Network Working Group
Request for Comments: 3280
Obsoletes: 2459
Category: Standards Track
R. Housley
RSA Laboratories
W. Polk
NIST
W. Ford
VeriSign
D. Solo
Citigroup
 April 2002

Internet X.509 Public Key Infrastructure
Certificate and Certificate Revocation List (CRL) Profile

Status of this Memo

This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2002). All Rights Reserved.

Abstract

This memo profiles the X.509 v3 certificate and X.509 v2 Certificate Revocation List (CRL) for use in the Internet. An overview of this approach and model are provided as an introduction. The X.509 v3 certificate format is described in detail, with additional information regarding the format and semantics of Internet name forms. Standard certificate extensions are described and two Internet-specific extensions are defined. A set of required certificate extensions is specified. The X.509 v2 CRL format is described in detail, and required extensions are defined. An algorithm for X.509 certification path validation is described. An ASN.1 module and examples are provided in the appendices.

Table of Contents

1 Introduction

2 Requirements and Assumptions
2.1 Communication and Topology
2.2 Acceptability Criteria
2.3 User Expectations
2.4 Administrator Expectations

3 Overview of Approach
3.1 X.509 Version 3 Certificate
3.2 Certification Paths and Trust
3.3 Revocation
3.4 Operational Protocols
3.5 Management Protocols

4 Certificate and Certificate Extensions Profile
4.1 Basic Certificate Fields
4.1.1 Certificate Fields
4.1.1.1 tbsCertificate
4.1.1.2 signatureAlgorithm
4.1.1.3 signatureValue
4.1.2 TBSCertificate
4.1.2.1 Version
4.1.2.2 Serial number
4.1.2.3 Signature
4.1.2.4 Issuer
4.1.2.5 Validity
4.1.2.5.1 UTCTime
4.1.2.5.2 GeneralizedTime
4.1.2.6 Subject
4.1.2.7 Subject Public Key Info
4.1.2.8 Unique Identifiers
4.1.2.9 Extensions
4.2 Certificate Extensions
4.2.1 Standard Extensions
4.2.1.1 Authority Key Identifier
4.2.1.2 Subject Key Identifier
4.2.1.3 Key Usage
4.2.1.4 Private Key Usage Period
4.2.1.5 Certificate Policies
4.2.1.6 Policy Mappings
4.2.1.7 Subject Alternative Name
4.2.1.8 Issuer Alternative Name
4.2.1.9 Subject Directory Attributes
4.2.1.10 Basic Constraints
4.2.1.11 Name Constraints
4.2.1.12 Policy Constraints
4.2.1.13 Extended Key Usage
4.2.1.14 CRL Distribution Points
4.2.1.15 Inhibit Any-Policy
4.2.1.16 Freshest CRL
4.2.2 Internet Certificate Extensions
4.2.2.1 Authority Information Access
4.2.2.2 Subject Information Access

5 CRL and CRL Extensions Profile
5.1 CRL Fields
5.1.1 CertificateList Fields
5.1.1.1 tbsCertList
5.1.1.2 signatureAlgorithm
5.1.1.3 signatureValue
5.1.2 Certificate List "To Be Signed"
5.1.2.1 Version
5.1.2.2 Signature
5.1.2.3 Issuer Name
5.1.2.4 This Update
5.1.2.5 Next Update
5.1.2.6 Revoked Certificates
5.1.2.7 Extensions
5.2 CRL Extensions
5.2.1 Authority Key Identifier
5.2.2 Issuer Alternative Name
5.2.3 CRL Number
5.2.4 Delta CRL Indicator
5.2.5 Issuing Distribution Point
5.2.6 Freshest CRL
5.3 CRL Entry Extensions
5.3.1 Reason Code
5.3.2 Hold Instruction Code
5.3.3 Invalidity Date
5.3.4 Certificate Issuer

6 Certificate Path Validation
6.1 Basic Path Validation
6.1.1 Inputs
6.1.2 Initialization
6.1.3 Basic Certificate Processing
6.1.4 Preparation for Certificate i+1
6.1.5 Wrap-up procedure
6.1.6 Outputs
6.2 Extending Path Validation
6.3 CRL Validation
6.3.1 Revocation Inputs
6.3.2 Initialization and Revocation State Variables
6.3.3 CRL Processing

7 References

8 Intellectual Property Rights

9 Security Considerations

Appendix A. ASN.1 Structures and OIDs
A.1 Explicitly Tagged Module, 1988 Syntax
A.2 Implicitly Tagged Module, 1988 Syntax

Appendix B. ASN.1 Notes

Appendix C. Examples
C.1 DSA Self-Signed Certificate
C.2 End Entity Certificate Using DSA
C.3 End Entity Certificate Using RSA
C.4 Certificate Revocation List

Author Addresses

Russell Housley
RSA Laboratories
918 Spring Knoll Drive
Herndon, VA 20170
USA

EMail: rhousley@rsasecurity.com

Warwick Ford
VeriSign, Inc.
401 Edgewater Place
Wakefield, MA 01880
USA

EMail: wford@verisign.com

Tim Polk
NIST
Building 820, Room 426
Gaithersburg, MD 20899
USA

EMail: wpolk@nist.gov

David Solo
Citigroup
909 Third Ave, 16th Floor
New York, NY 10043
USA

EMail: dsolo@alum.mit.edu

Full Copyright Statement

Copyright (C) The Internet Society (2002). All Rights Reserved.

This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.

The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.

This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

Acknowledgement

Funding for the RFC Editor function is currently provided by the Internet Society.