Document Action: 'Hash Of Root Key Certificate Extension' to Informational RFC (draft-ietf-lamps-hash-of-root-key-cert-extn-07.txt)

The IESG <> Thu, 11 July 2019 21:38 UTC

Return-Path: <>
Received: from (localhost [IPv6:::1]) by (Postfix) with ESMTP id DCC871200DB; Thu, 11 Jul 2019 14:38:26 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <>
To: "IETF-Announce" <>
Subject: Document Action: 'Hash Of Root Key Certificate Extension' to Informational RFC (draft-ietf-lamps-hash-of-root-key-cert-extn-07.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 6.98.3
Auto-Submitted: auto-generated
Precedence: bulk
Cc:,, The IESG <>,,, Tim Hollebeek <>,,
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Message-ID: <>
Date: Thu, 11 Jul 2019 14:38:26 -0700
Archived-At: <>
X-Mailman-Version: 2.1.29
List-Id: "IETF announcement list. No discussions." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 11 Jul 2019 21:38:27 -0000

The IESG has approved the following document:
- 'Hash Of Root Key Certificate Extension'
  (draft-ietf-lamps-hash-of-root-key-cert-extn-07.txt) as Informational RFC

This document is the product of the Limited Additional Mechanisms for PKIX
and SMIME Working Group.

The IESG contact persons are Benjamin Kaduk and Roman Danyliw.

A URL of this Internet Draft is:

Technical Summary

This document specifies the Hash Of Root Key certificate extension.
This certificate extension is carried in the self-signed certificate
for a trust anchor, which is often called a Root Certification
Authority (CA) certificate.  This certificate extension unambiguously
identifies the next public key that will be used at some point in the
future as the next Root CA certificate, eventually replacing the
current one.

Working Group Summary

There is consensus for this document in the LAMPS WG.

Document Quality

This extension is part of the specifications that will be used
in at least one new PKI.  In addition, the Secure Electronic
Transaction (SET) specification published by MasterCard and VISA
in 1997 includes a very similar certificate extension.  The SET
certificate extension has essentially the same semantics, but the
syntax fairly different.


Tim Hollebeek is the document shepherd.
Roman Danyliw is the responsible area director.