NIST STAFF MEMBER CO-CHAIRS WORKING GROUP OF THE INTERNET ENGINEERING TASK FORCE.A NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. staff member recently was selected as co-chair of the Public Key Infrastructure Using X.509 (PKIX PKIX Public Key Infrastructure for X.509 Certificates (IETF)
PKIX Public Key Infrastructure X509 ) Working Group of the Internet Engineering Task Force (c/o Corporation for National Research Initiatives (CNRI), Reston, VA, www.ietf.org) Founded in 1986, the IETF is a non-membership, open, voluntary standards organization dedicated to identifying problems and opportunities in IP data networks and proposing technical solutions to the (IETF See Internet Engineering Task Force.
IETF - Internet Engineering Task Force ). The IETF is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The IETF develops the protocols and standards needed to support the Internet. The actual technical work of the IETF is done in its working groups, which are organized by topic into several areas (e.g., routing, transport, security, etc.).
The PKIX Working Group was established in the fall of 1995 to develop Internet standards supporting an X.509-based public key infrastructure (PKI (Public Key Infrastructure) A framework for creating a secure method for exchanging information based on public key cryptography. The foundation of a PKI is the certificate authority (CA), which issues digital certificates that authenticate the identity of ). Since its inception, the IETF has developed 11 standards refining and augmenting the X.509 certificate standard to meet the requirements for an Internet X.509 PKI. These standards include a profile of the X.509 version 3 certificates and version 2 certificate revocation lists (CRLs), protocols for issuing and revoking certificates, online certificate status mechanisms, protocols for retrieving certificates and CRLs from LDAP (Lightweight Directory Access Protocol) A protocol used to access a directory listing. LDAP support is implemented in Web browsers and e-mail programs, which can query an LDAP-compliant directory. , FTP FTP
in full file transfer protocol
Internet protocol that allows a computer to send files to or receive files from another computer. Like many Internet resources, FTP works by means of a client-server architecture; the user runs client software to connect to , and HTTP servers, and guidance for authors of certificate policies. These PKIX specifications are widely used by industry as the basis for product development.
PKIX is now focusing on additional standards work to develop protocols that are either integral to PKI management or that are otherwise closely related to PKI use. PKIX is defining conventions for certificate name forms and extension usage for "qualified certificates," certificates designed for use in (legally binding) non-repudiation contexts. A profile of the X.509 attribute certificate for Internet use is in development. Work is also under way on protocols for time stamping and data certification. These protocols are designed primarily to support non-repudiation, making use of certificates and CRLs, and are so tightly bound to PKI use that they warrant coverage under this working group.