IETF Logo Mail Archive

[rfc-dist] RFC 9162 on Certificate Transparency Version 2.0

rfc-editor@rfc-editor.org Fri, 10 December 2021 07:42 UTC

Return-Path: <rfc-dist-bounces@rfc-editor.org>
X-Original-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Delivered-To: ietfarch-rfc-dist-archive@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C56B3A093D for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Thu, 9 Dec 2021 23:42:37 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.9
X-Spam-Level:
X-Spam-Status: No, score=-2.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, MAILING_LIST_MULTI=-1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6oykz8-0T5nN for <ietfarch-rfc-dist-archive@ietfa.amsl.com>; Thu, 9 Dec 2021 23:42:32 -0800 (PST)
Received: from rfc-editor.org (rfc-editor.org [IPv6:2001:1900:3001:11::31]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A36A93A0940 for <rfc-dist-archive-yuw6Xa6hiena@ietf.org>; Thu, 9 Dec 2021 23:42:32 -0800 (PST)
Received: from rfcpa.amsl.com (localhost [IPv6:::1]) by rfc-editor.org (Postfix) with ESMTP id 795E6EEA0D; Thu, 9 Dec 2021 23:42:30 -0800 (PST)
X-Original-To: rfc-dist@rfc-editor.org
Delivered-To: rfc-dist@rfc-editor.org
Received: by rfc-editor.org (Postfix, from userid 499) id A13DEEEA00; Thu, 9 Dec 2021 23:42:29 -0800 (PST)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, trans@ietf.org
Message-Id: <20211210074229.A13DEEEA00@rfc-editor.org>
Date: Thu, 09 Dec 2021 23:42:29 -0800
Subject: [rfc-dist] RFC 9162 on Certificate Transparency Version 2.0
X-BeenThere: rfc-dist@rfc-editor.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: RFC Announcements <rfc-dist.rfc-editor.org>
List-Unsubscribe: <https://www.rfc-editor.org/mailman/options/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=unsubscribe>
List-Archive: <http://www.rfc-editor.org/pipermail/rfc-dist/>
List-Post: <mailto:rfc-dist@rfc-editor.org>
List-Help: <mailto:rfc-dist-request@rfc-editor.org?subject=help>
List-Subscribe: <https://www.rfc-editor.org/mailman/listinfo/rfc-dist>, <mailto:rfc-dist-request@rfc-editor.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: rfc-dist-bounces@rfc-editor.org
Sender: rfc-dist <rfc-dist-bounces@rfc-editor.org>

A new Request for Comments is now available in online RFC libraries.

        
        RFC 9162

        Title:      Certificate Transparency Version 2.0 
        Author:     B. Laurie,
                    E. Messeri,
                    R. Stradling
        Status:     Experimental
        Stream:     IETF
        Date:       December 2021
        Mailbox:    benl@google.com,
                    eranm@google.com,
                    rob@sectigo.com
        Pages:      53
        Obsoletes:  RFC 6962

        I-D Tag:    draft-ietf-trans-rfc6962-bis-42.txt

        URL:        https://www.rfc-editor.org/info/rfc9162

        DOI:        10.17487/RFC9162

This document describes version 2.0 of the Certificate Transparency
(CT) protocol for publicly logging the existence of Transport Layer
Security (TLS) server certificates as they are issued or observed, in
a manner that allows anyone to audit certification authority (CA)
activity and notice the issuance of suspect certificates as well as
to audit the certificate logs themselves. The intent is that
eventually clients would refuse to honor certificates that do not
appear in a log, effectively forcing CAs to add all issued
certificates to the logs.

This document obsoletes RFC 6962.  It also specifies a new TLS
extension that is used to send various CT log artifacts.

Logs are network services that implement the protocol operations for
submissions and queries that are defined in this document.

This document is a product of the Public Notary Transparency Working Group of the IETF.


EXPERIMENTAL: This memo defines an Experimental Protocol for the
Internet community.  It does not specify an Internet standard of any
kind. Discussion and suggestions for improvement are requested.
Distribution of this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


_______________________________________________
rfc-dist mailing list
rfc-dist@rfc-editor.org
https://www.rfc-editor.org/mailman/listinfo/rfc-dist
http://www.rfc-editor.org

v2.23.0 | Report a Bug | By Email