Skip to main content

Trust Anchor Key Renewal Method Applied to X.509 Self-signed Certificates (TAKREM-X.509)
draft-moreau-pkix-takrem-01

Document Type Expired Internet-Draft (individual)
Author Thierry Moreau
Last updated 2005-09-09
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
plain text htmlized pdfized bibtex
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-moreau-pkix-takrem-01.txt

Abstract

In the Internet PKI, trust anchor keys are distributed as self- signed X.509 security certificates. This document specifies a trust anchor key renewal mechanism that leverages the confidence in the initial certificate distribution. A non-critical X.509 certificate extension holds a sequence of opaque octet strings. The trust anchor renewal operation occurs upon receipt of a message that hashes to one of those octet strings.

Authors

Thierry Moreau

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)