Hash Of Root Key Certificate Extension
RFC 8649, “Hash Of Root Key Certificate Extension”, is an Informational document published in August 2019 by R. Housley. The canonical text is published by the RFC Editor.
Abstract
This document specifies the Hash Of Root Key certificate extension. This certificate extension is carried in the self-signed certificate for a trust anchor, which is often called a Root Certification Authority (CA) certificate. This certificate extension unambiguously identifies the next public key that will be used at some point in the future as the next Root CA certificate, eventually replacing the current one.
What “Informational” means
Published for the general information of the community. It does not define an IETF standard and carries no standards-track status.
The canonical text of RFC 8649 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 8650 Dynamic Subscription to YANG Events and Datastores over RESTCONF
- RFC 8651 Dynamic Link Exchange Protocol Control-Plane-Based Pause Extension
- RFC 8652 A YANG Data Model for the Internet Group Management Protocol and Multicast Listener Discovery
- RFC 8645 Re-keying Mechanisms for Symmetric Keys
- RFC 8653 On-Demand Mobility Management
- RFC 8654 Extended Message Support for BGP
- RFC 8643 An Opportunistic Approach for Secure Real-time Transport Protocol
- RFC 8655 Deterministic Networking Architecture