TLS和DTLS的委托凭据

RFC Pub Date : 2023-07-01 DOI:10.17487/rfc9345

R. Barnes, S. Iyengar, N. Sullivan, E. Rescorla

{"title":"TLS和DTLS的委托凭据","authors":"R. Barnes, S. Iyengar, N. Sullivan, E. Rescorla","doi":"10.17487/rfc9345","DOIUrl":null,"url":null,"abstract":"The organizational separation between operators of TLS and DTLS endpoints and the certification authority can create limitations. For example, the lifetime of certificates, how they may be used, and the algorithms they support are ultimately determined by the Certification Authority (CA). This document describes a mechanism to overcome some of these limitations by enabling operators to delegate their own credentials for use in TLS and DTLS without breaking compatibility with peers that do not support this specification","PeriodicalId":21471,"journal":{"name":"RFC","volume":"29 1","pages":"1-17"},"PeriodicalIF":0.0000,"publicationDate":"2023-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Delegated Credentials for TLS and DTLS\",\"authors\":\"R. Barnes, S. Iyengar, N. Sullivan, E. Rescorla\",\"doi\":\"10.17487/rfc9345\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The organizational separation between operators of TLS and DTLS endpoints and the certification authority can create limitations. For example, the lifetime of certificates, how they may be used, and the algorithms they support are ultimately determined by the Certification Authority (CA). This document describes a mechanism to overcome some of these limitations by enabling operators to delegate their own credentials for use in TLS and DTLS without breaking compatibility with peers that do not support this specification\",\"PeriodicalId\":21471,\"journal\":{\"name\":\"RFC\",\"volume\":\"29 1\",\"pages\":\"1-17\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2023-07-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"RFC\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.17487/rfc9345\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"RFC","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.17487/rfc9345","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

摘要

TLS和DTLS端点的运营商与证书颁发机构之间的组织分离可能会产生限制。例如，证书的生命周期、如何使用它们以及它们支持的算法最终由证书颁发机构(certificate Authority, CA)决定。本文档描述了一种机制，通过使运营商能够委托自己的凭据在TLS和DTLS中使用，而不会破坏与不支持此规范的对等体的兼容性，从而克服其中一些限制

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Delegated Credentials for TLS and DTLS

The organizational separation between operators of TLS and DTLS endpoints and the certification authority can create limitations. For example, the lifetime of certificates, how they may be used, and the algorithms they support are ultimately determined by the Certification Authority (CA). This document describes a mechanism to overcome some of these limitations by enabling operators to delegate their own credentials for use in TLS and DTLS without breaking compatibility with peers that do not support this specification

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

RFC

自引率

0.00%

发文量