The IESG has approved the following document: - 'EST (Enrollment over Secure Transport) Extensions' (draft-turner-est-extensions-11.txt) as Proposed Standard This document has been reviewed in the IETF but is not the product of an IETF Working Group. The IESG contact person is Kathleen Moriarty. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-turner-est-extensions/ Technical Summary The EST (Enrollment over Secure Transport) protocol defined a Well- Known URI (Uniform Resource Identifier): /.well-known/est. EST also defined several path components that clients use for PKI (Public Key Infrastructure) services, namely certificate enrollment (e.g., /simpleenroll). In some sense, the services provided by the path components can be thought of as PKI management-related packages. There are additional PKI-related packages a client might need as well as other security-related packages, such as firmware, trust anchors, and symmetric, asymmetric, and encrypted keys. This document also specifies the PAL (Package Availability List), which is an XML (Extensible Markup Language) file or JSON (Javascript Object Notation) object that clients use to retrieve packages available and authorized for them. This document extends the EST server path components to provide these additional services. Working Group Summary This is an individual draft, AD sponsored. The was a fair amount of review, including review from several XML experts. The shepherd is the author of other similar RFCs, so his review was helpful as well. Document Quality There are a few implementations and there were several XML expert reviews. Personnel Kathleen Moriarty is the responsible Security Area Director and Dan Harkins is the draft shepherd. The IANA Expert(s) for the PAL Package Types registry in this document is Sean Turner. IANA Note IANA is requested to perform three registrations: PAL Name Space, PAL XML Schema, and PAL Package Types. Future PAL Package Type registrations require expert review per RFC5226.
