Pracovní skupina pkix - vyšla ?ty?i nová rfc k správ? certifikát?
Jsou to následující:
Certificate Management over CMS (CMC)
This document defines the base syntax for CMC, a Certificate
Management protocol using the Cryptographic Message Syntax (CMS).
This protocol addresses two immediate needs within the Internet
Public Key Infrastructure (PKI) community:
1. The need for an interface to public key certification products and services based on CMS and PKCS #10 (Public Key Cryptography Standard), and
2. The need for a PKI enrollment protocol for encryption only keys due to algorithm or hardware design.
CMC also requires the use of the transport document and the
requirements usage document along with this document for a full definition.
Certificate Management over CMS (CMC): Transport Protocols
This document defines a number of transport mechanisms that are used
to move CMC (Certificate Management over CMS (Cryptographic Message
Syntax)) messages. The transport mechanisms described in this
document are HTTP, file, mail, and TCP.
Certificate Management Messages over CMS (CMC): Compliance Requirements
This document provides a set of compliance statements about the CMC
(Certificate Management over CMS) enrollment protocol. The ASN.1
structures and the transport mechanisms for the CMC enrollment
protocol are covered in other documents. This document provides the
information needed to make a compliant version of CMC.
CMS Symmetric Key Management and Distribution
This document describes a mechanism to manage (i.e., set up,
distribute, and rekey) keys used with symmetric cryptographic
algorithms. Also defined herein is a mechanism to organize users
into groups to support distribution of encrypted content using
symmetric cryptographic algorithms. The mechanism uses the
Cryptographic Message Syntax (CMS) protocol and Certificate
Management over CMS (CMC) protocol to manage the symmetric keys. Any
member of the group can then later use this distributed shared key to
decrypt other CMS encrypted objects with the symmetric key. This
mechanism has been developed to support Secure/Multipurpose Internet
Mail Extensions (S/MIME) Mail List Agents (MLAs).