{"draft":"draft-ietf-acme-star-11","doc_id":"RFC8739","title":"Support for Short-Term, Automatically Renewed (STAR) Certificates in the Automated Certificate Management Environment (ACME)","authors":["Y. Sheffer","D. Lopez","O. Gonzalez de Dios","A. Pastor Perales","T. Fossati"],"format":["HTML","TEXT","PDF","XML"],"page_count":"22","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Automated Certificate Management Environment","abstract":"Public key certificates need to be revoked when they are compromised,\r\nthat is, when the associated private key is exposed to an\r\nunauthorized entity.  However, the revocation process is often\r\nunreliable. An alternative to revocation is issuing a sequence of\r\ncertificates, each with a short validity period, and terminating the\r\nsequence upon compromise.  This memo proposes an Automated\r\nCertificate Management Environment (ACME) extension to enable the\r\nissuance of Short-Term, Automatically Renewed (STAR) X.509\r\ncertificates.","pub_date":"March 2020","keywords":["OCSP","CRL","revocation"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8739","errata_url":null}