Out-of-Band Certificate and Key Identifier Protocol (OCKID)
draft-ietf-pkix-okid-01
| Document | Type | Expired Internet-Draft (pkix WG) | |
|---|---|---|---|
| Author | Paul E. Hoffman | ||
| Last updated | 2002-02-28 | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
plain text
htmlized
pdfized
bibtex
|
||
| Stream | WG state | WG Document | |
| Document shepherd | (None) | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
https://www.ietf.org/archive/id/draft-ietf-pkix-okid-01.txt
Abstract
In general, certificates need not be communicated with communication or storage media that are integrity-secure or authentic. This is because certificates are digitally signed and users are expected to validate the signatures using configured trust anchors. However, distribution of trust anchor certificates, self-signed end-entity certificates, or bare (unsigned) public keys requires a mechanism for establishing the authenticity of the certificate or public key.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)