draft IETF pkix - Certificate and Certificate Revocation List (CRL) Profile
25.05.2006
Abstract:
This memo profiles the X.509 v3 certificate and X.509 v2 Certificate Revocation List (CRL) for use in the Internet. An overview of this approach and model are provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail, and required extensions are defined. Analgorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices.