F.1 TLS certificate enrolment

33.3103GPPAuthentication Framework (AF)Network Domain Security (NDS)TS

Tools: ARFCN - Frequency Conversion for 5G NR/LTE/UMTS/GSM

Mutual authentication in TLS is achieved based on public key technology and certificates. Both TLS peers A and B need to contain a certificate store and there shall be at least one certification authority CA that can issue certificates within the security domains in with A and B are part of. Cert_A contains the set I_A of A’s identifiers. Each identifier is in the form of fully qualified domain name (FQDN). Similarly, B’s certificate is Cert_B.

The certificates in the store of B define the group T_B of peers trusted by B. There are several options for creation and enrolment of certificates, three of which are described below.

1. In one option there is a certification authority, CA_B, only in the network of B. CA_B issues a certificate Cert_B to B and a certificate Cert_A to A. The certificates are delivered from CA_B to A and B in a secure way "out of band". Both A and B then add their peer into the group of their trusted peers by inserting that peer’s certificate into the certificate store: A inserts Cert_B into A’s certificate store and B inserts Cert_A into B’s certificate store. This insertion is typically manual and the details depend on the implementation of the management interface to the certificate store.

2. In another option both A’s and B’s networks contain certification authorities, CA_B and CA_A, respectively. CA_B issues a certificate Cert_B to B and CA_A issues a certificate Cert_A to A. The certificates are delivered from CA_B to A and from CA_A to B in a secure way "out of band". Both A and B then add their peer into the group of their trusted peers by inserting that peer’s certificate into the certificate store: A inserts Cert_B into A’s certificate store and B inserts Cert_A into B’s certificate store.

3. In a third option the CA certificates of both sides are exchanged: the certificate of CA_B is delivered to A and the certificate of CA_A is delivered to B in a secure way "out of band"’, inserted to the certificate store, and marked trusted. The validation of Cert_A and Cert_B, that are exchanged during TLS handshake, is based on the presence of the corresponding CA certificates in the certificate store.

NOTE: In options 1 and 2 the need for certification authority can be avoided if the peers generate self signed certificates and exchange them in a secure way, "out of band". Also, instead of certificates themselves, certificate fingerprints can be exchanged "out of band" in those options.