Protocol Action: 'Related Certificates for Use in Multiple Authentications within a Protocol' to Proposed Standard (draft-ietf-lamps-cert-binding-for-multi-auth-06.txt)
The IESG <iesg-secretary@ietf.org> Fri, 10 January 2025 00:14 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from [10.244.8.241] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id 1FC67C14F60A; Thu, 9 Jan 2025 16:14:51 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Related Certificates for Use in Multiple Authentications within a Protocol' to Proposed Standard (draft-ietf-lamps-cert-binding-for-multi-auth-06.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.32.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <173646809076.189.1021612008635239553@dt-datatracker-57c4c68d9c-p9khg>
Date: Thu, 09 Jan 2025 16:14:50 -0800
Message-ID-Hash: AIBYCMXOHDSFJQVEO7FEHA5HNA4R4H5J
X-Message-ID-Hash: AIBYCMXOHDSFJQVEO7FEHA5HNA4R4H5J
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-announce.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-lamps-cert-binding-for-multi-auth@ietf.org, lamps-chairs@ietf.org, rdd@cert.org, rfc-editor@rfc-editor.org, spasm@ietf.org
X-Mailman-Version: 3.3.9rc6
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/IZRAaT7iHKKO2A-96DPEf9j4XRk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-announce-owner@ietf.org>
List-Post: <mailto:ietf-announce@ietf.org>
List-Subscribe: <mailto:ietf-announce-join@ietf.org>
List-Unsubscribe: <mailto:ietf-announce-leave@ietf.org>
The IESG has approved the following document: - 'Related Certificates for Use in Multiple Authentications within a Protocol' (draft-ietf-lamps-cert-binding-for-multi-auth-06.txt) as Proposed Standard This document is the product of the Limited Additional Mechanisms for PKIX and SMIME Working Group. The IESG contact persons are Paul Wouters, Deb Cooley and Roman Danyliw. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-lamps-cert-binding-for-multi-auth/ Technical Summary This document defines a new CSR attribute, relatedCertRequest, and a new X.509 certificate extension, RelatedCertificate. The use of the relatedCertRequest attribute in a CSR and the inclusion of the RelatedCertificate extension in the resulting certificate together provide additional assurance that two certificates each belong to the same end entity. This mechanism is particularly useful in the context of non-composite hybrid authentication, which enables users to employ the same certificates in hybrid authentication as in authentication done with only traditional or post-quantum algorithms. Working Group Summary This document was broadly agreed to and uncontroversial. Document Quality Implementations have been reported in the US Government. Personnel The Document Shepherd for this document is Tim Hollebeek. The Responsible Area Director is Roman Danyliw.