PKI Standards and Protocols

PKI Standards Work

The dominant PKI-related standards can be found at the following organisations and working groups.

PKIX - the public key working group of the IETF

IETF Security Area

IETF S/MIME Mail Security (see also the Internet Mail Consortium S/MIME site)

IETF Transport Layer Security (TLS)

IEEE Standards for Public Key Cryptography

ANSI X9.79 - Financial Industry PKI Standard

RSA PKCS standards series, most of which have moved into the public domain

NIST Federal PKI Technical Working Group (now inactive)



The Major PKI Related RFCs

The chair of the IETF's PKIX Working Group once named these as the most important of their RFCs to do with public key security.

RFC3820 X.509 PKI Proxy Certificate Profile

RFC2560 Online Certificate Status Protocol - OCSP

RFC2527 X.509 Certificate Policy and Certification Practices Framework. Superseded by RFC 3647.

RFC3647 - X.509 Certificate Policy and Certification Practices Framework. Supersedes RFC 2527.

RFC2511 - Certificate Request Message Format

RFC2797 - Certificate Management Messages over CMS

RFC3039 - PKI Qualified Certificates Profile

RFC3161 - Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP)

RFC3281 - An Internet Attribute Certificate Profile for Authorization. Focus Areas: BPEL | DITA | ebXML | IDtrust | OpenDocument | SAML | UBL | UDDI
OASIS sites: OASIS | Cover Pages | | AMQP | CGM Open | eGov | Emergency | IDtrust | LegalXML | Open CSA | OSLC | WS-I