IPP Mail Archive: IPP> RFC 2459 - X.509 Public Key Infra Certificate (Jan 1999)

IPP Mail Archive: IPP> RFC 2459 - X.509 Public Key Infra Certificate (Jan 1999)

IPP> RFC 2459 - X.509 Public Key Infra Certificate (Jan 1999)

Ira McDonald (imcdonal@sdsp.mc.xerox.com)
Sat, 23 Jan 99 19:08:59 EST

Hi folks,

Abstract below.

- Ira Mcdonald

Network Working Group R. Housley
Request for Comments: 2459 SPYRUS
Category: Standards Track W. Ford
W. Polk
D. Solo
January 1999

Internet X.509 Public Key Infrastructure
Certificate and CRL Profile

Status of this Memo

This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (1999). All Rights Reserved.


This memo profiles the X.509 v3 certificate and X.509 v2 CRL for use
in the Internet. An overview of the approach and model are provided
as an introduction. The X.509 v3 certificate format is described in
detail, with additional information regarding the format and
semantics of Internet name forms (e.g., IP addresses). Standard
certificate extensions are described and one new Internet-specific
extension is defined. A required set of certificate extensions is
specified. The X.509 v2 CRL format is described and a required
extension set is defined as well. An algorithm for X.509 certificate
path validation is described. Supplemental information is provided
describing the format of public keys and digital signatures in X.509
certificates for common Internet public key encryption algorithms
(i.e., RSA, DSA, and Diffie-Hellman). ASN.1 modules and examples are
provided in the appendices.