IETF공개키 기반구조 및 PKI-기반 응용 표준화 동향

  • 염흥열 (순천향대학교 정보보호학과)
  • Published : 2004.04.01

Abstract

지금까지 IETF에서 공개키 기반구조에 대한 표준화 작업은 PKIX 작업반$^{[5]}$에서 주로 수행되었지만, 최근 들어 4개의 새로운 작업반이 만들어졌다. 새로 생성된 작업반은 IPSEC을 위한 공개키 기반구조 표준을 개발하는 PK14IPSEC(PKI for IPSEC) 작업반$^{[36]}$, 장기간 서명 데이터의 존재와 디지털 서명된 데이터의 타당성과 존재성을 증명하기 위한 표준을 개발하고 있는 LTANS(Long-Term Archive and Notary Service) 작업반$^{[32]}$, 공개키/개인키와 인증서 등으로 구성되는 크리덴셜(Credential)을 획득하기 위한 등록 과정에 대한 모델을 표준화하기 위한 ENROLL(Credential and Provisioning) 작업반$^{[41]}$, 그리고 안전하게 크리덴셜을 한 장치에서 다른 장치로 안전하게 전달하기 위한 표준을 개발하는 SACRED(Securely available Credentials) 작업반$^{[28]}$ 등이다. 본 논문에서는 IETF 보안영역에서 수행되고 있는 공개키 기반구조에 바탕을 둔 여러 작업반에서 최근 수행중인 표준화 동향을 분석한다.

Keywords

References

  1. 한국정보보호학회지 v.12 no.4 PKI 표준화 동향과 PKI 영영간 상호 연동 방법 염흥열
  2. 전자상거래 보안기술 이만영;김지홍;류재철;송유진;염흥철;이임영
  3. 선진국의 정보보호기술 개발사업 동향분석 및 국내 대응방향 연구 염흥열(외)
  4. 유 · 무선 PKI 운용환경 분석 및 연동방안 제시에 관한 연구 염흥열(외)
  5. The Internet Engineering Task Force IETF-pkix
  6. RFC 2459 Internet X.509 Public Key Infrastructure Certificate and CRL Profile R.Housley;W.Ford;W.Polk;D.Solo
  7. RFC 2510 Internet X.509 Public Key Infrastructure Certificate Management Protocols C.Adams;S.Farrell
  8. RFC 2511 Internet X.509 Certificate Request Massage Format M.Myers;C.Adams;D.Solo;D.Kemp
  9. RFC 2527 Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework S.Chokhani;W.Ford
  10. RFC 2528 Internet X.509 Public Key Infrastructure Representation of Key Exchange Algorithm (KEA) Keys in Internet X.509 Public Key Infrastructure Certificates R.Housley;W.Polk
  11. RFC 2559 Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2 S.Boeyen;T.Howes;P.Richard
  12. RFC 2585 Internet X.509 Public Key Infrastructure Operational Protocols :FTP and HTTP R.Housley;P.Hoffman
  13. RFC 2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema S.Boeyen;T.Howes;P.Richard
  14. RFC 2560 X.509 Internet Public Key Infrastructure Online Certifiate Status Protocol -OCSP M.Myers;R.Ankney;A.Malpani;S.Galerin;C.Adams
  15. RFC 2597 Certificate Management Messages over CMS M.Myers;X.Liu;J.Schaad;J.Weinstein
  16. RFC 2595 Diffie-Hellman Proof-of-Possession Algorithms H.Prafullchandra;J.Schaad
  17. RFC 3039 Internet X.509 Public Key Infrastructure Qualified Certificates Profile S.Santeson;W.Polk;P.Barzin;M.Nystrom
  18. RFC 3029 Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols C.Adams;P.Sylvester;M.Zolotarev;R.Zuccherato
  19. RFC 3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocols C.Adams;P.Cain;D.Pinkas;R.Zuccherato
  20. RFC 3279 Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certifiate Revocation List (CRL) Profile W.Polk;R.Housley;L.Basshan
  21. RFC 3280 Internet X.509 Public Key Infrastructure Certificae and Certificate Revacation List (CRL) Profile R.Housley;W.Polk;W.Ford;D.Solo
  22. RFC 3281 An Internet Attribute Certificae Profile for Authorizatin S.Farrell;R.Housley
  23. RFC 3379 Delegated Path Validation and Delegated Path Discovery Protocol Requirements D.Pinkas;R.Housley
  24. RFC 3628 Policy Requirements for Time-Stamping Authorities (TSAs) D.Pinkas;N.Ross
  25. RFC 3647 Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework S.Chokhani;W.Ford;R.Sabett;C.Merrill;S.Wu
  26. RFC 3709 Internet X.509 Public Key Infrastructure : Logotypes in X.509 Certificates S.Santesson;R.Housley;T.Freeman
  27. RFC 3739 Internet X.509 Public Key Infrastructure : Qualified Certificates Profile S.Santesson;M.Nystrom;T.Polk
  28. The Internet Engineering Task Force IETF-sacred
  29. RFC 3157 Secure Available Credentials - Requirements A.Arsenault Diversinet;S.Farrell
  30. IETF-sacred-framework-Internet Draft Securely Available Credentials - Credential Server Framework D.Gustafson future Foundation;M.Just
  31. IETF-sacred-protocol-Internet Draft Securely Available Credentials protocol Stephen Farrell
  32. The Internet Engineering Task Force IETF-ltans
  33. IETF-ltans-reqs-Internet Draft Longterm Archive Service Requirements Carl Wallace;Ralf Brandner
  34. IETF-ltans-ers-Internet Draft Evidence Record Syntax R.Brandner
  35. IETF-ltans-LTANS-reqs Draft P.Sylvester;Jerman Blazic
  36. The Internet Engineering Task Force IETF-pki4ipsec
  37. IETF-pki4ipsec-profile-reqs Draft Requirements for an IPSec Certificate Management Profile Chris Bonatti;Sean Turner;Gregory Lebovitz
  38. IETF-pki-profile Draft The Internet IP Security PKI Profile of IKE/ISAKMP and PKIX Brian Korver;Eric Rescorla
  39. IETF-pki4ipsec-profile Draft Profile for Certificate Use in IKE version 1 Paul Hoffman
  40. IETF-pki4ipsec Proposed PKI14IPSEC Certificate Management Requirements Document Chris Bonatti
  41. The Internet Engineering Task Force IETF-enroll
  42. The Internet Engineering Task Force IETF-enroll
  43. IETF-pkix-scvp Draft Simple Certificate Validation Protocol (SCVP) A.MALpani;R.Housley;T.Freeman