Attribute certificate

from Wikipedia, the free encyclopedia

An attribute certificate is a digital certificate and represents the binding, digitally signed by a trustworthy body , between certain digital information ( attributes ) and another digital certificate that is thus attributed .

Creation and purpose

An attribute certificate can be generated by any trustworthy certification authority ; in particular, it does not have to be identical to the certification authority of the user's certificate.

The attribute certificate itself contains a reference to the certificate and one or more properties that can be read out in a trustworthy manner. In this way, properties can be reliably assigned to a certificate in connection with completely different use cases and in different environments without having to change the original certificate .

application

Attribute certificates typically identify properties that characterize either the certificate itself or the person:

  • to identify the role (s) that the person may assume in a system
  • to identify a professional or technical qualification of the person and the associated authorizations
  • to identify a restriction on the use of the certificate, for example "Transaction up to a maximum of EUR 100"