Limited Additional Mechanisms for PKIX and SMIME (lamps)
| Document | Date | Status | IPR | AD/Shepherd | |
|---|---|---|---|---|---|
| Active Internet-Drafts (7 hits) | |||||
|
20 pages
draft-ietf-lamps-attestation-freshness-05
Nonce-based Freshness for Remote Attestation in Certificate Signing Requests (CSRs) for the Certification Management Protocol (CMP), for Enrollment over Secure Transport (EST), and for Certificate Management over CMS (CMC) |
2025-10-19 |
I-D Exists
WG Document |
|
||
|
15 pages
draft-ietf-lamps-certdiscovery-02
A Mechanism for X.509 Certificate Discovery |
2025-11-19 |
I-D Exists
WG Document |
|
||
|
21 pages
draft-ietf-lamps-cms-composite-kem-00
Composite ML-KEM for use in Cryptographic Message Syntax (CMS) |
2026-02-25
New
|
I-D Exists
WG Document |
|
||
|
15 pages
draft-ietf-lamps-cms-euf-cma-signeddata-02
Best Practices for Signed Attributes in CMS SignedData |
2026-02-27
New
|
I-D Exists
WG Document |
|
||
|
16 pages
draft-ietf-lamps-csr-attestation-23
Use of Remote Attestation with Certification Signing Requests |
2026-03-01
New
|
I-D Exists
WG Document : Proposed Standard |
Russ Housley |
||
|
7 pages
draft-ietf-lamps-est-renewal-info-00
Certificate Renewal Recommendations for Enrollment over Secure Transport |
2026-02-12 |
I-D Exists
WG Document : Proposed Standard |
|
||
|
109 pages
draft-ietf-lamps-pq-composite-kem-12
Composite ML-KEM for use in X.509 Public Key Infrastructure |
2026-01-07 |
I-D Exists
In WG Last Call |
|
||
| Active with the IESG Internet-Drafts (10 hits) | |||||
|
19 pages
draft-ietf-lamps-cms-composite-sigs-04
Composite ML-DSA for use in Cryptographic Message Syntax (CMS) |
2026-02-05 |
Publication Requested
22
Submitted to IESG for Publication : Proposed Standard Action Holder: Deb Cooley 22 |
Deb Cooley
Russ Housley |
||
|
20 pages
draft-ietf-lamps-cms-kyber-13
Use of ML-KEM in the Cryptographic Message Syntax (CMS) |
2025-09-23 |
RFC Ed Queue
: AUTH48-DONE
190
Submitted to IESG for Publication : Proposed Standard Reviews: secdir secdir IETF Last Call genart IETF Last Call |
Deb Cooley
Russ Housley |
||
|
6 pages
draft-ietf-lamps-keyusage-crl-validation-04
Clarification to Processing Key Usage Values During Certificate Revocation List (CRL) Validation |
2026-01-06 |
RFC Ed Queue
: EDIT
Submitted to IESG for Publication : Proposed Standard Reviews: secdir IETF Last Call genart IETF Last Call |
Deb Cooley
Russ Housley |
||
|
57 pages
draft-ietf-lamps-kyber-certificates-11
Internet X.509 Public Key Infrastructure - Algorithm Identifiers for the Module-Lattice-Based Key-Encapsulation Mechanism (ML-KEM) |
2025-07-22 |
RFC Ed Queue
: AUTH48-DONE
225
Submitted to IESG for Publication : Proposed Standard Review: genart IETF Last Call |
Deb Cooley
Russ Housley |
||
|
15 pages
draft-ietf-lamps-macaddress-on-06
Media Access Control (MAC) Addresses in X.509 Certificates |
2026-02-18 |
Approved-announcement to be sent::AD Followup
Submitted to IESG for Publication : Proposed Standard Reviews: iotdir intdir artart IETF Last Call genart IETF Last Call secdir IETF Last Call Action Holder: Deb Cooley |
Deb Cooley
Tim Hollebeek |
||
|
235 pages
draft-ietf-lamps-pq-composite-sigs-15
Composite ML-DSA for use in X.509 Public Key Infrastructure |
2026-02-24
New
|
IESG Evaluation
IESG telechat: 2026-04-02 Submitted to IESG for Publication : Proposed Standard Reviews: secdir IETF Last Call genart IETF Last Call Action Holder: Deb Cooley |
1 |
Deb Cooley
Russ Housley |
|
|
36 pages
draft-ietf-lamps-rfc5019bis-12
Updates to Lightweight OCSP Profile for High Volume Environments |
2024-09-13 |
RFC Ed Queue
: AUTH48-DONE
538
Submitted to IESG for Publication : Proposed Standard Review: genart IETF Last Call |
Roman Danyliw
Russ Housley |
||
|
110 pages
draft-ietf-lamps-rfc5272bis-11
Certificate Management over CMS (CMC) |
2026-02-26
New
|
RFC Ed Queue
: EDIT
Submitted to IESG for Publication : Proposed Standard Reviews: secdir IETF Last Call genart IETF Last Call |
Deb Cooley
Russ Housley |
||
|
13 pages
draft-ietf-lamps-rfc5273bis-11
Certificate Management over CMS (CMC): Transport Protocols |
2026-02-26
New
|
RFC Ed Queue
: EDIT
Submitted to IESG for Publication : Proposed Standard Reviews: httpdir secdir IETF Last Call tsvart IETF Last Call genart IETF Last Call |
Deb Cooley
Russ Housley |
||
|
14 pages
draft-ietf-lamps-rfc5274bis-11
Certificate Management Messages over CMS (CMC): Compliance Requirements |
2026-02-26
New
|
RFC Ed Queue
: EDIT
Submitted to IESG for Publication : Proposed Standard Review: genart IETF Last Call |
Deb Cooley
Russ Housley |
||
| Expired Internet-Drafts (3 hits) | |||||
|
15 pages
draft-ietf-lamps-caa-security-02
CAA Security Tag for Cryptographically-Constrained Domain Validation |
2025-06-20 |
Expired
WG Document |
|
||
|
24 pages
draft-ietf-lamps-header-protection-requirements-01
Problem Statement and Requirements for Header Protection |
2019-10-29 |
Expired
WG Document |
|
||
|
14 pages
draft-ietf-lamps-key-attestation-ext-00
Key Attestation Extension for Certificate Management Protocols |
2022-10-17 |
Expired
WG Document |
|
||
| Replaced Internet-Draft (1 hit) | |||||
|
15 pages
draft-ounsworth-csr-attestation-00
Use of Attestation with Certification Signing Requests |
2023-07-08 |
Replaced by draft-ietf-lamps-csr-attestation
Adopted by a WG |
|
||
| RFCs (55 hits) | |||||
| 12 pages | 2018-05 |
Proposed Standard RFC
Obsoleted by rfc9598 |
Eric Rescorla
|
||
|
9 pages
RFC 8399
Internationalization Updates to RFC 5280 |
2018-05 |
Proposed Standard RFC
Obsoleted by rfc9549 |
Eric Rescorla
|
||
|
29 pages
RFC 8550
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Certificate Handling |
2019-04 | Proposed Standard RFC | 4 |
Eric Rescorla
|
|
|
63 pages
RFC 8551
Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 4.0 Message Specification |
2019-04 |
Proposed Standard RFC
Updated by rfc9788 |
4 |
Eric Rescorla
|
|
|
10 pages
RFC 8649
Hash Of Root Key Certificate Extension |
2019-08 | Informational RFC |
Roman Danyliw
|
||
| 17 pages | 2019-11 | Proposed Standard RFC |
Roman Danyliw
|
||
|
14 pages
RFC 8692
Internet X.509 Public Key Infrastructure: Additional Algorithm Identifiers for RSASSA-PSS and ECDSA Using SHAKEs |
2019-12 | Proposed Standard RFC |
Roman Danyliw
|
||
|
31 pages
RFC 8696
Using Pre-Shared Key (PSK) in the Cryptographic Message Syntax (CMS) |
2019-12 | Proposed Standard RFC |
Roman Danyliw
|
||
| 16 pages | 2020-01 | Proposed Standard RFC |
Roman Danyliw
|
||
| 14 pages | 2020-02 |
Proposed Standard RFC
Obsoleted by rfc9708 |
Roman Danyliw
|
||
|
3 pages
RFC 8813
Clarifications for Elliptic Curve Cryptography Subject Public Key Information |
2020-08 | Proposed Standard RFC |
Roman Danyliw
|
||
|
8 pages
RFC 8933
Update to the Cryptographic Message Syntax (CMS) for Algorithm Identifier Protection |
2020-10 | Proposed Standard RFC |
Roman Danyliw
|
||
|
13 pages
RFC 8951
Clarification of Enrollment over Secure Transport (EST): Transfer Encodings and ASN.1 |
2020-11 | Proposed Standard RFC |
Roman Danyliw
|
||
|
6 pages
RFC 8954
Online Certificate Status Protocol (OCSP) Nonce Extension |
2020-11 |
Proposed Standard RFC
Obsoleted by rfc9654 |
Roman Danyliw
|
||
|
9 pages
RFC 9044
Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) |
2021-06 | Proposed Standard RFC |
Roman Danyliw
|
||
|
9 pages
RFC 9045
Algorithm Requirements Update to the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) |
2021-06 | Proposed Standard RFC |
Roman Danyliw
|
||
|
4 pages
RFC 9158
Update to the Object Identifier Registry for the PKIX Working Group |
2021-11 | Informational RFC |
Roman Danyliw
|
||
| 32 pages | 2022-04 | Informational RFC |
Roman Danyliw
|
||
|
5 pages
RFC 9295
Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm Identifiers |
2022-09 | Proposed Standard RFC |
Roman Danyliw
|
||
|
11 pages
RFC 9310
X.509 Certificate Extension for 5G Network Function Types |
2023-01 | Proposed Standard RFC |
Roman Danyliw
|
||
|
8 pages
RFC 9336
X.509 Certificate General-Purpose Extended Key Usage (EKU) for Document Signing |
2022-12 | Proposed Standard RFC |
Roman Danyliw
|
||
| 39 pages | 2023-05 | Proposed Standard RFC |
Roman Danyliw
|
||
| 55 pages | 2023-11 |
Proposed Standard RFC
Obsoleted by rfc9810, rfc9811 |
Roman Danyliw
|
||
| 28 pages | 2023-11 | Proposed Standard RFC |
Roman Danyliw
|
||
| 83 pages | 2023-11 | Proposed Standard RFC |
Roman Danyliw
|
||
|
8 pages
RFC 9495
Certification Authority Authorization (CAA) Processing for Email Addresses |
2023-10 | Proposed Standard RFC |
Roman Danyliw
|
||
|
9 pages
RFC 9509
X.509 Certificate Extended Key Usage (EKU) for 5G Network Functions |
2024-03 | Proposed Standard RFC |
Roman Danyliw
|
||
|
10 pages
RFC 9549
Internationalization Updates to RFC 5280 |
2024-03 | Proposed Standard RFC |
Roman Danyliw
|
||
| 15 pages | 2024-05 |
Informational RFC
Obsoleted by rfc9879 |
Roman Danyliw
|
||
|
12 pages
RFC 9598
Internationalized Email Addresses in X.509 Certificates |
2024-05 | Proposed Standard RFC |
Roman Danyliw
|
||
| 10 pages | 2024-06 | Proposed Standard RFC |
Roman Danyliw
|
||
|
19 pages
RFC 9618
Updates to X.509 Policy Validation |
2024-08 | Proposed Standard RFC |
Roman Danyliw
|
||
|
15 pages
RFC 9629
Using Key Encapsulation Mechanism (KEM) Algorithms in the Cryptographic Message Syntax (CMS) |
2024-08 | Proposed Standard RFC |
Roman Danyliw
|
||
|
13 pages
RFC 9654
Online Certificate Status Protocol (OCSP) Nonce Extension |
2024-08 | Proposed Standard RFC |
Roman Danyliw
|
||
|
18 pages
RFC 9688
Use of the SHA3 One-Way Hash Functions in the Cryptographic Message Syntax (CMS) |
2024-11 | Proposed Standard RFC |
Deb Cooley
|
||
|
30 pages
RFC 9690
Use of the RSA-KEM Algorithm in the Cryptographic Message Syntax (CMS) |
2025-02 | Proposed Standard RFC |
Deb Cooley
|
||
|
13 pages
RFC 9708
Use of the HSS/LMS Hash-Based Signature Algorithm in the Cryptographic Message Syntax (CMS) |
2025-01 | Proposed Standard RFC |
Deb Cooley
|
||
|
13 pages
RFC 9709
Encryption Key Derivation in the Cryptographic Message Syntax (CMS) Using HKDF with SHA-256 |
2025-01 | Proposed Standard RFC |
Deb Cooley
|
||
|
5 pages
RFC 9734
X.509 Certificate Extended Key Usage (EKU) for Instant Messaging URIs |
2025-02 | Proposed Standard RFC |
Deb Cooley
|
||
| 13 pages | 2025-06 | Proposed Standard RFC |
Roman Danyliw
|
||
|
53 pages
RFC 9787
Guidance on End-to-End Email Security |
2025-08 | Informational RFC |
Roman Danyliw
|
||
|
218 pages
RFC 9788
Header Protection for Cryptographically Protected Email |
2025-08 | Proposed Standard RFC |
Roman Danyliw
|
||
| 30 pages | 2025-06 | Proposed Standard RFC |
Deb Cooley
|
||
|
12 pages
RFC 9809
X.509 Certificate Extended Key Usage (EKU) for Configuration, Updates, and Safety-Critical Communication |
2025-07 | Proposed Standard RFC |
Deb Cooley
|
||
| 116 pages | 2025-07 | Proposed Standard RFC | 1 |
Deb Cooley
|
|
|
10 pages
RFC 9811
Internet X.509 Public Key Infrastructure -- HTTP Transfer for the Certificate Management Protocol (CMP) |
2025-07 | Proposed Standard RFC |
Deb Cooley
|
||
|
18 pages
RFC 9814
Use of the SLH-DSA Signature Algorithm in the Cryptographic Message Syntax (CMS) |
2025-07 | Proposed Standard RFC |
Deb Cooley
|
||
|
16 pages
RFC 9879
Use of Password-Based Message Authentication Code 1 (PBMAC1) in PKCS #12 Syntax |
2025-09 | Informational RFC |
Deb Cooley
|
||
| 91 pages | 2025-10 | Proposed Standard RFC |
Deb Cooley
|
||
|
25 pages
RFC 9882
Use of the ML-DSA Signature Algorithm in the Cryptographic Message Syntax (CMS) |
2025-10 | Proposed Standard RFC |
Deb Cooley
|
||
| 17 pages | 2025-10 | Proposed Standard RFC |
Deb Cooley
|
||
|
22 pages
RFC 9908
Clarification and Enhancement of the CSR Attributes Definition in RFC 7030 |
2026-01 | Proposed Standard RFC |
Deb Cooley
|
||
|
38 pages
RFC 9909
Internet X.509 Public Key Infrastructure -- Algorithm Identifiers for the Stateless Hash-Based Digital Signature Algorithm (SLH-DSA) |
2025-12 | Proposed Standard RFC |
Deb Cooley
|
||
|
10 pages
RFC 9925
Unsigned X.509 Certificates |
2026-02
New
|
Proposed Standard RFC |
Deb Cooley
|
||
|
6 pages
RFC 9939
PKCS #8: Private-Key Information Content Types |
2026-02
New
|
Proposed Standard RFC |
Deb Cooley
|
||
| Related Internet-Drafts and RFCs (10 hits) | |||||
|
4 pages
draft-autocrypt-lamps-protected-headers-04
(Deprecated) Protected E-mail Headers |
2025-09-02
Expires soon |
I-D Exists |
|
||
|
52 pages
draft-bonnell-lamps-chameleon-certs-07
A Mechanism for Encoding Differences in Paired Certificates |
2025-10-18 | I-D Exists |
|
||
|
11 pages
draft-chen-lamps-cms-frodokem-00
Use of FrodoKEM in the Cryptographic Message Syntax |
2026-02-12 | I-D Exists |
|
||
|
8 pages
draft-jpfiset-lamps-attestationkey-eku-02
X.509 Certificate Extended Key Usage (EKU) for Attestation Keys |
2026-03-01
New
|
I-D Exists |
|
||
|
21 pages
draft-liu-lamps-certification-path-validation-12
Technical guidelines of Web server certification path validation for Interent browser |
2025-09-03
Expires soon |
I-D Exists |
|
||
|
12 pages
draft-reddy-lamps-x509-pq-commit-01
X.509 Extensions for PQC or Composite Certificate Hosting Continuity |
2026-02-25
New
|
I-D Exists |
|
||
|
15 pages
draft-smyslov-lamps-frodokem-certificates-01
Internet X.509 Public Key Infrastructure - Algorithm Identifiers for FrodoKEM |
2026-02-20 | I-D Exists |
|
||
|
13 pages
draft-turner-lamps-cms-fn-dsa-00
Use of the FN-DSA Signature Algorithm in the Cryptographic Message Syntax (CMS) |
2025-11-04 | I-D Exists |
|
||
|
17 pages
draft-turner-lamps-fn-dsa-certificates-00
Internet X.509 Public Key Infrastructure -- Algorithm Identifiers for the Fast-Fourier Transform over NTRU-Lattice-Based Digital Signature Algorithm (FN-DSA) |
2025-11-04 | I-D Exists |
|
||
|
15 pages
draft-wang-lamps-root-ca-cert-rekeying-03
Root CA Certificate Rekeying in the Scenario of Post Quantum Migration |
2025-10-19 | I-D Exists |
|
||