EST Extensions
RFC 8295, “EST Extensions”, is a Proposed Standard document published in January 2018 by S. Turner. The canonical text is published by the RFC Editor.
Abstract
The EST (Enrollment over Secure Transport) protocol defines the Well-Known URI (Uniform Resource Identifier) -- /.well-known/est -- along with a number of other path components that clients use for PKI (Public Key Infrastructure) services, namely certificate enrollment (e.g., /simpleenroll). This document defines a number of other PKI services as additional path components -- specifically, firmware and trust anchors as well as symmetric, asymmetric, and encrypted keys. This document also specifies the PAL (Package Availability List), which is an XML (Extensible Markup Language) file or JSON (JavaScript Object Notation) object that clients use to retrieve packages available and authorized for them. This document extends the EST server path components to provide these additional services.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8295 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8296 Encapsulation for Bit Index Explicit Replication in MPLS and Non-MPLS Networks
- RFC 8293 A Framework for Multicast in Network Virtualization over Layer 3
- RFC 8299 YANG Data Model for L3VPN Service Delivery
- RFC 8290 The Flow Queue CoDel Packet Scheduler and Active Queue Management Algorithm
- RFC 8300 Network Service Header
- RFC 8289 Controlled Delay Active Queue Management
- RFC 8301 Cryptographic Algorithm and Key Usage Update to DomainKeys Identified Mail
- RFC 8302 Transparent Interconnection of Lots of Links : ARP and Neighbor Discovery Optimization