FBCA Cross-certification Methodology 3.0

Title: Criteria and Methodology for Cross-certification with the U.S. Federal Bridge Certification Authority

Category: Identity Provider Policy

Date: 1/25/2012

Creator: FBCA

URL: http://www.idmanagement.gov/fpkima/documents/crosscert_method_criteria_v3.0.pdf

Description: An addendum to the FBCA CP intended to use by personnel involved in cross-certification activities within the Government and between the FBCA and external CAs. Other cross certification activities (e.g. Shared Service Provider CAs, FCPCA, EGCA) are out of scope. The document provides a detailed workflow from the submission of an applicant for cross-certification, through the evaluation steps of policy mapping, review of compliance audit reports, analysis of operations, technical review and testing, and finally through the specific steps involved in performing the cross-certification. Applicants are required to submit a CP in RFC 3647 format for ease of policy mapping.

Privacy: None.

Security: The document is an information security policy and procedures document.

Interoperability: The purpose of the document is to provide a method for achieving trusted interoperability between the U.S. Federal Bridge CA and other CAs operating at compatible levels of assurance.

Terms: Affiliate PKI, Applicant, Bridge CA, Certification Authority, Certificate Policy, Certificate Policy Working Group, Certificate Revocation List, Certification Practice Statement, Cross-certificate, Cross-certification, Digital Signature, Directory, Federal Bridge Certification Authority, Public Key Certificate, Public Key Infrastructure, Repository