{"draft":"draft-ietf-pkix-authorityclearanceconstraints-03","doc_id":"RFC5913","title":"Clearance Attribute and Authority Clearance Constraints Certificate Extension","authors":["S. Turner","S. Chokhani"],"format":["ASCII","HTML"],"page_count":"19","pub_status":"PROPOSED STANDARD","status":"PROPOSED STANDARD","source":"Public-Key Infrastructure (X.509)","abstract":"This document defines the syntax and semantics for the Clearance\r\nattribute and the Authority Clearance Constraints extension in X.509\r\ncertificates.  The Clearance attribute is used to indicate the\r\nclearance held by the subject.  The Clearance attribute may appear in\r\nthe subject directory attributes extension of a public key certificate\r\nor in the attributes field of an attribute certificate.  The Authority\r\nClearance Constraints certificate extension values in a\r\nTrust Anchor (TA), in Certification Authority (CA) public key\r\ncertificates, and in an Attribute Authority (AA) public key certificate\r\nin a certification path for a given subject constrain the effective\r\nClearance of the subject.  [STANDARDS-TRACK]","pub_date":"June 2010","keywords":["[--------]","x.509 certificate"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC5913","errata_url":"https:\/\/www.rfc-editor.org\/errata\/rfc5913"}