Hash Of Root Key Certificate Extension
Draft of message to be sent after approval:
From: The IESG <firstname.lastname@example.org> To: IETF-Announce <email@example.com> Cc: firstname.lastname@example.org, email@example.com, The IESG <firstname.lastname@example.org>, email@example.com, firstname.lastname@example.org, Tim Hollebeek <email@example.com>, firstname.lastname@example.org, email@example.com Subject: Document Action: 'Hash Of Root Key Certificate Extension' to Informational RFC (draft-ietf-lamps-hash-of-root-key-cert-extn-07.txt) The IESG has approved the following document: - 'Hash Of Root Key Certificate Extension' (draft-ietf-lamps-hash-of-root-key-cert-extn-07.txt) as Informational RFC This document is the product of the Limited Additional Mechanisms for PKIX and SMIME Working Group. The IESG contact persons are Benjamin Kaduk and Roman Danyliw. A URL of this Internet Draft is: https://datatracker.ietf.org/doc/draft-ietf-lamps-hash-of-root-key-cert-extn/
Technical Summary This document specifies the Hash Of Root Key certificate extension. This certificate extension is carried in the self-signed certificate for a trust anchor, which is often called a Root Certification Authority (CA) certificate. This certificate extension unambiguously identifies the next public key that will be used at some point in the future as the next Root CA certificate, eventually replacing the current one. Working Group Summary There is consensus for this document in the LAMPS WG. Document Quality This extension is part of the specifications that will be used in at least one new PKI. In addition, the Secure Electronic Transaction (SET) specification published by MasterCard and VISA in 1997 includes a very similar certificate extension. The SET certificate extension has essentially the same semantics, but the syntax fairly different. Personnel Tim Hollebeek is the document shepherd. Roman Danyliw is the responsible area director.