RFC 4809:Requirements for an IPsec Certificate Man...
RFC-Ref
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Requirements for an IPsec Certificate Management Profile
1. Introduction
1.1. Scope
1.2. Non-Goals
1.3. Definitions
1.4. Requirements Terminology
2. Architecture
2.1. VPN System
2.1.1. IPsec Peer(s)
2.1.2. VPN Administration Function (Admin)
2.2. PKI System
2.3. VPN-PKI Interaction
3. Requirements
3.1. General Requirements
3.1.1. One Protocol
3.1.2. Secure Transactions
3.1.3. Admin Availability
3.1.4. PKI Availability
3.1.5. End-User Transparency
3.1.6. PKC Profile for PKI Interaction
3.1.6.1. Identity
3.1.6.2. Key Usage
3.1.6.3. Extended Key Usage
3.1.6.4. Revocation Information Location
3.1.7. Error Handling
3.2. Authorization
3.2.1. One Protocol
3.2.2. Bulk Authorization
3.3. Authorization Scenario
3.3.1. Authorization Request
3.3.1.1. Specifying Fields within the PKC
3.3.1.2. Authorizations for Rekey, Renewal, and Update
3.3.1.3. Other Authorization Elements
3.3.1.4. Cancel Capability
3.3.2. Authorization Response
3.3.2.1. Error Handling for Authorization
3.4. Generation
3.4.1. Generation Method 1: IPsec Peer Generates Key Pair, Constructs
3.4.2. Generation Method 2: IPsec Peer Generates Key Pair, Admin
3.4.3. Generation Method 3: Admin Generates Key Pair, Constructs PKC
3.4.4. Method 4: PKI Generates Key Pair
3.4.5. Error Handling for Generation
3.5. Enrollment
3.5.1. One Protocol
3.5.2. On-line Protocol
3.5.3. Single Connection with Immediate Response
3.5.4. Manual Approval Option
3.5.5. Enrollment Method 1: Peer Enrolls to PKI Directly
3.6. Enrollment Method 2a: Peer Enrolls through Admin
3.6.1. Enrollment Method 2b: Peer Enrolls through Admin
3.6.2. Enrollment Method 3a: Admin Authorizes and Enrolls Directly to
3.6.3. Enrollment Method 3b: Admin Requests and PKI Generates and
3.6.4. Confirmation Handshake
3.6.5. Error Handling for Enrollment
3.7. Lifecycle
3.7.1. One Protocol
3.7.2. PKC Rekeys, Renewals, and Updates
3.7.2.1. Rekey Request
3.7.2.2. Renew Request
3.7.2.3. Update Request
3.7.2.4. Error Handling for Rekey, Renewal, and Update
3.7.2.5. Confirmation Handshakes
3.7.3. Revocation
3.8. Repositories
3.8.1. Lookups
3.8.2. Error Handling for Repository Lookups
3.9. Trust
3.9.1. Trust Anchor PKC Acquisition
3.9.2. Certification Path Validation
3.9.3. Revocation Checking and Status Information
3.9.4. Error Handling in Revocation Checking and Certificate Path
4. Security Considerations
5. References
5.1. Normative References
5.2. Informative References
6. Acknowledgements
7. Editors' Addresses
8. Full Copyright Statement
9. Intellectual Property
10. Acknowledgement
Previous
|
Next
Frontpage
|
Contents
|
Keywords
Web
RFC-Ref
RFC-Ref.org
Frontpage
Global Index
RFC
Sister Sites
Chess-Ref.org
Law-Ref.org
InChI.info
Zvon.org
