We can use X.509 public key certificates (PKCs) for authentication in browsers by installing them into the keychain. Is it possible to use attribute certificates (ACs see rfc3281) for authorization in the same way? Do Browsers support this and send the information of both certificates to the server?
There is almost no support for attribute certificates in standard software like browsers. I just tried without success to import an AC into Firefox and IE.
Even if you could import an AC into the browser key store, they still would have to have support for the TLS extension for attribute certificates defined in RFC 5878, which doesn't seem to be the case (TLS Extensions for Web Browsers, Can attribute certificates be used with TLS / HTTPS?).
BTW, RFC 3281 is obsoleted by RFC 5755.