Certificate of Authorization (COA)

Certificate of authorization (COA) is a digital document containing attributes associated with the holder by the issuer. When the associated attributes are mainly used for the purpose of authorization, COA is called authorization certificate.

The authorization certificate works in conjunction with a public key certificate (PKC). While the PKC is issued by a certificate authority (CA) and is used as a proof of identity of its holder like a passport, the authorization certificate is issued by an attribute authority (AA) and is used to characterize or entitle its holder like a visa. Because identity information seldom changes and has a long validity time while attribute information frequently changes or has a short validity time, separate certificates with different security rigors, validity times and issuers are necessary.

Sources:

Farrell, S.; Housley, R. "An Internet Attribute Certificate Profile or Authorization". RFC

R. Shirey (August 2007). Internet Security Glossary, Version 2. Network Working Group