Abstract below.
Cheers,
- Ira Mcdonald
----------------------------
Network Working Group R. Housley
Request for Comments: 2459 SPYRUS
Category: Standards Track W. Ford
VeriSign
W. Polk
NIST
D. Solo
Citicorp
January 1999
Internet X.509 Public Key Infrastructure
Certificate and CRL Profile
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract
This memo profiles the X.509 v3 certificate and X.509 v2 CRL for use
in the Internet. An overview of the approach and model are provided
as an introduction. The X.509 v3 certificate format is described in
detail, with additional information regarding the format and
semantics of Internet name forms (e.g., IP addresses). Standard
certificate extensions are described and one new Internet-specific
extension is defined. A required set of certificate extensions is
specified. The X.509 v2 CRL format is described and a required
extension set is defined as well. An algorithm for X.509 certificate
path validation is described. Supplemental information is provided
describing the format of public keys and digital signatures in X.509
certificates for common Internet public key encryption algorithms
(i.e., RSA, DSA, and Diffie-Hellman). ASN.1 modules and examples are
provided in the appendices.
----------------------------