Skip to main content

Related Certificates for Use in Multiple Authentications within a Protocol
draft-ietf-lamps-cert-binding-for-multi-auth-05

Approval announcement
Draft of message to be sent after approval:

Announcement

From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Cc: The IESG <iesg@ietf.org>, draft-ietf-lamps-cert-binding-for-multi-auth@ietf.org, lamps-chairs@ietf.org, rdd@cert.org, rfc-editor@rfc-editor.org, spasm@ietf.org, tim.hollebeek@digicert.com
Subject: Protocol Action: 'Related Certificates for Use in Multiple Authentications within a Protocol' to Proposed Standard (draft-ietf-lamps-cert-binding-for-multi-auth-05.txt)

The IESG has approved the following document:
- 'Related Certificates for Use in Multiple Authentications within a
   Protocol'
  (draft-ietf-lamps-cert-binding-for-multi-auth-05.txt) as Proposed Standard

This document is the product of the Limited Additional Mechanisms for PKIX
and SMIME Working Group.

The IESG contact persons are Paul Wouters, Deb Cooley and Roman Danyliw.

A URL of this Internet-Draft is:
https://datatracker.ietf.org/doc/draft-ietf-lamps-cert-binding-for-multi-auth/


Ballot Text

Technical Summary

   This document defines a new CSR attribute, relatedCertRequest, and a
   new X.509 certificate extension, RelatedCertificate.  The use of the
   relatedCertRequest attribute in a CSR and the inclusion of the
   RelatedCertificate extension in the resulting certificate together
   provide additional assurance that two certificates each belong to the
   same end entity.  This mechanism is particularly useful in the
   context of non-composite hybrid authentication, which enables users
   to employ the same certificates in hybrid authentication as in
   authentication done with only traditional or post-quantum algorithms.

Working Group Summary

This document was broadly agreed to and uncontroversial.

Document Quality

Implementations have been reported in the US Government.

Personnel

   The Document Shepherd for this document is Tim Hollebeek. The
   Responsible Area Director is Roman Danyliw.

RFC Editor Note