CertiPath CP 3.18

From IDESG Wiki
Revision as of 03:01, 28 June 2018 by Omaerz (talk | contribs) (2 revisions imported: Initial Upload of old pages from IDESG Wiki)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Title: CertiPath X.509 Certificate Policy


Category: Identity Provider Policy


Date: 4/16/2012


Creator: CertiPath


URL: https://www.certipath.com/images/stories/data/policy-docs/CertiPath%20CP-v.3.18-clean.pdf


Description: IETF RFC 3647 certificate policy for CertiPath. The document was digitally signed by the CertiPath Policy Management Authority. It defines certificate policies for the following assurance levels medium-CBP-software, medium-CBP-hardware, high-CBP-hardware, mediumsoftware, medium-hardware, high-hardware, IceCAP-cardAuth, IceCAP-hardware, and IceCAP contentSigning. The policy domain of the CP applies to the CertiPath Bridge CA (CBCA), the CertiPath Common Policy Root CA (CRCA) and to CAs and end entities under the CRCA.


Privacy: End entity certificate may contain pseudonyms in order to meet local privacy requirements, if they maintain namespace uniqueness and if the pseudonyms can be traced to the actual person. A link to CertiPath's privacy policy is provided, but when retrieved on 9/3/12 the target page (https://www.certipath.com/component/content/article/58-privacy) has errors and the contact information is not provided.


Security: The document is an information security policy.


Interoperability: The purpose of the document is to support interoperation of digital certficates between different enterprise PKIs. The document provides a PKI repository interoperability profile based on LDAP and HTTP and the naming convention defined in the CP, and provides an interoperable smart card profile (which leverages the FIPS 201 profile, with a Globally Unique Identifier used as the CHUID).


Terms: