diff options
| author | Stef Walter <stef@thewalter.net> | 2010-12-12 14:12:42 +0000 |
|---|---|---|
| committer | Stef Walter <stef@thewalter.net> | 2010-12-12 14:12:42 +0000 |
| commit | db317124acec5d83b93485a0964b1b33ab33bb41 (patch) | |
| tree | cc78b9af3542ba5c0ca8a7534075d05fc9b34b2f | |
| parent | 660cced67346a980c5a22b0e62dcd7ff0b4ba49e (diff) | |
Updated the various RFC links to more relevant versions.
| -rw-r--r-- | trust-assertions.xml | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/trust-assertions.xml b/trust-assertions.xml index 1e7754d..6a7e4a6 100644 --- a/trust-assertions.xml +++ b/trust-assertions.xml @@ -195,7 +195,7 @@ <para>The <literal>CKA_X_PURPOSE</literal> attribute contains a string which represents the <link linkend='trust-purpose'>purpose of the trust assertion</link>. These are generally OIDs. The following predefined values match those of the - <ulink url='http://www.ietf.org/rfc/rfc3280.txt'>Extended Key Usage X.509 extension</ulink>. + <ulink url='http://www.ietf.org/rfc/rfc2459.txt'>Extended Key Usage X.509 extension</ulink>. Other values may be used when interoperability of the trust assertion between multiple applications is not required.</para> @@ -288,7 +288,7 @@ <para>An anchored certificate is a trust assertion which is to be used with a certificate authority that has signed other trusted certificates. It is to be used as the anchor in a - <ulink url='http://www.ietf.org/rfc/rfc3280.txt'>certificate chain</ulink>.</para> + <ulink url='http://www.ietf.org/rfc/rfc5280.txt'>certificate chain</ulink>.</para> <para>Because it is a positive trust assertion, the certificate is referenced by using the entire DER encoding of the certificate.</para> @@ -430,7 +430,7 @@ <title>Building a Certificate Chain</title> <para>During TLS or other certificate verification operations, a - <ulink url='http://www.ietf.org/rfc/rfc3280.txt'>certificate chain</ulink> + <ulink url='http://www.ietf.org/rfc/rfc5280.txt'>certificate chain</ulink> must be built. The certificate chain starts with a endpoint certificate for the peer, and usually ends with a certificate explicitly trusted in some way, such as a certificate authority trust anchor. The certificates in the @@ -552,7 +552,7 @@ <section> <title>Why refer to certificates in negative trust assertions by issuer and serial number?</title> - <para><ulink url='http://www.ietf.org/rfc/rfc3280.txt'>Certificate revocation lists</ulink> + <para><ulink url='http://www.ietf.org/rfc/rfc5280.txt'>Certificate revocation lists</ulink> do not generally contain the full value of the certificate or a hash thereof. They simply contain serial numbers, which when combined with the issuer of the certificate revocation list, are meant to uniquely identify a given certificate.</para> |