RFC 6277

Online Certificate Status Protocol Algorithm Agility, June 2011

File formats:
icon for text file icon for PDF icon for HTML icon for inline errata
Status:
PROPOSED STANDARD
Obsoleted by:
RFC 6960
Updates:
RFC 2560
Authors:
S. Santesson
P. Hallam-Baker
Stream:
IETF
Source:
pkix (sec)

Cite this RFC: TXT  |  XML  |   BibTeX

DOI:  https://doi.org/10.17487/RFC6277

Discuss this RFC: Send questions or comments to the mailing list pkix@ietf.org

Other actions: View Errata  |  Submit Errata  |  Find IPR Disclosures from the IETF  |  View History of RFC 6277

Abstract

The Online Certificate Status Protocol (OCSP) requires server responses to be signed but does not specify a mechanism for selecting the signature algorithm to be used. This may lead to avoidable interoperability failures in contexts where multiple signature algorithms are in use. This document specifies rules for server signature algorithm selection and an extension that allows a client to advise a server that specific signature algorithms are supported. [STANDARDS-TRACK]

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 8729.



Advanced Search