| RFC 9811 | HTTP Transfer for CMP | July 2025 |
| Brockhaus, et al. | Standards Track | [Page] |
This document describes how to layer the Certificate Management Protocol(CMP) over HTTP.¶
It includes the updates to RFC 6712 specified in Section 3 of RFC 9480; theseupdates introduce CMP URIs using a well-known prefix. It obsoletesRFC 6712; and, together with RFC 9810, it also obsoletesRFC 9480.¶
This is an Internet Standards Track document.¶
This document is a product of the Internet Engineering Task Force (IETF). It represents the consensus of the IETF community. It has received public review and has been approved for publication by the Internet Engineering Steering Group (IESG). Further information on Internet Standards is available in Section 2 of RFC 7841.¶
Information about the current status of this document, any errata, and how to provide feedback on it may be obtained athttps://www.rfc-editor.org/info/rfc9811.¶
Copyright (c) 2025 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Revised BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Revised BSD License.¶
The Certificate Management Protocol (CMP)[RFC9810] requires a well-definedtransfer mechanism to enable End Entities (EEs), RegistrationAuthorities (RAs), and Certification Authorities (CAs) to passPKIMessage structures between them.¶
The first version of the CMP specification[RFC2510] included a briefdescription of a simple transfer protocol layer on top of TCP. Itsfeatures were simple transfer-level error handling and a mechanism topoll for outstanding PKI messages. Additionally, it was mentionedthat PKI messages could also be conveyed using file-, email-, andHTTP-based transfer, but those were not specified in detail.¶
Since the second version of the CMP specification[RFC4210] incorporatedits own polling mechanism, the need for a transfer protocolproviding this functionality vanished. The remaining features CMPrequires from its transfer protocols are connection and errorhandling.¶
CMP can benefit from utilizing reliable transport, as it requires connection and error handlingfrom the transfer protocol. All these features are covered by HTTP. Additionally,delayed delivery of CMP response messages may be handled at transfer level,regardless of the message contents. Since[RFC9480] extends the pollingmechanism specified in the second version ofCMP [RFC4210] to coverall types of PKI management transactions, delays detected at applicationlevel may also be handled within CMP, using pollReq and pollRep messages.¶
The usage of HTTP (e.g., HTTP/1.1 as specified in[RFC9110] and[RFC9112]) for transferring CMP messages exclusively uses the POSTmethod for requests, effectively tunneling CMP over HTTP. While this isgenerally considered bad practice (seeRFC 9205 [BCP56] for best currentpractice on building protocols with HTTP) and should not be emulated, thereare good reasons to do so for transferring CMP. HTTP is usedas it is generally easy to implement and it is able to traversenetwork borders utilizing ubiquitous proxies. Most importantly, HTTPis already commonly used in existing CMP implementations. Other HTTPrequest methods, such as GET, are not used because PKI managementoperations can only be triggered using CMP's PKI messages, which needto be transferred using a POST request.¶
With its status codes, HTTP provides needed error reportingcapabilities. General problems on the server side, as well as thosedirectly caused by the respective request, can be reported to theclient.¶
As CMP implements a transaction identification (transactionID), identifying transactions spanningover more than just a single request/response pair, the statelessnessof HTTP is not blocking its usage as the transfer protocol for CMPmessages.¶
CMP Updates [RFC9480] updatedSection 3.6 of [RFC6712], supporting the PKImanagement operations specified in theLightweight CMP Profile [RFC9483], in the following areas:¶
This document obsoletes[RFC6712].It includes the changes specified inSection 3 of [RFC9480], asdescribed inSection 1.1 of this document. Additionally, it adds the following changes:¶
Removed the requirement to support HTTP/1.0[RFC1945] in accordance with Section4.1 of RFC 9205[BCP56].¶
ImplementationsMUST forward CMP messages when an HTTP error status code occurs; seeSection 3.1.¶
RemovedSection 3.8 of [RFC6712] as it contains information redundant with current HTTP specification.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14[RFC2119][RFC8174] when, and only when, they appear in all capitals, as shown here.¶
For direct interaction between two entities, where a reliabletransport protocol like TCP[RFC9293] is available, HTTP[RFC9110]SHOULD beutilized for conveying CMP messages. This specification requiresusing the POST method (Section 3.1) and the "Content-Type" headerfield (Section 3.2), which are available since HTTP/1.0[RFC1945].¶
Note: In some situations, CMP requires multiple request/responsepairs to perform a PKI management operation. Their affiliationwith a PKI management operation is indicated by atransaction identifier in the CMP message header (see transactionIDdescribed inSection 5.1.1 of [RFC9810]).For details on how to transfer multiple requests, see Section4.11 of RFC 9205[BCP56].¶
A DER-encoded[ITU.X690.2021] PKIMessage (Section 5.1 of [RFC9810])MUST be sent as thecontent of an HTTP POST request. If this HTTP request issuccessful, the server returns the CMP response in the content of theHTTP response. The HTTP response status code in this caseMUST be200 (OK); other Successful 2xx status codesMUST NOT be used for this purpose.HTTP responses to pushed CMP announcement messages described inSection 3.5utilize the status codes 201 and 202 to identify whether the receivedinformation was processed.¶
While Redirection 3xx status codesMAY be supported byimplementations, clients should only be enabled to automaticallyfollow them after careful consideration of possible securityimplications. As described inSection 5, the 301 (Moved Permanently) status codecould be misused for permanent denial of service.¶
All applicable Client Error 4xx or Server Error 5xx status codesMAY be used to inform the client about errors. Whenevera client receives an HTTP response with a status code in the 2xx,4xx, or 5xx ranges, itMUST support handling response messagecontent containing a CMP response PKIMessage.¶
The Internet media type "application/pkixcmp"MUST be set in the HTTP"Content-Type" header field when conveying a PKIMessage.¶
In CMP, most communication is initiated by the EEs where every CMPrequest triggers a CMP response message from the CA or RA.¶
The CMP announcement messages described inSection 3.5 are anexception. Their creation may be triggered by certain events or doneon a regular basis by a CA. The recipient of the announcement onlyreplies with an HTTP status code acknowledging the receipt orindicating an error, but not with a CMP response.¶
If the receipt of an HTTP request is not confirmed by receiving anHTTP response, itMUST be assumed that the transferred CMP messagewas not successfully delivered to its destination.¶
Each CMP server on a PKI management entity supporting HTTP or HTTPS transferMUST support the use of the path prefix '/.well-known/' as defined in[RFC8615] and the registered name 'cmp' to ease interworkingin a multi-vendor environment.¶
CMP clients have to be configured with sufficient information to formthe CMP server URI. This is at least the authority portion of the URI, e.g.,'www.example.com:80', or the full operation path segment of the PKI managemententity. Additionally, path segmentsMAY be added after the registeredapplication name as part of the full operation path to provide further distinction.The path segment 'p' followed by an arbitraryLabel <name> could, for example,support the differentiation of specific CAs or certificate profiles. Furtherpath segments, e.g., as specified in the Lightweight CMP Profile[RFC9483],could indicate PKI management operations using an operationLabel <operation>.The following list shows examples of valid full CMP URIs:¶
Note that https can also be used instead of http; seeitem 5 in the Security Considerations (Section 5).¶
A CMP server may create event-triggered announcements or generatethem on a regular basis. ItMAY utilize HTTP transfer to convey themto a suitable recipient. In this use case, the CMP server acts as anHTTP client, and the recipient needs to utilize an HTTP server. Asno request messages are specified for those announcements, they canonly be pushed to the recipient.¶
If an EE wants to poll for a potential CA Key Update Announcement orthe current Certificate Revocation List (CRL), a PKI Information Request using a general message asdescribed inAppendix D.5 of [RFC9810] can be used.¶
When pushing announcement messages, PKIMessage structuresMUST be sent asthe content of an HTTP POST request.¶
Suitable recipients for CMP announcements might, for example, berepositories storing the announced information, such as directoryservices. Those services listen for incoming messages, utilizing thesame HTTP Request-URI scheme as defined inSection 3.4.¶
The following types of PKIMessage are announcements that may be pushed by aCA. The prefixed numbers reflect ASN.1 tags of the PKIBody structure (Section 5.1.2 of [RFC9810]).¶
[15] CA Key Update Announcement [16] Certificate Announcement [17] Revocation Announcement [18] CRL Announcement¶
CMP announcement messages do not require any CMP response. However,the recipientMUST acknowledge receipt with an HTTP response havingan appropriate status code and empty content. When not receivingsuch a response, itMUST be assumed that the delivery was notsuccessful. If applicable, the sending sideMAY try sending theannouncement again after waiting for an appropriate time span.¶
If the announced issue was successfully stored in a database or wasalready present, the answerMUST be an HTTP response with a 201 (Created)status code and empty content.¶
In case the announced information was only accepted for furtherprocessing, the status code of the returned HTTP responseMAY also be202 (Accepted). After an appropriate delay, the sender may then tryto send the announcement again and may repeat this until it receivesa confirmation that it has been successfully processed. Theappropriate duration of the delay and the option to increase itbetween consecutive attempts should be carefully considered.¶
A receiverMUST answer with a suitable 4xx or 5xx error codewhen a problem occurs.¶
Implementers should be aware that other implementations might exist thatuse a different approach for transferring CMP over HTTP.Further, implementations based on earlier documents that led to[RFC6712] might use an unregistered "application/pkixcmp-poll" media type.Conforming implementationsMAY handle this type like "application/pkixcmp".¶
All security considerations in HTTP[RFC9110] apply.The following items need to be considered by implementers and users:¶
There is the risk for denial-of-service attacks through resource consumption by opening many connections to an HTTP server. Therefore, idle connections should be terminated after an appropriate timeout; this may also depend on the available free resources.¶
Without being encapsulated in effective security protocols, such as Transport Layer Security (TLS)[RFC5246][RFC8446], or without using HTTP digest[RFC9530], there is no integrity protection at the HTTP level. Therefore, information from the HTTP should not be used to change state of the transaction, regardless of whether any mechanism was used to ensure the authenticity or integrity of HTTP messages (e.g., TLS or HTTP digests).¶
Client users should be aware that storing the target location of an HTTP response with the 301 (Moved Permanently) status code could be exploited by a meddler-in-the-middle attacker trying to block them permanently from contacting the correct server.¶
If no measures to authenticate and protect the HTTP responses to pushed announcement messages are in place, their information regarding the announcement's processing state may not be trusted. In that case, the overall design of the PKI system must not depend on the announcements being reliably received and processed by their destination.¶
CMP provides inbuilt integrity protection and authentication. The information communicated unencrypted in CMP messages does not contain sensitive information endangering the security of the PKI when intercepted. However, it might be possible for an eavesdropper to utilize the available information to gather confidential personal, technical, or business-critical information. The protection of the confidentiality of CMP messages together with an initial authentication of the RA/CA before the first CMP message is transmitted ensures the privacy of the EE requesting certificates. Therefore, users of the HTTP transfer for CMP messages should consider using HTTP over TLS according to[RFC9110] or using virtual private networks created, for example, by utilizing Internet Protocol Security according to[RFC7296].¶
IANA has made the following updates:¶
No further action by IANA is necessary for this document or any anticipatedupdates.¶
The authors wish to thankTomi Kause andMartin Peylo, theoriginal authors of[RFC6712], for their work.¶
We also thank all reviewers for their valuable feedback.¶