Related Certificates for Use in Multiple Authentications within a Protocol
draft-becker-guthrie-cert-binding-for-multi-auth-01
| Document | Type |
This is an older version of an Internet-Draft whose latest revision state is "Replaced".
Expired & archived
|
|
|---|---|---|---|
| Authors | Alison Becker , Rebecca Guthrie , Michael J. Jenkins | ||
| Last updated | 2022-12-31 (Latest revision 2022-06-29) | ||
| Replaced by | draft-ietf-lamps-cert-binding-for-multi-auth | ||
| RFC stream | (None) | ||
| Formats | |||
| Stream | Stream state | (No stream defined) | |
| Consensus boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | (None) |
This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:
Abstract
This document defines a new CSR attribute, relatedCertRequest, and a new X.509 certificate extension, RelatedCertificate. The use of the relatedCertRequest attribute in a CSR and the inclusion of the RelatedCertificate extension in the resulting certificate together provide additional assurance that two certificates each belong to the same end entity. This mechanism is particularly useful in the context of non-composite hybrid authentication, which enables users to employ the same certificates in hybrid authentication as in authentication done with only traditional or post-quantum algorithms.
Authors
Alison Becker
Rebecca Guthrie
Michael J. Jenkins
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)