Certificate Issuance List - CIL
This article describes the Certificate Issuance List (CIL) used in Nexus OCSP Responder.
The CIL is a proprietary format designed by Nexus. It is based on the CRL specification (see RFC 5280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile).
Functions
In comparison to a CRL, that lists all revoked certificates, a CIL contains all certificates issued by the signing CA. Expired certificates are not removed and therefore the list contains a definite statement whether a specific certificate serial number has ever been issued. Together with CRLs, CILs are used to support the extended revoked definition in OCSP as defined in RFC 6960 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP.
The CIL of a CA, on its own, is not enough for an OCSP responder to determine the status of a certificate. Therefore, a responder that has a valid CIL of a CA but no valid CRL, will respond with status "unknown" to all inquiries regarding this CA.
Profile
The goal of the CIL is to enable applications, like Nexus OCSP Responder, to verify in an efficient way that a given certificate serial number has been issued without having to contact the CA. This establishes a common understanding of the concept of CILs.
The scope of a CIL is either the set of all certificates that have ever been issued by the CA or the sub-set of those certificates that have been OCSP activated. Only one CIL, that is, one scope, can be configured for each CA subject name. The issuer of a CIL is also the issuer of all certificates listed in the CIL. The responsibility is not delegated to any other authority, trusted or not. Therefore no indirect CILs are issued.
As for CRL, CIL supports deltas. A delta references to a base, complete CIL and contains all certificates that have been issued since the status of the base CIL. As for complete CILs, deltas are signed by the same CA as the certificates it contains. A private extension, the CilDistributionSegment extension distinguishes the CIL from a CRL. See section "Segmentation" below.
Segmentation
To limit the maximum size of the distribution files, a CIL is built and distributed in several segments. The segment size is specified in the CIL procedure (see Create CIL procedure in Certificate Manager). Once a segment reaches the specified size its content will not change until the CIL procedure is changed. The current (last) segment is issued on regular basis.
A CIL with a segment size 0 will contain all certificates issued in a single file and can be seen as the CIL representation of a complete CRL. In this article, a complete CIL is referred to as the CIL representation of a complete CRL.
When the segment number is a positive integer greater than 0, all CIL segments together are handled like a single, complete CIL with a certain version and number. The CIL number changes with every new issuance of the list just as the CRL number. If the segment size is changed then all segments will be reissued again with a new segment version value.
A CIL segment is identified with the critical CilDistributionSegment extension.
CilDistributionSegment extension
Besides common CRL extensions, like the CRL number and delta related extensions, a CIL related format always includes the critical CilDistributionSegment extension.
The CIL distribution segment contains the following information:
The segment version | The segment version (1..m). If the segmentation size is changed then this field must be increased and all segments of the CIL must be re-issued. The version number of the CIL procedure can be used as value. All segments must have the same version value when issuing and assembling a CIL. |
|---|---|
The segment number | The segment number (1..n). The segments of a CIL are numbered from 1 to n, where 1 to n-1 are full segments and n is the number of the current segment. |
The full segment indicator | All full segments (that is, all segments except the current) must have Although the parameter is called |
The only activated certificates indicator | If the scope of the CIL only includes OCSP activated certificates, then The following ASN.1 structure defines the
CODE
|
A delta CIL is not segmented and its segment number is set to zero. See section "Encoding" below.
Current segment
Full segments in CIL are static segments that do not change. The current segment is the last segment that is not full yet. It is updated with new certificate entries when issuing a CIL. This segment defines the next update of the CIL and the CIL number. See section "Encoding" below.
Since full segments do not change, CM normally only builds and distributes the current segment.
Encoding
The X.509 v2 CRL syntax is used to encode a CIL. The following field and extension are only used in the current segment.
Next Update
CRL Number
This table shows the usage of the different fields in the segmentation of a CIL:
Field | Full Segment 1 | Full Segment n-1 | Current Segment n | Delta CIL |
|---|---|---|---|---|
nextUpdate | Omitted | Next CIL issuing date | ||
segmentVersion | CIL (procedure) version | |||
segmentNumber | 1 | n-1 | n | 0 |
completeSegment | True | False | ||
crlNumber | Omitted | CRL/CIL sequence number | ||
deltaCRLIndicator | N/A | Base CIL/ | ||
Verify CIL
A complete and valid CIL consists of n segments with the same segment version, where:
The current segment (n) is valid (nextUpdate) and
Optional n-1 complete segments, numbered 1 to n-1.
Or
A delta CIL which is valid (nextUpdate) and
A base complete CIL, constructed from n segments or delta recursion.