{"draft":"draft-ietf-lamps-hash-of-root-key-cert-extn-07","doc_id":"RFC8649","title":"Hash Of Root Key Certificate Extension","authors":["R. Housley"],"format":["ASCII","HTML"],"page_count":"10","pub_status":"INFORMATIONAL","status":"INFORMATIONAL","source":"Limited Additional Mechanisms for PKIX and SMIME","abstract":"This document specifies the Hash Of Root Key certificate extension.\r\nThis certificate extension is carried in the self-signed certificate\r\nfor a trust anchor, which is often called a Root Certification\r\nAuthority (CA) certificate.  This certificate extension unambiguously\r\nidentifies the next public key that will be used at some point in the\r\nfuture as the next Root CA certificate, eventually replacing the\r\ncurrent one.","pub_date":"August 2019","keywords":["trust anchor"],"obsoletes":[],"obsoleted_by":[],"updates":[],"updated_by":[],"see_also":[],"doi":"10.17487\/RFC8649","errata_url":null}