Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework (RFC3647)

IP.com Disclosure Number: IPCOM000020226D
Original Publication Date: 2003-Nov-01
Included in the Prior Art Database: 2003-Nov-04

Publishing Venue

Internet Society Requests For Comment (RFCs)

Related People

S. Chokhani: AUTHOR [+5]

Abstract

This document presents a framework to assist the writers of certificate policies or certification practice statements for participants within public key infrastructures, such as certification authorities, policy authorities, and communities of interest that wish to rely on certificates. In particular, the framework provides a comprehensive list of topics that potentially (at the writer's discretion) need to be covered in a certificate policy or a certification practice statement. This document supersedes RFC 2527.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 2% of the total text.

Network Working Group S. Chokhani

Request for Comments: 3647 Orion Security Solutions, Inc.

Obsoletes: 2527 W. Ford

Category: Informational VeriSign, Inc.

R. Sabett

Cooley Godward LLP

C. Merrill

McCarter & English, LLP

S. Wu

Infoliance, Inc.

November 2003

Internet X.509 Public Key Infrastructure

Certificate Policy and Certification Practices Framework

Status of this Memo

This memo provides information for the Internet community. It does

not specify an Internet standard of any kind. Distribution of this

memo is unlimited.

Copyright Notice

Copyright (C) The Internet Society (2003). All Rights Reserved.

Abstract

This document presents a framework to assist the writers of

certificate policies or certification practice statements for

participants within public key infrastructures, such as certification

authorities, policy authorities, and communities of interest that

wish to rely on certificates. In particular, the framework provides

a comprehensive list of topics that potentially (at the writer's

discretion) need to be covered in a certificate policy or a

certification practice statement. This document supersedes RFC 2527.

Table of Contents

1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4

1.1. Background . . . . . . . . . . . . . . . . . . . . . . . 4

1.2. Purpose. . . . . . . . . . . . . . . . . . . . . . . . . 5

1.3. Scope. . . . . . . . . . . . . . . . . . . . . . . . . . 6

2. Definitions. . . . . . . . . . . . . . . . . . . . . . . . . . 6

3. Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . 9

3.1. Certificate Policy . . . . . . . . . . . . . . . . . . . 9

3.2. Certificate Policy Examples. . . . . . . . . . . . . . . 11

3.3. X.509 Certificate Fields . . . . . . . . . . . . . . . . 12

Chokhani, et al. Informational [Page 1]

RFC 3647 Internet X.509 Public Key Infrastructure November 2003

3.3.1. Certificate Policies Extension . . . . . . . . . 12

3.3.2. Policy Mappings Extension. . . . . . . . . . . . 13

3.3.3. Policy Constraints Extension . . . . . . . . . . 13

3.3.4. Policy Qualifiers. . . . . . . . . . . . . . . . 14

3.4. Certification Practice Statement . . . . . . . . . . . . 15

3.5. Relationship Between CP and CPS. . . . . . . . . . . . . 16

3.6. Relationship Among CPs, CPSs, Agreements, and

Other Documents. . . . . . . . . . . . . . . . . . . . . 17

3.7. Set of Provisions. . . . . . . . . . . . . . . . . . . . 20

4. Contents of a Set of Provisions. . . . . . . . . . . . . . . . 21

4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 22

4.1.1. Overview . . . . . . . . . . . . . . . . . . . . 22

4.1.2. Document Name and Identification . . . . . . . . 22

4.1.3. PKI Participants . . . . . . . . . . . . . . . . 23

4.1.4. Certificate Usage. . . . . . . . . . . . . . . . 24

4.1.5. Policy Administration. . . . . . . . . . . . . . 24

4.1.6. Definitions and Acronyms . . . . . . . . . . . . 24

4.2. Publication and Repository Responsibilities. . . . . . . 25

4.3. Identification and Authentication (I&A). . . ....