Online Certificate Status Protocol Algorithm Agility
RFC 6277, “Online Certificate Status Protocol Algorithm Agility”, is a Proposed Standard document published in June 2011 by S. Santesson, P. Hallam-Baker. It updates RFC 2560. It has been obsoleted by RFC 6960 — refer to the newer document for the authoritative version. The canonical text is published by the RFC Editor.
Abstract
The Online Certificate Status Protocol (OCSP) requires server responses to be signed but does not specify a mechanism for selecting the signature algorithm to be used. This may lead to avoidable interoperability failures in contexts where multiple signature algorithms are in use. This document specifies rules for server signature algorithm selection and an extension that allows a client to advise a server that specific signature algorithms are supported. [STANDARDS-TRACK]
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 6277 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6276 DHCPv6 Prefix Delegation for Network Mobility
- RFC 6278 Use of Static-Static Elliptic Curve Diffie-Hellman Key Agreement in Cryptographic Message Syntax
- RFC 6275 Mobility Support in IPv6
- RFC 6279 Proxy Mobile IPv6 Localized Routing Problem Statement
- RFC 6274 Security Assessment of the Internet Protocol Version 4
- RFC 6280 An Architecture for Location and Location Privacy in Internet Applications
- RFC 6273 The Secure Neighbor Discovery Hash Threat Analysis
- RFC 6281 Understanding Apple's Back to My Mac Service