Search RFCs
RFC 9618
Updates to X.509 Policy Validation,August 2024
- File formats:
- Also available:XML file for editing
- Status:
- PROPOSED STANDARD
- Updates:
- RFC 5280
- Author:
- D. Benjamin
- Stream:
- IETF
- Source:
- lamps (sec)
Cite this RFC:TXT | XML | BibTeX
DOI: https://doi.org/10.17487/RFC9618
Discuss this RFC: Send questions or comments to the mailing listspasm@ietf.org
Other actions:Submit Errata | Find IPR Disclosures from the IETF | View History of RFC 9618
Abstract
This document updates RFC 5280 to replace the algorithm for X.509policy validation with an equivalent, more efficient algorithm. Theoriginal algorithm built a structure that scaled exponentially in theworst case, leaving implementations vulnerable to denial-of-serviceattacks.
For the definition ofStatus,seeRFC 2026.
For the definition ofStream, seeRFC 8729.