Browse Prior Art Database

Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols (RFC3029)

IP.com Disclosure Number: IPCOM000005221D
Original Publication Date: 2001-Feb-01
Included in the Prior Art Database: 2001-Aug-17

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

C. Adams: AUTHOR [+4]

Abstract

This document describes a general Data Validation and Certification Server (DVCS) and the protocols to be used when communicating with it. The Data Validation and Certification Server is a Trusted Third Party (TTP) that can be used as one component in building reliable non-repudiation services.

This text was extracted from a ASCII Text document.
This is the abbreviated version, containing approximately 3% of the total text.

Network Working Group C. Adams Request for Comments: 3029 Entrust Technologies Category: Experimental P. Sylvester EdelWeb SA Groupe ON-X Consulting

M. Zolotarev Baltimore Technologies Pty Limited

R. Zuccherato Entrust Technologies

February 2001

Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols

Status of this Memo

This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2001). All Rights Reserved.

Abstract

This document describes a general Data Validation and Certification Server (DVCS) and the protocols to be used when communicating with it. The Data Validation and Certification Server is a Trusted Third Party (TTP) that can be used as one component in building reliable non-repudiation services.

Useful Data Validation and Certification Server responsibilities in a PKI are to assert the validity of signed documents, public key certificates, and the possession or existence of data.

Assertions created by this protocol are called Data Validation Certificates (DVC).

We give examples of how to use the Data Validation and Certification Server to extend the lifetime of a signature beyond key expiry or revocation and to query the Data Validation and Certification Server regarding the status of a public key certificate. The document includes a complete example of a time stamping transaction.

Adams, et al. Experimental [Page 1]

RFC 3029 DVCS Protocols February 2001

Table of Contents

1. Introduction ................................................. 2 2. Services provided by DVCS .................................... 4 2.1 Certification of Possession of Data ........................ 4 2.2 Certification of Claim of Possession of Data ............... 4 2.3 Validation of Digitally Signed Documents ................... 4

2.4 Validation of Public Key Certificates ...................... 5 3. Data Certification Server Usage and Scenarii ................. 5 4. Functional Requirements for DVCS ............................. 7 5. Data Certification Server Transactions ....................... 7 6. Identification of the DVCS ................................... 8 7. Common Data Types ............................................ 9 7.1 Version .................................................... 9 7.2 DigestInfo ................................................. 10 7.3. Time Values ............................................... 10 7.4. PKIStatusInfo ............................................. 11 7.5. TargetEtcChain ............................................ 11 7.6. DVCSRequestInformation .................................... 12

7.7. GeneralName and GeneralNames .............................. 13 8. Data Validation and Certification Requests ................... 13 9. DVCS Responses ............................................... 17 9.1. ...