RFC 6717
kx509 Kerberized Certificate Issuance Protocol in Use in 2012, August 2012
- File formats:
- Status:
- INFORMATIONAL
- Authors:
- H. Hotz
R. Allbery - Stream:
- INDEPENDENT
DOI: 10.17487/RFC6717
Discuss this RFC: Send questions or comments to rfc-ise@rfc-editor.org
Other actions: Submit Errata | Find IPR Disclosures from the IETF
Abstract
This document describes a protocol, called kx509, for using Kerberos tickets to acquire X.509 certificates. These certificates may be used for many of the same purposes as X.509 certificates acquired by other means, but if a Kerberos infrastructure already exists, then the overhead of using kx509 may be much less.
While not standardized, this protocol is already in use at several large organizations, and certificates issued with this protocol are recognized by the International Grid Trust Federation. This document is not an Internet Standards Track specification; it is published for informational purposes.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.