Browse Prior Art Database

Internet X.509 Public Key Infrastructure Authority Information Access Certificate Revocation List (CRL) Extension (RFC4325)

IP.com Disclosure Number: IPCOM000132430D
Original Publication Date: 2005-Dec-01
Included in the Prior Art Database: 2005-Dec-15
Document File: 8 page(s) / 14K

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Santesson: AUTHOR [+2]

Abstract

This document updates RFC 3280 by defining the Authority Information Access Certificate Revocation List (CRL) extension. RFC 3280 defines the Authority Information Access certificate extension using the same syntax. The CRL extension provides a means of discovering and retrieving CRL issuer certificates.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 19% of the total text.

Network Working Group                                       S. Santesson
Request for Comments: 4325                                     Microsoft
Updates: 3280                                                 R. Housley
Category: Standards Track                                 Vigil Security
                                                           December 2005


     Internet X.509 Public Key Infrastructure Authority Information
           Access Certificate Revocation List (CRL) Extension

Status of This Memo

   This document specifies an Internet standards track protocol for the
   Internet community, and requests discussion and suggestions for
   improvements.  Please refer to the current edition of the "Internet
   Official Protocol Standards" (STD 1) for the standardization state
   and status of this protocol.  Distribution of this memo is unlimited.

Copyright Notice

   Copyright (C) The Internet Society (2005).

Abstract

   This document updates RFC 3280 by defining the Authority Information
   Access Certificate Revocation List (CRL) extension.  RFC 3280 defines
   the Authority Information Access certificate extension using the same
   syntax.  The CRL extension provides a means of discovering and
   retrieving CRL issuer certificates.

Table of Contents

   1. Introduction ....................................................2
      1.1. Terminology ................................................3
   2. Authority Information Access CRL Extension ......................3
   3. Security Considerations .........................................5
   4. References ......................................................5
      4.1. Normative References .......................................5
      4.2. Informative References .....................................6


Santesson & Housley         Standards Track                     [Page 1]
RFC 4325       Authority Information Access CRL Extension  December 2005


1.  Introduction

   RFC 3280 [PKIX1] specifies the validation of certification paths.
   One aspect involves the determination that a certificate has not been
   revoked, and one revocation checking mechanism is the Certificate
   Revocation List (CRL).  CRL validation is also specified in RFC 3280,
   which involves the constructions of a valid certification path for
   the CRL issuer.  Building a CRL issuer certification path from the
   signer of the CRL to a trust anchor is straightforward when the
   certificate of the CRL issuer is present in the certification path
   associated with the target certificate, but it can be complex in
   other situations.

   There are several legitimate scenarios where the cert...