3.4.4.3 PERSONA CAs

One or more CAs will be established to accommodate users who wish to conceal their identities while making use of PEM security features, e.g., to preserve the anonymity offered by "arbitrary" mailbox names in the current mail environment. In this case the certifying authority is explicitly NOT vouching for the identity of the user. All such certificates are issued under a PERSONA CA, subordinate to a PCA with a PERSONA policy, to warn users explicitly that the subject DN is NOT a validated user identity. To minimize the possibility of syntactic confusion with certificates which do purport to specify an authenticated user identity, a PERSONA certificate is issued as a form of organizational user certificate, not a residential user certificate. There are no explicit, reserved words used to identify PERSONA user certificates.

A CA issuing PERSONA certificates must institute procedures to ensure that it does not issue the same subject DN to multiple users (a constraint required for all certificates of any type issued by any CA). There are no requirements on an issuer of PERSONA certificates to maintain any other records that might bind the true identity of the subject to his certificate. However, a CA issuing such certificates must establish procedures (not specified in this document) in order to allow the holder of a PERSONA certificate to request that his certificate be revoked (i.e., listed on a CRL).

As an example, a PERSONA user certificate might include a subject DN of the form: C = "US" SP = "Massachusetts" L = "Boston" O = "Pseudonyms R US" CN = "Paul Revere." The issuer of this certificate might have a DN of the form: C = "US" SP = "Massachusetts" L = "Boston" O = "Pseudonyms R US". Note the differences between this PERSONA user certificate for "Paul Revere" and the corresponding residential user certificate for the same common name.