Online Certificate Status Protocol Algorithm Agility, June 2011
- Canonical URL:
- File formats:
- PROPOSED STANDARD
- Obsoleted by:
- RFC 6960
- RFC 2560
- S. Santesson
- pkix (sec)
Discuss this RFC: Send questions or comments to firstname.lastname@example.org
The Online Certificate Status Protocol (OCSP) requires server responses to be signed but does not specify a mechanism for selecting the signature algorithm to be used. This may lead to avoidable interoperability failures in contexts where multiple signature algorithms are in use. This document specifies rules for server signature algorithm selection and an extension that allows a client to advise a server that specific signature algorithms are supported. [STANDARDS-TRACK]
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 4844.