Attribute certificate
An attribute certificate is a digital certificate and represents the binding, digitally signed by a trustworthy body , between certain digital information ( attributes ) and another digital certificate that is thus attributed .
Creation and purpose
An attribute certificate can be generated by any trustworthy certification authority ; in particular, it does not have to be identical to the certification authority of the user's certificate.
The attribute certificate itself contains a reference to the certificate and one or more properties that can be read out in a trustworthy manner. In this way, properties can be reliably assigned to a certificate in connection with completely different use cases and in different environments without having to change the original certificate .
application
Attribute certificates typically identify properties that characterize either the certificate itself or the person:
- to identify the role (s) that the person may assume in a system
- to identify a professional or technical qualification of the person and the associated authorizations
- to identify a restriction on the use of the certificate, for example "Transaction up to a maximum of EUR 100"