OCSP Extensions
draft-ietf-pkix-ocspx-00
Document | Type |
Expired Internet-Draft
(pkix WG)
Expired & archived
|
|
---|---|---|---|
Author | Phillip Hallam-Baker | ||
Last updated | 1999-10-13 | ||
RFC stream | Internet Engineering Task Force (IETF) | ||
Intended RFC status | (None) | ||
Formats | |||
Additional resources | Mailing list discussion | ||
Stream | WG state | WG Document | |
Document shepherd | (None) | ||
IESG | IESG state | Expired | |
Consensus boilerplate | Unknown | ||
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
The OCSP protocol [RFC2560] enables online validation of the reliability of a digital certificate. RFC2560 defines a mandatory-to-implement mechanism supporting the revocation status of the certificate and defines and optional extension mechanism to support a richer set of semantics (e.g. full path validation by the OCSP server). This document defines Internet-standard extensions to OCSP that enable a client to delegate processing of certificate acceptance functions to a trusted server. The client may control the degree to which delegation takes place. In addition limited support is provided for delegating authorization decisions.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)