Browse Prior Art Database

Alternative Certificate Formats for the Public-Key Infrastructure Using X.509 (PKIX) Certificate Management Protocols (RFC4212)

IP.com Disclosure Number: IPCOM000129256D
Original Publication Date: 2005-Oct-01
Included in the Prior Art Database: 2005-Oct-04
Document File: 20 page(s) / 42K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

M. Blinov: AUTHOR [+2]

Abstract

The Public-Key Infrastructure using X.509 (PKIX) Working Group of the Internet Engineering Task Force (IETF) has defined a number of certificate management protocols. These protocols are primarily focused on X.509v3 public-key certificates. However, it is sometimes desirable to manage certificates in alternative formats as well. This document specifies how such certificates may be requested using the Certificate Request Message Format (CRMF) syntax that is used by several different protocols. It also explains how alternative certificate formats may be incorporated into such popular protocols as PKIX Certificate Management Protocol (PKIX-CMP) and Certificate Management Messages over CMS (CMC).

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 6% of the total text.

Network Working Group                                          M. Blinov
Request for Comments: 4212                          Guardeonic Solutions
Category: Informational                                         C. Adams
                                                    University of Ottawa
                                                            October 2005


                Alternative Certificate Formats for the
             Public-Key Infrastructure Using X.509 (PKIX)
                    Certificate Management Protocols

Status of This Memo

   This memo provides information for the Internet community.  It does
   not specify an Internet standard of any kind.  Distribution of this
   memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

IESG Note

   This document is not a candidate for any level of Internet Standard.
   The IETF disclaims any knowledge of the fitness of this document for
   any purpose, and in particular notes that it has not had IETF review
   for such things as security, congestion control, or inappropriate
   interaction with deployed protocols.  The RFC Editor has chosen to
   publish this document at its discretion.  Readers of this document
   should exercise caution in evaluating its value for implementation
   and deployment.

Abstract

   The Public-Key Infrastructure using X.509 (PKIX) Working Group of the
   Internet Engineering Task Force (IETF) has defined a number of
   certificate management protocols.  These protocols are primarily
   focused on X.509v3 public-key certificates.  However, it is sometimes
   desirable to manage certificates in alternative formats as well.
   This document specifies how such certificates may be requested using
   the Certificate Request Message Format (CRMF) syntax that is used by
   several different protocols.  It also explains how alternative
   certificate formats may be incorporated into such popular protocols
   as PKIX Certificate Management Protocol (PKIX-CMP) and Certificate
   Management Messages over CMS (CMC).


Blinov & Adams               Informational                      [Page 1]
RFC 4212            Alternative Certificate Formats         October 2005


1.  Introduction

   Full certificate life-cycle management in a Public-Key Infrastructure
   (PKI) requires protocol support in order to achieve automated
   processing and end user transparency.  Such protocols require
   standardization in order to allow more than one vendor to supply
   various pieces -- End Entity (EE), Certification Authority (CA),
   Registration Authority (RA) -- in the PKI deployment of a...