OPENSOURCE SECURITY AND IDENTITY MANAGEMENT SOLUTIONS
Download Latest Version!
The PKI Resource Query Protocol (PRQP)
Dynamic PKI resource lookup protocol
At present, ever more services and protocols are being defined to address different needs of users and administrators in PKIs. With the deployment of new applications and services, the need to access PKI resources provided by different organizations is critical. Each application needs to be told about how to find these services for each new certificate it encounters. Therefore, each application needs to be properly configured by filling in complex configuration options whose meaning is mostly unknown to the average user (and likely to the administrator as well).
A dynamic method capable to provide more timely information about provided services and available PKI resources would be interesting. It would also help in painless rollover between services, e.g. switching from CRLs to OCSP for certificate validation. For instance this would allow PKI management to dynamically choose which services are to be provided based on the faced challenges during infrastructure deployment. We believe that a DNS for PKI resources is something that is missing in current deployments and would be most beneficial to, and welcomed by PKI operators and relying parties.
To address interoperability and trust building issues among separate PKI islands we present a new PKI Resource Query Protocol (PRQP).
PRQP Server (v0.5.0)A new version (v0.5.0) of the PRQP server is available in the downloads section.
PRQP Server (v0.1.1)
by madwolf @ 26.10.2007First version (v0.1.1) of the PRQP server is available for downloading.
by madwolf @ 22.07.2007The PRQP has been published as a new I-D and it is now available from IETF.
PRQP and IETF
by madwolf @ 18.07.2007The PKI Resource Discovery Protocol (PRQP) will be presented at the 69th IETF Meeting in Chicago during the PKIX WG session. The proposal is to have the PKIX WG to take PRQP as a new working item.