DIRECTORY SUPPORTED CERTIFICATE STATUS OPTIONS
draft-lloyd-dir-cert-stat-01
| Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
|---|---|---|---|
| Author | Alan Lloyd | ||
| Last updated | 1998-09-15 | ||
| RFC stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This Internet Draft specifies some proposed enhancements to the X.500 information schema and matching rules to support Certificate path processing, certificate status and CRL mechanisms. These enhancements provide advantages over existing Certificate validation and CRL mechanisms. In particular, the mechanisms proposed can: (a) reduce the need for unnecessarily fetching CRLs; (b) allow certificate status-CRL evaluation time to be improved; (c) provide a directory supported certificate test and fetch capability; (d) better support use of certificates in multiple environments with different CRL arrangements. (e) simplify the client software in the areas of certificate path, certificate validity and CRL processing. (f) provide the client a range of trust options when validating certificates. (g) provide a range of implementation options so that gradual adoption is possible. This document is submitted for consideration as the basis of possible future IETF/ITU standardization. Please send comments on this document to the ietf-pkix@imc.com mail list.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)