摘要 |
To verify a qualification on a network without notifying verifier privacy information that can identify as a subject of a public key certificate while keeping safety of the public key infrastructure technology. An attribute certificate validation method wherein by preparing an environment in which only an attribute certificate validation device operated by a trusted third party can access a user's public key certificate, the verifier transmits attribute certificate and signed data received from a user having presented a qualification, to the attribute certificate validation device to thereby request the device to make a check to confirm authenticity of the holder of the attribute certificate, thereby preventing the public key certificate (particularly, privacy information contained in the public key certificate) of the user from being passed to the verifier.
|