Již 28.verze široce diskutovaného draftu pro SCVP (Server-based Certificate Validation Protocol).
Abstract:
SCVP allows a client to delegate certificate path construction and
certificate path validation to a server. The path construction or
validation (e.g. making sure that none of the certificates in the
path are revoked) is performed according to a validation policy,
which contains one or more trust anchors. It allows simplification
of client implementations and use of a set of predefined validation
policies.
Druhý draft je chystaná nová verze pro -
http://www.ietf.org/internet-drafts/draft-ietf-pkix-rfc3280bis-05.txt
Abstract:
This memo profiles the X.509 v3 certificate and X.509 v2 certificate
revocation list (CRL) for use in the Internet. An overview of this
approach and model are provided as an introduction. The X.509 v3
certificate format is described in detail, with additional
information regarding the format and semantics of Internet name
forms. Standard certificate extensions are described and two
Internet-specific extensions are defined. A set of required
certificate extensions is specified. The X.509 v2 CRL format is
described in detail along with standard and Internet-specific
extensions. An algorithm for X.509 certification path validation is
described. An ASN.1 module and examples are provided in the
appendices.
A kone?n? >Subject Alternative Name for expression of service name -
draft-ietf-pkix-srvsan-03.txt
Abstract:
This document defines a new name form for inclusion in the otherName
field of an X.509 Subject Alternative Name extension which allows a
certificate subject to be associated with the service name and domain
name components of a DNS Service Resource Record.
