https://wiki.idesg.org/index.php?action=history&feed=atom&title=IETF_RFC_3647IETF RFC 3647 - Revision history2026-05-01T10:01:51ZRevision history for this page on the wikiMediaWiki 1.38.4https://wiki.idesg.org/index.php?title=IETF_RFC_3647&diff=2779&oldid=prevOmaerz: 6 revisions imported: Initial Upload of old pages from IDESG Wiki2018-06-28T04:00:30Z<p>6 revisions imported: Initial Upload of old pages from IDESG Wiki</p>
<p><b>New page</b></p><div>'''Title''': Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework<br />
<br />
<br/><br />
'''Category''': Identity Provider Policy<br />
<br />
<br/><br />
'''Date''': 11/1/2003<br />
<br />
<br/><br />
'''Creator''': IETF<br />
<br />
<br/><br />
'''URL''': http://www.ietf.org/rfc/rfc3647.txt<br />
<br />
<br/> <br />
'''Description''': A standard framework for Certificate Policies (CPs) and Certification Practice Statements (CPSs). The<br />
document is intended to provide a structure but not the requirements for what the policies should be. A<br />
Certificate Policy is defined as "a named set of rules that indicates the applicability of a certificate to a<br />
particular community and/or class of applications with common security requirements." The intention is for<br />
the CP to provide enough information for a Relying Party to be able to make a determination whether the<br />
operations are trustworthy. The Certification Practice Statement is a document detailing the practices<br />
employed by the CA in issuing certificates. The CPS is not typically publically available but is used by<br />
operators, system adminsitrators, policy management authorities and compliance auditors. IETF RFC 3647<br />
is an update of IETF RFC 2527.<br />
<br />
<br /><br />
'''Privacy''': The framework specifies where issuers document their privacy policy, what information is considered private<br />
within the PKI, responsibilities regarding protection of PII, requirements for consent and/or notification when<br />
PII is used or disclosed, and when participants may release PII during legal or administrative proceedings.<br />
<br />
<br /><br />
'''Security''': The document is an information security standard.<br />
<br />
<br /><br />
'''Interoperability''': The document supports an interoperable policy framework by providing a common framework for specifying<br />
an organization's policies for certificate issuance.<br />
<br />
<br /><br />
'''Terms''': [[Activation Data]], [[Authentication]], [[Ca-certificate]], [[Certificate Policy]], [[Certification Path]], [[Certification Practice Statement]], <br />
[[CPS Summary (or CPS Abstract)]], [[Identification]], [[Issuing Certification Authority (issuing CA)]],<br />
[[Participant]], [[PKI Disclosure Statement]], [[Policy Qualifier]], [[Registration Authority]], [[Relying Party]], [[Relying Party Agreement]], <br />
[[Set Of Provisions]], [[Subject Certification Authority (subject CA)]], [[Subscriber]], [[Subscriber Agreement]]<br />
<br />
<br />
<br />
[[Category:Standards]]<br />
[[Category:Identity Provider Policy]]</div>Omaerz