{"draft":"draft-ietf-pkix-tac-04","doc_id":"RFC5636","title":"Traceable Anonymous Certificate","authors":["S. Park","H. Park","Y. Won","J. Lee","S. Kent"],"format":["ASCII","HTML"],"page_count":"31","pub_status":"EXPERIMENTAL","status":"EXPERIMENTAL","source":"Public-Key Infrastructure (X.509)","abstract":"This document defines a practical architecture and protocols for\r\noffering privacy for a user who requests and uses an X.509 certificate\r\ncontaining a pseudonym, while still retaining the ability to map such\r\na certificate to the real user who requested it.  The architecture is\r\ncompatible with IETF certificate request formats such as PKCS10 (RFC\r\n2986) and CMC (RFC 5272).  The architecture separates the authorities\r\ninvolved in issuing a certificate: one for verifying ownership of a\r\nprivate key (Blind Issuer) and the other for validating the contents\r\nof a certificate (Anonymity Issuer).  The end entity (EE) certificates\r\nissued under this model are called Traceable Anonymous Certificates\r\n(TACs).  This memo defines an Experimental Protocol for the \r\nInternet community.","pub_date":"August 2009","keywords":["[--------]","x.509 certificate","blind issuer","anonymity issuer","tacs","end entity","ee"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5636","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc5636"}