The SODP (Secure Object Delivery Protocol) Server Interfaces: NSA's Profile for Delivery of Certificates, CRLs, and Symmetric Keys to Clients
draft-turner-sodp-profile-04
| Document | Type | Expired Internet-Draft (individual) | |
|---|---|---|---|
| Last updated | 2020-02-17 (latest revision 2019-08-16) | ||
| Stream | ISE | ||
| Intended RFC status | Informational | ||
| Formats |
Expired & archived
pdf
htmlized
bibtex
|
||
| IETF conflict review | conflict-review-turner-sodp-profile | ||
| Stream | ISE state | In ISE Review | |
| Consensus Boilerplate | Unknown | ||
| Document shepherd | Adrian Farrel | ||
| Shepherd write-up | Show (last changed 2019-08-01) | ||
| IESG | IESG state | Expired | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | Adrian Farrel <rfc-ise@rfc-editor.org> | ||
| IANA | IANA review state | Version Changed - Review Needed | |
https://www.ietf.org/archive/id/draft-turner-sodp-profile-04.txt
Abstract
This document specifies protocol interfaces profiled by the US NSA (United States National Security Agency) for NSS (National Security System) servers that provide public key certificates, CRLs (Certificate Revocation Lists), and symmetric keys to NSS clients. Servers that support these interfaces are referred to as SODP (Secure Object Delivery Protocol) servers. The intended audience for this profile comprises developers of client devices that will obtain key management services from NSA-operated SODP servers. Interfaces supported by SODP servers include: EST (Enrollment over Secure Transport) and its extensions as well as CMC (Certificate Management over CMS (Cryptographic Message Syntax)). This profile applies to the capabilities, configuration, and operation of all components of US National Security Systems (SP 800- 59). It is also appropriate for other US Government systems that process high-value information. It is made publicly available for use by developers and operators of these and any other system deployments.
Authors
Michael Jenkins
(mjjenki@nsa.gov)
Sean Turner
(sean@sn3rd.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)