Skip to main content

Using Context Labels for Domain Separation of Cryptographic Objects

Document Type Expired Internet-Draft (individual)
Expired & archived
Authors Martin Thomson , Daniel Kahn Gillmor , Benjamin Kaduk
Last updated 2016-11-21 (Latest revision 2016-05-20)
RFC stream (None)
Intended RFC status (None)
Stream Stream state (No stream defined)
Consensus boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


A single cryptographic key is sometimes relied upon to produce muliple cryptographic artifacts that each have different semantics. This produces a potential problem whereby artifacts with different intended uses can be confused. The addition of context labels removes this problem.


Martin Thomson
Daniel Kahn Gillmor
Benjamin Kaduk

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)