• Technology
• KnowledgeBase
• SignificantTechnicalStandards

• česky | english

• NOTA BENE - WORK IN PROGRESS - Your Inputs & Thoughts

• To Technology Knowledge Base - To Technology Knowledge Base - Overview - To Brain - Policies & Significant Technical Standards

Significant Technical Standards for CAcert.org

• Description / Intro

The Internet Engineering Task Force - IETF

• Web Address: http://www.ietf.org - Web Address of Request for Comments - RFC: http://www.rfc-editor.org

  • RFC 5636 - Traceable Anonymous Certificate Text only - Website Version Text only - Print Version .pdf Download

  • RFC 5617 - DomainKeys Identified Mail (DKIM) Author Domain Signing Practices (ADSP) Text only - Website Version Text only - Print Version .pdf Download

  • RFC 5280 - Internet X.509 Public Key Infrastructure: Certificate and Certificate Revocation List (CRL) Profile Text only - Website Version Text only - Print Version .pdf Download

  • RFC 5246 - The Transport Layer Security (TLS) Protocol - Version 1.2 Text only - Website Version Text only - Print Version .pdf Download

  • RFC 4985 - Internet X.509 Public Key Infrastructure: Subject Alternative Name for Expression of Service Name Text only - Website Version Text only - Print Version .pdf Download

  • RFC 4871 - DomainKeys Identified Mail (DKIM) Signatures Text only - Website Version Text only - Print Version .pdf Download

  • RFC 4343 - Domain Name System (DNS) Case Insensitivity Clarification Text only - Website Version Text only - Print Version .pdf Download

  • RFC 4158 - Internet X.509 Public Key Infrastructure: Certification Path Building Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3647 - Internet X.509 Public Key Infrastructure: Certificate Policy and Certification Practices Framework Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3492 - Punycode: A Bootstring encoding of Unicode for Internationalized Domain Names in Applications - IDNA Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3491 - Nameprep: A Stringprep Profile for Internationalized Domain Names - IDNA Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3490 - Internationalizing Domain Names in Applications - IDNA Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3454 - Preparation of Internationalized Strings ("stringprep") Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3281 - An Internet Attribute Certificate Profile for Authorization Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3280 - Internet X.509 Public Key Infrastructure: Certificate and Certificate Revocation List (CRL) Profile Text only - Website Version Text only - Print Version .pdf Download - NOTE: Replaced by RFC 5280

  • RFC 3279 - Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile Text only - Website Version Text only - Print Version .pdf Download

  • RFC 3161 - Internet X.509 Public Key Infrastructure: Time-Stamp Protocol (TSP) Text only - Website Version Text only - Print Version .pdf Download

  • RFC 2606 - Reserved Top Level DNS Names Text only - Website Version Text only - Print Version .pdf Download

  • RFC 2560 - X.509 Internet Public Key Infrastructure: Online Certificate Status Protocol - OCSP Text only - Website Version Text only - Print Version .pdf Download

  • RFC 2246 - The TLS Protocol Version 1.0 Text only - Website Version Text only - Print Version .pdf Download

  • RFC 2142 - MAILBOX NAMES FOR COMMON SERVICES, ROLES AND FUNCTIONS Text only - Website Version Text only - Print Version .pdf Download

  • RFC 2119 - Key words for use in RFCs to Indicate Requirement Levels Text only - Website Version Text only - Print Version .pdf Download

  • RFC 1918 - Address Allocation for Private Internets Text only - Website Version Text only - Print Version .pdf Download

• For individual search: RFC Search Engine , Keyword: e.g. X.509 - or alternatively: RFC Index

• more about PKIX Working Group developing Standards for X.509-based Public Key Infrastructures - PKI's - source: ietf.org

• more about IETF - source: en.wikipedia.org

• more about RFC - source: en.wikipedia.org

International Telecommunication Union - ITU

• Web Address: http://www.itu.int

  • Overview Recommendation X.509

• more about ITU - source: en.wikipedia.org

The Unicode Consortium - UNICODE

• Web Address: http://www.unicode.org

  • Unicode Character Code Charts

• more about Unicode - source: en.wikipedia.org

Internet Corporation for Assigned Names and Numbers - ICANN

• Web Address: http:///www.icann.org

  • Internet Domain Names - IDN

• more about ICANN - source: en.wikipedia.org

Inputs & Thoughts

• 20090929-RPHerrold

• The National Institute of Standards and Technology (NIST) is a non-regulatory federal agency within the US Commerce Department.  It is promulgates standards which much be met to reach inclusion into obtaining cross signing to be able to provide a complete validation path route to root.
  
  It manages the FIPS standards which must be met for a CA to be able to interoperate with the US federal CA, which, as a functional matter, is needed for attaining such a path
  
  http://csrc.nist.gov/groups/ST/crypto_apps_infra/pki/index.html
  
  see: FIPS 151-2 testing and certification
  
  http://csrc.nist.gov/publications/PubsFIPS.html

• YYYYMMDD-YourName

• Text / Your Statements, thoughts and e-mail snippets, Please

• YYYYMMDD-YourName

• Text / Your Statements, thoughts and e-mail snippets, Please

Category or Categories

• CategoryPolicy

• CategoryCustom

• note: Please, replace "Custom" with an existing Category or if needed create a new, meaningful one.