database logo graphic

RFC 6717

"kx509 Kerberized Certificate Issuance Protocol in Use in 2012", August 2012

Canonical URL:
This document is also available in this non-normative format: PDF.
H. Hotz
R. Allbery

Cite this RFC: TXT  |  XML


Other actions: Find Errata (if any)  |  Submit Errata  |  Find IPR Disclosures from the IETF


This document describes a protocol, called kx509, for using Kerberos tickets to acquire X.509 certificates. These certificates may be used for many of the same purposes as X.509 certificates acquired by other means, but if a Kerberos infrastructure already exists, then the overhead of using kx509 may be much less. While not standardized, this protocol is already in use at several large organizations, and certificates issued with this protocol are recognized by the International Grid Trust Federation. This document is not an Internet Standards Track specification; it is published for informational purposes.

For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.

Go to the RFC Editor Homepage.