{"draft":"draft-ietf-lamps-ocsp-nonce-update-11","doc_id":"RFC9654","title":"Online Certificate Status Protocol (OCSP) Nonce Extension","authors":["H. Sharma, Ed."],"format":["HTML","TEXT","PDF","XML"],"page_count":"13","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Limited Additional Mechanisms for PKIX and SMIME","abstract":"RFC 8954 imposed size constraints on the optional Nonce extension for\r\nthe Online Certificate Status Protocol (OCSP). OCSP is used to check\r\nthe status of a certificate, and the Nonce extension is used to\r\ncryptographically bind an OCSP response message to a particular OCSP\r\nrequest message. \r\n\r\nSome environments use cryptographic algorithms that generate a Nonce\r\nvalue that is longer than 32 octets. This document also modifies the\r\n\"Nonce\" section of RFC 6960 to clearly define and differentiate the\r\nencoding format and values for easier implementation and\r\nunderstanding. This document obsoletes RFC 8954, which includes\r\nupdated ASN.1 modules for OCSP, and updates RFC 6960.","pub_date":"August 2024","keywords":[],"obsoletes":["RFC8954"],"obsoleted_by":[],"updates":["RFC6960"],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC9654","errata_url":null}