Trust Anchor Management Problem Statement
draft-ietf-pkix-ta-mgmt-problem-statement-01
| Document | Type | Expired Internet-Draft (pkix WG) | |
|---|---|---|---|
| Authors | Raksha Reddy , Carl Wallace | ||
| Last updated | 2008-02-18 | ||
| Stream | IETF | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
pdf
htmlized (tools)
htmlized
bibtex
|
||
| Stream | WG state | WG Document | |
| Document shepherd | No shepherd assigned | ||
| IESG | IESG state | Expired | |
| Consensus Boilerplate | Unknown | ||
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-ietf-pkix-ta-mgmt-problem-statement-01.txt
Abstract
A trust anchor is an authoritative entity represented via a public key and associated data. The public key is used to verify digital signatures and the associated data is used to constrain the types of information for which the trust anchor is authoritative. A relying party uses trust anchors to determine if a digitally signed object is valid by verifying a digital signature using the trust anchor's public key, and by enforcing the constraints expressed in the associated data for the trust anchor. This document describes some of the problems associated with the lack of a standard trust anchor management mechanism as well as problems that must be addressed by such a mechanism. This document discusses only public keys as trust anchors; symmetric key trust anchors are not considered.
Authors
Raksha Reddy
(r.reddy@radium.ncsc.mil)
Carl Wallace
(cwallace@cygnacom.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)