Internet X.509 Public Key Infrastructure: Additional Algorithm Identifiers for RSASSA-PSS and ECDSA Using SHAKEs
RFC 8692, “Internet X.509 Public Key Infrastructure: Additional Algorithm Identifiers for RSASSA-PSS and ECDSA Using SHAKEs”, is a Proposed Standard document published in December 2019 by P. Kampanakis, Q. Dang. It updates RFC 3279. The canonical text is published by the RFC Editor.
Abstract
Digital signatures are used to sign messages, X.509 certificates, and Certificate Revocation Lists (CRLs). This document updates the "Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile" (RFC 3279) and describes the conventions for using the SHAKE function family in Internet X.509 certificates and revocation lists as one-way hash functions with the RSA Probabilistic signature and Elliptic Curve Digital Signature Algorithm (ECDSA) signature algorithms. The conventions for the associated subject public keys are also described.
What “Proposed Standard” means
An entry-level standards-track specification: stable, peer-reviewed and a solid basis for implementation, though it may still evolve before becoming an Internet Standard.
The canonical text of RFC 8692 is hosted at rfc-editor.org. Available in HTML,TXT,PDF,XML.
- RFC 8691 Basic Support for IPv6 Networks Operating Outside the Context of a Basic Service Set over IEEE Std 802.11
- RFC 8690 Clarification of Segment ID Sub-TLV Length for RFC 8287
- RFC 8694 Applicability of the Path Computation Element to Inter-area and Inter-AS MPLS and GMPLS Traffic Engineering
- RFC 8689 SMTP Require TLS Option
- RFC 8688 A Session Initiation Protocol Response Code for Rejected Calls
- RFC 8696 Using Pre-Shared Key in the Cryptographic Message Syntax
- RFC 8687 OSPF Routing with Cross-Address Family Traffic Engineering Tunnels
- RFC 8685 Path Computation Element Communication Protocol Extensions for the Hierarchical Path Computation Element Architecture