kx509 Kerberized Certificate Issuance Protocol in Use in 2012
RFC 6717, “kx509 Kerberized Certificate Issuance Protocol in Use in 2012”, is an Informational document published in August 2012 by H. Hotz, R. Allbery. The canonical text is published by the RFC Editor.
Abstract
This document describes a protocol, called kx509, for using Kerberos tickets to acquire X.509 certificates. These certificates may be used for many of the same purposes as X.509 certificates acquired by other means, but if a Kerberos infrastructure already exists, then the overhead of using kx509 may be much less.
While not standardized, this protocol is already in use at several large organizations, and certificates issued with this protocol are recognized by the International Grid Trust Federation. This document is not an Internet Standards Track specification; it is published for informational purposes.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 6717 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 6716 Definition of the Opus Audio Codec
- RFC 6718 Pseudowire Redundancy
- RFC 6715 vCard Format Extensions: Representing vCard Extensions Defined by the Open Mobile Alliance Converged Address Book Group
- RFC 6719 The Minimum Rank with Hysteresis Objective Function
- RFC 6714 Connection Establishment for Media Anchoring for the Message Session Relay Protocol
- RFC 6720 The Generalized TTL Security Mechanism for the Label Distribution Protocol
- RFC 6713 The 'application/zlib' and 'application/gzip' Media Types
- RFC 6721 The Atom "deleted-entry" Element