Composite Public Keys and Signatures
draft-pala-composite-crypto-03
Document | Type |
Expired Internet-Draft
(individual)
Expired & archived
|
|
---|---|---|---|
Author | Massimiliano Pala | ||
Last updated | 2019-09-26 (Latest revision 2019-03-25) | ||
RFC stream | (None) | ||
Intended RFC status | (None) | ||
Formats | |||
Stream | Stream state | (No stream defined) | |
Consensus boilerplate | Unknown | ||
RFC Editor Note | (None) | ||
IESG | IESG state | Expired | |
Telechat date | (None) | ||
Responsible AD | (None) | ||
Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
PKIs are used to provide scalability and ease key management. One type of PKIs that is predominant for securing communications and data is based on the X.509 standard. Since the security of PKIs, ultimately, depends on the security of the cryptographic building blocks that are used for authentication and encryption, the standards community made algorithm agility a priority. Algorithm agility, in particular, enables upgrading to newly available algorithms when needed. The CompositeCrypto (i.e., CompositeKey and CompositeSignature structures) described in this document provides an additional tool that enables the use of multiple algorithms to authenticate data without the need to use multiple certificates and more complex data structures. This document provide the description of the definition and encoding rules for CompositeKey and CompositeSignature. A description of how to use these structures in main PKIX objects (e.g., X.509 certificates, CRLs, OCSP responses, etc.) is also provided.
Authors
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)