X.509 Key and Signature Encoding for the KeyNote Trust Management System
RFC 5708, “X.509 Key and Signature Encoding for the KeyNote Trust Management System”, is an Informational document published in January 2010 by A. Keromytis. The canonical text is published by the RFC Editor.
Abstract
This memo describes X.509 key identifiers and signature encoding for version 2 of the KeyNote trust-management system (RFC 2704). X.509 certificates (RFC 5280) can be directly used in the Authorizer or Licensees field (or in both fields) in a KeyNote assertion, allowing for easy integration with protocols that already use X.509 certificates for authentication.
In addition, the document defines additional signature types that use other hash functions (beyond the MD5 and SHA1 hash functions that are defined in RFC 2792). This document is not an Internet Standards Track specification; it is published for informational purposes.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 5708 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 5707 Media Server Markup Language
- RFC 5710 PathErr Message Triggered MPLS and GMPLS LSP Reroutes
- RFC 5705 Keying Material Exporters for Transport Layer Security
- RFC 5711 Node Behavior upon Originating and Receiving Resource Reservation Protocol Path Error Messages
- RFC 5712 MPLS Traffic Engineering Soft Preemption
- RFC 5713 Security Threats and Security Requirements for the Access Node Control Protocol
- RFC 5714 IP Fast Reroute Framework
- RFC 5715 A Framework for Loop-Free Convergence