7.9 Public key infrastructure (X.509) standards

7.9 Public key infrastructure (X.509) standards

One topic not covered is where X.509 comes from and what organizations support it. The "International Telecommunication Union" (ITU) is an organization formerly known as "Consultative Committee on International Telephone and Telegraphy" (CCITT). The ITU provides telecommunications standards as well as the "X." standards, such as X.500 (directory services) and X.509 (secure directory services).[8]

The "Internet Engineering Task Force" (IETF) is an open international community of network designers, vendors, and researchers focused on the evolution of the Internet architecture and the operation of the Internet.[9] The IETF has recognized the X.509 standards to be used in the Internet technologies. To understand the IETF, you need to look at a document that they created:

The Internet Engineering Task Force is a loosely self-organized group of people who make technical and other contributions to the engineering and evolution of the Internet and its technologies. It is the principal body engaged in the development of new Internet standard specifications. Its mission includes: identifying and proposing solutions to pressing operational and technical problems in the Internet; specifying the development or usage of protocols and the near-term architecture to solve such technical problems for the Internet; making recommendations to the Internet Engineering Steering Group (IESG) regarding the standardization of protocols and protocol usage in the Internet; facilitating technology transfer from the Internet Research Task Force (IRTF) to the wider Internet community; and providing a forum for the exchange of information within the Internet community between vendors, users, researchers, agency contractors, and network managers.

The IETF meeting is not a conference, although there are technical presentations. The IETF is also not a traditional standards organization, although many specifications are produced that become standards. The IETF is made up of volunteers who meet three times a year to fulfill the IETF mission.

There is no membership in the IETF. Anyone may register for and attend any meeting. The closest thing there is to being an IETF member is being on the IETF or working group mailing lists (see the IETF Mailing Lists section). This is where the best information about current IETF activities and focus can be found.[10]

In order to generate some methods and standards to deal with encryption, the IETF formed the Public Key Infrastructure (X.509) (PKIX)[11] working group. The main drive of this working group was to develop the Internet standards needed to support an X.509-based PKI. One of the goals of this PKI is to facilitate the use of X.509 certificates in various applications that reside on the Internet. As part of this process, the working group was looking to promote interoperability between many vendor implementations. The result of this work was to provide a PKI framework based on X.509.[12]

So how do we get a working group to generate a standard? Following is a high-level overview[13]: Overall, we start with a description that will solve some type of technological problem. A team of "smart dudes" will get together and generate a draft document of their solution. We call these draft documents "Internet-drafts."

When submitted to the IETF, the draft documents are then valid for six months. These drafts then go through a process of review and development, which can consist of several revisions, each of which would be reviewed by the Internet community. If all goes well, and the draft is accepted, it will become a Request for Comments (RFC) document. If a specification has been adopted as an Internet standard, it is given the additional label STD, but it does keep its RFC number.

For more information about the new standard adoption process, PKIX standards, and LDAP standards, check out the references section at the back of this book.

PKS, RC2, and RSA Laboratories are trademarks of RSA Data Security, Inc. All other trademarks belong to their respective companies.






[13]For a more detailed understanding of this, go to http://www.ietf.org/tao.html

Internet Security(c) A Jumpstart for Systems Administrators and IT Managers
Internet Security: A Jumpstart for Systems Administrators and IT Managers
ISBN: 1555582982
EAN: 2147483647
Year: 2003
Pages: 103
Authors: Tim Speed, Juanita Ellis

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net