RFC 5636

Traceable Anonymous Certificate, August 2009

Canonical URL:
https://www.rfc-editor.org/rfc/rfc5636.txt
File formats:
Plain TextPDF
Status:
EXPERIMENTAL
Authors:
S. Park
H. Park
Y. Won
J. Lee
S. Kent
Stream:
IETF
Source:
pkix (sec)

Cite this RFC: TXT  |  XML

DOI:  10.17487/RFC5636

Discuss this RFC: Send questions or comments to pkix@ietf.org

Other actions: Submit Errata  |  Find IPR Disclosures from the IETF


Abstract

This document defines a practical architecture and protocols for offering privacy for a user who requests and uses an X.509 certificate containing a pseudonym, while still retaining the ability to map such a certificate to the real user who requested it. The architecture is compatible with IETF certificate request formats such as PKCS10 (RFC 2986) and CMC (RFC 5272). The architecture separates the authorities involved in issuing a certificate: one for verifying ownership of a private key (Blind Issuer) and the other for validating the contents of a certificate (Anonymity Issuer). The end entity (EE) certificates issued under this model are called Traceable Anonymous Certificates (TACs). This memo defines an Experimental Protocol for the Internet community.


For the definition of Status, see RFC 2026.

For the definition of Stream, see RFC 4844.


Download PDF Reader



Search RFCs
Advanced Search
×