Authentication Context Certificate Extension

The information below is for an old version of the document
Document Type Expired Internet-Draft (individual)
Author Stefan Santesson 
Last updated 2015-08-17 (latest revision 2015-02-13)
Stream Internent Engineering Task Force (IETF)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state Submitted to IESG for Publication
Document shepherd Leif Johansson
Shepherd write-up Show (last changed 2014-12-10)
IESG IESG state Expired (IESG: Dead)
Consensus Boilerplate Unknown
Telechat date
Responsible AD Kathleen Moriarty
Send notices to,

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


This document defines an extension to certificates according to [RFC5280]. The extension defined in this document holds data about how the certificate subject was authenticated by the Certification Authority who issued the certificate where this extension appears. This document also defines one data structure for inclusion in this extension that designed to hold information when the subject is authenticated using a SAML assertion [SAML].


Stefan Santesson (

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)