公钥证书与属性证书的结合——融合证书

MixCert: Merging X.509 Public Key Certificates and Attribute Certificates

介绍了一种新的证书撤销方案———NewPKI证书撤销方案,运用这种新的撤销机制解决公钥证书与属性证书不能简单合并的问题。定义了一类新的属性———NewPKI属性,并且将NewPKI属性与X.509公钥证书相结合,从而提出一类新的证书———融合证书。融合证书保留与X.509 v3证书相同的证书格式,且能够将属性加到X.509身份证书中,它能够作为一个理想的机制来携带属性信息而不需要属性证书,在很多情况下十分有用。

In this paper, a new sort of certificate revocation：NewPKI certificate revocation scheme is introduced. Use this new revocation mechanism to solve the problem that public key certificates and attribute certificates can not be united simply. A new class of attribute ： NewPKI attribute is defined. And a new sort of certificate ： MixCert is put forward by integrating the Ne- wPKI attribute into X. 509 identity certificate. MixCert retains the same format as X. 509 v3 certificate and enable the addition of attributes to X. 509 identity certificates. MixCert can serve as an ideal mechanism to carry attribute information without the need for attribute certificate and can be very useful in many scenarios.