OpenSSL

Cryptography and SSL/TLS Toolkit

Standards

This page is a partial list of the specifications that are relevant to OpenSSL. Sometimes a document is useful because OpenSSL provides an implementation; and sometimes it is useful just for background knowledge. This list is maintained on a casual basis. If you have updates, please let us know.

Note that we do not claim to have completely implemented every part of any specification. And also that some algorithms are disabled by default.

  • RFC 1319: The MD2 Message-Digest Algorithm
  • RFC 1320: The MD4 Message-Digest Algorithm
  • RFC 1321: The MD5 Message-Digest Algorithm
  • RFC 1421: Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures
  • RFC 1422: Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management
  • RFC 1423: Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers
  • RFC 1424: Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services
  • RFC 2246: The TLS Protocol Version 1
  • RFC 2268: A Description of the RC2(r) Encryption Algorithm
  • RFC 2315: PKCS 7: Cryptographic Message Syntax Version 1.5
  • RFC 2510: Internet X.509 Public Key Infrastructure Certificate Management Protocols
  • RFC 2511: Internet X.509 Certificate Request Message Format
  • RFC 2527: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework
  • RFC 2538: Storing Certificates in the Domain Name System (DNS)
  • RFC 2539: Storage of Diffie-Hellman Keys in the Domain Name System (DNS)
  • RFC 2559: Internet X.509 Public Key Infrastructure Operational Protocols - LDAPv2
  • RFC 2560: X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP
  • RFC 2585: Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP
  • RFC 2587: Internet X.509 Public Key Infrastructure LDAPv2
  • RFC 2595: Using TLS with IMAP, POP3 and ACAP
  • RFC 2631: Diffie-Hellman Key Agreement Method
  • RFC 2632: S/MIME Version 3 Certificate Handling
  • Schema
  • RFC 2716: PPP EAP TLS Authentication Protocol
  • RFC 2797: Certificate Management Messages over CMS
  • RFC 2817: Upgrading to TLS Within HTTP/1.1
  • RFC 2818: HTTP Over TLS
  • RFC 2898: PKCS #5: Password-Based Cryptography Specification Version 2.0
  • RFC 2984: Use of the CAST-128 Encryption Algorithm in CMS
  • RFC 2985: PKCS #9: Selected Object Classes and Attribute Types Version 2.0
  • RFC 2986: PKCS #10: Certification Request Syntax Specification Version 1.7
  • RFC 3029: Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols
  • RFC 3039: Internet X.509 Public Key Infrastructure Qualified Certificates Profile
  • RFC 3058: Use of the IDEA Encryption Algorithm in CMS
  • RFC 3161: Internet X.509 Public Key Infrastructure, Time-Stamp Protocol (TSP)
  • RFC 3174: US Secure Hash Algorithm 1 (SHA1)
  • RFC 3185: Reuse of CMS Content Encryption Keys
  • RFC 3207: SMTP Service Extension for Secure SMTP over Transport Layer Security
  • RFC 3217: Triple-DES and RC2 Key Wrapping
  • RFC 3268: Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS)
  • RFC 3274: Compressed Data Content Type for Cryptographic Message Syntax (CMS)
  • RFC 3278: Use of Elliptic Curve Cryptography (ECC) Algorithms in Cryptographic Message Syntax (CMS)
  • RFC 3279: Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
  • RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
  • RFC 3281: An Internet Attribute Certificate Profile for Authorization
  • RFC 3369: Cryptographic Message Syntax (CMS)
  • RFC 3370: Cryptographic Message Syntax (CMS) Algorithms
  • RFC 3394: Advanced Encryption Standard (AES) Key Wrap Algorithm
  • RFC 3436: Transport Layer Security over Stream Control Transmission Protocol
  • RFC 3447: Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1
  • RFC 3657: Use of the Camellia Encryption Algorithm in Cryptographic Message Syntax (CMS)
  • RFC 3713: A Description of the Camellia Encryption Algorithm
  • RFC 3820: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile
  • RFC 4132: Addition of Camellia Cipher Suites to Transport Layer Security (TLS)
  • RFC 4162: Addition of SEED Cipher Suites to Transport Layer Security (TLS)
  • RFC 4269: The SEED Encryption Algorithm
  • PKCS#11: Standards for Cryptographic Tokens
  • RFC 4346: The Transport Layer Security (TLS) Protocol Version 1.1
  • RFC 5208: PKCS#8: Private-Key Information Syntax Specification Version 1.2
  • RFC 5246: The Transport Layer Security (TLS) Protocol Version 1.2
  • RFC 6962: Certificate Transparency
  • RFC 7292: PKCS #12: Personal Information Exchange Syntax v1.1
  • RFC 7693: The BLAKE2 Cryptographic Hash and Message Authentication Code (MAC)