Research Report A61: Privacy and accountability in certificate systems

Author: Tuomas Aura and Carl Ellison

Date: April 2000

Pages: 17

Discretionary access right management on the Internet and in other distributed communications systems is increasingly based on public-key identity and authorization certificates. The certificates pose a threat to privacy because they identify the owners and reveal the authorization relations between them. This paper overviews the privacy concerns and describes techniques for minimizing the amount of confidential information leaked about individuals and organizations. We also show how identity escrow certificates can ensure individual accountability without identity authentication. All the techniques can be implemented with SPKI certificates.

Keywords: privacy, anonymity, PKI, certificates, SPKI

Full report in Postscript