FBCA CP 2.25

From IDESG Wiki
Revision as of 22:59, 18 February 2021 by Tomjones (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Title: X.509 Certificate Policy For The Federal Bridge Certification Authority


Category: Trust Framework Provider Policy


Date: 12/9/2011


Creator: FBCA


URL: http://www.idmanagement.gov/fpkipa/documents/FBCA_CP_RFC3647.pdf


Description: RFC 3647 compliant certificate policy for the Federal Bridge CA. It defines a total of 12 policies, including the following assurance levels for human end users: Rudimentary, Basic, Medium, PIV-I Card Authentication, Medium Hardware, and High.


Privacy: The FPKI management authority is required to conduct a Privacy Impact Assessment. PII shall be protected from unauthorized disclosure, and will only be released to third parties when required by law or court order. No notification is required in the event of such disclosure.


Security: The document is a information security policy for the FBCA.


Interoperability: The document supports interoperation of digital certficates between different Federal government PKIs. The document provides a PKI repository interoperability profile based on LDAP and HTTP and the naming convention defined in the CP, and also provides PIV-I as an interoperable smart card profile.


Terms: Access, Access Control, Accreditation, Activation Data, Affiliated Organization, Applicant, Archive, Attribute Authority, Audit, Audit Data, Authenticate, Authentication, Backup, Binding, Biometric, Certificate, Certification Authority, CA Facility, Certificate, Certificate Management Authority, Certification Authority Software, Certificate Policy, Certification Practice Statement, Certificate-related Information, Certificate Revocation List, Certificate Status Authority, Client (application), Common Criteria, Compromise, Computer Security Objects Registry, Confidentiality, Cross-certificate, Cryptographic Module, Data Integrity, Digital Signature, Dual Use Certificate, Duration, E-commerce, Encrypted Network, Encryption Certificate, End-entity, Entity, Entity CA, FBCA Management Authority, Federal Public Key Infrastructure Policy Authority, Firewall, High Assurance Guard, Information System Security Officer, Inside Threat, Integrity, Intellectual Property, Intermediate CA, Key Escrow, Key Exchange, Key Generation Material, Key Pair, Local Registration, Memorandum Of Agreement, Mission Support Information, Mutual Authentication, Naming Authority, Non-repudiation, Object Identifier, Out-of-band, Outside Threat, Physically Isolated Network, PKI Sponsor, Policy Management Authority, Principal CA, Privacy, Private Key, Public Key, Public Key Infrastructure, Registration Authority, Re-key (a Certificate), Relying Party, Renew (a Certificate), Repository, Responsible Individual, Revoke A Certificate, Risk, Risk Tolerance, Root CA, Server, Signature Certificate, Subordinate CA, Subscriber, Superior CA, System Equipment Configuration, System High, Technical Non-repudiation, Threat, Trust List, Trusted Agent, Trusted Certificate, Trusted Timestamp, Trustworthy System, Two-person Control, Update (a Certificate)