces have been added to the field value in | that line breaks and extra spaces have been added to the field value | |||
| Figure 2 and Figure 3 for display and formatting purposes only. | in Figures 2 and 3 for display and formatting purposes only. | |||
| -----BEGIN CERTIFICATE----- | -----BEGIN CERTIFICATE----- | |||
| MIIBqDCCAU6gAwIBAgIBBzAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBB | MIIBqDCCAU6gAwIBAgIBBzAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJMZXQncyBB | |||
| dXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMDAx | dXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0yMDAx | |||
| MTQyMjU1MzNaFw0yMTAxMjMyMjU1MzNaMA0xCzAJBgNVBAMMAkJDMFkwEwYHKoZI | MTQyMjU1MzNaFw0yMTAxMjMyMjU1MzNaMA0xCzAJBgNVBAMMAkJDMFkwEwYHKoZI | |||
| zj0CAQYIKoZIzj0DAQcDQgAE8YnXXfaUgmnMtOXU/IncWalRhebrXmckC8vdgJ1p | zj0CAQYIKoZIzj0DAQcDQgAE8YnXXfaUgmnMtOXU/IncWalRhebrXmckC8vdgJ1p | |||
| 5Be5F/3YC8OthxM4+k1M6aEAEFcGzkJiNy6J84y7uzo9M6NyMHAwCQYDVR0TBAIw | 5Be5F/3YC8OthxM4+k1M6aEAEFcGzkJiNy6J84y7uzo9M6NyMHAwCQYDVR0TBAIw | |||
| ADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMC | ADAfBgNVHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMC | |||
| BsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1w | BsAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1w | |||
| bGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIBHda/r1vaL6G3VliL4/Di6YK0Q6bMje | bGUuY29tMAoGCCqGSM49BAMCA0gAMEUCIBHda/r1vaL6G3VliL4/Di6YK0Q6bMje | |||
| skipping to change at page 13, line 43 ¶ | skipping to change at line 556 ¶ | |||
| MDAxMDkyMTI1NDVaMFYxCzAJBgNVBAYTAlVTMRswGQYDVQQKDBJMZXQncyBBdXRo | MDAxMDkyMTI1NDVaMFYxCzAJBgNVBAYTAlVTMRswGQYDVQQKDBJMZXQncyBBdXRo | |||
| ZW50aWNhdGUxKjAoBgNVBAMMIUxldCdzIEF1dGhlbnRpY2F0ZSBSb290IEF1dGhv | ZW50aWNhdGUxKjAoBgNVBAMMIUxldCdzIEF1dGhlbnRpY2F0ZSBSb290IEF1dGhv | |||
| cml0eTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFoaHU+Z5bPKmGzlYXtCf+E6 | cml0eTBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABFoaHU+Z5bPKmGzlYXtCf+E6 | |||
| HYj62fORaHDOrt+yyh3H/rTcs7ynFfGn+gyFsrSP3Ez88rajv+U2NfD0o0uZ4Pmj | HYj62fORaHDOrt+yyh3H/rTcs7ynFfGn+gyFsrSP3Ez88rajv+U2NfD0o0uZ4Pmj | |||
| YzBhMB0GA1UdDgQWBBTEA2Q6eecKu9g9yb5glbkhhVINGDAfBgNVHSMEGDAWgBTE | YzBhMB0GA1UdDgQWBBTEA2Q6eecKu9g9yb5glbkhhVINGDAfBgNVHSMEGDAWgBTE | |||
| A2Q6eecKu9g9yb5glbkhhVINGDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE | A2Q6eecKu9g9yb5glbkhhVINGDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE | |||
| AwIBhjAKBggqhkjOPQQDAgNIADBFAiEAmAeg1ycKHriqHnaD4M/UDBpQRpkmdcRF | AwIBhjAKBggqhkjOPQQDAgNIADBFAiEAmAeg1ycKHriqHnaD4M/UDBpQRpkmdcRF | |||
| YGMg1Qyrkx4CIB4ivz3wQcQkGhcsUZ1SOImd/lq1Q0FLf09rGfLQPWDc | YGMg1Qyrkx4CIB4ivz3wQcQkGhcsUZ1SOImd/lq1Q0FLf09rGfLQPWDc | |||
| -----END CERTIFICATE----- | -----END CERTIFICATE----- | |||
| Figure 1: Certificate Chain (with client certificate first) | Figure 1: Certificate Chain (with Client Certificate First) | |||
| Client-Cert: :MIIBqDCCAU6gAwIBAgIBBzAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJ | Client-Cert: :MIIBqDCCAU6gAwIBAgIBBzAKBggqhkjOPQQDAjA6MRswGQYDVQQKDBJ | |||
| MZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0 | MZXQncyBBdXRoZW50aWNhdGUxGzAZBgNVBAMMEkxBIEludGVybWVkaWF0ZSBDQTAeFw0 | |||
| yMDAxMTQyMjU1MzNaFw0yMTAxMjMyMjU1MzNaMA0xCzAJBgNVBAMMAkJDMFkwEwYHKoZ | yMDAxMTQyMjU1MzNaFw0yMTAxMjMyMjU1MzNaMA0xCzAJBgNVBAMMAkJDMFkwEwYHKoZ | |||
| Izj0CAQYIKoZIzj0DAQcDQgAE8YnXXfaUgmnMtOXU/IncWalRhebrXmckC8vdgJ1p5Be | Izj0CAQYIKoZIzj0DAQcDQgAE8YnXXfaUgmnMtOXU/IncWalRhebrXmckC8vdgJ1p5Be | |||
| 5F/3YC8OthxM4+k1M6aEAEFcGzkJiNy6J84y7uzo9M6NyMHAwCQYDVR0TBAIwADAfBgN | 5F/3YC8OthxM4+k1M6aEAEFcGzkJiNy6J84y7uzo9M6NyMHAwCQYDVR0TBAIwADAfBgN | |||
| VHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0 | VHSMEGDAWgBRm3WjLa38lbEYCuiCPct0ZaSED2DAOBgNVHQ8BAf8EBAMCBsAwEwYDVR0 | |||
| lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1wbGUuY29tMAoGCCq | lBAwwCgYIKwYBBQUHAwIwHQYDVR0RAQH/BBMwEYEPYmRjQGV4YW1wbGUuY29tMAoGCCq | |||
| GSM49BAMCA0gAMEUCIBHda/r1vaL6G3VliL4/Di6YK0Q6bMjeSkC3dFCOOB8TAiEAx/k | GSM49BAMCA0gAMEUCIBHda/r1vaL6G3VliL4/Di6YK0Q6bMjeSkC3dFCOOB8TAiEAx/k | |||
| HSB4urmiZ0NX5r5XarmPk0wmuydBVoU4hBVZ1yhk=: | HSB4urmiZ0NX5r5XarmPk0wmuydBVoU4hBVZ1yhk=: | |||
| skipping to change at page 15, line 4 ¶ | skipping to change at line 601 ¶ | |||
| BMGByqGSM49AgEGCCqGSM49AwEHA0IABFoaHU+Z5bPKmGzlYXtCf+E6HYj62fOR | BMGByqGSM49AgEGCCqGSM49AwEHA0IABFoaHU+Z5bPKmGzlYXtCf+E6HYj62fOR | |||
| aHDOrt+yyh3H/rTcs7ynFfGn+gyFsrSP3Ez88rajv+U2NfD0o0uZ4PmjYzBhMB0 | aHDOrt+yyh3H/rTcs7ynFfGn+gyFsrSP3Ez88rajv+U2NfD0o0uZ4PmjYzBhMB0 | |||
| GA1UdDgQWBBTEA2Q6eecKu9g9yb5glbkhhVINGDAfBgNVHSMEGDAWgBTEA2Q6ee | GA1UdDgQWBBTEA2Q6eecKu9g9yb5glbkhhVINGDAfBgNVHSMEGDAWgBTEA2Q6ee | |||
| cKu9g9yb5glbkhhVINGDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBh | cKu9g9yb5glbkhhVINGDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBh | |||
| jAKBggqhkjOPQQDAgNIADBFAiEAmAeg1ycKHriqHnaD4M/UDBpQRpkmdcRFYGMg | jAKBggqhkjOPQQDAgNIADBFAiEAmAeg1ycKHriqHnaD4M/UDBpQRpkmdcRFYGMg | |||
| 1Qyrkx4CIB4ivz3wQcQkGhcsUZ1SOImd/lq1Q0FLf09rGfLQPWDc: | 1Qyrkx4CIB4ivz3wQcQkGhcsUZ1SOImd/lq1Q0FLf09rGfLQPWDc: | |||
| Figure 3: Certificate Chain in HTTP Request to Origin Server | Figure 3: Certificate Chain in HTTP Request to Origin Server | |||
| Appendix B. Select Design Considerations | Appendix B. Select Design Considerations | |||
| B.1. Field Injection | B.1. Field Injection | |||
| This document requires that the TTRP sanitize the fields of the | This document requires that the TTRP sanitize the fields of the | |||
| incoming request by removing or overwriting any existing instances of | incoming request by removing or overwriting any existing instances of | |||
| the Client-Cert and Client-Cert-Chain header fields before | the Client-Cert and Client-Cert-Chain header fields before | |||
| dispatching that request to the backend application. Otherwise, a | dispatching that request to the backend application. Otherwise, a | |||
| client could inject its own values that would appear to the backend | client could inject its own values that would appear to the backend | |||
| to have come from the TTRP. Although numerous other methods of | to have come from the TTRP. Although numerous other methods of | |||
| detecting/preventing field injection are possible, such as the use of | detecting and preventing field injection are possible, such as the | |||
| a unique secret value as part of the field name or value or the | use of a unique secret value as part of the field name or value or | |||
| application of a signature, HMAC, or AEAD, there is no common general | the application of a signature, HMAC, or AEAD, there is no common | |||
| mechanism. The potential problem of client field injection is not at | general mechanism. The potential problem of client field injection | |||
| all unique to the functionality of this document, and it would | is not at all unique to the functionality of this document; | |||
| therefore be inappropriate for this document to define a one-off | therefore, it would be inappropriate for this document to define a | |||
| solution. In the absence of a generic common solution existing | one-off solution. Since a generic common solution does not currently | |||
| currently, stripping/sanitizing the fields is the de facto means of | exist, stripping and sanitizing the fields is the de facto means of | |||
| protecting against field injection in practice. Sanitizing the | protecting against field injection in practice. Sanitizing the | |||
| fields is sufficient when properly implemented and is a normative | fields is sufficient when properly implemented and is a normative | |||
| requirement of Section 4. | requirement of Section 4. | |||
| B.2. The Forwarded HTTP Extension | B.2. The Forwarded HTTP Extension | |||
| The Forwarded HTTP header field defined in [RFC7239] allows proxy | The Forwarded HTTP header field defined in [RFC7239] allows proxy | |||
| components to disclose information lost in the proxying process. The | components to disclose information lost in the proxying process. The | |||
| TLS client certificate information of concern to this document could | TLS client certificate information of concern to this document could | |||
| have been communicated with an extension parameter to the Forwarded | have been communicated with an extension parameter to the Forwarded | |||
| field; however, doing so would have had some disadvantages that this | field; however, doing so would have had some disadvantages that this | |||
| document endeavored to avoid. The Forwarded field syntax allows for | document endeavored to avoid. The Forwarded field syntax allows for | |||
| information about a full chain of proxied HTTP requests, whereas the | information about a full chain of proxied HTTP requests, whereas the | |||
| Client-Cert and Client-Cert-Chain header fields of this document are | Client-Cert and Client-Cert-Chain header fields of this document are | |||
| concerned only with conveying information about the certificate | concerned only with conveying information about the certificate | |||
| presented by the originating client on the TLS connection to the TTRP | presented by the originating client on the TLS connection to the TTRP | |||
| (which appears as the server from that client's perspective) to | (which appears as the server from that client's perspective) to | |||
| backend applications. The multi-hop syntax of the Forwarded field is | backend applications. The multi-hop syntax of the Forwarded field is | |||
| expressive but also more complicated, which would make processing it | expressive but also more complicated, which would make processing it | |||
| more cumbersome, and more importantly, make properly sanitizing its | more cumbersome and, more importantly, would make properly sanitizing | |||
| content as required by Section 4 to prevent field injection | its content, as required by Section 4 to prevent field injection, | |||
| considerably more difficult and error-prone. Thus, this document | considerably more difficult and error-prone. Thus, this document | |||
| opted for a flatter and more straightforward structure. | opted for a flatter and more straightforward structure. | |||
| B.3. The Whole Certificate and Certificate Chain | B.3. The Whole Certificate and Certificate Chain | |||
| Different applications will have varying requirements about what | Different applications will have varying requirements about what | |||
| information from the client certificate is needed, such as the | information from the client certificate is needed, such as the | |||
| subject and/or issuer distinguished name, subject alternative | subject and/or issuer distinguished name, subject alternative | |||
| name(s), serial number, subject public key info, fingerprint, etc. | name(s), serial number, subject public key info, fingerprint, etc. | |||
| Furthermore, some applications, such as [RFC8705], make use of the | Furthermore, some applications, such as that described in [RFC8705], | |||
| entire certificate. In order to accommodate the latter and ensure | make use of the entire certificate. In order to accommodate the | |||
| wide applicability by not trying to cherry-pick particular | latter and ensure wide applicability by not trying to cherry-pick | |||
| certificate information, this document opted to pass the full, | particular certificate information, this document opted to pass the | |||
| encoded certificate as the value of the Client-Cert field. | full, encoded certificate as the value of the Client-Cert field. | |||
| The validation of the client certificate and chain of the mutually | The validation of the client certificate and chain of the mutually | |||
| authenticated TLS connection is typically performed by the TTRP | authenticated TLS connection is typically performed by the TTRP | |||
| during the handshake. With the responsibility of certificate | during the handshake. With the responsibility of certificate | |||
| validation falling on the TTRP, the end-entity certificate is | validation falling on the TTRP, the end-entity certificate is | |||
| oftentimes sufficient for the needs of the origin server. The | oftentimes sufficient for the needs of the origin server. The | |||
| separate Client-Cert-Chain field can convey the certificate chain for | separate Client-Cert-Chain field can convey the certificate chain for | |||
| origin server deployments that require this additional information. | origin server deployments that require this additional information. | |||
| Appendix C. Acknowledgements | Acknowledgements | |||
| The authors would like to thank the following individuals who've | The authors would like to thank the following individuals who have | |||
| contributed in various ways ranging from just being generally | contributed to this document in various ways, ranging from just being | |||
| supportive of bringing forth the document to providing specific | generally supportive of bringing forth the document to providing | |||
| feedback or content: | specific feedback or content: | |||
| * Evan Anderson | * Evan Anderson | |||
| * Annabelle Backman | * Annabelle Backman | |||
| * Alan Frindell | * Alan Frindell | |||
| * Rory Hewitt | * Rory Hewitt | |||
| * Fredrik Jeansson | * Fredrik Jeansson | |||
| skipping to change at page 17, line 26 ¶ | skipping to change at line 721 ¶ | |||
| * Nick Sullivan | * Nick Sullivan | |||
| * Willy Tarreau | * Willy Tarreau | |||
| * Martin Thomson | * Martin Thomson | |||
| * Peter Wu | * Peter Wu | |||
| * Hans Zandbelt | * Hans Zandbelt | |||
| Appendix D. Document History | ||||
| To be removed by the RFC Editor before publication as an RFC | ||||
| draft-ietf-httpbis-client-cert-field-06 | ||||
| * Updates from IESG review | ||||
| draft-ietf-httpbis-client-cert-field-05 | ||||
| * Correct a couple references | ||||
| * Updates from Genart Last Call review | ||||
| * Incorporate AD review feedback | ||||
| * Editorial updates | ||||
| draft-ietf-httpbis-client-cert-field-04 | ||||
| * Updates, fixes, and clarifications from WGLC feedback | ||||
| draft-ietf-httpbis-client-cert-field-03 | ||||
| * State that the certificate chain is in the same order as it | ||||
| appears in TLS rather than copying the language from TLS | ||||
| * Update references for HTTP Semantics, HTTP/3, and QPACK to point | ||||
| to the now RFCs 9110/9114/9204 | ||||
| * HTTP Semantics now a normative ref | ||||
| * Mention that origin server access control decisions can be | ||||
| conveyed by selecting response content or with a 403 | ||||
| draft-ietf-httpbis-client-cert-field-02 | ||||
| * Add a note about cert retention on TLS session resumption | ||||
| * Say to use only the last one in the case of multiple post- | ||||
| handshake client cert authentications | ||||
| draft-ietf-httpbis-client-cert-field-01 | ||||
| * Use RFC 8941 Structured Field Values for HTTP | ||||
| * Introduce a separate header that can convey the certificate chain | ||||
| * Add considerations on header compression and size | ||||
| * Describe interaction with caching | ||||
| * Fill out IANA Considerations with HTTP field name registrations | ||||
| * Discuss renegotiation | ||||
| draft-ietf-httpbis-client-cert-field-00 | ||||
| * Initial WG revision | ||||
| * Mike Bishop added as co-editor | ||||
| draft-bdc-something-something-certificate-05 | ||||
| * Change intended status of the draft to Informational | ||||
| * Editorial updates and (hopefully) clarifications | ||||
| draft-bdc-something-something-certificate-04 | ||||
| * Update reference from draft-ietf-oauth-mtls to RFC8705 | ||||
| draft-bdc-something-something-certificate-03 | ||||
| * Expanded further discussion notes to capture some of the feedback | ||||
| in and around the presentation of the draft in SECDISPATCH at IETF | ||||
| 107 and add those who've provided such feedback to the | ||||
| acknowledgements | ||||
| draft-bdc-something-something-certificate-02 | ||||
| * Editorial tweaks + further discussion notes | ||||
| draft-bdc-something-something-certificate-01 | ||||
| * Use the RFC v3 Format or die trying | ||||
| draft-bdc-something-something-certificate-00 | ||||
| * Initial draft after a time constrained and rushed secdispatch | ||||
| presentation (https://datatracker.ietf.org/meeting/106/materials/ | ||||
| slides-106-secdispatch-securing-protocols-between-proxies-and- | ||||
| backend-http-servers-00) at IETF 106 in Singapore with the | ||||
| recommendation to write up a draft (at the end of the minutes | ||||
| (https://datatracker.ietf.org/meeting/106/materials/minutes- | ||||
| 106-secdispatch)) and some folks expressing interest despite the | ||||
| rather poor presentation | ||||
| Authors' Addresses | Authors' Addresses | |||
| Brian Campbell | Brian Campbell | |||
| Ping Identity | Ping Identity | |||
| Email: bcampbell@pingidentity.com | Email: bcampbell@pingidentity.com | |||
| Mike Bishop (editor) | Mike Bishop (editor) | |||
| Akamai | Akamai | |||
| Email: mbishop@evequefou.be | Email: mbishop@evequefou.be | |||
| End of changes. 61 change blocks. | ||||
| 318 lines changed or deleted | 204 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||