The One-Time Password Certificate Enrollment Protocol was created for enhancing the network security in remote access connections. The protocol is using different components to increase the network security, such as using the one-time password (OTP) authentication mechanism. The OTP authentication mechanism provides enhanced security measures for remote clients connecting to a server, by using different passwords for each logon session. Another component used by the protocol is a short-lived smart card logon certificate template.
Sections 1.8, 2, and 3 of this specification are normative and can contain the terms MAY, SHOULD, MUST, MUST NOT, and SHOULD NOT as defined in RFC 2119. Sections 1.5 and 1.9 are also normative but cannot contain those terms. All other sections and examples in this specification are informative.