next up previous contents
Next: Re-key after Revocation Up: IDENTIFICATION AND AUTHENTICATION Previous: Authentication of individual identity   Contents

Routine Re-key

The CA will allow routine re-keying before expiration of the subscribers current certificate. The re-key request must be accompanied by a request based on a new key pair. Recertification of the existing public key is not allowed.

Re-key authentication may be be the procedure detailed in section 3.1.9, or by signing the re-key request with a current, valid private key, provided that the last identification according to 3.1.9 is not longer ago than 10 years.

David Groep