--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/src/java.base/share/classes/sun/security/x509/README Tue Sep 12 19:03:39 2017 +0200
@@ -0,0 +1,47 @@
+
+Quick summary of the main purpose here: X.509 certs are used in public
+key infrastructure for protocols such as SSL and SET. These certificates
+involve ISO/CCITT standard technologies such as ASN.1/DER, which control
+the format of the data being transmitted. X.509 itself describes the
+content of the data (e.g. X.500 user name, public key for that user, more)
+and how to sign it.
+
++++ +++ +++ +++ +++ +++ +++ +++ +++
+
+The X.509 support in JDK 1.2 builds on the java.security signature and
+key management APIs. The following packages provide the X.509 support:
+
+ sun.security.util ... holds DER utilities, for parsing and generating
+ streams of DER-encoded data values, including object identifiers.
+
+ sun.security.x509 ... basic X.509 certificate parsing and generation
+ framework, including X.509 keys, X.500 names, algorithm IDs,
+ X.509 v3 extensions, and more.
+
++++ +++ +++ +++ +++ +++ +++ +++ +++
+
+Information which may be useful when you work with X.509 certificates is
+found in:
+
+ The IETF has a public key infrastructure working group, PKIX.
+ See http://www.ietf.org for more information.
+
+ RFC 1422, which describes the key management infrastructure for
+ the Privacy Enhanced Mail (PEM) system. It builds on X.509,
+ and is perhaps the most useful overview I've found.
+
+ RFC 1777, which describes the Lightweight Directory Access
+ Protocol (LDAP) that many organizations are expecting will help
+ address online certificate distribution over the Internet.
+
+ RFC 5280, which describes the Internet X.509 Public Key
+ Infrastructure Certificate and CRL Profile.
+
+ RSA DSI has a bunch of "Public Key Cryptography Standards" (PKCS) which
+ have been relatively well accepted. They build on top of the X.509
+ infrastructure. You can FTP them from ftp://ftp.rsa.com/pub/pkcs, in
+ either PostScript or ASCII format.
+
+ RSA DSI has also provided a "Layman's Guide" to ASN.1/DER, with
+ examples from the X.509 and PKCS standards. This is available from
+ the PKCS FTP area noted above.