Using Trust Anchor Constraints during Certification Path Processing
RFC 5937, “Using Trust Anchor Constraints during Certification Path Processing”, is an Informational document published in August 2010 by S. Ashmore, C. Wallace. The canonical text is published by the RFC Editor.
Abstract
This document describes how to use information associated with a trust anchor public key when validating certification paths. This information can be used to constrain the usage of a trust anchor. Typically, constraints are used to limit the certificate policies and names that can appear in certification paths validated using a trust anchor. This document is not an Internet Standards Track specification; it is published for informational purposes.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 5937 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 5936 DNS Zone Transfer Protocol
- RFC 5938 Individual Session Control Feature for the Two-Way Active Measurement Protocol
- RFC 5935 Expressing SNMP SMI Datatypes in XML Schema Definition Language
- RFC 5939 Session Description Protocol Capability Negotiation
- RFC 5934 Trust Anchor Management Protocol
- RFC 5940 Additional Cryptographic Message Syntax Revocation Information Choices
- RFC 5933 Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC
- RFC 5941 Sharing Transaction Fraud Data