RFC 2459 (rfc2459) - Page 2 of 129


Internet X



Alternative Format: Original Text Document



RFC 2459        Internet X.509 Public Key Infrastructure    January 1999


   Please send comments on this document to the  mail
   list.



                           TTTTaaaabbbblllleeee ooooffff CCCCoooonnnntttteeeennnnttttssss



   1  Introduction ................................................    5
   2  Requirements and Assumptions ................................    6
   2.1  Communication and Topology ................................    6
   2.2  Acceptability Criteria ....................................    7
   2.3  User Expectations .........................................    7
   2.4  Administrator Expectations ................................    7
   3  Overview of Approach ........................................    7
   3.1  X.509 Version 3 Certificate ...............................    9
   3.2  Certification Paths and Trust .............................   10
   3.3  Revocation ................................................   12
   3.4  Operational Protocols .....................................   13
   3.5  Management Protocols ......................................   13
   4  Certificate and Certificate Extensions Profile ..............   15
   4.1  Basic Certificate Fields ..................................   15
   4.1.1  Certificate Fields ......................................   16
   4.1.1.1  tbsCertificate ........................................   16
   4.1.1.2  signatureAlgorithm ....................................   16
   4.1.1.3  signatureValue ........................................   17
   4.1.2  TBSCertificate ..........................................   17
   4.1.2.1  Version ...............................................   17
   4.1.2.2  Serial number .........................................   18
   4.1.2.3  Signature .............................................   18
   4.1.2.4  Issuer ................................................   18
   4.1.2.5  Validity ..............................................   21
   4.1.2.5.1  UTCTime .............................................   22
   4.1.2.5.2  GeneralizedTime .....................................   22
   4.1.2.6  Subject ...............................................   22
   4.1.2.7  Subject Public Key Info ...............................   23
   4.1.2.8  Unique Identifiers ....................................   24
   4.1.2.9 Extensions .............................................   24
   4.2  Certificate Extensions ....................................   24
   4.2.1  Standard Extensions .....................................   25
   4.2.1.1  Authority Key Identifier ..............................   25
   4.2.1.2  Subject Key Identifier ................................   26
   4.2.1.3  Key Usage .............................................   27
   4.2.1.4  Private Key Usage Period ..............................   29
   4.2.1.5  Certificate Policies ..................................   29
   4.2.1.6  Policy Mappings .......................................   31
   4.2.1.7  Subject Alternative Name ..............................   32



Housley, et. al.            Standards Track