Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

“…This syntax extends the BNF syntax of SDP [8]. specified in Section 8, allows for the addition of future tokens, but they may only be added if they are included in RFCs that update or obsolete RFC 3279 [5].…”

Section: Fingerprint Attributementioning

confidence: 99%

Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)

Lennox¹

2017

View full text Add to dashboard Cite

This document specifies how to establish secure connection-oriented media transport sessions over the Transport Layer Security (TLS) protocol using the Session Description Protocol (SDP). It defines the SDP protocol identifier, 'TCP/TLS'. It also defines the syntax and semantics for an SDP 'fingerprint' attribute that identifies the certificate that will be presented for the TLS session. This mechanism allows media transport over TLS connections to be established securely, so long as the integrity of session descriptions is assured.This document obsoletes RFC 4572 by clarifying the usage of multiple fingerprints.

show abstract

“…The BNF grammar for each encoding rule is given below along with the OpenSSL routine used for the encoding in the reference implementation. The object identifiers for the encryption algorithms and message digest/ signature encryption schemes are specified in [RFC3279]. The particular algorithms required for conformance are not specified in this memo.…”

Section: Iana Considerationmentioning

confidence: 99%

Network Time Protocol Version 4: Autokey Specification

Mills¹,

Haberman²

2010

View full text Add to dashboard Cite

This memo describes the Autokey security model for authenticating servers to clients using the Network Time Protocol (NTP) and public key cryptography. Its design is based on the premise that IPsec schemes cannot be adopted intact, since that would preclude stateless servers and severely compromise timekeeping accuracy. In addition, Public Key Infrastructure (PKI) schemes presume authenticated time values are always available to enforce certificate lifetimes; however, cryptographically verified timestamps require interaction between the timekeeping and authentication functions.

show abstract

Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile

Cited by 34 publications

References 0 publications

BGPsec Algorithms, Key Formats, and Signature Formats

BGPsec Algorithms, Key Formats, and Signature Formats

Connection-Oriented Media Transport over the Transport Layer Security (TLS) Protocol in the Session Description Protocol (SDP)

Network Time Protocol Version 4: Autokey Specification

Contact Info

Product

Resources

About