public-key infrastructure (x_509) (pkix) charter.htm

PKIX的RFC英文文档

<html>
<title>Public-Key Infrastructure (X.509) (pkix) Charter</title>
<body bgcolor="#ffffff" >
<center>
<table border=0 cellpadding=0 cellspacing=0>
<tr>
<td><a href="/home.html"><img src="/images/header/ietflogo_sm.gif" border=0></a></td>
<td><a href="/home.html"><img src="/images/header/home11.gif" border=0></a></td>
<td><img src="/images/header/separator.gif" border=0></td>
<td><a href="/html.charters/wg-dir.html"><img src="/images/header/wg11.gif" border=0></a></td>
<td><img src="/images/header/separator.gif" border=0></td>
<td><a href="/meetings/meetings.html"><img src="/images/header/meetings11.gif" border=0></a></td>
<td><img src="/images/header/separator.gif" border=0></td>
<td><a href="/proceedings/directory.html"><img src="/images/header/proceed11.gif"  border=0></a></td>
<td><img src="/images/header/separator.gif" border=0></td>
<td><a href="/ID.html"><img src="/images/header/id-index11.gif" border=0></a></td>
<td><img src="/images/header/separator.gif" border=0></td>
<td><a href="/rfc.html"><img src="/images/header/rfc11.gif" border=0></a></td>
</tr>
</table>
</center>
<hr>

<h1>Public-Key Infrastructure (X.509) (pkix)</h1>

<p>Last Modifield: 2003-01-14

 <br>
<h2>Chair(s):</h2>
<a href="mailto:kent@bbn.com"><b>Stephen Kent &lt;kent@bbn.com&gt;</b></a><br>
<a href="mailto:wpolk@nist.gov"><b>Tim Polk &lt;wpolk@nist.gov&gt;</b></a><br>

<h2>Security Area Director(s):</h2>
<a href="mailto:jis@mit.edu"><b>Jeffrey Schiller &lt;jis@mit.edu&gt;</b></a><br>
<a href="mailto:smb@research.att.com"><b>Steven Bellovin &lt;smb@research.att.com&gt;</b></a><br>

<h2>Security Area Advisor:</h2>
<a href="mailto:jis@mit.edu"><b>Jeffrey Schiller &lt;jis@mit.edu&gt;</b></a><br>

<h2>Mailing Lists:</h2> 
General Discussion: ietf-pkix@imc.org<br>
To Subscribe: ietf-pkix-request@imc.org<br>
In Body: subscribe (In Body)<br>
Archive: http://www.imc.org/ietf-pkix<br>

<h2>Description of Working Group:</h2>

The PKIX Working Group was established in the Fall of 1995 with the
intent of developing Internet standards needed to support an
X.509-based PKI. The scope of PKIX work has expanded beyond this
initial goal. PKIX not only profiles ITU PKI standards, but also
develops new standards apropos to the use of X.509-based PKIs in the
Internet.

<p>
PKIX has produced several informational and standards track documents
in support of the original and revised scope of the WG. The first of
these standards, RFC 2459, profiled X.509 version 3 certificates and
version 2 CRLs for use in the Internet. Profiles for the use of
Attribute Certificates (RFC XXXX [pending]), LDAP v2 for certificate
and CRL storage (RFC 2587), the Internet X.509 Public Key
Infrastructure Qualified Certificates Profile (RFC 3039), and the
Internet X.509 Public Key Infrastructure Certificate Policy and
certification Practices Framework (RFC 2527 - Informational) are in
line with the initial scope.

<p>
The Certificate Management Protocol (CMP) (RFC 2510), the Online
Certificate Status Protocol (OCSP) (RFC 2560), Certificate Management
Request Format (CRMF) (RFC 2511), Time-Stamp Protocol (RFC 3161),
Certificate Management Messages over CMS (RFC 2797), Internet X.509
Public Key Infrastructure Time Stamp Protocols (RFC 3161), and the use
of FTP and HTTP for transport of PKI operations (RFC 2585) are
representative of the expanded scope of PKIX, as these are new
protocols developed in the working group, not profiles of ITU PKI
standards.

<p>
A roadmap, providing a guide to the growing set of PKIX document, also
has been developed as an informational RFC.

<p>
Ongoing PKIX Work items

<p>
An ongoing PKIX task is the progression of existing, standards track
RFCs from PROPOSED to DRAFT. Also, to the extent that PKIX work
relates to protocols from other areas, e.g., LDAP, it is necessary to
track the evolution of the other protocols and produce updated
RFCs. For example, the LDAP v2 documents from PKIX are evolving to
address LDAP v3. Finally, since the profiling of X.509 standards for
use in the Internet remains a major focus, the WG will continue to
track the evolution of these standards and incorporate changes and
additions as appropriate.

<p>
New Work items for PKIX

<p>
- production of a requirements RFC for delegated path discovery and
  path validation protocols (DPD/DPV) and subsequent production of
  RFCs for protocols that satisfy the requirements

<p>
- development of a logotype extension for certificates 

<p>
- development of a proxy certificate extension and associated
  processing rules

<p>
- development of an informational document on PKI disaster recovery

<p>
These work items may become standards track, INFORMATIONAL or
EXPERIMENTAL RFCs, or may not even be published as RFCs.

<p>
Other deliverables may be agreed upon as extensions are proposed.
New deliverables must be approved by the Security Area Directors
before inclusion on the charter or IETF meeting agendas.

<h2>Goals and Milestones:</h2>

<table>