RFC - 2560
X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
| Original: | ftp://ftp.isi.edu/in-notes/rfc2560.txt |
|---|---|
| Authors: | M. Myers [VeriSign], R. Ankney [CertCo], A. Malpani [ValiCert], S. Galperin [My CFO], C. Adams [Entrust Technologies] |
| Date: | June 1999 |
| Category: | Proposed Standard |
| Referred by: | 28 RFC |
| Refers to: | 4 RFC |
Status
This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract
This document specifies a protocol useful in determining the current status of a digital certificate without requiring CRLs. Additional mechanisms addressing PKIX operational requirements are specified in separate documents.
An overview of the protocol is provided in section 2. Functional requirements are specified in section 4. Details of the protocol are in section 5. We cover security issues with the protocol in section 6. Appendix A defines OCSP over HTTP, appendix B accumulates ASN.1 syntactic elements and appendix C specifies the mime types for the messages.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document (in uppercase, as shown) are to be interpreted as described in [RFC2119].
-
prepared by Miloslav Nic
- the founder of Zvon.org and Law-Ref.org
- the head of B.Sc. program Informatics and chemistry [in Czech]
- the founder of Lidem.org - Volby 2006 - parliamentary elections in the Czech Republic [in Czech]
- the chief consultant of the publishing house ICT Press
- and Pavel Srb, a student of B.Sc. program Informatics and chemistry