@techreport{sun-lamps-hybrid-scheme-00, number = {draft-sun-lamps-hybrid-scheme-00}, type = {Internet-Draft}, institution = {Internet Engineering Task Force}, publisher = {Internet Engineering Task Force}, note = {Work in Progress}, url = {https://datatracker.ietf.org/doc/draft-sun-lamps-hybrid-scheme/00/}, author = {Sun Shuzhou and Yidi He and Hsiao-Ying Lin}, title = {{Convertible Forms with Multiple Keys and Signatures For Use In Internet X.509 Certificates}}, pagetotal = 20, year = 2024, month = oct, day = 16, abstract = {This document presents a hybrid key and signature solution, which allows to integrate two public keys and/or two signatures into a single certificate. The scheme enables a single certificate to be converted between different forms, allowing an alternative public key and/or an alternative signature to be transmitted either by direct inclusion or by referencing external data. This flexibility ensures that the scheme is backward-compatible with legacy devices, while also providing enhanced security support for upgraded devices. Four CSR attributes and two new X.509v3 certificate extensions are defined, and the procedures for signing and verifying certificates containing the defined attributes and extensions are described.}, }