< draft-ietf-pkix-ipki-new-rfc2527-00.txt   draft-ietf-pkix-ipki-new-rfc2527-01.txt >
PKIX Working Group S. Chokhani (CygnaCom Solutions, Inc.) PKIX Working Group S. Chokhani (CygnaCom Solutions, Inc.)
Internet Draft W. Ford (VeriSign, Inc.) Internet Draft W. Ford (VeriSign, Inc.)
R. Sabett (Cooley Godward LLP) R. Sabett (Cooley Godward LLP)
C. Merrill (McCarter & English, LLP) C. Merrill (McCarter & English, LLP)
S. Wu (VeriSign, Inc.) S. Wu (Infoliance, Inc.)
Expires in six months from July 12, 2001 Expires in six months from January 3, 2002
Internet X.509 Public Key Infrastructure Internet X.509 Public Key Infrastructure
Certificate Policy and Certification Practices Framework Certificate Policy and Certification Practices Framework
< draft-ietf-pkix-ipki-new-rfc2527-00.txt > < draft-ietf-pkix-ipki-new-rfc2527-01.txt >
Status of this Memo Status of this Memo
This document is an Internet-Draft and is subject to all provisions This document is an Internet-Draft and is subject to all provisions
of Section 10 of RFC2026. Internet-Drafts are working documents of of Section 10 of RFC2026. Internet-Drafts are working documents of
the Internet Engineering Task Force (IETF), its areas, and its working the Internet Engineering Task Force (IETF), its areas, and its working
groups. Note that other groups may also distribute working documents groups. Note that other groups may also distribute working documents
as Internet-Drafts. as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of 6 months Internet-Drafts are draft documents valid for a maximum of 6 months
and may be updated, replaced, or may become obsolete by other and may be updated, replaced, or may become obsolete by other
documents at any time. It is inappropriate to use Internet-Drafts documents at any time. It is inappropriate to use Internet-Drafts
as reference material or to cite them other than as work in as reference material or to cite them other than as work in
progress. progress.
The list of current Internet-Drafts can be accessed at The list of current Internet-Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html http://www.ietf.org/1id-abstracts.html
The list of Internet-Draft Shadow Directories can be accessed at The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html. http://www.ietf.org/shadow.html.
To view the entire list of current Internet-Drafts, please check the To view the entire list of current Internet-Drafts, please check the
"1id-abstracts.txt" listing contained in the Internet-Drafts Shadow "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow
Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern
Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific
Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast). Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast).
skipping to change at page 1, line 55 skipping to change at page 1, line 55
This document presents a framework to assist the writers of This document presents a framework to assist the writers of
certificate policies or certification practice statements for certificate policies or certification practice statements for
participants within public key infrastructures, such as participants within public key infrastructures, such as
certification authorities, policy authorities, and communities of certification authorities, policy authorities, and communities of
interest that wish to rely on certificates. In particular, the interest that wish to rely on certificates. In particular, the
framework provides a comprehensive list of topics that potentially framework provides a comprehensive list of topics that potentially
(at the writer's discretion) need to be covered in a certificate (at the writer's discretion) need to be covered in a certificate
policy or a certification practice statement. This document is policy or a certification practice statement. This document is
being submitted to the RFC Editor with a request for publication as being submitted to the RFC Editor with a request for publication as
an Informational RFC. an Informational RFC that will supercede RFC 2527 [CPF].
TABLE OF CONTENTS TABLE OF CONTENTS
1. INTRODUCTION 3 1. INTRODUCTION 3
1.1 BACKGROUND 3 1.1 BACKGROUND 3
1.2 PURPOSE 5 1.2 PURPOSE 5
1.3 SCOPE 5 1.3 SCOPE 5
2. DEFINITIONS 6 2. DEFINITIONS 6
3. CONCEPTS 8 3. CONCEPTS 8
3.1 CERTIFICATE POLICY 8 3.1 CERTIFICATE POLICY 8
3.2 CERTIFICATE POLICY EXAMPLES 10 3.2 CERTIFICATE POLICY EXAMPLES 10
skipping to change at page 2, line 50 skipping to change at page 2, line 50
4.4.2 Certificate Application Processing 24 4.4.2 Certificate Application Processing 24
4.4.3 Certificate Issuance 24 4.4.3 Certificate Issuance 24
4.4.4 Certificate Acceptance 25 4.4.4 Certificate Acceptance 25
4.4.5 Key Pair and Certificate Usage 25 4.4.5 Key Pair and Certificate Usage 25
4.4.6 Certificate Renewal 26 4.4.6 Certificate Renewal 26
4.4.7 Certificate Re-key 26 4.4.7 Certificate Re-key 26
4.4.8 Certificate Modification 27 4.4.8 Certificate Modification 27
4.4.9 Certificate Revocation and Suspension 27 4.4.9 Certificate Revocation and Suspension 27
4.4.10 Certificate Status Services 28 4.4.10 Certificate Status Services 28
4.4.11 End of Subscription 28 4.4.11 End of Subscription 28
4.4.12 Key Escrow and Recovery 28 4.4.12 Key Escrow and Recovery 29
4.5 MANAGEMENT, OPERATIONAL, AND PHYSICAL CONTROLS 29 4.5 FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS 29
4.5.1 Physical Security Controls 29 4.5.1 Physical Security Controls 29
4.5.2 Procedural Controls 30 4.5.2 Procedural Controls 30
4.5.3 Personnel Security Controls 30 4.5.3 Personnel Controls 30
4.5.4 Audit Logging Procedures 31 4.5.4 Audit Logging Procedures 31
4.5.5 Records Archival 32 4.5.5 Records Archival 31
4.5.6 Key Changeover 32 4.5.6 Key Changeover 32
4.5.7 Compromise and Disaster Recovery 32 4.5.7 Compromise and Disaster Recovery 32
4.5.8 CA or RA Termination 33 4.5.8 CA or RA Termination 33
4.6 TECHNICAL SECURITY CONTROLS 33 4.6 TECHNICAL SECURITY CONTROLS 33
4.6.1 Key Pair Generation and Installation 33 4.6.1 Key Pair Generation and Installation 33
4.6.2 Private Key Protection and Cryptographic 4.6.2 Private Key Protection and Cryptographic
Module Engineering Controls 34 Module Engineering Controls 34
4.6.3 Other Aspects of Key Pair Management 36 4.6.3 Other Aspects of Key Pair Management 36
4.6.4 Activation Data 36 4.6.4 Activation Data 36
4.6.5 Computer Security Controls 36 4.6.5 Computer Security Controls 36
4.6.6 Life Cycle Security Controls 36 4.6.6 Life Cycle Security Controls 37
4.6.7 Network Security Controls 37 4.6.7 Network Security Controls 37
4.6.8 Timestamping 37 4.6.8 Timestamping 37
4.7 CERTIFICATE AND CRL PROFILES 37 4.7 CERTIFICATE, CRL, AND OCSP PROFILES 37
4.7.1 Certificate Profile 37 4.7.1 Certificate Profile 37
4.7.2 CRL Profile 38 4.7.2 CRL Profile 38
4.7.4 OCSP Profile 38 4.7.3 OCSP Profile 38
4.8 COMPLIANCE AUDIT AND OTHER ASSESSMENT 38 4.8 COMPLIANCE AUDIT AND OTHER ASSESSMENT 38
4.9 OTHER BUSINESS AND LEGAL MATTERS 39 4.9 OTHER BUSINESS AND LEGAL MATTERS 39
4.9.1 Fees 39 4.9.1 Fees 40
4.9.2 Financial Responsibility 39 4.9.2 Financial Responsibility 40
4.9.3 Confidentiality of Business Information 40 4.9.3 Confidentiality of Business Information 40
4.9.4 Privacy of Personal Information 40 4.9.4 Privacy of Personal Information 41
4.9.5 Intellectual Property Rights 40 4.9.5 Intellectual Property Rights 41
4.9.6 Representations and Warranties 41 4.9.6 Representations and Warranties 41
4.9.7 Disclaimers of Warranties 41 4.9.7 Disclaimers of Warranties 42
4.9.8 Limitations of Liability 41 4.9.8 Limitations of Liability 42
4.9.9 Indemnities 41 4.9.9 Indemnities 42
4.9.10 Term and Termination 42 4.9.10 Term and Termination 42
4.9.11 Individual notices and communications 4.9.11 Individual notices and communications
with participants 42 with participants 43
4.9.12 Amendments 42 4.9.12 Amendments 43
4.9.13 Dispute Resolution Procedures 43 4.9.13 Dispute Resolution Procedures 44
4.9.14 Governing Law 43 4.9.14 Governing Law 44
4.9.15 Compliance with Applicable Law 43 4.9.15 Compliance with Applicable Law 44
4.9.16 Miscellaneous Provisions 43 4.9.16 Miscellaneous Provisions 44
4.9.17 Other Provisions 44 4.9.17 Other Provisions 45
5. OUTLINE OF A SET OF PROVISIONS 44 5. OUTLINE OF A SET OF PROVISIONS 45
6. ACKNOWLEDGMENTS 51 6. ACKNOWLEDGMENTS 51
7. REFERENCES 51 7. REFERENCES 52
8. AUTHORS' ADDRESSES 52 8. AUTHORS' ADDRESSES 53
NOTES 53 NOTES 53
LIST OF ACRONYMS 54 LIST OF ACRONYMS 54
----------------------------------------------------------------- -----------------------------------------------------------------
1. INTRODUCTION 1. INTRODUCTION
1.1 BACKGROUND 1.1 BACKGROUND
In general, a public-key certificate (hereinafter "certificate") In general, a public-key certificate (hereinafter "certificate")
binds a public key held by an entity (such as person, organization, binds a public key held by an entity (such as person, organization,
account, device, or site) to a set of information that identifies account, device, or site) to a set of information that identifies
the entity associated with use of the corresponding private key. In the entity associated with use of the corresponding private key. In
most cases involving identity certificates, this entity is known as most cases involving identity certificates, this entity is known as
the "subject" or "subscriber" of the certificate. Two exceptions, the "subject" or "subscriber" of the certificate. Two exceptions,
skipping to change at page 4, line 54 skipping to change at page 4, line 55
expanded upon in [BAU1]. expanded upon in [BAU1].
A more detailed description of the practices followed by a CA in A more detailed description of the practices followed by a CA in
issuing and otherwise managing certificates may be contained in a issuing and otherwise managing certificates may be contained in a
certification practice statement (CPS) published by or referenced by certification practice statement (CPS) published by or referenced by
the CA. According to the American Bar Association Information the CA. According to the American Bar Association Information
Security Committee's Digital Signature Guidelines (hereinafter Security Committee's Digital Signature Guidelines (hereinafter
"DSG")(1) and the Information Security Committee's PKI Assessment "DSG")(1) and the Information Security Committee's PKI Assessment
Guidelines (hereinafter "PAG")(2), "a CPS is a statement of the Guidelines (hereinafter "PAG")(2), "a CPS is a statement of the
practices which a certification authority employs in issuing practices which a certification authority employs in issuing
certificates." [ABA1, ABA2] certificates." [ABA1, ABA2] In general, CPSs also describe practices
relating to all certificate lifecycle services (e.g., issuance,
management, revocation, and renewal or re-keying), and CPSs provide
details concerning other business, legal, and technical matters.
The terms contained in a CP or CPS may or may not be binding upon a The terms contained in a CP or CPS may or may not be binding upon a
PKI's participants as a contract. A CP or CPS may itself purport to PKI's participants as a contract. A CP or CPS may itself purport to
be a contract. More commonly, however, an agreement may incorporate be a contract. More commonly, however, an agreement may incorporate
a CP or CPS by reference and therefore bind the parties of the a CP or CPS by reference and therefore attempt to bind the parties of
agreement to some or all of its terms. For example, some PKIs may the agreement to some or all of its terms. For example, some PKIs
utilize a CP or (more commonly) a CPS that is incorporated by may utilize a CP or (more commonly) a CPS that is incorporated by
reference in the agreement between a subscriber and a CA or RA reference in the agreement between a subscriber and a CA or RA
(called a "subscriber agreement") or the agreement between a relying (called a "subscriber agreement") or the agreement between a relying
party and a CA (called a "relying party agreement" or "RPA"). In party and a CA (called a "relying party agreement" or "RPA"). In
other cases, however, a CP or CPS has no contractual significance at other cases, however, a CP or CPS has no contractual significance at
all. A PKI may intend these CPs and CPSs to be strictly all. A PKI may intend these CPs and CPSs to be strictly
informational or disclosure documents. informational or disclosure documents.
This RFC supercedes RFC 2527 [CPF].
1.2 PURPOSE 1.2 PURPOSE
The purpose of this document is twofold. First, the document aims The purpose of this document is twofold. First, the document aims
to explain the concepts of a CP and a CPS, describe the differences to explain the concepts of a CP and a CPS, describe the differences
between these two concepts, and describe their relationship to between these two concepts, and describe their relationship to
subscriber and relying party agreements. Second, this document aims subscriber and relying party agreements. Second, this document aims
to present a framework to assist the writers and users of to present a framework to assist the writers and users of
certificate policies or CPSs in drafting and understanding these certificate policies or CPSs in drafting and understanding these
documents. In particular, the framework identifies the elements documents. In particular, the framework identifies the elements
that may need to be considered in formulating a CP or a CPS. The that may need to be considered in formulating a CP or a CPS. The
purpose is not to define particular certificate policies or CPSs, purpose is not to define particular certificate policies or CPSs,
per se. Moreover, this document does not aim to provide per se. Moreover, this document does not aim to provide legal advice
recommendations as to particular requirements or practices that or recommendations as to particular requirements or practices that
should be contained within CPs or CPSs. (Such recommendations, should be contained within CPs or CPSs. (Such recommendations,
however, appear in [ABA2].) however, appear in [ABA2].)
1.3 SCOPE 1.3 SCOPE
The scope of this document is limited to discussion of the topics The scope of this document is limited to discussion of the topics
that can be covered in a CP (as defined in X.509) or CPS (as defined that can be covered in a CP (as defined in X.509) or CPS (as defined
in the DSG and PAG). In particular, this document describes the in the DSG and PAG). In particular, this document describes the
types of information that should be considered for inclusion in a CP types of information that should be considered for inclusion in a CP
or a CPS. While the framework as presented generally assumes use of or a CPS. While the framework as presented generally assumes use of
skipping to change at page 6, line 43 skipping to change at page 6, line 43
example, a particular CP might indicate applicability of a type of example, a particular CP might indicate applicability of a type of
certificate to the authentication of parties engaging in business- certificate to the authentication of parties engaging in business-
to-business transactions for the trading of goods or services within to-business transactions for the trading of goods or services within
a given price range. a given price range.
Certification path - An ordered sequence of certificates that, Certification path - An ordered sequence of certificates that,
together with the public key of the initial object in the path, can together with the public key of the initial object in the path, can
be processed to obtain that of the final object in the path. be processed to obtain that of the final object in the path.
Certification Practice Statement (CPS) - A statement of the Certification Practice Statement (CPS) - A statement of the
practices that a certification authority employs in issuing practices that a certification authority employs in issuing,
certificates. managing, revoking, and renewing or re-keying certificates.
CPS Summary (or CPS Abstract) - A subset of the provisions of a CPS Summary (or CPS Abstract) - A subset of the provisions of a
complete CPS that is made public by a CA. complete CPS that is made public by a CA.
Identification - The process of establishing the identity of an Identification - The process of establishing the identity of an
individual or organization, i.e., to show that an individual or individual or organization, i.e., to show that an individual or
organization is a specific individual or organization. In the organization is a specific individual or organization. In the
context of a PKI, identification refers to two processes: (1) context of a PKI, identification refers to two processes: (1)
establishing that a given name of an individual or organization establishing that a given name of an individual or organization
corresponds to a real-world identity of an individual or corresponds to a real-world identity of an individual or
skipping to change at page 8, line 51 skipping to change at page 8, line 51
the way relying parties or relying party applications use the way relying parties or relying party applications use
certificates. Different certificates are issued following different certificates. Different certificates are issued following different
practices and procedures, and may be suitable for different practices and procedures, and may be suitable for different
applications and/or purposes. applications and/or purposes.
The X.509 standard defines a CP as "a named set of rules that The X.509 standard defines a CP as "a named set of rules that
indicates the applicability of a certificate to a particular indicates the applicability of a certificate to a particular
community and/or class of application with common security community and/or class of application with common security
requirements" [ISO1]. An X.509 Version 3 certificate may identify a requirements" [ISO1]. An X.509 Version 3 certificate may identify a
specific applicable CP, which may be used by a relying party to specific applicable CP, which may be used by a relying party to
decide whether or not to trust a certificate for a particular decide whether or not to trust a certificate, associated public key,
purpose. or any digital signatures verified using the public key for a
particular purpose.
CPs typically fall into two major categories. First, some CPs CPs typically fall into two major categories. First, some CPs
"indicate the applicability of a certificate to a particular "indicate the applicability of a certificate to a particular
community" [ISO1]. These CPs set forth requirements for community" [ISO1]. These CPs set forth requirements for
certificates within a particular community. For instance, a CP may certificate usage and requirements on members of a community.
focus on the needs of a geographical community, such as the ETSI For instance, a CP may focus on the needs of a geographical community,
policy requirements for CAs issuing qualified certificates [ETS].
Also, a CP of this kind may focus on the needs of a specific such as the ETSI policy requirements for CAs issuing qualified
vertical-market community, such as financial services [IDT]. certificates [ETS]. Also, a CP of this kind may focus on the
needs of a specific vertical-market community, such as
financial services [IDT].
The second category of typical CPs "indicate the applicability of a The second category of typical CPs "indicate the applicability of a
certificate to a . . . class of application with common security certificate to a . . . class of application with common security
requirements." These CPs identify a set of applications or uses for requirements." These CPs identify a set of applications or uses for
certificates and say that these applications or uses require a certificates and say that these applications or uses require a
certain level of security. They then set forth PKI requirements certain level of security. They then set forth PKI requirements
that are appropriate for these applications or uses. A CP within that are appropriate for these applications or uses. A CP within
this category often makes sets requirements appropriate for a this category often makes sets requirements appropriate for a
certain "level of assurance" provided by certificates, relative to certain "level of assurance" provided by certificates, relative to
certificates issued pursuant to related CPs. These levels of certificates issued pursuant to related CPs. These levels of
skipping to change at page 9, line 35 skipping to change at page 9, line 37
medium, and high. The GOC PMA described certain types of digital medium, and high. The GOC PMA described certain types of digital
signature and confidentiality uses in the document, each with a signature and confidentiality uses in the document, each with a
certain set of security requirements, and grouped them into eight certain set of security requirements, and grouped them into eight
categories. The GOC PMA then established PKI requirements for each categories. The GOC PMA then established PKI requirements for each
of these categories, thereby creating eight types of certificates, of these categories, thereby creating eight types of certificates,
each providing rudimentary, basic, medium, or high levels of each providing rudimentary, basic, medium, or high levels of
assurance. The progression from rudimentary to high levels assurance. The progression from rudimentary to high levels
corresponds to increasing security requirements and corresponding corresponds to increasing security requirements and corresponding
increasing levels of assurance. increasing levels of assurance.
A CP, which needs to be recognized by both the issuer and user of a A CP is represented in a certificate by a unique number called
certificate, is represented in a certificate by a unique number an "Object Identifier" (OID). That OID, or at least an "arc", can be
called an "Object Identifier" (OID). That OID, or at least an "arc" registered. An "arc" is the beginning of the numerical sequence of
representing the beginning of the numerical sequence of an OID and an OID and is assigned to a particular organization. The
assigned to a particular organization, can be registered. The
registration process follows the procedures specified in ISO/IEC and registration process follows the procedures specified in ISO/IEC and
ITU standards. The party that registers the OID or arc also can ITU standards. The party that registers the OID or arc also can
publish the text of the CP, for examination by relying parties. Any publish the text of the CP, for examination by relying parties. Any
one certificate will typically declare a single CP or, possibly, be one certificate will typically declare a single CP or, possibly, be
issued consistent with a small number of different policies. Such issued consistent with a small number of different policies. Such
declaration appears in the Certificate Policies extension of a X.509 declaration appears in the Certificate Policies extension of a X.509
Version 3 certificate. When a CA places multiple CPs within a Version 3 certificate. When a CA places multiple CPs within a
certificate's Certificate Policies extension, the CA is asserting certificate's Certificate Policies extension, the CA is asserting
that the certificate is appropriate for use in accordance with any that the certificate is appropriate for use in accordance with any
of the listed CPs. of the listed CPs.
skipping to change at page 10, line 4 skipping to change at page 10, line 4
that the certificate is appropriate for use in accordance with any that the certificate is appropriate for use in accordance with any
of the listed CPs. of the listed CPs.
CPs also constitute a basis for an audit, accreditation, or another CPs also constitute a basis for an audit, accreditation, or another
assessment of a CA. Each CA can be assessed against one or more assessment of a CA. Each CA can be assessed against one or more
certificate policies or CPSs that it is recognized as implementing. certificate policies or CPSs that it is recognized as implementing.
When one CA issues a CA-certificate for another CA, the issuing CA When one CA issues a CA-certificate for another CA, the issuing CA
must assess the set of certificate policies for which it trusts the must assess the set of certificate policies for which it trusts the
subject CA (such assessment may be based upon an assessment with subject CA (such assessment may be based upon an assessment with
respect to the certificate policies involved). The assessed set of respect to the certificate policies involved). The assessed set of
certificate policies is then indicated by the issuing CA in the certificate policies is then indicated by the issuing CA in the
CA-certificate. The X.509 certification path processing logic CA-certificate. The X.509 certification path processing logic
employs these CP indications in its well-defined trust model. employs these CP indications in its well-defined trust model.
3.2 CERTIFICATE POLICY EXAMPLES 3.2 CERTIFICATE POLICY EXAMPLES
For example purposes, suppose that the International Air Transport For example purposes, suppose that the International Air Transport
Association (IATA) undertakes to define some certificate policies Association (IATA) undertakes to define some certificate policies
for use throughout the airline industry, in a PKI operated by IATA for use throughout the airline industry, in a PKI operated by IATA
in combination with PKIs operated by individual airlines. Two CPs in combination with PKIs operated by individual airlines. Two CPs
might be defined - the IATA General-Purpose CP, and the IATA might be defined - the IATA General-Purpose CP, and the IATA
Commercial-Grade CP. Commercial-Grade CP.
skipping to change at page 13, line 5 skipping to change at page 12, line 58
The Certificate Policies extension field has a provision for The Certificate Policies extension field has a provision for
conveying, along with each CP identifier, additional policy- conveying, along with each CP identifier, additional policy-
dependent information in a qualifier field. The X.509 standard does dependent information in a qualifier field. The X.509 standard does
not mandate the purpose for which this field is to be used, nor does not mandate the purpose for which this field is to be used, nor does
it prescribe the syntax for this field. Policy qualifier types can it prescribe the syntax for this field. Policy qualifier types can
be registered by any organization. be registered by any organization.
The following policy qualifier types are defined in PKIX RFC 2459 The following policy qualifier types are defined in PKIX RFC 2459
[PKI1]: [PKI1]:
(a) The CPS Pointer qualifier contains a pointer to a CPS, CPS (a) The CPS Pointer qualifier contains a pointer to a CPS, CPS
Summary, RPA, or PDS published by the CA. The pointer is in the Summary, RPA, or PDS published by the CA. The pointer is in the
form of a uniform resource identifier (URI). form of a uniform resource identifier (URI).
(b) The User Notice qualifier contains a text string that is to be (b) The User Notice qualifier contains a text string that is to be
displayed to subscribers and relying parties prior to the use of the displayed to subscribers and relying parties prior to the use of the
certificate. The text string may be an IA5String or a BMPString - a certificate. The text string may be an IA5String or a BMPString - a
subset of the ISO 100646-1 multiple octet coded character set. A CA subset of the ISO 100646-1 multiple octet coded character set. A CA
may invoke a procedure that requires that the relying party may invoke a procedure that requires that the relying party
acknowledge that the applicable terms and conditions have been acknowledge that the applicable terms and conditions have been
disclosed and/or accepted. disclosed and/or accepted.
Policy qualifiers can be used to support the definition of generic, Policy qualifiers can be used to support the definition of generic,
or parameterized, CPs. Provided the base CP so provides, policy or parameterized, CPs. Provided the base CP so provides, policy
qualifier types can be defined to convey, on a per-certificate qualifier types can be defined to convey, on a per-certificate
basis, additional specific policy details that fill in the generic basis, additional specific policy details that fill in the generic
definition. definition.
3.4 CERTIFICATION PRACTICE STATEMENT 3.4 CERTIFICATION PRACTICE STATEMENT
The term certification practice statement (CPS) is defined by the The term certification practice statement (CPS) is defined by the
DSG and PAG as: "A statement of the practices which a certification DSG and PAG as: "A statement of the practices which a certification
authority employs in issuing certificates." [ABA1, ABA2] In the authority employs in issuing certificates." [ABA1, ABA2] As stated
DSG, the ABA expands this definition with the following comments: above, a CPS establishes practices concerning lifecycle services in
addition to issuance, such as certificate management (including
publication and archiving), revocation, and renewal or re-keying. In
the DSG, the ABA expands this definition with the following comments:
"A certification practice statement may take the form of a "A certification practice statement may take the form of a
declaration by the certification authority of the details of its declaration by the certification authority of the details of its
trustworthy system and the practices it employs in its operations trustworthy system and the practices it employs in its operations
and in support of issuance of a certificate . . . ." This form of and in support of issuance of a certificate . . . ." This form of
CPS is the most common type, and can vary in length and level of CPS is the most common type, and can vary in length and level of
detail. detail.
Some PKIs may not have the need to create a thorough and detailed Some PKIs may not have the need to create a thorough and detailed
statement of practices. For example, the CA may itself be the statement of practices. For example, the CA may itself be the
relying party and would already be aware of the nature and relying party and would already be aware of the nature and
trustworthiness of its services. In other cases, a PKI may provide trustworthiness of its services. In other cases, a PKI may provide
certificates providing only a very low level of assurances where the certificates providing only a very low level of assurances where the
applications being secured may pose only marginal risks if applications being secured may pose only marginal risks if
compromised. In these cases, a PKI may only want to write a compromised. In these cases, an organization establishing a PKI
subscriber agreement, relying party agreement, or an agreement may only want to write or have CAs use a subscriber agreement,
combining subscriber and relying party terms, depending on the role relying party agreement, or agreement combining subscriber and
of the different PKI participants. In such a PKI, that agreement relying party terms, depending on the role of the different PKI
may serve as the only "statement of practices that a certification participants. In such a PKI, that agreement may serve as the only
authority employs in issuing certificates." Consequently, that "statement of practices" used by one or more CAs within that PKI.
agreement may also be considered a CPS and can be entitled or Consequently, that agreement may also be considered a CPS and can
subtitled as such. be entitled or subtitled as such.
Likewise, since a detailed CPS may contain sensitive details of its Likewise, since a detailed CPS may contain sensitive details of its
system, a CA may elect not to publish its entire CPS. It may system, a CA may elect not to publish its entire CPS. It may
instead opt to publish a CPS Summary (or CPS Abstract). The CPS instead opt to publish a CPS Summary (or CPS Abstract). The CPS
Summary would contain only those provisions from the CPS that the CA Summary would contain only those provisions from the CPS that the CA
considers to be relevant to the participants in the PKI (such as the considers to be relevant to the participants in the PKI (such as the
responsibilities of the parties or the stages of the certificate responsibilities of the parties or the stages of the certificate
lifecycle). A CPS Summary, however, would not contain those lifecycle). A CPS Summary, however, would not contain those
sensitive provisions of the full CPS that might provide an sensitive provisions of the full CPS that might provide an
attacker with useful information about the CA's operations. attacker with useful information about the CA's operations.
Throughout this document, the use of "CPS" includes both a detailed Throughout this document, the use of "CPS" includes both a detailed
CPS and a CPS Summary (unless otherwise specified). CPS and a CPS Summary (unless otherwise specified).
CPSs do not automatically constitute contracts and do not CPSs do not automatically constitute contracts and do not
automatically bind PKI participants as a contract would. Where a automatically bind PKI participants as a contract would. Where a
document serves the dual purpose of being a subscriber or relying document serves the dual purpose of being a subscriber or relying
party agreement and CPS, the document is intended to be a contract party agreement and CPS, the document is intended to be a contract
and constitutes a binding contract to the extent that a subscriber and constitutes a binding contract to the extent that a subscriber
skipping to change at page 14, line 52 skipping to change at page 14, line 53
various topics. In other words, the purpose of the CP is to various topics. In other words, the purpose of the CP is to
establish what participants must do. A CPS, by contrast, states how establish what participants must do. A CPS, by contrast, states how
a CA and other participants in a given domain implement procedures a CA and other participants in a given domain implement procedures
and controls to meet the requirements stated in the CP. In other and controls to meet the requirements stated in the CP. In other
words, the purpose of the CPS is to disclose how the participants words, the purpose of the CPS is to disclose how the participants
perform their functions and implement controls. perform their functions and implement controls.
An additional difference between a CP and CPS relates the scope of An additional difference between a CP and CPS relates the scope of
coverage of the two kinds of documents. Since a CP is a statement coverage of the two kinds of documents. Since a CP is a statement
of requirements, it best serves as the vehicle for communicating of requirements, it best serves as the vehicle for communicating
minimum operating guidelines that must be met by interoperating PKIs minimum operating guidelines that must be met by interoperating PKIs.
. Thus, a CP generally applies to multiple CAs, multiple Thus, a CP generally applies to multiple CAs, multiple organizations,
organizations, or multiple domains. By contrast, a CPS applies only or multiple domains. By contrast, a CPS applies only to a single CA
to a single CA or single organization and is not generally a vehicle or single organization and is not generally a vehicle to facilitate
to facilitate interoperation. interoperation.
A CA with a single CPS may support multiple CPs (used for A CA with a single CPS may support multiple CPs (used for
different application purposes and/or by different relying party different application purposes and/or by different relying party
communities). Also, multiple CAs, with non-identical CPSs, may communities). Also, multiple CAs, with non-identical CPSs, may
support the same CP. support the same CP.
For example, the Federal Government might define a government-wide For example, the Federal Government might define a government-wide
CP for handling confidential human resources information. The CP CP for handling confidential human resources information. The CP
will be a broad statement of the general requirements for will be a broad statement of the general requirements for
participants within the Government's PKI, and an indication of the participants within the Government's PKI, and an indication of the
skipping to change at page 18, line 4 skipping to change at page 18, line 4
provisions. For example, a CPS could be expressed as a combination provisions. For example, a CPS could be expressed as a combination
of the following: of the following:
(a) a list of certificate policies supported by the CPS; (a) a list of certificate policies supported by the CPS;
(b) for each CP in (a), a set of provisions that contains (b) for each CP in (a), a set of provisions that contains
statements responding to that CP by filling in details not statements responding to that CP by filling in details not
stipulated in that policy or expressly left to the discretion of the stipulated in that policy or expressly left to the discretion of the
CA (in its CPS) ; such statements serve to state how this particular CA (in its CPS) ; such statements serve to state how this particular
CPS implements the requirements of the particular CP; or CPS implements the requirements of the particular CP; or
(c) a set of provisions that contains statements regarding the (c) a set of provisions that contains statements regarding the
certification practices on the CA, regardless of CP. certification practices on the CA, regardless of CP.
The statements provided in (b) and (c) may augment or refine the The statements provided in (b) and (c) may augment or refine the
stipulations of the applicable CP, but generally must not conflict stipulations of the applicable CP, but generally must not conflict
with any of the stipulations of such CP. In certain cases, however, with any of the stipulations of such CP. In certain cases, however,
a policy authority may permit exceptions to the requirements in a a policy authority may permit exceptions to the requirements in a
CP, because certain compensating controls of the CA are disclosed in CP, because certain compensating controls of the CA are disclosed in
its CPS that allow the CA to provide assurances that are equivalent its CPS that allow the CA to provide assurances that are equivalent
to the assurances provided by CAs that are in full compliance with to the assurances provided by CAs that are in full compliance with
the CP. the CP.
This framework outlines the contents of a set of provisions, in This framework outlines the contents of a set of provisions, in
terms of nine primary components, as follows: terms of nine primary components, as follows:
1. Introduction 1. Introduction
2. Publication and Repository 2. Publication and Repository
3. Identification and Authentication 3. Identification and Authentication
4. Certificate Life-Cycle Operational Requirements 4. Certificate Life-Cycle Operational Requirements
5. Facilities, Management, and Operational Controls 5. Facilities, Management, and Operational Controls
6. Technical Security Controls 6. Technical Security Controls
7. Certificate, CRL, and OCSP Profile 7. Certificate, CRL, and OCSP Profile
8. Compliance audit 8. Compliance audit
9. Other Business and Legal Matters 9. Other Business and Legal Matters
PKIs can use this simple framework of nine primary components to PKIs can use this simple framework of nine primary components to
write a simple CP or CPS. Moreover, a CA can use this same write a simple CP or CPS. Moreover, a CA can use this same
framework to write a subscriber agreement, relying party agreement, framework to write a subscriber agreement, relying party agreement,
skipping to change at page 18, line 44 skipping to change at page 18, line 45
paragraph 1 as an introduction or recitals, it can set forth the paragraph 1 as an introduction or recitals, it can set forth the
responsibilities of the parties in paragraphs 2-8, and it can use responsibilities of the parties in paragraphs 2-8, and it can use
paragraph 9 to cover the business and legal issues described in more paragraph 9 to cover the business and legal issues described in more
detail in, and using the ordering of, Section 4.9 below (such as detail in, and using the ordering of, Section 4.9 below (such as
representations and warranties, disclaimers, and liability representations and warranties, disclaimers, and liability
limitations). The ordering of topics in this simple framework and limitations). The ordering of topics in this simple framework and
the business and legal matters Section 4.9 is the same as (or the business and legal matters Section 4.9 is the same as (or
similar to) the ordering of topics in a typical software or other similar to) the ordering of topics in a typical software or other
technology agreement. Therefore, a PKI can establish a set of core technology agreement. Therefore, a PKI can establish a set of core
documents (with a CP, CPS, subscriber agreement, and relying party documents (with a CP, CPS, subscriber agreement, and relying party
agreement) all having the same coverage and ordering of topics, agreement) all having the same structure and ordering of topics,
thereby facilitating comparisons and mappings among these documents thereby facilitating comparisons and mappings among these documents
and among the corresponding documents of other PKIs. and among the corresponding documents of other PKIs.
This simple framework may also be useful for agreements other than This simple framework may also be useful for agreements other than
subscriber agreements and relying party agreements. For instance, a subscriber agreements and relying party agreements. For instance, a
CA wishing to outsource certain services to an RA or certificate CA wishing to outsource certain services to an RA or certificate
manufacturing authority (CMA) may find it useful to use this manufacturing authority (CMA) may find it useful to use this
framework as a checklist to write a registration authority agreement framework as a checklist to write a registration authority agreement
or outsourcing agreement. Similarly, two CAs may wish to use this or outsourcing agreement. Similarly, two CAs may wish to use this
simple framework for the purpose of drafting a cross-certification, simple framework for the purpose of drafting a cross-certification,
unilateral certification, or other interoperability agreement. unilateral certification, or other interoperability agreement.
In short, the primary components of the simple framework In short, the primary components of the simple framework
(specified above) may meet the needs of drafters of short CPs, CPSs, (specified above) may meet the needs of drafters of short CPs, CPSs,
subscriber agreements, and relying party agreements. Nonetheless, subscriber agreements, and relying party agreements. Nonetheless,
this framework is extensible, and its coverage of the nine this framework is extensible, and its coverage of the nine
components is flexible enough to meet the needs of drafters of components is flexible enough to meet the needs of drafters of
comprehensive CPs and CPSs. Specifically, omponents appearing above comprehensive CPs and CPSs. Specifically, components appearing above
can be further divided into subcomponents, and a subcomponent may can be further divided into subcomponents, and a subcomponent may
comprise multiple elements. Section 4 provides a more detailed comprise multiple elements. Section 4 provides a more detailed
description of the contents of the above components, and their description of the contents of the above components, and their
subcomponents. Drafters of CPs and CPSs are permitted to add subcomponents. Drafters of CPs and CPSs are permitted to add
additional levels of subcomponents below the subcomponents described additional levels of subcomponents below the subcomponents described
in Section 4 for the purpose of meeting the needs of the drafter's in Section 4 for the purpose of meeting the needs of the drafter's
particular PKI. particular PKI.
4. CONTENTS OF A SET OF PROVISIONS 4. CONTENTS OF A SET OF PROVISIONS
skipping to change at page 21, line 28 skipping to change at page 21, line 24
certificates is prohibited. certificates is prohibited.
In the case of a CP or CPS describing different levels of assurance, In the case of a CP or CPS describing different levels of assurance,
this subcomponent can describe applications or types of applications this subcomponent can describe applications or types of applications
that are appropriate or inappropriate for the different levels of that are appropriate or inappropriate for the different levels of
assurance. assurance.
4.1.5 Policy Administration 4.1.5 Policy Administration
This subcomponent includes the name and mailing address of the This subcomponent includes the name and mailing address of the
organization that is responsible for the registration, maintenance, organization that is responsible for the drafting, registering,
and interpretation of this CP or CPS. It also includes the name, maintaining, and updating of this CP or CPS. It also includes the
electronic mail address, telephone number, and fax number of a name, electronic mail address, telephone number, and fax number of a
contact person. contact person. As an alternative to naming an actual person, the
document may name a title or role, an e-mail alias, and other
generalized contact information. In some cases, the organization may
state that its contact person, alone or in combination with others,
is available to answer questions about the document.
Moreover, when a formal or informal policy authority is responsible Moreover, when a formal or informal policy authority is responsible
for determining whether a CA should be allowed to operate within or for determining whether a CA should be allowed to operate within or
interoperate with a PKI, it may wish to approve the CPS of the CA as interoperate with a PKI, it may wish to approve the CPS of the CA as
being suitable for the policy authority's CP. If so, this being suitable for the policy authority's CP. If so, this
subcomponent includes the name, electronic mail address, telephone subcomponent can include the name or title, electronic mail address
number, and fax number of the person in charge of making such a (or alias), telephone number, fax number, and other generalized
determination. Finally, in this case, this subcomponent also information of the entity in charge of making such a determination.
includes the procedures by which this determination is made. Finally, in this case, this subcomponent also includes the
procedures by which this determination is made.
4.1.6 Definitions and acronyms 4.1.6 Definitions and acronyms
This subcomponent contains a list of definitions for defined terms This subcomponent contains a list of definitions for defined terms
used within the document, as well as a list of acronyms in the used within the document, as well as a list of acronyms in the
document and their meanings. document and their meanings.
4.2 PUBLICATION AND REPOSITORY RESPONSIBILITIES 4.2 PUBLICATION AND REPOSITORY RESPONSIBILITIES
This component contains any applicable provisions regarding: This component contains any applicable provisions regarding:
* An identification of the entity or entities that operate * An identification of the entity or entities that operate
skipping to change at page 22, line 38 skipping to change at page 22, line 39
4.3.1 Naming 4.3.1 Naming
This subcomponent includes the following elements regarding naming This subcomponent includes the following elements regarding naming
and identification of the subscribers: and identification of the subscribers:
* Types of names assigned to the subject, such as X.500 * Types of names assigned to the subject, such as X.500
distinguished names; RFC-822 names; and X.400 names; distinguished names; RFC-822 names; and X.400 names;
* Whether names have to be meaningful or not;(3) * Whether names have to be meaningful or not;(3)
* Whether subscribers can be anonymous or not and, if so, what names * Whether or not subscribers can be anonymous or pseudonymous, and,
are assigned to anonymous subscribers; if they can, what names are assigned to or can be used by anonymous
subscribers;
* Rules for interpreting various name forms, such as the X.500 * Rules for interpreting various name forms, such as the X.500
standard and RFC-822; standard and RFC-822;
* Whether names have to be unique; and * Whether names have to be unique; and
* Recognition, authentication, and role of trademarks. * Recognition, authentication, and role of trademarks.
4.3.2 Initial Identity Validation 4.3.2 Initial Identity Validation
skipping to change at page 26, line 41 skipping to change at page 26, line 41
* Notification of certificate issuance by the CA to other entities. * Notification of certificate issuance by the CA to other entities.
4.4.7 Certificate Re-key 4.4.7 Certificate Re-key
This subcomponent is used to describe the following elements related This subcomponent is used to describe the following elements related
to a subscriber or other participant generating a new key pair and to a subscriber or other participant generating a new key pair and
applying for the issuance of new certificate that certifies the new applying for the issuance of new certificate that certifies the new
public key: public key:
* Circumstances under which certificate re-key can or must takes * Circumstances under which certificate re-key can or must take
place, such as after a certificate is revoked for the reasons of key place, such as after a certificate is revoked for the reasons of key
compromise or after a certificate has expired and the usage period compromise or after a certificate has expired and the usage period
of the key pair has also expired; of the key pair has also expired;
* Who may request certificate re-key, for example, the subscriber; * Who may request certificate re-key, for example, the subscriber;
* A CA or RA's procedures to process re-keying requests to issue the * A CA or RA's procedures to process re-keying requests to issue the
new certificate, such as procedures that are the same as the initial new certificate, such as procedures that are the same as the initial
certificate issuance; certificate issuance;
skipping to change at page 27, line 4 skipping to change at page 27, line 4
* A CA or RA's procedures to process re-keying requests to issue the * A CA or RA's procedures to process re-keying requests to issue the
new certificate, such as procedures that are the same as the initial new certificate, such as procedures that are the same as the initial
certificate issuance; certificate issuance;
* Notification of the new certificate to the subscriber; * Notification of the new certificate to the subscriber;
* Conduct constituting acceptance of the certificate; * Conduct constituting acceptance of the certificate;
* Publication of the certificate by the CA; and * Publication of the certificate by the CA; and
* Notification of certificate issuance by the CA to other * Notification of certificate issuance by the CA to other
entities. entities.
4.4.8 Certificate Modification 4.4.8 Certificate Modification
This subcomponent is used to describe the following elements related This subcomponent is used to describe the following elements related
to issuance of a new certificate due to changes in the information to issuance of a new certificate (6) due to changes in the
in the certificate other than the subscriber public key: information in the certificate other than the subscriber public key:
* Circumstances under which certificate modification can takes * Circumstances under which certificate modification can take
place, such as name change, role change, reorganization resulting a place, such as name change, role change, reorganization resulting a
change in the DN; change in the DN;
* Who may request certificate modification, for instance, * Who may request certificate modification, for instance,
subscribers, human resources personnel, or the RA; subscribers, human resources personnel, or the RA;
* A CA or RA's procedures to process modification requests to issue * A CA or RA's procedures to process modification requests to issue
the new certificate, such as procedures that are the same as the the new certificate, such as procedures that are the same as the
initial certificate issuance; initial certificate issuance;
skipping to change at page 28, line 40 skipping to change at page 28, line 41
* Procedures to request certificate suspension, such as a digitally * Procedures to request certificate suspension, such as a digitally
signed message from subscriber or RA, or a phone call from RA; and signed message from subscriber or RA, or a phone call from RA; and
* How long the suspension may last. * How long the suspension may last.
4.4.10 Certificate Status Services 4.4.10 Certificate Status Services
This subcomponent addresses the certificate status checking services This subcomponent addresses the certificate status checking services
available to the relying parties, including: available to the relying parties, including:
* The operational characteristics of certificate status checking services; * The operational characteristics of certificate status checking
services;
* The availability of such services, and any applicable policies on * The availability of such services, and any applicable policies on
unavailability; and unavailability; and
* Any optional features of such services. * Any optional features of such services.
4.4.11 End of Subscription 4.4.11 End of Subscription
This subcomponent addresses procedures used by the subscriber to end This subcomponent addresses procedures used by the subscriber to end
subscription to the CA services, including: subscription to the CA services, including:
skipping to change at page 32, line 8 skipping to change at page 32, line 4
* Whether the subject who caused an audit event to occur is notified * Whether the subject who caused an audit event to occur is notified
of the audit action; and of the audit action; and
* Vulnerability assessments, for example, where audit data is run * Vulnerability assessments, for example, where audit data is run
through a tool that identifies potential attempts to breach the through a tool that identifies potential attempts to breach the
security of the system. security of the system.
4.5.5 Records Archival 4.5.5 Records Archival
This subcomponent is used to describe general records archival (or This subcomponent is used to describe general records archival (or
records retention) policies, including the following: records retention) policies, including the following:
* Types of records that are archived, for example, all audit data, * Types of records that are archived, for example, all audit data,
certificate application information, and documentation supporting certificate application information, and documentation supporting
certificate applications; certificate applications;
* Retention period for archive; * Retention period for archive;
* Protection of archive: * Protection of archive:
- Who can view the archive, for example, a requirement that only the - Who can view the archive, for example, a requirement that only the
audit administrator may view the archive; audit administrator may view the archive;
- Protection against modification of archive, such as storing the - Protection against modification of archive, such as securely
data on a write once medium; storing the data on a write once medium;
- Protection against deletion of archive; and - Protection against deletion of archive;
- Protection against deterioration of the media on which the archive - Protection against deterioration of the media on which the archive
Protection against deletion of archive;
is stored, such as a requirement for data to be migrated is stored, such as a requirement for data to be migrated
periodically to fresh media. periodically to fresh media; and
- Protection against obsolescence of hardware, operating systems, and
other software, by, for example, retaining as part of the archive the
hardware, operating systems, and/or other software in order to permit
access to and use of archived records over time.
* Archive backup procedures; * Archive backup procedures;
* Requirements for time-stamping of records; * Requirements for time-stamping of records;
* Whether the archive collection system is internal or external; and * Whether the archive collection system is internal or external; and
* Procedures to obtain and verify archive information, such as a * Procedures to obtain and verify archive information, such as a
requirement that two separate copies of the archive data be kept requirement that two separate copies of the archive data be kept
under the control of two persons, and that the two copies be under the control of two persons, and that the two copies be
skipping to change at page 35, line 4 skipping to change at page 35, line 4
module used to generate the keys? A cryptographic module can be module used to generate the keys? A cryptographic module can be
composed of hardware, software, firmware, or any combination of composed of hardware, software, firmware, or any combination of
them. For example, are the keys certified by the infrastructure them. For example, are the keys certified by the infrastructure
required to be generated using modules compliant with the US FIPS required to be generated using modules compliant with the US FIPS
140-1? If so, what is the required FIPS 140-1 level of the module? 140-1? If so, what is the required FIPS 140-1 level of the module?
Are there any other engineering or other controls relating to a Are there any other engineering or other controls relating to a
cryptographic module, such as the identification of the cryptographic module, such as the identification of the
cryptographic module boundary, input/output, roles and services, cryptographic module boundary, input/output, roles and services,
finite state machine, physical security, software security, finite state machine, physical security, software security,
operating system security, algorithm compliance, electromagnetic operating system security, algorithm compliance, electromagnetic
compatibility, and self tests. compatibility, and self tests.
2. Is the private key under n out of m multi-person control?(6) 2. Is the private key under n out of m multi-person control?(7)
If yes, provide n and m (two person control is a special case of n If yes, provide n and m (two person control is a special case of n
out of m, where n = m = 2)? out of m, where n = m = 2)?
3. Is the private key escrowed?(7) If so, who is the escrow agent, 3. Is the private key escrowed?(8) If so, who is the escrow agent,
what form is the key escrowed in (examples include plaintext, what form is the key escrowed in (examples include plaintext,
encrypted, split key), and what are the security controls on the encrypted, split key), and what are the security controls on the
escrow system? escrow system?
4. Is the private key backed up? If so, who is the backup agent, 4. Is the private key backed up? If so, who is the backup agent,
what form is the key backed up in (examples include plaintext, what form is the key backed up in (examples include plaintext,
encrypted, split key), and what are the security controls on the encrypted, split key), and what are the security controls on the
backup system? backup system?
5. Is the private key archived? If so, who is the archival agent, 5. Is the private key archived? If so, who is the archival agent,
skipping to change at page 36, line 13 skipping to change at page 36, line 13
standard such as U.S. FIPS 140-1, associated level, and rating. standard such as U.S. FIPS 140-1, associated level, and rating.
4.6.3 Other Aspects of Key Pair Management 4.6.3 Other Aspects of Key Pair Management
Other aspects of key management need to be considered for the Other aspects of key management need to be considered for the
issuing CA, repositories, subject CAs, RAs, subscribers, and other issuing CA, repositories, subject CAs, RAs, subscribers, and other
participants. For each of these types of entity, the following participants. For each of these types of entity, the following
questions potentially need to be answered: questions potentially need to be answered:
1. Is the public key archived? If so, who is the archival agent and 1. Is the public key archived? If so, who is the archival agent and
what are the security controls on the archival system? The archival what are the security controls on the archival system? Also, what
system should provide integrity controls other than digital software and hardware need to be preserved as part of the archive to
signatures since: the archival period may be greater than the permit use of the public key over time? Note: this subcomponent is
cryptanalysis period for the key and the archive requires tamper not limited to requiring or describing the use of digital signatures
protection, which is not provided by digital signatures. with archival data, but rather can address integrity controls other
than digital signatures when an archive requires tamper protection.
Digital signatures do not provide tamper protection or protect the
integrity of data; they merely verify data integrity. Moreover, the
archival period may be greater than the cryptanalysis period for
the public key needed to verify any digital signature applied to
archival data.
2. What is the operational period of the certificates issued to the 2. What is the operational period of the certificates issued to the
subscriber. What are the usage periods, or active lifetimes, for subscriber. What are the usage periods, or active lifetimes, for
the subscriber's key pair? the subscriber's key pair?
4.6.4 Activation Data 4.6.4 Activation Data
Activation data refers to data values other than whole private keys Activation data refers to data values other than whole private keys
that are required to operate private keys or cryptographic modules that are required to operate private keys or cryptographic modules
containing private keys, such as a PIN, passphrase, or portions of a containing private keys, such as a PIN, passphrase, or portions of a
skipping to change at page 36, line 54 skipping to change at page 37, line 4
audit, identification and authentication, trusted path, security audit, identification and authentication, trusted path, security
testing, and penetration testing. Product assurance may also be testing, and penetration testing. Product assurance may also be
addressed. addressed.
A computer security rating for computer systems may be required. A computer security rating for computer systems may be required.
The rating could be based, for example, on the Trusted System The rating could be based, for example, on the Trusted System
Evaluation Criteria (TCSEC), Canadian Trusted Products Evaluation Evaluation Criteria (TCSEC), Canadian Trusted Products Evaluation
Criteria, European Information Technology Security Evaluation Criteria, European Information Technology Security Evaluation
Criteria (ITSEC), or the Common Criteria for Information Technology Criteria (ITSEC), or the Common Criteria for Information Technology
Security Evaluation, ISO/IEC 15408:1999. This subcomponent can also Security Evaluation, ISO/IEC 15408:1999. This subcomponent can also
address requirements for product evaluation analysis, testing, address requirements for product evaluation analysis, testing,
profiling, product certification, and/or product accreditation profiling, product certification, and/or product accreditation
related activity undertaken. related activity undertaken.
4.6.6 Life Cycle Security Controls 4.6.6 Life Cycle Security Controls
This subcomponent addresses system development controls and This subcomponent addresses system development controls and
security management controls. security management controls.
System development controls include development environment System development controls include development environment
security, development personnel security, configuration management security, development personnel security, configuration management
security during product maintenance, software engineering practices, security during product maintenance, software engineering practices,
software development methodology, modularity, layering, use of software development methodology, modularity, layering, use of
failsafe design and implementation techniques (e.g., defensive failsafe design and implementation techniques (e.g., defensive
programming) and development facility security. programming) and development facility security.
Security management controls include execution of tools and Security management controls include execution of tools and
procedures to ensure that the operational systems and networks procedures to ensure that the operational systems and networks
adhere to configured security. These tools and procedures include adhere to configured security. These tools and procedures include
checking the integrity of the security software, firmware, and checking the integrity of the security software, firmware, and
hardware to ensure their correct operation. hardware to ensure their correct operation.
This subcomponent can also address life-cycle security ratings This subcomponent can also address life-cycle security ratings
based, for example, on the Trusted Software Development Methodology based, for example, on the Trusted Software Development Methodology
(TSDM) level IV and V, independent life-cycle security controls (TSDM) level IV and V, independent life-cycle security controls
audit, and the Software Engineering Institute's Capability Maturity audit, and the Software Engineering Institute's Capability Maturity
Model (SEI-CMM). Model (SEI-CMM).
4.6.7 Network Security Controls 4.6.7 Network Security Controls
This subcomponent addresses network security related controls, This subcomponent addresses network security related controls,
including firewalls. including firewalls.
skipping to change at page 38, line 42 skipping to change at page 38, line 47
an OCSP system; and an OCSP system; and
* OCSP extensions populated and their criticality. * OCSP extensions populated and their criticality.
4.8 COMPLIANCE AUDIT AND OTHER ASSESSMENT 4.8 COMPLIANCE AUDIT AND OTHER ASSESSMENT
This component addresses the following: This component addresses the following:
* The list of topics covered by the assessment and/or the assessment * The list of topics covered by the assessment and/or the assessment
methodology used to perform the assessment; examples include methodology used to perform the assessment; examples include
WebTrust for CAs (8) and SAS 70 (9). WebTrust for CAs (9) and SAS 70 (10).
* Frequency of compliance audit or other assessment for each entity * Frequency of compliance audit or other assessment for each entity
that must be assessed pursuant to a CP or CPS, or the circumstances that must be assessed pursuant to a CP or CPS, or the circumstances
that will trigger an assessment; possibilities include an annual that will trigger an assessment; possibilities include an annual
audit, pre-operational assessment as a condition of allowing an audit, pre-operational assessment as a condition of allowing an
entity to being operations, or investigation following a possible or entity to being operations, or investigation following a possible or
actual compromise of security. actual compromise of security.
* The identity and/or qualifications of the personnel performing the * The identity and/or qualifications of the personnel performing the
audit or other assessment. audit or other assessment.
skipping to change at page 38, line 55 skipping to change at page 39, line 4
that must be assessed pursuant to a CP or CPS, or the circumstances that must be assessed pursuant to a CP or CPS, or the circumstances
that will trigger an assessment; possibilities include an annual that will trigger an assessment; possibilities include an annual
audit, pre-operational assessment as a condition of allowing an audit, pre-operational assessment as a condition of allowing an
entity to being operations, or investigation following a possible or entity to being operations, or investigation following a possible or
actual compromise of security. actual compromise of security.
* The identity and/or qualifications of the personnel performing the * The identity and/or qualifications of the personnel performing the
audit or other assessment. audit or other assessment.
* The relationship between the assessor and the entity being * The relationship between the assessor and the entity being
assessed, including the degree of independence of the assessor. assessed, including the degree of independence of the assessor.
* Actions taken as a result of deficiencies found during the * Actions taken as a result of deficiencies found during the
assessment; examples include a temporary suspension of operations assessment; examples include a temporary suspension of operations
until deficiencies are corrected, revocation of certificates issued until deficiencies are corrected, revocation of certificates issued
to the assessed entity, changes in personnel, triggering special to the assessed entity, changes in personnel, triggering special
investigations or more frequent subsequent compliance assessments, investigations or more frequent subsequent compliance assessments,
and claims for damages against the assessed entity. and claims for damages against the assessed entity.
* Who is entitled to see results of an assessment (e.g., assessed * Who is entitled to see results of an assessment (e.g., assessed
entity, other participants, the general public), who provides them entity, other participants, the general public), who provides them
(e.g., the assessor or the assessed entity), and how they are (e.g., the assessor or the assessed entity), and how they are
communicated. communicated.
4.9 OTHER BUSINESS AND LEGAL MATTERS 4.9 OTHER BUSINESS AND LEGAL MATTERS
In all cases below, the CP or CPS itself may purport to impose terms This component covers general business and legal matters. Sections
on participants to the extent the CP or CPS is a contract or part of 9.1 and 9.2 of the framework discuss the business issues of fees to
a contract, or the CP or CPS may contain requirements that such be charged for various services and the financial responsibility of
terms appear in separate agreements, such as subscriber agreements participants to maintain resources for ongoing operations and for
and relying party agreements. paying judgments or settlements in response to claims asserted
against them. The remaining sections are generally concerned with
legal topics.
Starting with Section 9.3 of the framework, the ordering of topics
is the same as or similar to the ordering of topics in a typical
software licensing agreement or other technology agreement.
Consequently, this framework may not only be used for CPs and CPSs,
but also associated PKI-related agreements, especially subscriber
agreements and relying party agreements. This ordering is intended
help lawyers review CPs, CPSs, and other documents adhering to this
framework.
With respect to many of the legal subcomponents within this
component, a CP or CPS drafter may choose to include in the document
terms and conditions that apply directly to subscribers or relying
parties. For instance, a CP or CPS may set forth limitations of
liability that apply to subscribers and relying parties. The
inclusion of terms and conditions is likely to be appropriate where
the CP or CPS is itself a contract or part of a contract.
In other cases, however, the CP or CPS is not a contract or part of
a contract; instead, it is configured so that its terms and
conditions are applied to the parties by separate documents, which
may include associated agreements, such as subscriber or relying
party agreements. In that event, a CP drafter may write a CP so as
to require that certain legal terms and conditions appear (or not
appear) in such associated agreements. For example, a CP might
include a subcomponent stating that a certain limitation of
liability term must appear in a CA's subscriber and relying party
agreements. Another example is a CP that contains a subcomponent
prohibiting the use of a subscriber or relying party agreement
containing a limitation upon CA liability inconsistent with the
provisions of the CP. A CPS drafter may use legal subcomponents to
disclose that certain terms and conditions appear in associated
subscriber, relying party, or other agreements in use by the CA. A
CPS might explain, for instance, that the CA writing it uses an
associated subscriber or relying party agreement that applies a
particular provision for limiting liability.
4.9.1 Fees 4.9.1 Fees
This subcomponent contains any applicable provisions regarding fees This subcomponent contains any applicable provisions regarding fees
charged by CAs, repositories, or RAs, such as: charged by CAs, repositories, or RAs, such as:
* Certificate issuance or renewal fees; * Certificate issuance or renewal fees;
* Certificate access fees; * Certificate access fees;
skipping to change at page 39, line 46 skipping to change at page 40, line 31
* Fees for other services such as providing access to the relevant * Fees for other services such as providing access to the relevant
CP or CPS; and CP or CPS; and
* Refund policy. * Refund policy.
4.9.2 Financial Responsibility 4.9.2 Financial Responsibility
This subcomponent contains requirements or disclosures relating to This subcomponent contains requirements or disclosures relating to
the resources available to CAs, RAs, and other participants the resources available to CAs, RAs, and other participants
providing certification services to support performance of their providing certification services to support performance of their
operational responsibilities, and to remain solvent and pay damages operational PKI responsibilities, and to remain solvent and pay
in the event they are liable to pay a judgment or settlement in damages in the event they are liable to pay a judgment or settlement
connection with a claim arising out of their operations. Such in connection with a claim arising out of such operations. Such
provisions include: provisions include:
* A statement that the participant maintains a certain amount of * A statement that the participant maintains a certain amount of
insurance coverage for its liabilities to other participants; insurance coverage for its liabilities to other participants;
* A statement that a participant has access to other resources to * A statement that a participant has access to other resources to
support operations and pay damages for potential liability, which support operations and pay damages for potential liability, which
may be couched in terms of a minimum level of assets necessary to may be couched in terms of a minimum level of assets necessary to
operate and cover contingencies that might occur within a PKI, where operate and cover contingencies that might occur within a PKI, where
examples include assets on the balance sheet of an organization, a examples include assets on the balance sheet of an organization, a
skipping to change at page 41, line 4 skipping to change at page 41, line 40
* Any requirements as to notices to, or consent from individuals * Any requirements as to notices to, or consent from individuals
regarding use or disclosure of private information; and regarding use or disclosure of private information; and
* Any circumstances under which a participant is entitled or * Any circumstances under which a participant is entitled or
required to disclose private information pursuant to judicial, required to disclose private information pursuant to judicial,
administrative process in a private or governmental proceeding, or administrative process in a private or governmental proceeding, or
in any legal proceeding. in any legal proceeding.
4.9.5 Intellectual Property Rights 4.9.5 Intellectual Property Rights
This subcomponent addresses the intellectual property rights, This subcomponent addresses the intellectual property rights,
such as copyright, patent, trademarks, or trade secrets, that such as copyright, patent, trademarks, or trade secrets, that
certain participants may have or claim in a CP, CPS, certificates, certain participants may have or claim in a CP, CPS, certificates,
names, and keys, or are the subject of a license to or from names, and keys, or are the subject of a license to or from
participants. participants.
4.9.6 Representations and Warranties 4.9.6 Representations and Warranties
This subcomponent can include representations and warranties of This subcomponent can include representations and warranties of
various entities that are being made pursuant to the CP or CPS. For various entities that are being made pursuant to the CP or CPS. For
example, a CPS that serves as a contract may contain a CA's warranty example, a CPS that serves as a contract might contain a CA's
that information in the certificate is accurate. This subcomponent warranty that information contained in the certificate is accurate.
can also include requirements that representations and warranties Alternatively, a CPS might contain a less extensive warranty to the
appear in certain agreements, such as subscriber or relying party effect that the information in the certificate is true to the best
of the CA's knowledge after performing certain identity
authentication procedures with due diligence. This subcomponent can
also include requirements that representations and warranties appear
in certain agreements, such as subscriber or relying party
agreements. For instance, a CP may contain a requirement that all agreements. For instance, a CP may contain a requirement that all
CAs utilize a subscriber agreement, and that a subscriber agreement CAs utilize a subscriber agreement, and that a subscriber agreement
must contain a warranty by the CA that information in the must contain a warranty by the CA that information in the
certificate is accurate. certificate is accurate. Participants that may make representations
and warranties include CAs, RAs, subscribers, relying parties, and
Participants that may make representations and warranties include other participants.
CAs, RAs, subscribers, relying parties, and other participants.
4.9.7 Disclaimers of Warranties 4.9.7 Disclaimers of Warranties
This subcomponent can include disclaimers of express warranties that This subcomponent can include disclaimers of express warranties that
may otherwise be deemed to exist in an agreement, and disclaimers of may otherwise be deemed to exist in an agreement, and disclaimers of
implied warranties that may otherwise be imposed by applicable law, implied warranties that may otherwise be imposed by applicable law,
such as warranties of merchantability or fitness for a particular such as warranties of merchantability or fitness for a particular
purpose. The CP or CPS may impose such disclaimers, or the CP or purpose. The CP or CPS may directly impose such disclaimers, or the
CPS may contain a requirement that disclaimers appear in agreements, CP or CPS may contain a requirement that disclaimers appear in
such as subscriber or relying party agreements. associated agreements, such as subscriber or relying party agreements.
4.9.8 Limitations of Liability 4.9.8 Limitations of Liability
This subcomponent can include limitations of liability in a CP or This subcomponent can include limitations of liability in a CP or
CPS or limitations that appear or must appear in an agreement. CPS or limitations that appear or must appear in an agreement
These limitations may fall into one of two categories: limitations associated with the CP or CPS, such as a subscriber or relying party
on the elements of damages recoverable and limitations on the amount agreement. These limitations may fall into one of two categories:
of damages recoverable, also known as liability caps. Often, limitations on the elements of damages recoverable and limitations
contracts contain clauses preventing the recovery of elements of on the amount of damages recoverable, also known as liability caps.
damages such as incidental and consequential damages, and sometimes Often, contracts contain clauses preventing the recovery of elements
punitive damages. Frequently, contracts contain clauses that limit of damages such as incidental and consequential damages, and
the possible recovery of one party or the other to an amount certain sometimes punitive damages. Frequently, contracts contain clauses
or to an amount corresponding to a benchmark, such as the amount a that limit the possible recovery of one party or the other to an
vendor was paid under the contract. amount certain or to an amount corresponding to a benchmark, such as
the amount a vendor was paid under the contract.
4.9.9 Indemnities 4.9.9 Indemnities
This subcomponent includes provisions by which one party makes a This subcomponent includes provisions by which one party makes a
second party whole for losses or damage incurred by the second second party whole for losses or damage incurred by the second
party, typically arising out of the first party's conduct. They may party, typically arising out of the first party's conduct. They may
appear in a CP, CPS, or agreement. For example, a CP may require appear in a CP, CPS, or agreement. For example, a CP may require
that subscriber agreements contain a term under which a subscriber that subscriber agreements contain a term under which a subscriber
is responsible for indemnifying a CA for losses the CA sustains is responsible for indemnifying a CA for losses the CA sustains
arising out of a subscriber's fraudulent misrepresentations on the arising out of a subscriber's fraudulent misrepresentations on the
skipping to change at page 42, line 20 skipping to change at page 43, line 4
information or use of a certificate for purposes beyond what the CA information or use of a certificate for purposes beyond what the CA
permits. permits.
4.9.10 Term and Termination 4.9.10 Term and Termination
This subcomponent can include the time period in which a CP or a CPS This subcomponent can include the time period in which a CP or a CPS
remains in force and the circumstances under which the document, remains in force and the circumstances under which the document,
portions of the document, or its applicability to a particular portions of the document, or its applicability to a particular
participant can be terminated. In addition or alternatively, the CP participant can be terminated. In addition or alternatively, the CP
or CPS may include requirements that certain term and termination or CPS may include requirements that certain term and termination
clauses appear in agreements, such as subscriber or relying party clauses appear in agreements, such as subscriber or relying party
agreements. In particular, such terms include: agreements. In particular, such terms can include:
* The term of a document or agreement, that is, when the document * The term of a document or agreement, that is, when the document
becomes effective and when it expires if it is not terminated becomes effective and when it expires if it is not terminated
earlier. earlier.
* Termination provisions stating circumstances under which the * Termination provisions stating circumstances under which the
document, certain portions of it, or its application to a particular document, certain portions of it, or its application to a particular
participant ceases to remain in effect. participant ceases to remain in effect.
* Any consequences of termination of the document. For example, * Any consequences of termination of the document. For example,
skipping to change at page 45, line 26 skipping to change at page 46, line 4
1.3.5 Other participants 1.3.5 Other participants
1.4 Certificate usage 1.4 Certificate usage
1.4.1. Appropriate certificate uses 1.4.1. Appropriate certificate uses
1.4.2 Prohibited certificate uses 1.4.2 Prohibited certificate uses
1.5 Policy administration 1.5 Policy administration
1.5.1 Organization administering the document 1.5.1 Organization administering the document
1.5.2 Contact person 1.5.2 Contact person
1.5.3 Person determining CPS suitability for the policy 1.5.3 Person determining CPS suitability for the policy
1.5.4 CPS approval procedures 1.5.4 CPS approval procedures
1.6 Definitions and acronyms 1.6 Definitions and acronyms
2. PUBLICATION AND REPOSITORY RESPONSIBILITIES 2. PUBLICATION AND REPOSITORY RESPONSIBILITIES
2.1 Repositories 2.1 Repositories
2.2 Publication of certification information 2.2 Publication of certification information
2.3 Time or frequency of publication 2.3 Time or frequency of publication
2.4 Access controls on repositories 2.4 Access controls on repositories
3. IDENTIFICATION AND AUTHENTICATION (10) 3. IDENTIFICATION AND AUTHENTICATION (11)
3.1 Naming 3.1 Naming
3.1.1 Types of names 3.1.1 Types of names
3.1.2 Need for names to be meaningful 3.1.2 Need for names to be meaningful
3.1.3 Anonymity of subscribers 3.1.3 Anonymity or pseudonymity of subscribers
3.1.4 Rules for interpreting various name forms 3.1.4 Rules for interpreting various name forms
3.1.5 Uniqueness of names 3.1.5 Uniqueness of names
3.1.5 Recognition, authentication, and role of trademarks 3.1.6 Recognition, authentication, and role of trademarks
3.2 Initial identity validation 3.2 Initial identity validation
3.2.1 Method to prove possession of private key 3.2.1 Method to prove possession of private key
3.2.2 Authentication of organization identity 3.2.2 Authentication of organization identity
3.2.3 Authentication of individual identity 3.2.3 Authentication of individual identity
3.2.4 Non-verified subscriber information 3.2.4 Non-verified subscriber information
3.2.5 Validation of authority 3.2.5 Validation of authority
3.2.6 Criteria for interoperation 3.2.6 Criteria for interoperation
3.3 Identification and authentication for re-key requests 3.3 Identification and authentication for re-key requests
3.3.1 Identification and authentication for routine re-key 3.3.1 Identification and authentication for routine re-key
3.3.2 Identification and authentication for re-key after revocation 3.3.2 Identification and authentication for re-key after revocation
3.4 Identification and authentication for revocation request 3.4 Identification and authentication for revocation request
4. CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS (10) 4. CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS (11)
4.1 Certificate Application 4.1 Certificate Application
4.1.1 Who can submit a certificate application 4.1.1 Who can submit a certificate application
4.1.2 Enrollment process and responsibilities 4.1.2 Enrollment process and responsibilities
4.2 Certificate application processing 4.2 Certificate application processing
4.2.1 Performing identification and authentication functions 4.2.1 Performing identification and authentication functions
4.2.2 Approval or rejection of certificate applications 4.2.2 Approval or rejection of certificate applications
4.2.3 Time to process certificate applications 4.2.3 Time to process certificate applications
skipping to change at page 47, line 30 skipping to change at page 48, line 4
4.9.6 Revocation checking requirement for relying parties 4.9.6 Revocation checking requirement for relying parties
4.9.7 CRL issuance frequency (if applicable) 4.9.7 CRL issuance frequency (if applicable)
4.9.8 Maximum latency for CRLs (if applicable) 4.9.8 Maximum latency for CRLs (if applicable)
4.9.9 On-line revocation/status checking availability 4.9.9 On-line revocation/status checking availability
4.9.10 On-line revocation checking requirements 4.9.10 On-line revocation checking requirements
4.9.11 Other forms of revocation advertisements available 4.9.11 Other forms of revocation advertisements available
4.9.12 Special requirements re key compromise 4.9.12 Special requirements re key compromise
4.9.13 Circumstances for suspension 4.9.13 Circumstances for suspension
4.9.14 Who can request suspension 4.9.14 Who can request suspension
4.9.15 Procedure for suspension request 4.9.15 Procedure for suspension request
4.9.16 Limits on suspension period 4.9.16 Limits on suspension period
4.10 Certificate status services 4.10 Certificate status services
4.10.1 Operational characteristics 4.10.1 Operational characteristics
4.10.2 Service availability 4.10.2 Service availability
4.10.3 Optional features 4.10.3 Optional features
4.11 End of subscription 4.11 End of subscription
4.12 Key escrow and recovery 4.12 Key escrow and recovery
4.12.1 Key escrow and recovery policy and practices 4.12.1 Key escrow and recovery policy and practices
4.12.2 Session key encapsulation and recovery policy and practices 4.12.2 Session key encapsulation and recovery policy and practices
5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS (10) 5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS (11)
5.1 Physical controls 5.1 Physical controls
5.1.1 Site location and construction 5.1.1 Site location and construction
5.1.2 Physical access 5.1.2 Physical access
5.1.3 Power and air conditioning 5.1.3 Power and air conditioning
5.1.4 Water exposures 5.1.4 Water exposures
5.1.5 Fire prevention and protection 5.1.5 Fire prevention and protection
5.1.6 Media storage 5.1.6 Media storage
5.1.7 Waste disposal 5.1.7 Waste disposal
5.1.8 Off-site backup 5.1.8 Off-site backup
skipping to change at page 48, line 32 skipping to change at page 49, line 4
5.4.4 Protection of audit log 5.4.4 Protection of audit log
5.4.5 Audit log backup procedures 5.4.5 Audit log backup procedures
5.4.6 Audit collection system (internal vs. external) 5.4.6 Audit collection system (internal vs. external)
5.4.7 Notification to event-causing subject 5.4.7 Notification to event-causing subject
5.4.8 Vulnerability assessments 5.4.8 Vulnerability assessments
5.5 Records archival 5.5 Records archival
5.5.1 Types of records archived 5.5.1 Types of records archived
5.5.2 Retention period for archive 5.5.2 Retention period for archive
5.5.3 Protection of archive 5.5.3 Protection of archive
5.5.4 Archive backup procedures 5.5.4 Archive backup procedures
5.5.5 Requirements for time-stamping of records 5.5.5 Requirements for time-stamping of records
5.5.6 Archive collection system (internal or external) 5.5.6 Archive collection system (internal or external)
5.5.7 Procedures to obtain and verify archive information 5.5.7 Procedures to obtain and verify archive information
5.6 Key changeover 5.6 Key changeover
5.7 Compromise and disaster recovery 5.7 Compromise and disaster recovery
5.7.1 Incident and compromise handling procedures 5.7.1 Incident and compromise handling procedures
5.7.2 Computing resources, software, and/or data are corrupted 5.7.2 Computing resources, software, and/or data are corrupted
5.7.3 Entity private key compromise procedures 5.7.3 Entity private key compromise procedures
5.7.4 Business continuity capabilities after a disaster 5.7.4 Business continuity capabilities after a disaster
5.8 CA or RA termination 5.8 CA or RA termination
6. TECHNICAL SECURITY CONTROLS (10) 6. TECHNICAL SECURITY CONTROLS (11)
6.1 Key pair generation and installation 6.1 Key pair generation and installation
6.1.1 Key pair generation 6.1.1 Key pair generation
6.1.2 Private key delivery to subscriber 6.1.2 Private key delivery to subscriber
6.1.3 Public key delivery to certificate issuer 6.1.3 Public key delivery to certificate issuer
6.1.4 CA public key delivery to relying parties 6.1.4 CA public key delivery to relying parties
6.1.5 Key sizes 6.1.5 Key sizes
6.1.6 Public key parameters generation and quality checking 6.1.6 Public key parameters generation and quality checking
6.1.7 Key usage purposes (as per X.509 v3 key usage field) 6.1.7 Key usage purposes (as per X.509 v3 key usage field)
6.2 Private Key Protection and Cryptographic Module Engineering 6.2 Private Key Protection and Cryptographic Module Engineering
Controls Controls
6.2.1 Cryptographic module standards and controls 6.2.1 Cryptographic module standards and controls
6.2.2 Private key (n out of m) multi-person control 6.2.2 Private key (n out of m) multi-person control
6.2.3 Private key escrow 6.2.3 Private key escrow
6.2.4 Private key backup 6.2.4 Private key backup
6.2.5 Private key archival 6.2.5 Private key archival
6.2.6 Private key transfer into or from a cryptographic module 6.2.6 Private key transfer into or from a cryptographic module
6.2.7 Private key storage on cryptographic module 6.2.7 Private key storage on cryptographic module
skipping to change at page 52, line 30 skipping to change at page 53, line 8
[PKI1] R. Housley, W. Ford, W. Polk, D. Solo, "Internet X.509 Public [PKI1] R. Housley, W. Ford, W. Polk, D. Solo, "Internet X.509 Public
Key Infrastructure, Certificate and CRL Profile," RFC 2459 1998. Key Infrastructure, Certificate and CRL Profile," RFC 2459 1998.
[CPF] S. Chokhani and W. Ford, "Internet X.509 Public Key [CPF] S. Chokhani and W. Ford, "Internet X.509 Public Key
Infrastructure, Certificate Policy and Certification Practices Infrastructure, Certificate Policy and Certification Practices
Statement Framework," RFC 2527, April 1998. Statement Framework," RFC 2527, April 1998.
8. AUTHORS' ADDRESSES 8. AUTHORS' ADDRESSES
Santosh Chokhani Santosh Chokhani
CygnaCom Solutions, Inc. CygnaCom Solutions, Inc., an Entrust company
an Entrust company
7927 Jones Branch Drive, Suite 100 West 7927 Jones Branch Drive, Suite 100 West
McLean, VA 22102 McLean, VA 22102
Phone: (703) 270-3520 Phone: (703) 270-3520
Fax: (703) 848-0960 Fax: (703) 848-0960
EMail: chokhani@cygnacom.com EMail: chokhani@cygnacom.com
Warwick Ford Warwick Ford
VeriSign, Inc. VeriSign, Inc.
301 Edgewater Place, Suite 210 401 Edgewater Place, Suite 280
Wakefield, MA 01880 Wakefield, MA 01880
Phone: (781) 245-6996 x225 Phone: (781) 245-6996 x225
Fax: (781) 245-6006 Fax: (781) 245-6006
EMail: wford@verisign.com EMail: wford@verisign.com
Randy V. Sabett Randy V. Sabett, J.D., CISSP
Cooley Godward LLP Cooley Godward LLP
One Freedom Square, Reston Town Center One Freedom Square, Reston Town Center
11951 Freedom Drive 11951 Freedom Drive
Reston, VA 20190-5601 Reston, VA 20190-5601
Phone: (703) 456-8137 Phone: (703) 456-8137
Fax: (703) 456-8100 Fax: (703) 456-8100
EMail: rsabett@cooley.com EMail: rsabett@cooley.com
Charles (Chas) R. Merrill Charles (Chas) R. Merrill
McCarter & English, LLP McCarter & English, LLP
Four Gateway Center Four Gateway Center
100 Mulberry Street 100 Mulberry Street
Newark, New Jersey 07101-0652 Newark, New Jersey 07101-0652
Phone: (973) 622-4444 Phone: (973) 622-4444
Fax: (973) 624-7070 Fax: (973) 624-7070
EMail: cmerrill@concentric.net EMail: cmerrill@concentric.net
Stephen S. Wu Stephen S. Wu
VeriSign, Inc. Infoliance, Inc.
487 East Middlefield Road 101 First St. # 725
Mountain View, CA 94043 Los Altos, CA 94022
Phone: (650) 426-3568 Phone: (650) 917-8045
Fax: (650) 426-5113 Fax: (650) 618-1454
EMail: swu@verisign.com EMail: swu@infoliance.com
NOTES NOTES
1 A paper copy of the ABA Digital Signature Guidelines can be 1 A paper copy of the ABA Digital Signature Guidelines can be
purchased from the ABA. See http://www.abanet.com for ordering purchased from the ABA. See http://www.abanet.com for ordering
details. The DSG may also be downloaded without charge from the ABA details. The DSG may also be downloaded without charge from the ABA
website at website at
http://www.abanet.org/scitech/ec/isc/digital_signature.html. http://www.abanet.org/scitech/ec/isc/digital_signature.html.
2 A draft of the PKI Assessment Guidelines may be downloaded 2 A draft of the PKI Assessment Guidelines may be downloaded
without charge from the ABA website at without charge from the ABA website at
skipping to change at page 53, line 43 skipping to change at page 54, line 20
4 The subject may not need to prove to the CA that the subject has 4 The subject may not need to prove to the CA that the subject has
possession of the private key corresponding to the public key being possession of the private key corresponding to the public key being
registered if the CA generates the subject's key pair on the registered if the CA generates the subject's key pair on the
subject's behalf. subject's behalf.
5 Examples of means to identify and authenticate individuals include 5 Examples of means to identify and authenticate individuals include
biometric means (such as thumb print, ten finger print, and scan of biometric means (such as thumb print, ten finger print, and scan of
the face, palm, or retina), a driver's license, a credit card, a the face, palm, or retina), a driver's license, a credit card, a
company badge, and a government badge. company badge, and a government badge.
6 The n out of m rule allows a private key to be split in m parts. 6 Certificate "modification" does not refer to making a change to an
existing certificate, since this would prevent the verification of
any digital signatures on the certificate and cause the certificate
to be invalid. Rather, the concept of "modification" refers to a
situation where the information referred to in the certificate has
changed or should be changed, and the CA issues a new certificate
containing the modified information. One example is a subscriber
that changes his or her name, which would necessitate the issuance
of a new certificate containing the new name.
7 The n out of m rule allows a private key to be split in m parts.
The m parts may be given to m different individuals. Any n parts The m parts may be given to m different individuals. Any n parts
out of the m parts may be used to fully reconstitute the private out of the m parts may be used to fully reconstitute the private
key, but having any n-1 parts provides one with no information about key, but having any n-1 parts provides one with no information about
the private key. the private key.
7 A private key may be escrowed, backed up, or archived. Each of 8 A private key may be escrowed, backed up, or archived. Each of
these functions has a different purpose. Thus, a private key may go these functions has a different purpose. Thus, a private key may go
through any subset of these functions depending on the requirements. through any subset of these functions depending on the requirements.
The purpose of escrow is to allow a third party (such as an The purpose of escrow is to allow a third party (such as an
organization or government) to obtain the private key without the organization or government) to obtain the private key without the
cooperation of the subscriber. The purpose of back up is to allow cooperation of the subscriber. The purpose of back up is to allow
the subscriber to reconstitute the key in case of the destruction or the subscriber to reconstitute the key in case of the destruction or
corruption of the key for business continuity purposes. The corruption of the key for business continuity purposes. The
purpose of archive is to provide for reuse of the private key in purpose of archive is to provide for reuse of the private key in
future, e.g., use to decrypt a document. future, e.g., use to decrypt a document.
8 WebTrust refers to the "WebTrust Program for Certification 9 WebTrust refers to the "WebTrust Program for Certification
Authorities," from the American Institute of Certified Public Authorities," from the American Institute of Certified Public
Accountants, Inc., and the Canadian Institute of Chartered Accountants, Inc., and the Canadian Institute of Chartered
Accountants. Accountants.
9 See <http://www.aicpa.org>. 10 See <http://www.aicpa.org>.
10 All or some of the following items may be different for the 11 All or some of the following items may be different for the
various types of entities, i.e., CA, RA, and end entities. various types of entities, i.e., CA, RA, and end entities.
LIST OF ACRONYMS LIST OF ACRONYMS
ABA - American Bar Association ABA - American Bar Association
CA - Certification Authority CA - Certification Authority
CPS - Certification Practice Statement CPS - Certification Practice Statement
CRL - Certificate Revocation List CRL - Certificate Revocation List
DAM - Draft Amendment DAM - Draft Amendment
FIPS - Federal Information Processing Standard FIPS - Federal Information Processing Standard
I&A - Identification and Authentication I&A - Identification and Authentication
IEC - International Electrotechnical Commission IEC - International Electrotechnical Commission
IETF - Internet Engineering Task Force IETF - Internet Engineering Task Force
IP - Internet Protocol IP - Internet Protocol
ISO - International Organization for Standardization ISO - International Organization for Standardization
ITU - International Telecommunications Union ITU - International Telecommunications Union
NIST - National Institute of Standards and Technology NIST - National Institute of Standards and Technology
OID - Object Identifier OID - Object Identifier
PIN - Personal Identification Number PIN - Personal Identification Number
PKI - Public Key Infrastructure PKI - Public Key Infrastructure
PKIX - Public Key Infrastructure (X.509) (IETF Working Group) PKIX - Public Key Infrastructure (X.509) (IETF Working Group)
RA - Registration Authority RA - Registration Authority
RFC - Request For Comment RFC - Request For Comment
URL - Uniform Resource Locator URL - Uniform Resource Locator
US - United States US - United States
< draft-ietf-pkix-ipki-new-rfc2527-00.txt > < draft-ietf-pkix-ipki-new-rfc2527-01.txt >
Expires in six months from July 12, 2001 Expires in six months from January 3, 2002
 End of changes. 93 change blocks. 
154 lines changed or deleted 249 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/