A New Internet-Draft is available from the on-line Internet-Drafts
directories.
This draft is a work item of the Public-Key Infrastructure (X.509) Working Group of the IETF.
Title : Traceable Anonymous Certificate
Author(s) : S. Park, H. Park, Y. Won, J. Lee, S. Kent
Filename : draft-ietf-pkix-tac-03.txt
Pages : 32
Date : 2009-3-31
Public Key Infrastructure (PKI) provides a powerful means of
authenticating individuals, organizations, and computers(e.g.,
web servers). However, when individuals use certificates to
access resources on the public Internet, there are legitimate
concerns about personal privacy, and thus there are increasing
demands for privacy enhancing techniques on the Internet.
In a PKI, an authorized entity such as a certification Authority
(CA) or a Registration Authority (RA) may be perceived, from a
privacy perspective, as a "big brother," even when a CA issues a
certificate containing a Subject name that is a pseudonym. This
is because such entities can always map a pseudonym in a
certificate they issued to the name of the real user to whom it
was issued. This document defines a practical architecture and
protocols for offering privacy for a user who requests and uses
an X.509 certificate containing a pseudonym, while still retaining
the ability to map such a certificate to the real user who
requested it. The architecture is compatible with IETF certificate
request formats such as PKCS10 [3]and CMC[4]. The architecture
separates the authorities involved in issuing a certificate: one
for verifying ownership of a private key (Blind Issuer) and the
other for validating the contents of a certificate (Anonymous
Issuer). The end-entity(EE) certificates issued under this model
are called Traceable Anonymous Certificates (TACs).
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-ietf-pkix-tac-03.txt
Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
Below is the data which will enable a MIME compliant mail reader
implementation to automatically retrieve the ASCII version of the
Internet-Draft.
- <ftp://ftp.ietf.org/internet-drafts/draft-ietf-pkix-tac-03.txt>
-
_______________________________________________
I-D-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/i-d-announce
Internet-Draft directories: http://www.ietf.org/shadow.html
or ftp://ftp.ietf.org/ietf/1shadow-sites.txt