{"draft":"draft-ietf-pkix-rfc3280bis-11","doc_id":"RFC5280","title":"Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile","authors":["D. Cooper","S. Santesson","S. Farrell","S. Boeyen","R. Housley","W. Polk"],"format":["ASCII","HTML"],"page_count":"151","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Public-Key Infrastructure (X.509)","abstract":"This memo profiles the X.509 v3 certificate and X.509 v2 certificate\r\nrevocation list (CRL) for use in the Internet.  An overview of this\r\napproach and model is provided as an introduction.  The X.509 v3\r\ncertificate format is described in detail, with additional information\r\nregarding the format and semantics of Internet name forms.  Standard\r\ncertificate extensions are described and two Internet-specific\r\nextensions are defined.  A set of required certificate extensions is\r\nspecified.  The X.509 v2 CRL format is described in detail along with\r\nstandard and Internet-specific extensions.  An algorithm for X.509 certification\r\npath validation is described.  An ASN.1 module and examples are\r\nprovided in the appendices.  [STANDARDS-TRACK]","pub_date":"May 2008","keywords":["[--------]","X.509 v3","X.509 v2","certificate extensions"],"obsoletes":["RFC3280","RFC4325","RFC4630"],"obsoleted_by":[],"updates":[],"updated_by":["RFC6818","RFC8398","RFC8399","RFC9549"],"see_also":[],"doi":"10.17487\/RFC5280","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc5280"}