IETF RFC 3647: Difference between revisions
m (6 revisions imported: Initial Upload of old pages from IDESG Wiki) |
(No difference)
|
Latest revision as of 04:00, 28 June 2018
Title: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework
Category: Identity Provider Policy
Date: 11/1/2003
Creator: IETF
URL: http://www.ietf.org/rfc/rfc3647.txt
Description: A standard framework for Certificate Policies (CPs) and Certification Practice Statements (CPSs). The
document is intended to provide a structure but not the requirements for what the policies should be. A
Certificate Policy is defined as "a named set of rules that indicates the applicability of a certificate to a
particular community and/or class of applications with common security requirements." The intention is for
the CP to provide enough information for a Relying Party to be able to make a determination whether the
operations are trustworthy. The Certification Practice Statement is a document detailing the practices
employed by the CA in issuing certificates. The CPS is not typically publically available but is used by
operators, system adminsitrators, policy management authorities and compliance auditors. IETF RFC 3647
is an update of IETF RFC 2527.
Privacy: The framework specifies where issuers document their privacy policy, what information is considered private
within the PKI, responsibilities regarding protection of PII, requirements for consent and/or notification when
PII is used or disclosed, and when participants may release PII during legal or administrative proceedings.
Security: The document is an information security standard.
Interoperability: The document supports an interoperable policy framework by providing a common framework for specifying
an organization's policies for certificate issuance.
Terms: Activation Data, Authentication, Ca-certificate, Certificate Policy, Certification Path, Certification Practice Statement,
CPS Summary (or CPS Abstract), Identification, Issuing Certification Authority (issuing CA),
Participant, PKI Disclosure Statement, Policy Qualifier, Registration Authority, Relying Party, Relying Party Agreement,
Set Of Provisions, Subject Certification Authority (subject CA), Subscriber, Subscriber Agreement