summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc3647.txt
diff options
context:
space:
mode:
Diffstat (limited to 'doc/rfc/rfc3647.txt')
-rw-r--r--doc/rfc/rfc3647.txt5267
1 files changed, 5267 insertions, 0 deletions
diff --git a/doc/rfc/rfc3647.txt b/doc/rfc/rfc3647.txt
new file mode 100644
index 0000000..1030998
--- /dev/null
+++ b/doc/rfc/rfc3647.txt
@@ -0,0 +1,5267 @@
+
+
+
+
+
+
+Network Working Group S. Chokhani
+Request for Comments: 3647 Orion Security Solutions, Inc.
+Obsoletes: 2527 W. Ford
+Category: Informational VeriSign, Inc.
+ R. Sabett
+ Cooley Godward LLP
+ C. Merrill
+ McCarter & English, LLP
+ S. Wu
+ Infoliance, Inc.
+ November 2003
+
+
+ Internet X.509 Public Key Infrastructure
+ Certificate Policy and Certification Practices Framework
+
+Status of this Memo
+
+ This memo provides information for the Internet community. It does
+ not specify an Internet standard of any kind. Distribution of this
+ memo is unlimited.
+
+Copyright Notice
+
+ Copyright (C) The Internet Society (2003). All Rights Reserved.
+
+Abstract
+
+ This document presents a framework to assist the writers of
+ certificate policies or certification practice statements for
+ participants within public key infrastructures, such as certification
+ authorities, policy authorities, and communities of interest that
+ wish to rely on certificates. In particular, the framework provides
+ a comprehensive list of topics that potentially (at the writer's
+ discretion) need to be covered in a certificate policy or a
+ certification practice statement. This document supersedes RFC 2527.
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4
+ 1.1. Background . . . . . . . . . . . . . . . . . . . . . . . 4
+ 1.2. Purpose. . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 1.3. Scope. . . . . . . . . . . . . . . . . . . . . . . . . . 6
+ 2. Definitions. . . . . . . . . . . . . . . . . . . . . . . . . . 6
+ 3. Concepts . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
+ 3.1. Certificate Policy . . . . . . . . . . . . . . . . . . . 9
+ 3.2. Certificate Policy Examples. . . . . . . . . . . . . . . 11
+ 3.3. X.509 Certificate Fields . . . . . . . . . . . . . . . . 12
+
+
+
+Chokhani, et al. Informational [Page 1]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 3.3.1. Certificate Policies Extension . . . . . . . . . 12
+ 3.3.2. Policy Mappings Extension. . . . . . . . . . . . 13
+ 3.3.3. Policy Constraints Extension . . . . . . . . . . 13
+ 3.3.4. Policy Qualifiers. . . . . . . . . . . . . . . . 14
+ 3.4. Certification Practice Statement . . . . . . . . . . . . 15
+ 3.5. Relationship Between CP and CPS. . . . . . . . . . . . . 16
+ 3.6. Relationship Among CPs, CPSs, Agreements, and
+ Other Documents. . . . . . . . . . . . . . . . . . . . . 17
+ 3.7. Set of Provisions. . . . . . . . . . . . . . . . . . . . 20
+ 4. Contents of a Set of Provisions. . . . . . . . . . . . . . . . 21
+ 4.1. Introduction . . . . . . . . . . . . . . . . . . . . . . 22
+ 4.1.1. Overview . . . . . . . . . . . . . . . . . . . . 22
+ 4.1.2. Document Name and Identification . . . . . . . . 22
+ 4.1.3. PKI Participants . . . . . . . . . . . . . . . . 23
+ 4.1.4. Certificate Usage. . . . . . . . . . . . . . . . 24
+ 4.1.5. Policy Administration. . . . . . . . . . . . . . 24
+ 4.1.6. Definitions and Acronyms . . . . . . . . . . . . 24
+ 4.2. Publication and Repository Responsibilities. . . . . . . 25
+ 4.3. Identification and Authentication (I&A). . . . . . . . . 25
+ 4.3.1. Naming . . . . . . . . . . . . . . . . . . . . . 25
+ 4.3.2. Initial Identity Validation. . . . . . . . . . . 26
+ 4.3.3. I&A for Re-key Requests. . . . . . . . . . . . . 27
+ 4.3.4. I&A for Revocation Requests. . . . . . . . . . . 27
+ 4.4. Certificate Life-Cycle Operational Requirements. . . . . 27
+ 4.4.1. Certificate Application. . . . . . . . . . . . . 28
+ 4.4.2. Certificate Application Processing . . . . . . . 28
+ 4.4.3. Certificate Issuance . . . . . . . . . . . . . . 28
+ 4.4.4. Certificate Acceptance . . . . . . . . . . . . . 29
+ 4.4.5. Key Pair and Certificate Usage . . . . . . . . . 29
+ 4.4.6. Certificate Renewal. . . . . . . . . . . . . . . 30
+ 4.4.7. Certificate Re-key . . . . . . . . . . . . . . . 30
+ 4.4.8. Certificate Modification . . . . . . . . . . . . 31
+ 4.4.9. Certificate Revocation and Suspension. . . . . . 31
+ 4.4.10. Certificate Status Services. . . . . . . . . . . 33
+ 4.4.11. End of Subscription. . . . . . . . . . . . . . . 33
+ 4.4.12. Key Escrow and Recovery. . . . . . . . . . . . . 33
+ 4.5. Facility, Management, and Operational Controls . . . . . 33
+ 4.5.1. Physical Security Controls . . . . . . . . . . . 34
+ 4.5.2. Procedural Controls. . . . . . . . . . . . . . . 35
+ 4.5.3. Personnel Controls . . . . . . . . . . . . . . . 35
+ 4.5.4. Audit Logging Procedures . . . . . . . . . . . . 36
+ 4.5.5. Records Archival . . . . . . . . . . . . . . . . 37
+ 4.5.6. Key Changeover . . . . . . . . . . . . . . . . . 38
+ 4.5.7. Compromise and Disaster Recovery . . . . . . . . 38
+ 4.5.8. CA or RA Termination . . . . . . . . . . . . . . 38
+ 4.6. Technical Security Controls. . . . . . . . . . . . . . . 39
+ 4.6.1. Key Pair Generation and Installation . . . . . . 39
+ 4.6.2. Private Key Protection and Cryptographic
+
+
+
+Chokhani, et al. Informational [Page 2]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ Module Engineering Controls. . . . . . . . . . . 40
+ 4.6.3. Other Aspects of Key Pair Management . . . . . . 42
+ 4.6.4. Activation Data. . . . . . . . . . . . . . . . . 42
+ 4.6.5. Computer Security Controls . . . . . . . . . . . 42
+ 4.6.6. Life Cycle Security Controls . . . . . . . . . . 43
+ 4.6.7. Network Security Controls. . . . . . . . . . . . 43
+ 4.6.8. Timestamping . . . . . . . . . . . . . . . . . . 43
+ 4.7. Certificate, CRL, and OCSP Profiles. . . . . . . . . . . 44
+ 4.7.1. Certificate Profile. . . . . . . . . . . . . . . 44
+ 4.7.2. CRL Profile. . . . . . . . . . . . . . . . . . . 44
+ 4.7.3. OCSP Profile . . . . . . . . . . . . . . . . . . 44
+ 4.8. Compliance Audit and Other Assessment. . . . . . . . . . 45
+ 4.9. Other Business and Legal Matters . . . . . . . . . . . . 45
+ 4.9.1. Fees . . . . . . . . . . . . . . . . . . . . . . 46
+ 4.9.2. Financial Responsibility . . . . . . . . . . . . 47
+ 4.9.3. Confidentiality of Business Information. . . . . 47
+ 4.9.4. Privacy of Personal Information. . . . . . . . . 48
+ 4.9.5. Intellectual Property Rights . . . . . . . . . . 48
+ 4.9.6. Representations and Warranties . . . . . . . . . 48
+ 4.9.7. Disclaimers of Warranties. . . . . . . . . . . . 49
+ 4.9.8. Limitations of Liability . . . . . . . . . . . . 49
+ 4.9.9. Indemnities. . . . . . . . . . . . . . . . . . . 49
+ 4.9.10. Term and Termination . . . . . . . . . . . . . . 50
+ 4.9.11. Individual notices and communications
+ with participants. . . . . . . . . . . . . . . . 50
+ 4.9.12. Amendments . . . . . . . . . . . . . . . . . . . 50
+ 4.9.13. Dispute Resolution Procedures. . . . . . . . . . 51
+ 4.9.14. Governing Law. . . . . . . . . . . . . . . . . . 51
+ 4.9.15. Compliance with Applicable Law . . . . . . . . . 51
+ 4.9.16. Miscellaneous Provisions . . . . . . . . . . . . 51
+ 4.9.17. Other Provisions . . . . . . . . . . . . . . . . 53
+ 5. Security Considerations. . . . . . . . . . . . . . . . . . . . 53
+ 6. Outline of a Set of Provisions . . . . . . . . . . . . . . . . 53
+ 7. Comparison to RFC 2527 . . . . . . . . . . . . . . . . . . . . 60
+ 8. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 88
+ 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 88
+ 10. Notes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
+ 12. List of Acronyms . . . . . . . . . . . . . . . . . . . . . . . 91
+ 13. Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 92
+ 14. Full Copyright Statement . . . . . . . . . . . . . . . . . . . 94
+
+
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 3]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+1. Introduction
+
+1.1. Background
+
+ In general, a public-key certificate (hereinafter "certificate")
+ binds a public key held by an entity (such as person, organization,
+ account, device, or site) to a set of information that identifies the
+ entity associated with use of the corresponding private key. In most
+ cases involving identity certificates, this entity is known as the
+ "subject" or "subscriber" of the certificate. Two exceptions,
+ however, include devices (in which the subscriber is usually the
+ individual or organization controlling the device) and anonymous
+ certificates (in which the identity of the individual or organization
+ is not available from the certificate itself). Other types of
+ certificates bind public keys to attributes of an entity other than
+ the entity's identity, such as a role, a title, or creditworthiness
+ information.
+
+ A certificate is used by a "certificate user" or "relying party" that
+ needs to use, and rely upon the accuracy of, the binding between the
+ subject public key distributed via that certificate and the identity
+ and/or other attributes of the subject contained in that certificate.
+ A relying party is frequently an entity that verifies a digital
+ signature from the certificate's subject where the digital signature
+ is associated with an email, web form, electronic document, or other
+ data. Other examples of relying parties can include a sender of
+ encrypted email to the subscriber, a user of a web browser relying on
+ a server certificate during a secure sockets layer (SSL) session, and
+ an entity operating a server that controls access to online
+ information using client certificates as an access control mechanism.
+ In summary, a relying party is an entity that uses a public key in a
+ certificate (for signature verification and/or encryption). The
+ degree to which a relying party can trust the binding embodied in a
+ certificate depends on several factors. These factors can include
+ the practices followed by the certification authority (CA) in
+ authenticating the subject; the CA's operating policy, procedures,
+ and security controls; the scope of the subscriber's responsibilities
+ (for example, in protecting the private key); and the stated
+ responsibilities and liability terms and conditions of the CA (for
+ example, warranties, disclaimers of warranties, and limitations of
+ liability).
+
+ A Version 3 X.509 certificate may contain a field declaring that one
+ or more specific certificate policies apply to that certificate
+ [ISO1]. According to X.509, a certificate policy (CP) is "a named
+ set of rules that indicates the applicability of a certificate to a
+ particular community and/or class of applications with common
+ security requirements." A CP may be used by a relying party to help
+
+
+
+Chokhani, et al. Informational [Page 4]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ in deciding whether a certificate, and the binding therein, are
+ sufficiently trustworthy and otherwise appropriate for a particular
+ application. The CP concept is an outgrowth of the policy statement
+ concept developed for Internet Privacy Enhanced Mail [PEM1] and
+ expanded upon in [BAU1]. The legal and liability aspects presented
+ in Section 4.9 are outcomes of a collaborative effort between IETF
+ PKIX working group and the American Bar Association (ABA) members who
+ have worked on legal acceptance of digital signature and role of PKI
+ in that acceptance.
+
+ A more detailed description of the practices followed by a CA in
+ issuing and otherwise managing certificates may be contained in a
+ certification practice statement (CPS) published by or referenced by
+ the CA. According to the American Bar Association Information
+ Security Committee's Digital Signature Guidelines (hereinafter
+ "DSG")(1) and the Information Security Committee's PKI Assessment
+ Guidelines (hereinafter "PAG")(2), "a CPS is a statement of the
+ practices which a certification authority employs in issuing
+ certificates." [ABA1, ABA2] In general, CPSs also describe practices
+ relating to all certificate lifecycle services (e.g., issuance,
+ management, revocation, and renewal or re-keying), and CPSs provide
+ details concerning other business, legal, and technical matters. The
+ terms contained in a CP or CPS may or may not be binding upon a PKI's
+ participants as a contract. A CP or CPS may itself purport to be a
+ contract. More commonly, however, an agreement may incorporate a CP
+ or CPS by reference and therefore attempt to bind the parties of the
+ agreement to some or all of its terms. For example, some PKIs may
+ utilize a CP or (more commonly) a CPS that is incorporated by
+ reference in the agreement between a subscriber and a CA or RA
+ (called a "subscriber agreement") or the agreement between a relying
+ party and a CA (called a "relying party agreement" or "RPA"). In
+ other cases, however, a CP or CPS has no contractual significance at
+ all. A PKI may intend these CPs and CPSs to be strictly
+ informational or disclosure documents.
+
+1.2. Purpose
+
+ The purpose of this document is twofold. First, the document aims to
+ explain the concepts of a CP and a CPS, describe the differences
+ between these two concepts, and describe their relationship to
+ subscriber and relying party agreements. Second, this document aims
+ to present a framework to assist the writers and users of certificate
+ policies or CPSs in drafting and understanding these documents. In
+ particular, the framework identifies the elements that may need to be
+ considered in formulating a CP or a CPS. The purpose is not to
+ define particular certificate policies or CPSs, per se. Moreover,
+ this document does not aim to provide legal advice or recommendations
+
+
+
+
+Chokhani, et al. Informational [Page 5]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ as to particular requirements or practices that should be contained
+ within CPs or CPSs. (Such recommendations, however, appear in
+ [ABA2].)
+
+1.3. Scope
+
+ The scope of this document is limited to discussion of the topics
+ that can be covered in a CP (as defined in X.509) or CPS (as defined
+ in the DSG and PAG). In particular, this document describes the
+ types of information that should be considered for inclusion in a CP
+ or a CPS. While the framework as presented generally assumes use of
+ the X.509 version 3 certificate format for the purpose of providing
+ assurances of identity, it is not intended that the material be
+ restricted to use of that certificate format or identity
+ certificates. Rather, it is intended that this framework be
+ adaptable to other certificate formats and to certificates providing
+ assurances other than identity that may come into use.
+
+ The scope does not extend to defining security policies generally
+ (such as organization security policy, system security policy, or
+ data labeling policy). Further, this document does not define a
+ specific CP or CPS. Moreover, in presenting a framework, this
+ document should be viewed and used as a flexible tool presenting
+ topics that should be considered of particular relevance to CPs or
+ CPSs, and not as a rigid formula for producing CPs or CPSs.
+
+ This document assumes that the reader is familiar with the general
+ concepts of digital signatures, certificates, and public-key
+ infrastructure (PKI), as used in X.509, the DSG, and the PAG.
+
+2. Definitions
+
+ This document makes use of the following defined terms:
+
+ Activation data - Data values, other than keys, that are required to
+ operate cryptographic modules and that need to be protected (e.g., a
+ PIN, a passphrase, or a manually-held key share).
+
+ Authentication - The process of establishing that individuals,
+ organizations, or things are who or what they claim to be. In the
+ context of a PKI, authentication can be the process of establishing
+ that an individual or organization applying for or seeking access to
+ something under a certain name is, in fact, the proper individual or
+ organization. This corresponds to the second process involved with
+ identification, as shown in the definition of "identification" below.
+ Authentication can also refer to a security service that provides
+ assurances that individuals, organizations, or things are who or what
+
+
+
+
+Chokhani, et al. Informational [Page 6]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ they claim to be or that a message or other data originated from a
+ specific individual, organization, or device. Thus, it is said that
+ a digital signature of a message authenticates the message's sender.
+
+ CA-certificate - A certificate for one CA's public key issued by
+ another CA.
+
+ Certificate policy (CP) - A named set of rules that indicates the
+ applicability of a certificate to a particular community and/or class
+ of application with common security requirements. For example, a
+ particular CP might indicate applicability of a type of certificate
+ to the authentication of parties engaging in business-to-business
+ transactions for the trading of goods or services within a given
+ price range.
+
+ Certification path - An ordered sequence of certificates that,
+ together with the public key of the initial object in the path, can
+ be processed to obtain that of the final object in the path.
+
+ Certification Practice Statement (CPS) - A statement of the practices
+ that a certification authority employs in issuing, managing,
+ revoking, and renewing or re-keying certificates.
+
+ CPS Summary (or CPS Abstract) - A subset of the provisions of a
+ complete CPS that is made public by a CA.
+
+ Identification - The process of establishing the identity of an
+ individual or organization, i.e., to show that an individual or
+ organization is a specific individual or organization. In the
+ context of a PKI, identification refers to two processes:
+
+ (1) establishing that a given name of an individual or organization
+ corresponds to a real-world identity of an individual or
+ organization, and
+
+ (2) establishing that an individual or organization applying for or
+ seeking access to something under that name is, in fact, the
+ named individual or organization. A person seeking
+ identification may be a certificate applicant, an applicant for
+ employment in a trusted position within a PKI participant, or a
+ person seeking access to a network or software application, such
+ as a CA administrator seeking access to CA systems.
+
+ Issuing certification authority (issuing CA) - In the context of a
+ particular certificate, the issuing CA is the CA that issued the
+ certificate (see also Subject certification authority).
+
+
+
+
+
+Chokhani, et al. Informational [Page 7]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ Participant - An individual or organization that plays a role within
+ a given PKI as a subscriber, relying party, CA, RA, certificate
+ manufacturing authority, repository service provider, or similar
+ entity.
+
+ PKI Disclosure Statement (PDS) - An instrument that supplements a CP
+ or CPS by disclosing critical information about the policies and
+ practices of a CA/PKI. A PDS is a vehicle for disclosing and
+ emphasizing information normally covered in detail by associated CP
+ and/or CPS documents. Consequently, a PDS is not intended to replace
+ a CP or CPS.
+
+ Policy qualifier - Policy-dependent information that may accompany a
+ CP identifier in an X.509 certificate. Such information can include
+ a pointer to the URL of the applicable CPS or relying party
+ agreement. It may also include text (or number causing the
+ appearance of text) that contains terms of the use of the certificate
+ or other legal information.
+
+ Registration authority (RA) - An entity that is responsible for one
+ or more of the following functions: the identification and
+ authentication of certificate applicants, the approval or rejection
+ of certificate applications, initiating certificate revocations or
+ suspensions under certain circumstances, processing subscriber
+ requests to revoke or suspend their certificates, and approving or
+ rejecting requests by subscribers to renew or re-key their
+ certificates. RAs, however, do not sign or issue certificates (i.e.,
+ an RA is delegated certain tasks on behalf of a CA). [Note: The term
+ Local Registration Authority (LRA) is sometimes used in other
+ documents for the same concept.]
+
+ Relying party - A recipient of a certificate who acts in reliance on
+ that certificate and/or any digital signatures verified using that
+ certificate. In this document, the terms "certificate user" and
+ "relying party" are used interchangeably.
+
+ Relying party agreement (RPA) - An agreement between a certification
+ authority and relying party that typically establishes the rights and
+ responsibilities between those parties regarding the verification of
+ digital signatures or other uses of certificates.
+
+ Set of provisions - A collection of practice and/or policy
+ statements, spanning a range of standard topics, for use in
+ expressing a CP or CPS employing the approach described in this
+ framework.
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 8]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ Subject certification authority (subject CA) - In the context of a
+ particular CA-certificate, the subject CA is the CA whose public key
+ is certified in the certificate (see also Issuing certification
+ authority).
+
+ Subscriber - A subject of a certificate who is issued a certificate.
+
+ Subscriber Agreement - An agreement between a CA and a subscriber
+ that establishes the right and responsibilities of the parties
+ regarding the issuance and management of certificates.
+
+ Validation - The process of identification of certificate applicants.
+ "Validation" is a subset of "identification" and refers to
+ identification in the context of establishing the identity of
+ certificate applicants.
+
+3. Concepts
+
+ This section explains the concepts of CP and CPS, and describes their
+ relationship with other PKI documents, such as subscriber agreements
+ and relying party agreements. Other related concepts are also
+ described. Some of the material covered in this section and in some
+ other sections is specific to certificate policies extensions as
+ defined X.509 version 3. Except for those sections, this framework
+ is intended to be adaptable to other certificate formats that may
+ come into use.
+
+3.1. Certificate Policy
+
+ When a certification authority issues a certificate, it is providing
+ a statement to a certificate user (i.e., a relying party) that a
+ particular public key is bound to the identity and/or other
+ attributes of a particular entity (the certificate subject, which is
+ usually also the subscriber). The extent to which the relying party
+ should rely on that statement by the CA, however, needs to be
+ assessed by the relying party or entity controlling or coordinating
+ the way relying parties or relying party applications use
+ certificates. Different certificates are issued following different
+ practices and procedures, and may be suitable for different
+ applications and/or purposes.
+
+ The X.509 standard defines a CP as "a named set of rules that
+ indicates the applicability of a certificate to a particular
+ community and/or class of application with common security
+ requirements" [ISO1]. An X.509 Version 3 certificate may identify a
+ specific applicable CP, which may be used by a relying party to
+
+
+
+
+
+Chokhani, et al. Informational [Page 9]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ decide whether or not to trust a certificate, associated public key,
+ or any digital signatures verified using the public key for a
+ particular purpose.
+
+ CPs typically fall into two major categories. First, some CPs
+ "indicate the applicability of a certificate to a particular
+ community" [ISO1]. These CPs set forth requirements for certificate
+ usage and requirements on members of a community. For instance, a CP
+ may focus on the needs of a geographical community, such as the ETSI
+ policy requirements for CAs issuing qualified certificates [ETS].
+ Also, a CP of this kind may focus on the needs of a specific
+ vertical-market community, such as financial services [IDT].
+
+ The second category of typical CPs "indicate the applicability of a
+ certificate to a . . . class of application with common security
+ requirements." These CPs identify a set of applications or uses for
+ certificates and say that these applications or uses require a
+ certain level of security. They then set forth PKI requirements that
+ are appropriate for these applications or uses. A CP within this
+ category often makes sets requirements appropriate for a certain
+ "level of assurance" provided by certificates, relative to
+ certificates issued pursuant to related CPs. These levels of
+ assurance may correspond to "classes" or "types" of certificates.
+
+ For instance, the Government of Canada PKI Policy Management
+ Authority (GOC PMA) has established eight certificate policies in a
+ single document [GOC], four policies for certificates used for
+ digital signatures and four policies for certificates used for
+ confidentiality encryption. For each of these applications, the
+ document establishes four levels of assurances: rudimentary, basic,
+ medium, and high. The GOC PMA described certain types of digital
+ signature and confidentiality uses in the document, each with a
+ certain set of security requirements, and grouped them into eight
+ categories. The GOC PMA then established PKI requirements for each
+ of these categories, thereby creating eight types of certificates,
+ each providing rudimentary, basic, medium, or high levels of
+ assurance. The progression from rudimentary to high levels
+ corresponds to increasing security requirements and corresponding
+ increasing levels of assurance.
+
+ A CP is represented in a certificate by a unique number called an
+ "Object Identifier" (OID). That OID, or at least an "arc", can be
+ registered. An "arc" is the beginning of the numerical sequence of
+ an OID and is assigned to a particular organization. The
+ registration process follows the procedures specified in ISO/IEC and
+ ITU standards. The party that registers the OID or arc also can
+ publish the text of the CP, for examination by relying parties. Any
+ one certificate will typically declare a single CP or, possibly, be
+
+
+
+Chokhani, et al. Informational [Page 10]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ issued consistent with a small number of different policies. Such
+ declaration appears in the Certificate Policies extension of a X.509
+ Version 3 certificate. When a CA places multiple CPs within a
+ certificate's Certificate Policies extension, the CA is asserting
+ that the certificate is appropriate for use in accordance with any of
+ the listed CPs.
+
+ CPs also constitute a basis for an audit, accreditation, or another
+ assessment of a CA. Each CA can be assessed against one or more
+ certificate policies or CPSs that it is recognized as implementing.
+ When one CA issues a CA-certificate for another CA, the issuing CA
+ must assess the set of certificate policies for which it trusts the
+ subject CA (such assessment may be based upon an assessment with
+ respect to the certificate policies involved). The assessed set of
+ certificate policies is then indicated by the issuing CA in the CA-
+ certificate. The X.509 certification path processing logic employs
+ these CP indications in its well-defined trust model.
+
+3.2. Certificate Policy Examples
+
+ For example purposes, suppose that the International Air Transport
+ Association (IATA) undertakes to define some certificate policies for
+ use throughout the airline industry, in a PKI operated by IATA in
+ combination with PKIs operated by individual airlines. Two CPs might
+ be defined - the IATA General-Purpose CP, and the IATA Commercial-
+ Grade CP.
+
+ The IATA General-Purpose CP could be used by industry personnel for
+ protecting routine information (e.g., casual electronic mail) and for
+ authenticating connections from World Wide Web browsers to servers
+ for general information retrieval purposes. The key pairs may be
+ generated, stored, and managed using low-cost, software-based
+ systems, such as commercial browsers. Under this policy, a
+ certificate may be automatically issued to anybody listed as an
+ employee in the corporate directory of IATA or any member airline who
+ submits a signed certificate request form to a network administrator
+ in his or her organization.
+
+ The IATA Commercial-Grade CP could be used to protect financial
+ transactions or binding contractual exchanges between airlines.
+ Under this policy, IATA could require that certified key pairs be
+ generated and stored in approved cryptographic hardware tokens.
+ Certificates and tokens could be provided to airline employees with
+ disbursement authority. These authorized individuals might then be
+ required to present themselves to the corporate security office, show
+ a valid identification badge, and sign a subscriber agreement
+ requiring them to protect the token and use it only for authorized
+ purposes, as a condition of being issued a token and a certificate.
+
+
+
+Chokhani, et al. Informational [Page 11]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+3.3. X.509 Certificate Fields
+
+ The following extension fields in an X.509 certificate are used to
+ support CPs:
+
+ * Certificate Policies extension;
+ * Policy Mappings extension; and
+ * Policy Constraints extension.
+
+3.3.1. Certificate Policies Extension
+
+ A Certificate Policies field lists CPs that the certification
+ authority declares are applicable. Using the example of the IATA
+ General-Purpose and Commercial-Grade policies defined in Section 3.2,
+ the certificates issued to regular airline employees would contain
+ the object identifier for General-Purpose policy. The certificates
+ issued to the employees with disbursement authority would contain the
+ object identifiers for both the General-Purpose policy and the
+ Commercial-Grade policy. The inclusion of both object identifiers in
+ the certificates means that they would be appropriate for either the
+ General-Purpose or Commercial-Grade policies. The Certificate
+ Policies field may also optionally convey qualifier values for each
+ identified policy; the use of qualifiers is discussed in Section 3.4.
+
+ When processing a certification path, a CP that is acceptable to the
+ relying party application must be present in every certificate in the
+ path, i.e., in CA-certificates as well as end entity certificates.
+
+ If the Certificate Policies field is flagged critical, it serves the
+ same purpose as described above but also has an additional role.
+ Specifically, it indicates that the use of the certificate is
+ restricted to one of the identified policies, i.e., the certification
+ authority is declaring that the certificate must only be used in
+ accordance with the provisions of at least one of the listed CPs.
+ This field is intended to protect the certification authority against
+ claims for damages asserted by a relying party who has used the
+ certificate for an inappropriate purpose or in an inappropriate
+ manner, as stipulated in the applicable CP.
+
+ For example, the Internal Revenue Service might issue certificates to
+ taxpayers for the purpose of protecting tax filings. The Internal
+ Revenue Service understands and can accommodate the risks of
+ erroneously issuing a bad certificate, e.g., to an imposter.
+ Suppose, however, that someone used an Internal Revenue Service tax-
+ filing certificate as the basis for encrypting multi-million-dollar-
+ value proprietary trade secrets, which subsequently fell into the
+ wrong hands because of a cryptanalytic attack by an attacker who is
+ able to decrypt the message. The Internal Revenue Service may want
+
+
+
+Chokhani, et al. Informational [Page 12]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ to defend itself against claims for damages in such circumstances by
+ pointing to the criticality of the Certificate Policies extension to
+ show that the subscriber and relying party misused the certificate.
+ The critical-flagged Certificate Policies extension is intended to
+ mitigate the risk to the CA in such situations.
+
+3.3.2. Policy Mappings Extension
+
+ The Policy Mappings extension may only be used in CA-certificates.
+ This field allows a certification authority to indicate that certain
+ policies in its own domain can be considered equivalent to certain
+ other policies in the subject certification authority's domain.
+
+ For example, suppose that for purposes of facilitating
+ interoperability, the ACE Corporation establishes an agreement with
+ the ABC Corporation to cross-certify the public keys of each others'
+ certification authorities for the purposes of mutually securing their
+ respective business-to-business exchanges. Further, suppose that
+ both companies have pre-existing financial transaction protection
+ policies called ace-e-commerce and abc-e-commerce, respectively. One
+ can see that simply generating cross-certificates between the two
+ domains will not provide the necessary interoperability, as the two
+ companies' applications are configured with, and employee
+ certificates are populated with, their respective certificate
+ policies. One possible solution is to reconfigure all of the
+ financial applications to require either policy and to reissue all
+ the certificates with both policies appearing in their Certificate
+ Policies extensions. Another solution, which may be easier to
+ administer, uses the Policy Mapping field. If this field is included
+ in a cross-certificate for the ABC Corporation certification
+ authority issued by the ACE Corporation certification authority, it
+ can provide a statement that the ABC's financial transaction
+ protection policy (i.e., abc-e-commerce) can be considered equivalent
+ to that of the ACE Corporation (i.e., ace-e-commerce). With such a
+ statement included in the cross-certificate issued to ABC, relying
+ party applications in the ACE domain requiring the presence of the
+ object identifier for the ace-e-commerce CP can also accept, process,
+ and rely upon certificates issued within the ABC domain containing
+ the object identifier for the abc-e-commerce CP.
+
+3.3.3. Policy Constraints Extension
+
+ The Policy Constraints extension supports two optional features. The
+ first is the ability for a certification authority to require that
+ explicit CP indications be present in all subsequent certificates in
+ a certification path. Certificates at the start of a certification
+ path may be considered by a relying party to be part of a trusted
+ domain, i.e., certification authorities are trusted for all purposes
+
+
+
+Chokhani, et al. Informational [Page 13]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ so no particular CP is needed in the Certificate Policies extension.
+ Such certificates need not contain explicit indications of CP. When
+ a certification authority in the trusted domain, however, certifies
+ outside the domain, it can activate the requirement that a specific
+ CP's object identifier appear in subsequent certificates in the
+ certification path.
+
+ The other optional feature in the Policy Constraints field is the
+ ability for a certification authority to disable policy mapping by
+ subsequent certification authorities in a certification path. It may
+ be prudent to disable policy mapping when certifying outside the
+ domain. This can assist in controlling risks due to transitive
+ trust, e.g., a domain A trusts domain B, domain B trusts domain C,
+ but domain A does not want to be forced to trust domain C.
+
+3.3.4. Policy Qualifiers
+
+ The Certificate Policies extension field has a provision for
+ conveying, along with each CP identifier, additional policy-dependent
+ information in a qualifier field. The X.509 standard does not
+ mandate the purpose for which this field is to be used, nor does it
+ prescribe the syntax for this field. Policy qualifier types can be
+ registered by any organization.
+
+ The following policy qualifier types are defined in PKIX RFC 3280
+ [PKI1]:
+
+ (a) The CPS Pointer qualifier contains a pointer to a CPS, CPS
+ Summary, RPA, or PDS published by the CA. The pointer is in the
+ form of a uniform resource identifier (URI).
+
+ (b) The User Notice qualifier contains a text string that is to be
+ displayed to subscribers and relying parties prior to the use of
+ the certificate. The text string may be an IA5String or a
+ BMPString - a subset of the ISO 100646-1 multiple octet coded
+ character set. A CA may invoke a procedure that requires that
+ the relying party acknowledge that the applicable terms and
+ conditions have been disclosed and/or accepted.
+
+ Policy qualifiers can be used to support the definition of generic,
+ or parameterized, CPs. Provided the base CP so provides, policy
+ qualifier types can be defined to convey, on a per-certificate basis,
+ additional specific policy details that fill in the generic
+ definition.
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 14]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+3.4. Certification Practice Statement
+
+ The term certification practice statement (CPS) is defined by the DSG
+ and PAG as: "A statement of the practices which a certification
+ authority employs in issuing certificates." [ABA1, ABA2] As stated
+ above, a CPS establishes practices concerning lifecycle services in
+ addition to issuance, such as certificate management (including
+ publication and archiving), revocation, and renewal or re-keying. In
+ the DSG, the ABA expands this definition with the following comments:
+
+ "A certification practice statement may take the form of a
+ declaration by the certification authority of the details of its
+ trustworthy system and the practices it employs in its operations and
+ in support of issuance of a certificate . . . ." This form of CPS is
+ the most common type, and can vary in length and level of detail.
+
+ Some PKIs may not have the need to create a thorough and detailed
+ statement of practices. For example, the CA may itself be the
+ relying party and would already be aware of the nature and
+ trustworthiness of its services. In other cases, a PKI may provide
+ certificates providing only a very low level of assurances where the
+ applications being secured may pose only marginal risks if
+ compromised. In these cases, an organization establishing a PKI may
+ only want to write or have CAs use a subscriber agreement, relying
+ party agreement, or agreement combining subscriber and relying party
+ terms, depending on the role of the different PKI participants. In
+ such a PKI, that agreement may serve as the only "statement of
+ practices" used by one or more CAs within that PKI. Consequently,
+ that agreement may also be considered a CPS and can be entitled or
+ subtitled as such.
+
+ Likewise, since a detailed CPS may contain sensitive details of its
+ system, a CA may elect not to publish its entire CPS. It may instead
+ opt to publish a CPS Summary (or CPS Abstract). The CPS Summary
+ would contain only those provisions from the CPS that the CA
+ considers to be relevant to the participants in the PKI (such as the
+ responsibilities of the parties or the stages of the certificate
+ lifecycle). A CPS Summary, however, would not contain those
+ sensitive provisions of the full CPS that might provide an attacker
+ with useful information about the CA's operations. Throughout this
+ document, the use of "CPS" includes both a detailed CPS and a CPS
+ Summary (unless otherwise specified).
+
+ CPSs do not automatically constitute contracts and do not
+ automatically bind PKI participants as a contract would. Where a
+ document serves the dual purpose of being a subscriber or relying
+ party agreement and CPS, the document is intended to be a contract
+ and constitutes a binding contract to the extent that a subscriber or
+
+
+
+Chokhani, et al. Informational [Page 15]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ relying party agreement would ordinarily be considered as such. Most
+ CPSs, however, do not serve such a dual purpose. Therefore, in most
+ cases, a CPS's terms have a binding effect as contract terms only if
+ a separate document creates a contractual relationship between the
+ parties and that document incorporates part or all of the CPS by
+ reference. Further, if a particular PKI employs a CPS Summary (as
+ opposed to the entire CPS), the CPS Summary could be incorporated
+ into any applicable subscriber or relying party agreement.
+
+ In the future, a court or applicable statutory or regulatory law may
+ declare that a certificate itself is a document that is capable of
+ creating a contractual relationship, to the extent its mechanisms
+ designed for incorporation by reference (such as the Certificate
+ Policies extension and its qualifiers) indicate that terms of its use
+ appear in certain documents. In the meantime, however, some
+ subscriber agreements and relying party agreements may incorporate a
+ CPS by reference and therefore make its terms binding on the parties
+ to such agreements.
+
+3.5. Relationship Between Certificate Policy and Certification
+ Practice Statement
+
+ The CP and CPS address the same set of topics that are of interest to
+ the relying party in terms of the degree to and purpose for which a
+ public key certificate should be trusted. Their primary difference
+ is in the focus of their provisions. A CP sets forth the
+ requirements and standards imposed by the PKI with respect to the
+ various topics. In other words, the purpose of the CP is to
+ establish what participants must do. A CPS, by contrast, states how
+ a CA and other participants in a given domain implement procedures
+ and controls to meet the requirements stated in the CP. In other
+ words, the purpose of the CPS is to disclose how the participants
+ perform their functions and implement controls.
+
+ An additional difference between a CP and CPS relates the scope of
+ coverage of the two kinds of documents. Since a CP is a statement of
+ requirements, it best serves as the vehicle for communicating minimum
+ operating guidelines that must be met by interoperating PKIs. Thus,
+ a CP generally applies to multiple CAs, multiple organizations, or
+ multiple domains. By contrast, a CPS applies only to a single CA or
+ single organization and is not generally a vehicle to facilitate
+ interoperation.
+
+ A CA with a single CPS may support multiple CPs (used for different
+ application purposes and/or by different relying party communities).
+ Also, multiple CAs, with non-identical CPSs, may support the same CP.
+
+
+
+
+
+Chokhani, et al. Informational [Page 16]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ For example, the Federal Government might define a government-wide CP
+ for handling confidential human resources information. The CP will
+ be a broad statement of the general requirements for participants
+ within the Government's PKI, and an indication of the types of
+ applications for which it is suitable for use. Each department or
+ agency wishing to operate a certification authority in this PKI may
+ be required to write its own certification practice statement to
+ support this CP by explaining how it meets the requirements of the
+ CP. At the same time, a department's or agency's CPS may support
+ other certificate policies.
+
+ An additional difference between a CP and CPS concerns the level of
+ detail of the provisions in each. Although the level of detail may
+ vary among CPSs, a CPS will generally be more detailed than a CP. A
+ CPS provides a detailed description of procedures and controls in
+ place to meet the CP requirements, while a CP is more general.
+
+ The main differences between CPs and CPSs can therefore be summarized
+ as follows:
+
+ (a) A PKI uses a CP to establish requirements that state what
+ participants within it must do. A single CA or organization can
+ use a CPS to disclose how it meets the requirements of a CP or
+ how it implements its practices and controls.
+
+ (b) A CP facilitates interoperation through cross-certification,
+ unilateral certification, or other means. Therefore, it is
+ intended to cover multiple CAs. By contrast, a CPS is a
+ statement of a single CA or organization. Its purpose is not to
+ facilitate interoperation (since doing so is the function of a
+ CP).
+
+ (c) A CPS is generally more detailed than a CP and specifies how the
+ CA meets the requirements specified in the one or more CPs under
+ which it issues certificates.
+
+ In addition to populating the certificate policies extension with the
+ applicable CP object identifier, a certification authority may
+ include, in certificates it issues, a reference to its certification
+ practice statement. A standard way to do this, using a CP qualifier,
+ is described in Section 3.4.
+
+3.6. Relationship Among CPs, CPSs, Agreements, and Other Documents
+
+ CPs and CPSs play a central role in documenting the requirements and
+ practices of a PKI. Nonetheless, they are not the only documents
+ relevant to a PKI. For instance, subscriber agreements and relying
+ party agreements play a critical role in allocating responsibilities
+
+
+
+Chokhani, et al. Informational [Page 17]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ to subscribers and relying parties relating to the use of
+ certificates and key pairs. They establish the terms and conditions
+ under which certificates are issued, managed, and used. The term
+ subscriber agreement is defined by the PAG as: "An agreement between
+ a CA and a subscriber that establishes the right and obligations of
+ the parties regarding the issuance and management of certificates."
+ [ABA2] The PAG defines a relying party agreement as: "An agreement
+ between a certification authority and relying party that typically
+ establishes the rights and obligations between those parties
+ regarding the verification of digital signatures or other uses of
+ certificates." [ABA2]
+
+ As mentioned in Section 3.5, a subscriber agreement, relying party
+ agreement, or an agreement that combines subscriber and relying party
+ terms may also serve as a CPS. In other PKIs, however, a subscriber
+ or relying party agreement may incorporate some or all of the terms
+ of a CP or CPS by reference. Yet other PKIs may distill from a CP
+ and/or CPS the terms that are applicable to a subscriber and place
+ such terms in a self-contained subscriber agreement, without
+ incorporating a CP or CPS by reference. They may use the same method
+ to distill relying party terms from a CP and/or CPS and place such
+ terms in a self-contained relying party agreement. Creating such
+ self-contained agreements has the advantage of creating documents
+ that are easier for consumers to review. In some cases, subscribers
+ or relying parties may be deemed to be "consumers" under applicable
+ law, who are subject to certain statutory or regulatory protections.
+ Under the legal systems of civil law countries, incorporating a CP or
+ CPS by reference may not be effective to bind consumers to the terms
+ of an incorporated CP or CPS.
+
+ CPs and CPSs may be incorporated by reference in other documents,
+ including:
+
+ * Interoperability agreements (including agreements between CAs for
+ cross-certification, unilateral certification, or other forms of
+ interoperation),
+
+ * Vendor agreements (under which a PKI vendor agrees to meet
+ standards set forth in a CP or CPS), or
+
+ * A PDS. See [ABA2]
+
+ A PDS serves a similar function to a CPS Summary. It is a relatively
+ short document containing only a subset of critical details about a
+ PKI or CA. It may differ from a CPS Summary, however, in that its
+ purpose is to act as a summary of information about the overall
+ nature of the PKI, as opposed to simply a condensed form of the CPS.
+
+
+
+
+Chokhani, et al. Informational [Page 18]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ Moreover, its purpose is to distill information about the PKI, as
+ opposed to protecting security sensitive information contained in an
+ unpublished CPS, although a PDS could also serve that function.
+
+ Just as writers may wish to refer to a CP or CPS or incorporate it by
+ reference in an agreement or PDS, a CP or CPS may refer to other
+ documents when establishing requirements or making disclosures. For
+ instance, a CP may set requirements for certificate content by
+ referring to an external document setting forth a standard
+ certificate profile. Referencing external documents permits a CP or
+ CPS to impose detailed requirements or make detailed disclosures
+ without having to reprint lengthy provisions from other documents
+ within the CP or CPS. Moreover, referencing a document in a CP or
+ CPS is another useful way of dividing disclosures between public
+ information and security sensitive confidential information (in
+ addition to or as an alternative to publishing a CPS Summary). For
+ example, a PKI may want to publish a CP or CPS, but maintain site
+ construction parameters for CA high security zones as confidential
+ information. In that case, the CP or CPS could reference an external
+ manual or document containing the detailed site construction
+ parameters.
+
+ Documents that a PKI may wish to refer to in a CP or CPS include:
+
+ * A security policy,
+
+ * Training, operational, installation, and user manuals (which may
+ contain operational requirements),
+
+ * Standards documents that apply to particular aspects of the PKI
+ (such as standards specifying the level of protection offered by
+ any hardware tokens used in the PKI or standards applicable to the
+ site construction),
+
+ * Key management plans,
+
+ * Human resource guides and employment manuals (which may describe
+ some aspects of personnel security practices), and
+
+ * E-mail policies (which may discuss subscriber and relying party
+ responsibilities, as well as the implications of key management,
+ if applicable). See [ABA2]
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 19]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+3.7. Set of Provisions
+
+ A set of provisions is a collection of practice and/or policy
+ statements, spanning a range of standard topics for use in expressing
+ a CP or CPS employing the approach described in this framework by
+ covering the topic appearing in Section 5 below. They are also
+ described in detail in Section 4 below.
+
+ A CP can be expressed as a single set of provisions.
+
+ A CPS can be expressed as a single set of provisions with each
+ component addressing the requirements of one or more certificate
+ policies, or, alternatively, as an organized collection of sets of
+ provisions. For example, a CPS could be expressed as a combination
+ of the following:
+
+ (a) a list of certificate policies supported by the CPS;
+
+ (b) for each CP in (a), a set of provisions that contains statements
+ responding to that CP by filling in details not stipulated in
+ that policy or expressly left to the discretion of the CA (in its
+ CPS) ; such statements serve to state how this particular CPS
+ implements the requirements of the particular CP; or
+
+ (c) a set of provisions that contains statements regarding the
+ certification practices on the CA, regardless of CP.
+
+ The statements provided in (b) and (c) may augment or refine the
+ stipulations of the applicable CP, but generally must not conflict
+ with any of the stipulations of such CP. In certain cases, however,
+ a policy authority may permit exceptions to the requirements in a CP,
+ because certain compensating controls of the CA are disclosed in its
+ CPS that allow the CA to provide assurances that are equivalent to
+ the assurances provided by CAs that are in full compliance with the
+ CP.
+
+ This framework outlines the contents of a set of provisions, in terms
+ of nine primary components, as follows:
+
+ 1. Introduction
+ 2. Publication and Repository
+ 3. Identification and Authentication
+ 4. Certificate Life-Cycle Operational Requirements
+ 5. Facilities, Management, and Operational Controls
+ 6. Technical Security Controls
+ 7. Certificate, CRL, and OCSP Profile
+ 8. Compliance audit
+ 9. Other Business and Legal Matters
+
+
+
+Chokhani, et al. Informational [Page 20]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ PKIs can use this simple framework of nine primary components to
+ write a simple CP or CPS. Moreover, a CA can use this same framework
+ to write a subscriber agreement, relying party agreement, or
+ agreement containing subscriber and relying party terms. If a CA
+ uses this simple framework to construct an agreement, it can use
+ paragraph 1 as an introduction or recitals, it can set forth the
+ responsibilities of the parties in paragraphs 2-8, and it can use
+ paragraph 9 to cover the business and legal issues described in more
+ detail, using the ordering of Section 4.9 below (such as
+ representations and warranties, disclaimers, and liability
+ limitations). The ordering of topics in this simple framework and
+ the business and legal matters Section 4.9 is the same as (or similar
+ to) the ordering of topics in a typical software or other technology
+ agreement. Therefore, a PKI can establish a set of core documents
+ (with a CP, CPS, subscriber agreement, and relying party agreement)
+ all having the same structure and ordering of topics, thereby
+ facilitating comparisons and mappings among these documents and among
+ the corresponding documents of other PKIs.
+
+ This simple framework may also be useful for agreements other than
+ subscriber agreements and relying party agreements. For instance, a
+ CA wishing to outsource certain services to an RA or certificate
+ manufacturing authority (CMA) may find it useful to use this
+ framework as a checklist to write a registration authority agreement
+ or outsourcing agreement. Similarly, two CAs may wish to use this
+ simple framework for the purpose of drafting a cross-certification,
+ unilateral certification, or other interoperability agreement.
+
+ In short, the primary components of the simple framework (specified
+ above) may meet the needs of drafters of short CPs, CPSs, subscriber
+ agreements, and relying party agreements. Nonetheless, this
+ framework is extensible, and its coverage of the nine components is
+ flexible enough to meet the needs of drafters of comprehensive CPs
+ and CPSs. Specifically, components appearing above can be further
+ divided into subcomponents, and a subcomponent may comprise multiple
+ elements. Section 4 provides a more detailed description of the
+ contents of the above components, and their subcomponents. Drafters
+ of CPs and CPSs are permitted to add additional levels of
+ subcomponents below the subcomponents described in Section 4 for the
+ purpose of meeting the needs of the drafter's particular PKI.
+
+4. Contents of a Set of Provisions
+
+ This section expands upon the contents of the simple framework of
+ provisions, as introduced in Section 3.7. The topics identified in
+ this section are, consequently, candidate topics for inclusion in a
+ detailed CP or CPS.
+
+
+
+
+Chokhani, et al. Informational [Page 21]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ While many topics are identified, it is not necessary for a CP or a
+ CPS to include a concrete statement for every such topic. Rather, a
+ particular CP or CPS may state "no stipulation" for a component,
+ subcomponent, or element on which the particular CP or CPS imposes no
+ requirements or makes no disclosure. In this sense, the list of
+ topics can be considered a checklist of topics for consideration by
+ the CP or CPS writer.
+
+ It is recommended that each and every component and subcomponent be
+ included in a CP or CPS, even if there is "no stipulation"; this will
+ indicate to the reader that a conscious decision was made to include
+ or exclude a provision concerning that topic. This drafting style
+ protects against inadvertent omission of a topic, while facilitating
+ comparison of different certificate policies or CPSs, e.g., when
+ making policy mapping decisions.
+
+ In a CP, it is possible to leave certain components, subcomponents,
+ and/or elements unspecified, and to stipulate that the required
+ information will be indicated in a policy qualifier, or the document
+ to which a policy qualifier points. Such CPs can be considered
+ parameterized definitions. The set of provisions should reference or
+ define the required policy qualifier types and should specify any
+ applicable default values.
+
+4.1. Introductions
+
+ This component identifies and introduces the set of provisions, and
+ indicates the types of entities and applications for which the
+ document (either the CP or the CPS being written) is targeted.
+
+4.1.1. Overview
+
+ This subcomponent provides a general introduction to the document
+ being written. This subcomponent can also be used to provide a
+ synopsis of the PKI to which the CP or CPS applies. For example, it
+ may set out different levels of assurance provided by certificates
+ within the PKI. Depending on the complexity and scope of the
+ particular PKI, a diagrammatic representation of the PKI might be
+ useful here.
+
+4.1.2. Document Name and Identification
+
+ This subcomponent provides any applicable names or other identifiers,
+ including ASN.1 object identifiers, for the document. An example of
+ such a document name would be the US Federal Government Policy for
+ Secure E-mail.
+
+
+
+
+
+Chokhani, et al. Informational [Page 22]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.1.3. PKI Participants
+
+ This subcomponent describes the identity or types of entities that
+ fill the roles of participants within a PKI, namely:
+
+ * Certification authorities, i.e., the entities that issue
+ certificates. A CA is the issuing CA with respect to the
+ certificates it issues and is the subject CA with respect to the
+ CA certificate issued to it. CAs may be organized in a hierarchy
+ in which an organization's CA issues certificates to CAs operated
+ by subordinate organizations, such as a branch, division, or
+ department within a larger organization.
+
+ * Registration authorities, i.e., the entities that establish
+ enrollment procedures for end-user certificate applicants, perform
+ identification and authentication of certificate applicants,
+ initiate or pass along revocation requests for certificates, and
+ approve applications for renewal or re-keying certificates on
+ behalf of a CA. Subordinate organizations within a larger
+ organization can act as RAs for the CA serving the entire
+ organization, but RAs may also be external to the CA.
+
+ * Subscribers. Examples of subscribers who receive certificates
+ from a CA include employees of an organization with its own CA,
+ banking or brokerage customers, organizations hosting e-commerce
+ sites, organizations participating in a business-to-business
+ exchange, and members of the public receiving certificates from a
+ CA issuing certificates to the public at large.
+
+ * Relying parties. Examples of relying parties include employees of
+ an organization having its own CA who receive digitally signed e-
+ mails from other employees, persons buying goods and services from
+ e-commerce sites, organizations participating in a business-to-
+ business exchange who receive bids or orders from other
+ participating organizations, and individuals and organizations
+ doing business with subscribers who have received their
+ certificates from a CA issuing certificates to the public.
+ Relying parties may or may not also be subscribers within a given
+ PKI.
+
+ * Other participants, such as certificate manufacturing authorities,
+ providers of repository services, and other entities providing
+ PKI-related services.
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 23]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.1.4. Certificate Usage
+
+ This subcomponent contains:
+
+ * A list or the types of applications for which the issued
+ certificates are suitable, such as electronic mail, retail
+ transactions, contracts, and a travel order, and/or
+
+ * A list or the types of applications for which use of the issued
+ certificates is prohibited.
+
+ In the case of a CP or CPS describing different levels of assurance,
+ this subcomponent can describe applications or types of applications
+ that are appropriate or inappropriate for the different levels of
+ assurance.
+
+4.1.5. Policy Administration
+
+ This subcomponent includes the name and mailing address of the
+ organization that is responsible for the drafting, registering,
+ maintaining, and updating of this CP or CPS. It also includes the
+ name, electronic mail address, telephone number, and fax number of a
+ contact person. As an alternative to naming an actual person, the
+ document may name a title or role, an e-mail alias, and other
+ generalized contact information. In some cases, the organization may
+ state that its contact person, alone or in combination with others,
+ is available to answer questions about the document.
+
+ Moreover, when a formal or informal policy authority is responsible
+ for determining whether a CA should be allowed to operate within or
+ interoperate with a PKI, it may wish to approve the CPS of the CA as
+ being suitable for the policy authority's CP. If so, this
+ subcomponent can include the name or title, electronic mail address
+ (or alias), telephone number, fax number, and other generalized
+ information of the entity in charge of making such a determination.
+ Finally, in this case, this subcomponent also includes the procedures
+ by which this determination is made.
+
+4.1.6. Definitions and Acronyms
+
+ This subcomponent contains a list of definitions for defined terms
+ used within the document, as well as a list of acronyms in the
+ document and their meanings.
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 24]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.2. Publication and Repository Responsibilities
+
+ This component contains any applicable provisions regarding:
+
+ * An identification of the entity or entities that operate
+ repositories within the PKI, such as a CA, certificate
+ manufacturing authority, or independent repository service
+ provider;
+
+ * The responsibility of a PKI participant to publish information
+ regarding its practices, certificates, and the current status of
+ such certificates, which may include the responsibilities of
+ making the CP or CPS publicly available using various mechanisms
+ and of identifying components, subcomponents, and elements of such
+ documents that exist but are not made publicly available, for
+ instance, security controls, clearance procedures, or trade secret
+ information due to their sensitivity;
+
+ * When information must be published and the frequency of
+ publication; and
+
+ * Access control on published information objects including CPs,
+ CPS, certificates, certificate status, and CRLs.
+
+4.3. Identification and Authentication
+
+ This component describes the procedures used to authenticate the
+ identity and/or other attributes of an end-user certificate applicant
+ to a CA or RA prior to certificate issuance. In addition, the
+ component sets forth the procedures for authenticating the identity
+ and the criteria for accepting applicants of entities seeking to
+ become CAs, RAs, or other entities operating in or interoperating
+ with a PKI. It also describes how parties requesting re-key or
+ revocation are authenticated. This component also addresses naming
+ practices, including the recognition of trademark rights in certain
+ names.
+
+4.3.1. Naming
+
+ This subcomponent includes the following elements regarding naming
+ and identification of the subscribers:
+
+ * Types of names assigned to the subject, such as X.500
+ distinguished names; RFC-822 names; and X.400 names;
+
+ * Whether names have to be meaningful or not;(3)
+
+
+
+
+
+Chokhani, et al. Informational [Page 25]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * Whether or not subscribers can be anonymous or pseudonymous, and
+ if they can, what names are assigned to or can be used by
+ anonymous subscribers;
+
+ * Rules for interpreting various name forms, such as the X.500
+ standard and RFC-822;
+
+ * Whether names have to be unique; and
+
+ * Recognition, authentication, and the role of trademarks.
+
+4.3.2. Initial Identity Validation
+
+ This subcomponent contains the following elements for the
+ identification and authentication procedures for the initial
+ registration for each subject type (CA, RA, subscriber, or other
+ participant):
+
+ * If and how the subject must prove possession of the companion
+ private key for the public key being registered, for example, a
+ digital signature in the certificate request message;(4)
+
+ * Identification and authentication requirements for organizational
+ identity of subscriber or participant (CA; RA; subscriber (in the
+ case of certificates issued to organizations or devices controlled
+ by an organization), or other participant), for example,
+ consulting the database of a service that identifies organizations
+ or inspecting an organization's articles of incorporation;
+
+ * Identification and authentication requirements for an individual
+ subscriber or a person acting on behalf of an organizational
+ subscriber or participant (CA, RA, in the case of certificates
+ issued to organizations or devices controlled by an organization,
+ the subscriber, or other participant),(5) including:
+
+ * Type of documentation and/or number of identification
+ credentials required;
+
+ * How a CA or RA authenticates the identity of the organization
+ or individual based on the documentation or credentials
+ provided;
+
+ * If the individual must personally present to the authenticating
+ CA or RA;
+
+ * How an individual as an organizational person is authenticated,
+ such as by reference to duly signed authorization documents or
+ a corporate identification badge.
+
+
+
+Chokhani, et al. Informational [Page 26]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * List of subscriber information that is not verified (called "non-
+ verified subscriber information") during the initial registration;
+
+ * Validation of authority involves a determination of whether a
+ person has specific rights, entitlements, or permissions,
+ including the permission to act on behalf of an organization to
+ obtain a certificate; and
+
+ * In the case of applications by a CA wishing to operate within, or
+ interoperate with, a PKI, this subcomponent contains the criteria
+ by which a PKI, CA, or policy authority determines whether or not
+ the CA is suitable for such operations or interoperation. Such
+ interoperation may include cross-certification, unilateral
+ certification, or other forms of interoperation.
+
+4.3.3. Identification and Authentication for Re-key Requests
+
+ This subcomponent addresses the following elements for the
+ identification and authentication procedures for re-key for each
+ subject type (CA, RA, subscriber, and other participants):
+
+ * Identification and authentication requirements for routine re-key,
+ such as a re-key request that contains the new key and is signed
+ using the current valid key; and
+
+ * Identification and authentication requirements for re-key after
+ certificate revocation. One example is the use of the same
+ process as the initial identity validation.
+
+4.3.4. Identification and Authentication for Revocation Requests
+
+ This subcomponent describes the identification and authentication
+ procedures for a revocation request by each subject type (CA, RA,
+ subscriber, and other participant). Examples include a revocation
+ request digitally signed with the private key whose companion public
+ key needs to be revoked, and a digitally signed request by the RA.
+
+4.4. Certificate Life-Cycle Operational Requirements
+
+ This component is used to specify requirements imposed upon issuing
+ CA, subject CAs, RAs, subscribers, or other participants with respect
+ to the life-cycle of a certificate.
+
+ Within each subcomponent, separate consideration may need to be given
+ to subject CAs, RAs, subscribers, and other participants.
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 27]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.4.1. Certificate Application
+
+ This subcomponent is used to address the following requirements
+ regarding subject certificate application:
+
+ * Who can submit a certificate application, such as a certificate
+ subject or the RA; and
+
+ * Enrollment process used by subjects to submit certificate
+ applications and responsibilities in connection with this process.
+ An example of this process is where the subject generates the key
+ pair and sends a certificate request to the RA. The RA validates
+ and signs the request and sends it to the CA. A CA or RA may have
+ the responsibility of establishing an enrollment process in order
+ to receive certificate applications. Likewise, certificate
+ applicants may have the responsibility of providing accurate
+ information on their certificate applications.
+
+4.4.2. Certificate Application Processing
+
+ This subcomponent is used to describe the procedure for processing
+ certificate applications. For example, the issuing CA and RA may
+ perform identification and authentication procedures to validate the
+ certificate application. Following such steps, the CA or RA will
+ either approve or reject the certificate application, perhaps upon
+ the application of certain criteria. Finally, this subcomponent sets
+ a time limit during which a CA and/or RA must act on and process a
+ certificate application.
+
+4.4.3. Certificate Issuance
+
+ This subcomponent is used to describe the following certificate
+ issuance related elements:
+
+ * Actions performed by the CA during the issuance of the
+ certificate, for example a procedure whereby the CA validates the
+ RA signature and RA authority and generates a certificate; and
+
+ * Notification mechanisms, if any, used by the CA to notify the
+ subscriber of the issuance of the certificate; an example is a
+ procedure under which the CA e-mails the certificate to the
+ subscriber or the RA or e-mails information permitting the
+ subscriber to download the certificate from a web site.
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 28]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.4.4. Certificate Acceptance
+
+ This subcomponent addresses the following:
+
+ * The conduct of an applicant that will be deemed to constitute
+ acceptance of the certificate. Such conduct may include
+ affirmative steps to indicate acceptance, actions implying
+ acceptance, or a failure to object to the certificate or its
+ content. For instance, acceptance may be deemed to occur if the
+ CA does not receive any notice from the subscriber within a
+ certain time period; a subscriber may send a signed message
+ accepting the certificate; or a subscriber may send a signed
+ message rejecting the certificate where the message includes the
+ reason for rejection and identifies the fields in the certificate
+ that are incorrect or incomplete.
+
+ * Publication of the certificate by the CA. For example, the CA may
+ post the certificate to an X.500 or LDAP repository.
+
+ * Notification of certificate issuance by the CA to other entities.
+ As an example, the CA may send the certificate to the RA.
+
+4.4.5. Key Pair and Certificate Usage
+
+ This subcomponent is used to describe the responsibilities relating
+ to the use of keys and certificates, including:
+
+ * Subscriber responsibilities relating to use of the subscriber's
+ private key and certificate. For example, the subscriber may be
+ required to use a private key and certificate only for appropriate
+ applications as set forth in the CP and in consistency with
+ applicable certificate content (e.g., key usage field). Use of a
+ private key and certificate are subject to the terms of the
+ subscriber agreement, the use of a private key is permitted only
+ after the subscriber has accepted the corresponding certificate,
+ or the subscriber must discontinue use of the private key
+ following the expiration or revocation of the certificate.
+
+ * Relying party responsibilities relating to the use of a
+ subscriber's public key and certificate. For instance, a relying
+ party may be obligated to rely on certificates only for
+ appropriate applications as set forth in the CP and in consistency
+ with applicable certificate content (e.g., key usage field),
+ successfully perform public key operations as a condition of
+ relying on a certificate, assume responsibility to check the
+ status of a certificate using one of the required or permitted
+
+
+
+
+
+Chokhani, et al. Informational [Page 29]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ mechanisms set forth in the CP/CPS (see Section 4.4.9 below), and
+ assent to the terms of the applicable relying party agreement as a
+ condition of relying on the certificate.
+
+4.4.6. Certificate Renewal
+
+ This subcomponent is used to describe the following elements related
+ to certificate renewal. Certificate renewal means the issuance of a
+ new certificate to the subscriber without changing the subscriber or
+ other participant's public key or any other information in the
+ certificate:
+
+ * Circumstances under which certificate renewal takes place, such as
+ where the certificate life has expired, but the policy permits the
+ same key pair to be reused;
+
+ * Who may request certificate renewal, for instance, the subscriber,
+ RA, or the CA may automatically renew an end-user subscriber
+ certificate;
+
+ * A CA or RA's procedures to process renewal requests to issue the
+ new certificate, for example, the use of a token, such as a
+ password, to re-authenticate the subscriber, or procedures that
+ are the same as the initial certificate issuance;
+
+ * Notification of the new certificate to the subscriber;
+
+ * Conduct constituting acceptance of the certificate;
+
+ * Publication of the certificate by the CA; and
+
+ * Notification of certificate issuance by the CA to other entities.
+
+4.4.7. Certificate Re-key
+
+ This subcomponent is used to describe the following elements related
+ to a subscriber or other participant generating a new key pair and
+ applying for the issuance of a new certificate that certifies the new
+ public key:
+
+ * Circumstances under which certificate re-key can or must take
+ place, such as after a certificate is revoked for reasons of key
+ compromise or after a certificate has expired and the usage period
+ of the key pair has also expired;
+
+ * Who may request certificate re-key, for example, the subscriber;
+
+
+
+
+
+Chokhani, et al. Informational [Page 30]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * A CA or RA's procedures to process re-keying requests to issue the
+ new certificate, such as procedures that are the same as the
+ initial certificate issuance;
+
+ * Notification of the new certificate to the subscriber;
+
+ * Conduct constituting acceptance of the certificate;
+
+ * Publication of the certificate by the CA; and
+
+ * Notification of certificate issuance by the CA to other entities.
+
+4.4.8. Certificate Modification
+
+ This subcomponent is used to describe the following elements related
+ to the issuance of a new certificate (6) due to changes in the
+ information in the certificate other than the subscriber public key:
+
+ * Circumstances under which certificate modification can take place,
+ such as name change, role change, reorganization resulting in a
+ change in the DN;
+
+ * Who may request certificate modification, for instance,
+ subscribers, human resources personnel, or the RA;
+
+ * A CA or RA's procedures to process modification requests to issue
+ the new certificate, such as procedures that are the same as the
+ initial certificate issuance;
+
+ * Notification of the new certificate to the subscriber;
+
+ * Conduct constituting acceptance of the certificate;
+
+ * Publication of the certificate by the CA; and
+
+ * Notification of certificate issuance by the CA to other entities.
+
+4.4.9. Certificate Revocation and Suspension
+
+ This subcomponent addresses the following:
+
+ * Circumstances under which a certificate may be suspended and
+ circumstances under which it must be revoked, for instance, in
+ cases of subscriber employment termination, loss of cryptographic
+ token, or suspected compromise of the private key;
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 31]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * Who can request the revocation of the participant's certificate,
+ for example, the subscriber, RA, or CA in the case of an end-user
+ subscriber certificate.
+
+ * Procedures used for certificate revocation request, such as a
+ digitally signed message from the RA, a digitally signed message
+ from the subscriber, or a phone call from the RA;
+
+ * The grace period available to the subscriber, within which the
+ subscriber must make a revocation request;
+
+ * The time within which CA must process the revocation request;
+
+ * The mechanisms, if any, that a relying party may use or must use
+ in order to check the status of certificates on which they wish to
+ rely;
+
+ * If a CRL mechanism is used, the issuance frequency;
+
+ * If a CRL mechanism is used, maximum latency between the generation
+ of CRLs and posting of the CRLs to the repository (in other words,
+ the maximum amount of processing- and communication-related delays
+ in posting CRLs to the repository after the CRLs are generated);
+
+ * On-line revocation/status checking availability, for instance,
+ OCSP and a web site to which status inquiries can be submitted;
+
+ * Requirements on relying parties to perform on-line
+ revocation/status checks;
+
+ * Other forms of revocation advertisements available;
+
+ * Any variations of the above stipulations for which suspension or
+ revocation is the result of private key compromise (as opposed to
+ other reasons for suspension or revocation).
+
+ * Circumstances under which a certificate may be suspended;
+
+ * Who can request the suspension of a certificate, for example, the
+ subscriber, human resources personnel, a supervisor of the
+ subscriber, or the RA in the case of an end-user subscriber
+ certificate;
+
+ * Procedures to request certificate suspension, such as a digitally
+ signed message from the subscriber or RA, or a phone call from the
+ RA; and
+
+ * How long the suspension may last.
+
+
+
+Chokhani, et al. Informational [Page 32]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.4.10. Certificate Status Services
+
+ This subcomponent addresses the certificate status checking services
+ available to the relying parties, including:
+
+ * The operational characteristics of certificate status checking
+ services;
+
+ * The availability of such services, and any applicable policies on
+ unavailability; and
+
+ * Any optional features of such services.
+
+4.4.11. End of Subscription
+
+ This subcomponent addresses procedures used by the subscriber to end
+ subscription to the CA services, including:
+
+ * The revocation of certificates at the end of subscription (which
+ may differ, depending on whether the end of subscription was due
+ to the expiration of the certificate or termination of the
+ service).
+
+4.4.12. Key Escrow and Recovery
+
+ This subcomponent contains the following elements to identify the
+ policies and practices relating to the escrowing, and/or recovery of
+ private keys where private key escrow services are available (through
+ the CA or other trusted third parties):
+
+ * Identification of the document containing private key escrow and
+ recovery policies and practices or a listing of such policies and
+ practices; and
+
+ * Identification of the document containing session key
+ encapsulation and recovery policies and practices or a listing of
+ such policies and practices.
+
+4.5. Management, Operational, and Physical Controls
+
+ This component describes non-technical security controls (that is,
+ physical, procedural, and personnel controls) used by the issuing CA
+ to securely perform the functions of key generation, subject
+ authentication, certificate issuance, certificate revocation,
+ auditing, and archiving.
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 33]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ This component can also be used to define non-technical security
+ controls on repositories, subject CAs, RAs, subscribers, and other
+ participants. The non-technical security controls for the subject
+ CAs, RAs, subscribers, and other participants could be the same,
+ similar, or very different.
+
+ These non-technical security controls are critical to trusting the
+ certificates since lack of security may compromise CA operations
+ resulting for example, in the creation of certificates or CRLs with
+ erroneous information or compromising the CA private key.
+
+ Within each subcomponent, separate consideration will, in general,
+ need to be given to each entity type, that is, the issuing CA,
+ repository, subject CAs, RAs, subscribers, and other participants.
+
+4.5.1. Physical Security Controls
+
+ In this subcomponent, the physical controls on the facility housing
+ the entity systems are described. Topics addressed may include:
+
+ * Site location and construction, such as the construction
+ requirements for high-security zones and the use of locked rooms,
+ cages, safes, and cabinets;
+
+ * Physical access, i.e., mechanisms to control access from one area
+ of the facility to another or access into high-security zones,
+ such as locating CA operations in a secure computer room monitored
+ by guards or security alarms and requiring movement from zone to
+ zone to be accomplished using a token, biometric readers, and/or
+ access control lists;
+
+ * Power and air conditioning;
+
+ * Water exposures;
+
+ * Fire prevention and protection;
+
+ * Media storage, for example, requiring the storage of backup media
+ in a separate location that is physically secure and protected
+ from fire and water damage;
+
+ * Waste disposal; and
+
+ * Off-site backup.
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 34]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.5.2. Procedural Controls
+
+ In this subcomponent, requirements for recognizing trusted roles are
+ described, together with the responsibilities for each role.
+ Examples of trusted roles include system administrators, security
+ officers, and system auditors.
+
+ For each task identified, the number of individuals required to
+ perform the task (n out m rule) should be stated for each role.
+ Identification and authentication requirements for each role may also
+ be defined.
+
+ This component also includes the separation of duties in terms of the
+ roles that cannot be performed by the same individuals.
+
+4.5.3. Personnel Security Controls
+
+ This subcomponent addresses the following:
+
+ * Qualifications, experience, and clearances that personnel must
+ have as a condition of filling trusted roles or other important
+ roles. Examples include credentials, job experiences, and
+ official government clearances that candidates for these positions
+ must have before being hired;
+
+ * Background checks and clearance procedures that are required in
+ connection with the hiring of personnel filling trusted roles or
+ perhaps other important roles; such roles may require a check of
+ their criminal records, references, and additional clearances that
+ a participant undertakes after a decision has been made to hire a
+ particular person;
+
+ * Training requirements and training procedures for each role
+ following the hiring of personnel;
+
+ * Any retraining period and retraining procedures for each role
+ after completion of initial training;
+
+ * Frequency and sequence for job rotation among various roles;
+
+ * Sanctions against personnel for unauthorized actions, unauthorized
+ use of authority, and unauthorized use of entity systems for the
+ purpose of imposing accountability on a participant's personnel;
+
+ * Controls on personnel that are independent contractors rather than
+ employees of the entity; examples include:
+
+ - Bonding requirements on contract personnel;
+
+
+
+Chokhani, et al. Informational [Page 35]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ - Contractual requirements including indemnification for damages
+ due to the actions of the contractor personnel;
+
+ - Auditing and monitoring of contractor personnel; and
+
+ - Other controls on contracting personnel.
+
+ * Documentation to be supplied to personnel during initial training,
+ retraining, or otherwise.
+
+4.5.4. Audit Logging Procedures
+
+ This subcomponent is used to describe event logging and audit
+ systems, implemented for the purpose of maintaining a secure
+ environment. Elements include the following:
+
+ * Types of events recorded, such as certificate lifecycle
+ operations, attempts to access the system, and requests made to
+ the system;
+
+ * Frequency with which audit logs are processed or archived, for
+ example, weekly, following an alarm or anomalous event, or when
+ ever the audit log is n% full;
+
+ * Period for which audit logs are kept;
+
+ * Protection of audit logs:
+
+ - Who can view audit logs, for example only the audit
+ administrator;
+
+ - Protection against modification of audit logs, for instance a
+ requirement that no one may modify or delete the audit records
+ or that only an audit administrator may delete an audit file as
+ part of rotating the audit file; and
+
+ - Protection against deletion of audit logs.
+
+ * Audit log back up procedures;
+
+ * Whether the audit log accumulation system is internal or external
+ to the entity;
+
+ * Whether the subject who caused an audit event to occur is notified
+ of the audit action; and
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 36]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * Vulnerability assessments, for example, where audit data is run
+ through a tool that identifies potential attempts to breach the
+ security of the system.
+
+4.5.5. Records Archival
+
+ This subcomponent is used to describe general records archival (or
+ records retention) policies, including the following:
+
+ * Types of records that are archived, for example, all audit data,
+ certificate application information, and documentation supporting
+ certificate applications;
+
+ * Retention period for an archive;
+
+ * Protection of an archive:
+
+ - Who can view the archive, for example, a requirement that only
+ the audit administrator may view the archive;
+
+ - Protection against modification of the archive, such as
+ securely storing the data on a write once medium;
+
+ - Protection against deletion of the archive;
+
+ - Protection against the deterioration of the media on which the
+ archive is stored, such as a requirement for data to be
+ migrated periodically to fresh media; and
+
+ - Protection against obsolescence of hardware, operating systems,
+ and other software, by, for example, retaining as part of the
+ archive the hardware, operating systems, and/or other software
+ in order to permit access to and use of archived records over
+ time.
+
+ * Archive backup procedures;
+
+ * Requirements for time-stamping of records;
+
+ * Whether the archive collection system is internal or external; and
+
+ * Procedures to obtain and verify archive information, such as a
+ requirement that two separate copies of the archive data be kept
+ under the control of two persons, and that the two copies be
+ compared in order to ensure that the archive information is
+ accurate.
+
+
+
+
+
+Chokhani, et al. Informational [Page 37]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.5.6. Key Changeover
+
+ This subcomponent describes the procedures to provide a new public
+ key to a CA's users following a re-key by the CA. These procedures
+ may be the same as the procedure for providing the current key.
+ Also, the new key may be certified in a certificate signed using the
+ old key.
+
+4.5.7. Compromise and Disaster Recovery
+
+ This subcomponent describes requirements relating to notification and
+ recovery procedures in the event of compromise or disaster. Each of
+ the following may need to be addressed separately:
+
+ * Identification or listing of the applicable incident and
+ compromise reporting and handling procedures.
+
+ * The recovery procedures used if computing resources, software,
+ and/or data are corrupted or suspected to be corrupted. These
+ procedures describe how a secure environment is re-established,
+ which certificates are revoked, whether the entity key is revoked,
+ how the new entity public key is provided to the users, and how
+ the subjects are re-certified.
+
+ * The recovery procedures used if the entity key is compromised.
+ These procedures describe how a secure environment is re-
+ established, how the new entity public key is provided to the
+ users, and how the subjects are re-certified.
+
+ * The entity's capabilities to ensure business continuity following
+ a natural or other disaster. Such capabilities may include the
+ availability of a remote hot-site at which operations may be
+ recovered. They may also include procedures for securing its
+ facility during the period of time following a natural or other
+ disaster and before a secure environment is re-established, either
+ at the original site or at a remote site. For example, procedures
+ to protect against theft of sensitive materials from an
+ earthquake-damaged site.
+
+4.5.8. CA or RA Termination
+
+ This subcomponent describes requirements relating to procedures for
+ termination and termination notification of a CA or RA, including the
+ identity of the custodian of CA and RA archival records.
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 38]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.6. Technical Security Controls
+
+ This component is used to define the security measures taken by the
+ issuing CA to protect its cryptographic keys and activation data
+ (e.g., PINs, passwords, or manually-held key shares). This component
+ may also be used to impose constraints on repositories, subject CAs,
+ subscribers, and other participants to protect their private keys,
+ activation data for their private keys, and critical security
+ parameters. Secure key management is critical to ensure that all
+ secret and private keys and activation data are protected and used
+ only by authorized personnel.
+
+ This component also describes other technical security controls used
+ by the issuing CA to perform securely the functions of key
+ generation, user authentication, certificate registration,
+ certificate revocation, auditing, and archiving. Technical controls
+ include life-cycle security controls (including software development
+ environment security, trusted software development methodology) and
+ operational security controls.
+
+ This component can also be used to define other technical security
+ controls on repositories, subject CAs, RAs, subscribers, and other
+ participants.
+
+4.6.1. Key Pair Generation and Installation
+
+ Key pair generation and installation need to be considered for the
+ issuing CA, repositories, subject CAs, RAs, and subscribers. For
+ each of these types of entities, the following questions potentially
+ need to be answered:
+
+ 1. Who generates the entity public, private key pair? Possibilities
+ include the subscriber, RA, or CA. Also, how is the key
+ generation performed? Is the key generation performed by hardware
+ or software?
+
+ 2. How is the private key provided securely to the entity?
+ Possibilities include a situation where the entity has generated
+ it and therefore already has it, handing the entity the private
+ key physically, mailing a token containing the private key
+ securely, or delivering it in an SSL session.
+
+ 3. How is the entity's public key provided securely to the
+ certification authority? Some possibilities are in an online SSL
+ session or in a message signed by the RA.
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 39]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 4. In the case of issuing CAs, how is the CA's public key provided
+ securely to potential relying parties? Possibilities include
+ handing the public key to the relying party securely in person,
+ physically mailing a copy securely to the relying party, or
+ delivering it in a SSL session.
+
+ 5. What are the key sizes? Examples include a 1,024 bit RSA modulus
+ and a 1,024 bit DSA large prime.
+
+ 6. Who generates the public key parameters, and is the quality of the
+ parameters checked during key generation?
+
+ 7. For what purposes may the key be used, or for what purposes should
+ usage of the key be restricted? For X.509 certificates, these
+ purposes should map to the key usage flags in X.509 Version 3
+ certificates.
+
+4.6.2. Private Key Protection and Cryptographic Module Engineering
+ Controls
+
+ Requirements for private key protection and cryptographic modules
+ need to be considered for the issuing CA, repositories, subject CAs,
+ RAs, and subscribers. For each of these types of entities, the
+ following questions potentially need to be answered:
+
+ 1. What standards, if any, are required for the cryptographic module
+ used to generate the keys? A cryptographic module can be
+ composed of hardware, software, firmware, or any combination of
+ them. For example, are the keys certified by the infrastructure
+ required to be generated using modules compliant with the US FIPS
+ 140-1? If so, what is the required FIPS 140-1 level of the
+ module? Are there any other engineering or other controls
+ relating to a cryptographic module, such as the identification of
+ the cryptographic module boundary, input/output, roles and
+ services, finite state machine, physical security, software
+ security, operating system security, algorithm compliance,
+ electromagnetic compatibility, and self tests.
+
+ 2. Is the private key under n out of m multi-person control?(7) If
+ yes, provide n and m (two person control is a special case of n
+ out of m, where n = m = 2)?
+
+ 3. Is the private key escrowed?(8) If so, who is the escrow agent,
+ what form is the key escrowed in (examples include plaintext,
+ encrypted, split key), and what are the security controls on the
+ escrow system?
+
+
+
+
+
+Chokhani, et al. Informational [Page 40]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 4. Is the private key backed up? If so, who is the backup agent,
+ what form is the key backed up in (examples include plaintext,
+ encrypted, split key), and what are the security controls on the
+ backup system?
+
+ 5. Is the private key archived? If so, who is the archival agent,
+ what form is the key archived in (examples include plaintext,
+ encrypted, split key), and what are the security controls on the
+ archival system?
+
+ 6. Under what circumstances, if any, can a private key be
+ transferred into or from a cryptographic module? Who is
+ permitted to perform such a transfer operation? In what form is
+ the private key during the transfer (i.e., plaintext, encrypted,
+ or split key)?
+
+ 7. How is the private key stored in the module (i.e., plaintext,
+ encrypted, or split key)?
+
+ 8. Who can activate (use) the private key? What actions must be
+ performed to activate the private key (e.g., login, power on,
+ supply PIN, insert token/key, automatic, etc.)? Once the key is
+ activated, is the key active for an indefinite period, active for
+ one time, or active for a defined time period?
+
+ 9. Who can deactivate the private key and how? Examples of methods
+ of deactivating private keys include logging out, turning the
+ power off, removing the token/key, automatic deactivation, and
+ time expiration.
+
+ 10. Who can destroy the private key and how? Examples of methods of
+ destroying private keys include token surrender, token
+ destruction, and overwriting the key.
+
+ 11. Provide the capabilities of the cryptographic module in the
+ following areas: identification of the cryptographic module
+ boundary, input/output, roles and services, finite state machine,
+ physical security, software security, operating system security,
+ algorithm compliance, electromagnetic compatibility, and self
+ tests. Capability may be expressed through reference to
+ compliance with a standard such as U.S. FIPS 140-1, associated
+ level, and rating.
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 41]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.6.3. Other Aspects of Key Pair Management
+
+ Other aspects of key management need to be considered for the issuing
+ CA, repositories, subject CAs, RAs, subscribers, and other
+ participants. For each of these types of entities, the following
+ questions potentially need to be answered:
+
+ 1. Is the public key archived? If so, who is the archival agent and
+ what are the security controls on the archival system? Also,
+ what software and hardware need to be preserved as part of the
+ archive to permit use of the public key over time? Note: this
+ subcomponent is not limited to requiring or describing the use of
+ digital signatures with archival data, but rather can address
+ integrity controls other than digital signatures when an archive
+ requires tamper protection. Digital signatures do not provide
+ tamper protection or protect the integrity of data; they merely
+ verify data integrity. Moreover, the archival period may be
+ greater than the cryptanalysis period for the public key needed
+ to verify any digital signature applied to archival data.
+
+ 2. What is the operational period of the certificates issued to the
+ subscriber. What are the usage periods, or active lifetimes, for
+ the subscriber's key pair?
+
+4.6.4. Activation Data
+
+ Activation data refers to data values other than whole private keys
+ that are required to operate private keys or cryptographic modules
+ containing private keys, such as a PIN, passphrase, or portions of a
+ private key used in a key-splitting scheme. Protection of activation
+ data prevents unauthorized use of the private key, and potentially
+ needs to be considered for the issuing CA, subject CAs, RAs, and
+ subscribers. Such consideration potentially needs to address the
+ entire life-cycle of the activation data from generation through
+ archival and destruction. For each of the entity types (issuing CA,
+ repository, subject CA, RA, subscriber, and other participants), all
+ of the questions listed in 4.6.1 through 4.6.3 potentially need to be
+ answered with respect to activation data rather than with respect to
+ keys.
+
+4.6.5. Computer Security Controls
+
+ This subcomponent is used to describe computer security controls such
+ as: use of the trusted computing base concept, discretionary access
+ control, labels, mandatory access controls, object re-use, audit,
+ identification and authentication, trusted path, security testing,
+ and penetration testing. Product assurance may also be addressed.
+
+
+
+
+Chokhani, et al. Informational [Page 42]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ A computer security rating for computer systems may be required. The
+ rating could be based, for example, on the Trusted System Evaluation
+ Criteria (TCSEC), Canadian Trusted Products Evaluation Criteria,
+ European Information Technology Security Evaluation Criteria (ITSEC),
+ or the Common Criteria for Information Technology Security
+ Evaluation, ISO/IEC 15408:1999. This subcomponent can also address
+ requirements for product evaluation analysis, testing, profiling,
+ product certification, and/or product accreditation related activity
+ undertaken.
+
+4.6.6. Life Cycle Security Controls
+
+ This subcomponent addresses system development controls and security
+ management controls.
+
+ System development controls include development environment security,
+ development personnel security, configuration management security
+ during product maintenance, software engineering practices, software
+ development methodology, modularity, layering, use of failsafe design
+ and implementation techniques (e.g., defensive programming) and
+ development facility security.
+
+ Security management controls include execution of tools and
+ procedures to ensure that the operational systems and networks adhere
+ to configured security. These tools and procedures include checking
+ the integrity of the security software, firmware, and hardware to
+ ensure their correct operation.
+
+ This subcomponent can also address life-cycle security ratings based,
+ for example, on the Trusted Software Development Methodology (TSDM)
+ level IV and V, independent life-cycle security controls audit, and
+ the Software Engineering Institute's Capability Maturity Model (SEI-
+ CMM).
+
+4.6.7. Network Security Controls
+
+ This subcomponent addresses network security related controls,
+ including firewalls.
+
+4.6.8. Time-stamping
+
+ This subcomponent addresses requirements or practices relating to the
+ use of timestamps on various data. It may also discuss whether or
+ not the time-stamping application must use a trusted time source.
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 43]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.7. Certificate and CRL Profiles
+
+ This component is used to specify the certificate format and, if CRLs
+ and/or OCSP are used, the CRL and/or OCSP format. This includes
+ information on profiles, versions, and extensions used.
+
+4.7.1. Certificate Profile
+
+ This subcomponent addresses such topics as the following (potentially
+ by reference to a separate profile definition, such as the one
+ defined in IETF PKIX RFC 3280):
+
+ * Version number(s) supported;
+
+ * Certificate extensions populated and their criticality;
+
+ * Cryptographic algorithm object identifiers;
+
+ * Name forms used for the CA, RA, and subscriber names;
+
+ * Name constraints used and the name forms used in the name
+ constraints;
+
+ * Applicable CP OID(s);
+
+ * Usage of the policy constraints extension;
+
+ * Policy qualifiers syntax and semantics; and
+
+ * Processing semantics for the critical CP extension.
+
+4.7.2. CRL Profile
+
+ This subcomponent addresses such topics as the following (potentially
+ by reference to a separate profile definition, such as the one
+ defined in IETF PKIX RFC 3280):
+
+ * Version numbers supported for CRLs; and
+
+ * CRL and CRL entry extensions populated and their criticality.
+
+4.7.3. OCSP Profile
+
+ This subcomponent addresses such topics as the following (potentially
+ by reference to a separate profile definition, such as the IETF RFC
+ 2560 profile):
+
+
+
+
+
+Chokhani, et al. Informational [Page 44]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * Version of OCSP that is being used as the basis for establishing
+ an OCSP system; and
+
+ * OCSP extensions populated and their criticality.
+
+4.8. Compliance Audit and Other Assessment
+
+ This component addresses the following:
+
+ * The list of topics covered by the assessment and/or the assessment
+ methodology used to perform the assessment; examples include
+ WebTrust for CAs (9) and SAS 70 (10).
+
+ * Frequency of compliance audit or other assessment for each entity
+ that must be assessed pursuant to a CP or CPS, or the
+ circumstances that will trigger an assessment; possibilities
+ include an annual audit, pre-operational assessment as a condition
+ of allowing an entity to be operational, or investigation
+ following a possible or actual compromise of security.
+
+ * The identity and/or qualifications of the personnel performing the
+ audit or other assessment.
+
+ * The relationship between the assessor and the entity being
+ assessed, including the degree of independence of the assessor.
+
+ * Actions taken as a result of deficiencies found during the
+ assessment; examples include a temporary suspension of operations
+ until deficiencies are corrected, revocation of certificates
+ issued to the assessed entity, changes in personnel, triggering
+ special investigations or more frequent subsequent compliance
+ assessments, and claims for damages against the assessed entity.
+
+ * Who is entitled to see results of an assessment (e.g., assessed
+ entity, other participants, the general public), who provides them
+ (e.g., the assessor or the assessed entity), and how they are
+ communicated.
+
+4.9. Other Business and Legal Matters
+
+ This component covers general business and legal matters. Sections
+ 9.1 and 9.2 of the framework discuss the business issues of fees to
+ be charged for various services and the financial responsibility of
+ participants to maintain resources for ongoing operations and for
+ paying judgments or settlements in response to claims asserted
+ against them. The remaining sections are generally concerned with
+ legal topics.
+
+
+
+
+Chokhani, et al. Informational [Page 45]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ Starting with Section 9.3 of the framework, the ordering of topics is
+ the same as or similar to the ordering of topics in a typical
+ software licensing agreement or other technology agreement.
+ Consequently, this framework may not only be used for CPs and CPSs,
+ but also associated PKI-related agreements, especially subscriber
+ agreements, and relying party agreements. This ordering is intended
+ help lawyers review CPs, CPSs, and other documents adhering to this
+ framework.
+
+ With respect to many of the legal subcomponents within this
+ component, a CP or CPS drafter may choose to include in the document
+ terms and conditions that apply directly to subscribers or relying
+ parties. For instance, a CP or CPS may set forth limitations of
+ liability that apply to subscribers and relying parties. The
+ inclusion of terms and conditions is likely to be appropriate where
+ the CP or CPS is itself a contract or part of a contract.
+
+ In other cases, however, the CP or CPS is not a contract or part of a
+ contract; instead, it is configured so that its terms and conditions
+ are applied to the parties by separate documents, which may include
+ associated agreements, such as subscriber or relying party
+ agreements. In that event, a CP drafter may write a CP so as to
+ require that certain legal terms and conditions appear (or not
+ appear) in such associated agreements. For example, a CP might
+ include a subcomponent stating that a certain limitation of liability
+ term must appear in a CA's subscriber and relying party agreements.
+ Another example is a CP that contains a subcomponent prohibiting the
+ use of a subscriber or relying party agreement containing a
+ limitation upon CA liability inconsistent with the provisions of the
+ CP. A CPS drafter may use legal subcomponents to disclose that
+ certain terms and conditions appear in associated subscriber, relying
+ party, or other agreements in use by the CA. A CPS might explain,
+ for instance, that the CA writing it uses an associated subscriber or
+ relying party agreement that applies a particular provision for
+ limiting liability.
+
+4.9.1. Fees
+
+ This subcomponent contains any applicable provisions regarding fees
+ charged by CAs, repositories, or RAs, such as:
+
+ * Certificate issuance or renewal fees;
+
+ * Certificate access fees;
+
+ * Revocation or status information access fees;
+
+
+
+
+
+Chokhani, et al. Informational [Page 46]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * Fees for other services such as providing access to the relevant
+ CP or CPS; and
+
+ * Refund policy.
+
+4.9.2. Financial Responsibility
+
+ This subcomponent contains requirements or disclosures relating to
+ the resources available to CAs, RAs, and other participants providing
+ certification services to support performance of their operational
+ PKI responsibilities, and to remain solvent and pay damages in the
+ event they are liable to pay a judgment or settlement in connection
+ with a claim arising out of such operations. Such provisions
+ include:
+
+ * A statement that the participant maintains a certain amount of
+ insurance coverage for its liabilities to other participants;
+
+ * A statement that a participant has access to other resources to
+ support operations and pay damages for potential liability, which
+ may be couched in terms of a minimum level of assets necessary to
+ operate and cover contingencies that might occur within a PKI,
+ where examples include assets on the balance sheet of an
+ organization, a surety bond, a letter of credit, and a right under
+ an agreement to an indemnity under certain circumstances; and
+
+ * A statement that a participant has a program that offers first-
+ party insurance or warranty protection to other participants in
+ connection with their use of the PKI.
+
+4.9.3. Confidentiality of Business Information
+
+ This subcomponent contains provisions relating to the treatment of
+ confidential business information that participants may communicate
+ to each other, such as business plans, sales information, trade
+ secrets, and information received from a third party under a
+ nondisclosure agreement. Specifically, this subcomponent addresses:
+
+ * The scope of what is considered confidential information,
+
+ * The types of information that are considered to be outside the
+ scope of confidential information, and
+
+ * The responsibilities of participants that receive confidential
+ information to secure it from compromise, and refrain from using
+ it or disclosing it to third parties.
+
+
+
+
+
+Chokhani, et al. Informational [Page 47]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.9.4. Privacy of Personal Information
+
+ This subcomponent relates to the protection that participants,
+ particularly CAs, RAs, and repositories, may be required to afford to
+ personally identifiable private information of certificate
+ applicants, subscribers, and other participants. Specifically, this
+ subcomponent addresses the following, to the extent pertinent under
+ applicable law:
+
+ * The designation and disclosure of the applicable privacy plan that
+ applies to a participant's activities, if required by applicable
+ law or policy;
+
+ * Information that is or is not considered private within the PKI;
+
+ * Any responsibility of participants that receive private
+ information to secure it, and refrain from using it and from
+ disclosing it to third parties;
+
+ * Any requirements as to notices to, or consent from individuals
+ regarding use or disclosure of private information; and
+
+ * Any circumstances under which a participant is entitled or
+ required to disclose private information pursuant to judicial,
+ administrative process in a private or governmental proceeding, or
+ in any legal proceeding.
+
+4.9.5. Intellectual Property Rights
+
+ This subcomponent addresses the intellectual property rights, such as
+ copyright, patent, trademarks, or trade secrets, that certain
+ participants may have or claim in a CP, CPS, certificates, names, and
+ keys, or are the subject of a license to or from participants.
+
+4.9.6. Representations and Warranties
+
+ This subcomponent can include representations and warranties of
+ various entities that are being made pursuant to the CP or CPS. For
+ example, a CPS that serves as a contract might contain a CA's
+ warranty that information contained in the certificate is accurate.
+ Alternatively, a CPS might contain a less extensive warranty to the
+ effect that the information in the certificate is true to the best of
+ the CA's knowledge after performing certain identity authentication
+ procedures with due diligence. This subcomponent can also include
+ requirements that representations and warranties appear in certain
+ agreements, such as subscriber or relying party agreements. For
+ instance, a CP may contain a requirement that all CAs utilize a
+ subscriber agreement, and that a subscriber agreement must contain a
+
+
+
+Chokhani, et al. Informational [Page 48]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ warranty by the CA that information in the certificate is accurate.
+ Participants that may make representations and warranties include
+ CAs, RAs, subscribers, relying parties, and other participants.
+
+4.9.7. Disclaimers of Warranties
+
+ This subcomponent can include disclaimers of express warranties that
+ may otherwise be deemed to exist in an agreement, and disclaimers of
+ implied warranties that may otherwise be imposed by applicable law,
+ such as warranties of merchantability or fitness for a particular
+ purpose. The CP or CPS may directly impose such disclaimers, or the
+ CP or CPS may contain a requirement that disclaimers appear in
+ associated agreements, such as subscriber or relying party
+ agreements.
+
+4.9.8. Limitations of Liability
+
+ This subcomponent can include limitations of liability in a CP or CPS
+ or limitations that appear or must appear in an agreement associated
+ with the CP or CPS, such as a subscriber or relying party agreement.
+ These limitations may fall into one of two categories: limitations
+ on the elements of damages recoverable and limitations on the amount
+ of damages recoverable, also known as liability caps. Often,
+ contracts contain clauses preventing the recovery of elements of
+ damages such as incidental and consequential damages, and sometimes
+ punitive damages. Frequently, contracts contain clauses that limit
+ the possible recovery of one party or the other to an amount certain
+ or to an amount corresponding to a benchmark, such as the amount a
+ vendor was paid under the contract.
+
+4.9.9. Indemnities
+
+ This subcomponent includes provisions by which one party makes a
+ second party whole for losses or damage incurred by the second party,
+ typically arising out of the first party's conduct. They may appear
+ in a CP, CPS, or agreement. For example, a CP may require that
+ subscriber agreements contain a term under which a subscriber is
+ responsible for indemnifying a CA for losses the CA sustains arising
+ out of a subscriber's fraudulent misrepresentations on the
+ certificate application under which the CA issued the subscriber an
+ inaccurate certificate. Similarly, a CPS may say that a CA uses a
+ relying party agreement, under which relying parties are responsible
+ for indemnifying a CA for losses the CA sustains arising out of use
+ of a certificate without properly checking revocation information or
+ use of a certificate for purposes beyond what the CA permits.
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 49]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.9.10. Term and Termination
+
+ This subcomponent can include the time period in which a CP or a CPS
+ remains in force and the circumstances under which the document,
+ portions of the document, or its applicability to a particular
+ participant can be terminated. In addition or alternatively, the CP
+ or CPS may include requirements that certain term and termination
+ clauses appear in agreements, such as subscriber or relying party
+ agreements. In particular, such terms can include:
+
+ * The term of a document or agreement, that is, when the document
+ becomes effective and when it expires if it is not terminated
+ earlier.
+
+ * Termination provisions stating circumstances under which the
+ document, certain portions of it, or its application to a
+ particular participant ceases to remain in effect.
+
+ * Any consequences of termination of the document. For example,
+ certain provisions of an agreement may survive its termination and
+ remain in force. Examples include acknowledgements of
+ intellectual property rights and confidentiality provisions.
+ Also, termination may trigger a responsibility of parties to
+ return confidential information to the party that disclosed it.
+
+4.9.11. Individual notices and communications with participants
+
+ This subcomponent discusses the way in which one participant can or
+ must communicate with another participant on a one-to-one basis in
+ order for such communications to be legally effective. For example,
+ an RA may wish to inform the CA that it wishes to terminate its
+ agreement with the CA. This subcomponent is different from
+ publication and repository functions, because unlike individual
+ communications described in this subcomponent, publication and
+ posting to a repository are for the purpose of communicating to a
+ wide audience of recipients, such as all relying parties. This
+ subcomponent may establish mechanisms for communication and indicate
+ the contact information to be used to route such communications, such
+ as digitally signed e-mail notices to a specified address, followed
+ by a signed e-mail acknowledgement of receipt.
+
+4.9.12. Amendments
+
+ It will occasionally be necessary to amend a CP or CPS. Some of
+ these changes will not materially reduce the assurance that a CP or
+ its implementation provides, and will be judged by the policy
+ administrator to have an insignificant effect on the acceptability of
+ certificates. Such changes to a CP or CPS need not require a change
+
+
+
+Chokhani, et al. Informational [Page 50]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ in the CP OID or the CPS pointer (URL). On the other hand, some
+ changes to a specification will materially change the acceptability
+ of certificates for specific purposes, and these changes may require
+ corresponding changes to the CP OID or CPS pointer qualifier (URL).
+
+ This subcomponent may also contain the following information:
+
+ * The procedures by which the CP or CPS and/or other documents must,
+ may be, or are amended. In the case of CP or CPS amendments,
+ change procedures may include a notification mechanism to provide
+ notice of proposed amendments to affected parties, such as
+ subscribers and relying parties, a comment period, a mechanism by
+ which comments are received, reviewed and incorporated into the
+ document, and a mechanism by which amendments become final and
+ effective.
+
+ * The circumstances under which amendments to the CP or CPS would
+ require a change in CP OID or CPS pointer (URL).
+
+4.9.13. Dispute Resolution Procedures
+
+ This subcomponent discusses procedures utilized to resolve disputes
+ arising out of the CP, CPS, and/or agreements. Examples of such
+ procedures include requirements that disputes be resolved in a
+ certain forum or by alternative dispute resolution mechanisms.
+
+4.9.14. Governing Law
+
+ This subcomponent sets forth a statement that the law of a certain
+ jurisdiction governs the interpretation and enforcement of the
+ subject CP or CPS or agreements.
+
+4.9.15. Compliance with Applicable Law
+
+ This subcomponent relates to stated requirements that participants
+ comply with applicable law, for example, laws relating to
+ cryptographic hardware and software that may be subject to the export
+ control laws of a given jurisdiction. The CP or CPS could purport to
+ impose such requirements or may require that such provisions appear
+ in other agreements.
+
+4.9.16. Miscellaneous Provisions
+
+ This subcomponent contains miscellaneous provisions, sometimes called
+ "boilerplate provisions," in contracts. The clauses covered in this
+ subcomponent may appear in a CP, CPS, or agreements and include:
+
+
+
+
+
+Chokhani, et al. Informational [Page 51]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ * An entire agreement clause, which typically identifies the
+ document or documents comprising the entire agreement between the
+ parties and states that such agreements supersede all prior and
+ contemporaneous written or oral understandings relating to the
+ same subject matter;
+
+ * An assignment clause, which may act to limit the ability of a
+ party in an agreement, assigning its rights under the agreement to
+ another party (such as the right to receive a stream of payments
+ in the future) or limiting the ability of a party to delegate its
+ obligations under the agreement;
+
+ * A severability clause, which sets forth the intentions of the
+ parties in the event that a court or other tribunal determines
+ that a clause within an agreement is, for some reason, invalid or
+ unenforceable, and whose purpose is frequently to prevent the
+ unenforceability of one clause from causing the whole agreement to
+ be unenforceable; and
+
+ * An enforcement clause, which may state that a party prevailing in
+ any dispute arising out of an agreement is entitled to attorneys'
+ fees as part of its recovery, or may state that a party's waiver
+ of one breach of contract does not constitute a continuing waiver
+ or a future waiver of other breaches of contract.
+
+ * A force majeure clause, commonly used to excuse the performance of
+ one or more parties to an agreement due to an event outside the
+ reasonable control of the affected party or parties. Typically,
+ the duration of the excused performance is commensurate with the
+ duration of the delay caused by the event. The clause may also
+ provide for the termination of the agreement under specified
+ circumstances and conditions. Events considered to constitute a
+ "force majeure" may include so-called "Acts of God," wars,
+ terrorism, strikes, natural disasters, failures of suppliers or
+ vendors to perform, or failures of the Internet or other
+ infrastructure. Force majeure clauses should be drafted so as to
+ be consistent with other portions of the framework and applicable
+ service level agreements. For instance, responsibilities and
+ capabilities for business continuity and disaster recovery may
+ place some events within the reasonable control of the parties,
+ such as an obligation to maintain backup electrical power in the
+ face of power outages.
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 52]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+4.9.17. Other Provisions
+
+ This subcomponent is a "catchall" location where additional
+ responsibilities and terms can be imposed on PKI participants that do
+ not neatly fit within one of the other components or subcomponents of
+ the framework. CP and CPS writers can place any provision within
+ this subcomponent that is not covered by another subcomponent.
+
+5. Security Considerations
+
+ According to X.509, a certificate policy (CP) is "a named set of
+ rules that indicates the applicability of a certificate to a
+ particular community and/or class of applications with common
+ security requirements." A CP may be used by a relying party to help
+ in deciding whether a certificate, and the binding therein, are
+ sufficiently trustworthy and otherwise appropriate for a particular
+ application.
+
+ The degree to which a relying party can trust the binding embodied in
+ a certificate depends on several factors. These factors can include
+ the practices followed by the certification authority (CA) in
+ authenticating the subject; the CA's operating policy, procedures,
+ and technical security controls, including the scope of the
+ subscriber's responsibilities (for example, in protecting the private
+ key), and the stated responsibilities and liability terms and
+ conditions of the CA (for example, warranties, disclaimers of
+ warranties, and limitations of liability).
+
+ This document provides a framework to address technical, procedural,
+ personnel, and physical security aspects of Certification
+ Authorities, Registration Authorities, repositories, subscribers, and
+ relying party cryptographic modules, in order to ensure that the
+ certificate generation, publication, renewal, re-key, usage, and
+ revocation is done in a secure manner. Specifically, Section 4.3
+ Identification and Authentication (I&A); Section 4.4 Certificate
+ Life-Cycle Operational Requirements; Section 4.5 Facility Management,
+ and Operational Controls; Section 4.6 Technical Security Controls;
+ Section 4.7 Certificate CRL, and OCSP Profiles; and Section 4.8
+ Compliance Audit and Other Assessment, are oriented towards ensuring
+ secure operation of the PKI entities such as CA, RA, repository,
+ subscriber systems, and relying party systems.
+
+6. Outline of a Set of Provisions
+
+ This section contains a recommended outline for a set of provisions,
+ intended to serve as a checklist or (with some further development) a
+ standard template for use by CP or CPS writers. Such a common
+ outline will facilitate:
+
+
+
+Chokhani, et al. Informational [Page 53]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ (a) Comparison of two certificate policies during cross-
+ certification or other forms of interoperation (for the purpose
+ of equivalency mapping).
+
+ (b) Comparison of a CPS with a CP to ensure that the CPS faithfully
+ implements the policy.
+
+ (c) Comparison of two CPSs.
+
+ In order to comply with the RFC, the drafters of a compliant CP or
+ CPS are strongly advised to adhere to this outline. While use of an
+ alternate outline is discouraged, it may be accepted if a proper
+ justification is provided for the deviation and a mapping table is
+ provided to readily discern where each of the items described in this
+ outline is provided.
+
+ 1. INTRODUCTION
+ 1.1 Overview
+ 1.2 Document name and identification
+ 1.3 PKI participants
+ 1.3.1 Certification authorities
+ 1.3.2 Registration authorities
+ 1.3.3 Subscribers
+ 1.3.4 Relying parties
+ 1.3.5 Other participants
+ 1.4 Certificate usage
+ 1.4.1. Appropriate certificate uses
+ 1.4.2 Prohibited certificate uses
+ 1.5 Policy administration
+ 1.5.1 Organization administering the document
+ 1.5.2 Contact person
+ 1.5.3 Person determining CPS suitability for the policy
+ 1.5.4 CPS approval procedures
+ 1.6 Definitions and acronyms
+ 2. PUBLICATION AND REPOSITORY RESPONSIBILITIES
+ 2.1 Repositories
+ 2.2 Publication of certification information
+ 2.3 Time or frequency of publication
+ 2.4 Access controls on repositories
+ 3. IDENTIFICATION AND AUTHENTICATION (11)
+ 3.1 Naming
+ 3.1.1 Types of names
+ 3.1.2 Need for names to be meaningful
+ 3.1.3 Anonymity or pseudonymity of subscribers
+ 3.1.4 Rules for interpreting various name forms
+ 3.1.5 Uniqueness of names
+ 3.1.6 Recognition, authentication, and role of trademarks
+ 3.2 Initial identity validation
+
+
+
+Chokhani, et al. Informational [Page 54]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 3.2.1 Method to prove possession of private key
+ 3.2.2 Authentication of organization identity
+ 3.2.3 Authentication of individual identity
+ 3.2.4 Non-verified subscriber information
+ 3.2.5 Validation of authority
+ 3.2.6 Criteria for interoperation
+ 3.3 Identification and authentication for re-key requests
+ 3.3.1 Identification and authentication for routine re-key
+ 3.3.2 Identification and authentication for re-key after revocation
+ 3.4 Identification and authentication for revocation request
+ 4. CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS (11)
+ 4.1 Certificate Application
+ 4.1.1 Who can submit a certificate application
+ 4.1.2 Enrollment process and responsibilities
+ 4.2 Certificate application processing
+ 4.2.1 Performing identification and authentication functions
+ 4.2.2 Approval or rejection of certificate applications
+ 4.2.3 Time to process certificate applications
+ 4.3 Certificate issuance
+ 4.3.1 CA actions during certificate issuance
+ 4.3.2 Notification to subscriber by the CA of issuance of
+ certificate
+ 4.4 Certificate acceptance
+ 4.4.1 Conduct constituting certificate acceptance
+ 4.4.2 Publication of the certificate by the CA
+ 4.4.3 Notification of certificate issuance by the CA to other
+ entities
+ 4.5 Key pair and certificate usage
+ 4.5.1 Subscriber private key and certificate usage
+ 4.5.2 Relying party public key and certificate usage
+ 4.6 Certificate renewal
+ 4.6.1 Circumstance for certificate renewal
+ 4.6.2 Who may request renewal
+ 4.6.3 Processing certificate renewal requests
+ 4.6.4 Notification of new certificate issuance to subscriber
+ 4.6.5 Conduct constituting acceptance of a renewal certificate
+ 4.6.6 Publication of the renewal certificate by the CA
+ 4.6.7 Notification of certificate issuance by the CA to other
+ entities
+ 4.7 Certificate re-key
+ 4.7.1 Circumstance for certificate re-key
+ 4.7.2 Who may request certification of a new public key
+ 4.7.3 Processing certificate re-keying requests
+ 4.7.4 Notification of new certificate issuance to subscriber
+ 4.7.5 Conduct constituting acceptance of a re-keyed certificate
+ 4.7.6 Publication of the re-keyed certificate by the CA
+ 4.7.7 Notification of certificate issuance by the CA to other
+ entities
+
+
+
+Chokhani, et al. Informational [Page 55]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 4.8 Certificate modification
+ 4.8.1 Circumstance for certificate modification
+ 4.8.2 Who may request certificate modification
+ 4.8.3 Processing certificate modification requests
+ 4.8.4 Notification of new certificate issuance to subscriber
+ 4.8.5 Conduct constituting acceptance of modified certificate
+ 4.8.6 Publication of the modified certificate by the CA
+ 4.8.7 Notification of certificate issuance by the CA to other
+ entities
+ 4.9 Certificate revocation and suspension
+ 4.9.1 Circumstances for revocation
+ 4.9.2 Who can request revocation
+ 4.9.3 Procedure for revocation request
+ 4.9.4 Revocation request grace period
+ 4.9.5 Time within which CA must process the revocation request
+ 4.9.6 Revocation checking requirement for relying parties
+ 4.9.7 CRL issuance frequency (if applicable)
+ 4.9.8 Maximum latency for CRLs (if applicable)
+ 4.9.9 On-line revocation/status checking availability
+ 4.9.10 On-line revocation checking requirements
+ 4.9.11 Other forms of revocation advertisements available
+ 4.9.12 Special requirements re key compromise
+ 4.9.13 Circumstances for suspension
+ 4.9.14 Who can request suspension
+ 4.9.15 Procedure for suspension request
+ 4.9.16 Limits on suspension period
+ 4.10 Certificate status services
+ 4.10.1 Operational characteristics
+ 4.10.2 Service availability
+ 4.10.3 Optional features
+ 4.11 End of subscription
+ 4.12 Key escrow and recovery
+ 4.12.1 Key escrow and recovery policy and practices
+ 4.12.2 Session key encapsulation and recovery policy and practices
+ 5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS (11)
+ 5.1 Physical controls
+ 5.1.1 Site location and construction
+ 5.1.2 Physical access
+ 5.1.3 Power and air conditioning
+ 5.1.4 Water exposures
+ 5.1.5 Fire prevention and protection
+ 5.1.6 Media storage
+ 5.1.7 Waste disposal
+ 5.1.8 Off-site backup
+ 5.2 Procedural controls
+ 5.2.1 Trusted roles
+ 5.2.2 Number of persons required per task
+ 5.2.3 Identification and authentication for each role
+
+
+
+Chokhani, et al. Informational [Page 56]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 5.2.4 Roles requiring separation of duties
+ 5.3 Personnel controls
+ 5.3.1 Qualifications, experience, and clearance requirements
+ 5.3.2 Background check procedures
+ 5.3.3 Training requirements
+ 5.3.4 Retraining frequency and requirements
+ 5.3.5 Job rotation frequency and sequence
+ 5.3.6 Sanctions for unauthorized actions
+ 5.3.7 Independent contractor requirements
+ 5.3.8 Documentation supplied to personnel
+ 5.4 Audit logging procedures
+ 5.4.1 Types of events recorded
+ 5.4.2 Frequency of processing log
+ 5.4.3 Retention period for audit log
+ 5.4.4 Protection of audit log
+ 5.4.5 Audit log backup procedures
+ 5.4.6 Audit collection system (internal vs. external)
+ 5.4.7 Notification to event-causing subject
+ 5.4.8 Vulnerability assessments
+ 5.5 Records archival
+ 5.5.1 Types of records archived
+ 5.5.2 Retention period for archive
+ 5.5.3 Protection of archive
+ 5.5.4 Archive backup procedures
+ 5.5.5 Requirements for time-stamping of records
+ 5.5.6 Archive collection system (internal or external)
+ 5.5.7 Procedures to obtain and verify archive information
+ 5.6 Key changeover
+ 5.7 Compromise and disaster recovery
+ 5.7.1 Incident and compromise handling procedures
+ 5.7.2 Computing resources, software, and/or data are corrupted
+ 5.7.3 Entity private key compromise procedures
+ 5.7.4 Business continuity capabilities after a disaster
+ 5.8 CA or RA termination
+ 6. TECHNICAL SECURITY CONTROLS (11)
+ 6.1 Key pair generation and installation
+ 6.1.1 Key pair generation
+ 6.1.2 Private key delivery to subscriber
+ 6.1.3 Public key delivery to certificate issuer
+ 6.1.4 CA public key delivery to relying parties
+ 6.1.5 Key sizes
+ 6.1.6 Public key parameters generation and quality checking
+ 6.1.7 Key usage purposes (as per X.509 v3 key usage field)
+ 6.2 Private Key Protection and Cryptographic Module Engineering
+ Controls
+ 6.2.1 Cryptographic module standards and controls
+ 6.2.2 Private key (n out of m) multi-person control
+ 6.2.3 Private key escrow
+
+
+
+Chokhani, et al. Informational [Page 57]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 6.2.4 Private key backup
+ 6.2.5 Private key archival
+ 6.2.6 Private key transfer into or from a cryptographic module
+ 6.2.7 Private key storage on cryptographic module
+ 6.2.8 Method of activating private key
+ 6.2.9 Method of deactivating private key
+ 6.2.10 Method of destroying private key
+ 6.2.11 Cryptographic Module Rating
+ 6.3 Other aspects of key pair management
+ 6.3.1 Public key archival
+ 6.3.2 Certificate operational periods and key pair usage periods
+ 6.4 Activation data
+ 6.4.1 Activation data generation and installation
+ 6.4.2 Activation data protection
+ 6.4.3 Other aspects of activation data
+ 6.5 Computer security controls
+ 6.5.1 Specific computer security technical requirements
+ 6.5.2 Computer security rating
+ 6.6 Life cycle technical controls
+ 6.6.1 System development controls
+ 6.6.2 Security management controls
+ 6.6.3 Life cycle security controls
+ 6.7 Network security controls
+ 6.8 Time-stamping
+ 7. CERTIFICATE, CRL, AND OCSP PROFILES
+ 7.1 Certificate profile
+ 7.1.1 Version number(s)
+ 7.1.2 Certificate extensions
+ 7.1.3 Algorithm object identifiers
+ 7.1.4 Name forms
+ 7.1.5 Name constraints
+ 7.1.6 Certificate policy object identifier
+ 7.1.7 Usage of Policy Constraints extension
+ 7.1.8 Policy qualifiers syntax and semantics
+ 7.1.9 Processing semantics for the critical Certificate Policies
+ extension
+ 7.2 CRL profile
+ 7.2.1 Version number(s)
+ 7.2.2 CRL and CRL entry extensions
+ 7.3 OCSP profile
+ 7.3.1 Version number(s)
+ 7.3.2 OCSP extensions
+ 8. COMPLIANCE AUDIT AND OTHER ASSESSMENTS
+ 8.1 Frequency or circumstances of assessment
+ 8.2 Identity/qualifications of assessor
+ 8.3 Assessor's relationship to assessed entity
+ 8.4 Topics covered by assessment
+ 8.5 Actions taken as a result of deficiency
+
+
+
+Chokhani, et al. Informational [Page 58]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 8.6 Communication of results
+ 9. OTHER BUSINESS AND LEGAL MATTERS
+ 9.1 Fees
+ 9.1.1 Certificate issuance or renewal fees
+ 9.1.2 Certificate access fees
+ 9.1.3 Revocation or status information access fees
+ 9.1.4 Fees for other services
+ 9.1.5 Refund policy
+ 9.2 Financial responsibility
+ 9.2.1 Insurance coverage
+ 9.2.2 Other assets
+ 9.2.3 Insurance or warranty coverage for end-entities
+ 9.3 Confidentiality of business information
+ 9.3.1 Scope of confidential information
+ 9.3.2 Information not within the scope of confidential information
+ 9.3.3 Responsibility to protect confidential information
+ 9.4 Privacy of personal information
+ 9.4.1 Privacy plan
+ 9.4.2 Information treated as private
+ 9.4.3 Information not deemed private
+ 9.4.4 Responsibility to protect private information
+ 9.4.5 Notice and consent to use private information
+ 9.4.6 Disclosure pursuant to judicial or administrative process
+ 9.4.7 Other information disclosure circumstances
+ 9.5 Intellectual property rights
+ 9.6 Representations and warranties
+ 9.6.1 CA representations and warranties
+ 9.6.2 RA representations and warranties
+ 9.6.3 Subscriber representations and warranties
+ 9.6.4 Relying party representations and warranties
+ 9.6.5 Representations and warranties of other participants
+ 9.7 Disclaimers of warranties
+ 9.8 Limitations of liability
+ 9.9 Indemnities
+ 9.10 Term and termination
+ 9.10.1 Term
+ 9.10.2 Termination
+ 9.10.3 Effect of termination and survival
+ 9.11 Individual notices and communications with participants
+ 9.12 Amendments
+ 9.12.1 Procedure for amendment
+ 9.12.2 Notification mechanism and period
+ 9.12.3 Circumstances under which OID must be changed
+ 9.13 Dispute resolution provisions
+ 9.14 Governing law
+ 9.15 Compliance with applicable law
+ 9.16 Miscellaneous provisions
+ 9.16.1 Entire agreement
+
+
+
+Chokhani, et al. Informational [Page 59]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 9.16.2 Assignment
+ 9.16.3 Severability
+ 9.16.4 Enforcement (attorneys' fees and waiver of rights)
+ 9.16.5 Force Majeure
+ 9.17 Other provisions
+
+7. Comparison to RFC 2527
+
+ This framework represents an incremental improvement over RFC 2527.
+ The new framework benefits from the experience gained in the course
+ of deploying CP and CPS documents under RFC 2527. Further, this new
+ framework is based on coordination with the American Bar Association
+ Information Security Committee within the Section of Science and
+ Technology Law. The ISC wrote the PKI Assessment Guidelines [ABA2],
+ which embodies a great deal of technical, business, and legal
+ experience in PKI operations. In particular, representatives of the
+ ISC made changes to the framework to better suite it to the legal
+ environment and make it more accessible to lawyers.
+
+ >From a technical perspective, the changes to the RFC 2527 framework
+ were minimal and incremental, rather than revolutionary. Sections
+ 3-7 have largely been preserved, with modest reorganization and new
+ topics. For example, the new framework includes a revision of
+ Section 4 of the framework to include a full treatment of the
+ certificate life-cycle, the addition of key escrow, key
+ encapsulation, and key recovery policies and practices, and OCSP.
+ Section 2 audit functions now appear alone in Section 8, and Section
+ 2 focuses exclusively on repository functions. The business and
+ legal matters in RFC 2527's Section 2 now appear in a new Section 9.
+
+ From a legal perspective, the new Section 9 is useful because it
+ places topics in the framework in an ordering that is similar to
+ software licensing and other technology agreements and thus is
+ familiar to technology lawyers. Moreover, the framework as a whole
+ can double as a framework for a subscriber, relying party, or other
+ PKI-related agreement. The changes are intended to make legal review
+ of, and input into, CP and CPS documents more efficient. Section 9
+ also adds new legal topics, such as the privacy of personal
+ information, liability terms, and duration of the effectiveness of
+ the document.
+
+ Section 1 of the new framework is largely the same as RFC 2527,
+ although it increases coverage of PKI participants by breaking out
+ subscribers from relying parties and adding a section for other
+ participants. It changes the "applicability" section to one covering
+ appropriate and prohibited uses of certificates. Also, it moves CPS
+
+
+
+
+
+Chokhani, et al. Informational [Page 60]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ approval procedures from RFC 2527's Section 8.3 into a collected
+ policy administration section. Finally, Section 1.6 adds a place to
+ list definitions and acronyms.
+
+ Section 2 of the new framework is a reorganization of Section 2.6 of
+ the old framework. Section 3 of the new framework is based on a
+ division of the old Section 3.1 into two parts for naming and
+ identification and authentication issues. It adds new issues, such
+ as the permissibility of pseudonyms and anonymity. Old Section 4
+ topics on audit logging, record archives, key changeover, compromise
+ and disaster recovery, and CA termination have moved to Section 5.
+ The remaining Section 4 topics have been expanded and reorganized to
+ cover a complete certificate lifecycle. New topics include items
+ implicit in the RFC 2527 Section 4, but now explicit, such as
+ certificate application processing, certificate modification, and the
+ end of subscription.
+
+ New Sections 5.1 through 5.3 are almost identical to their
+ counterparts in RFC 2527. The remainder of the new Section 5 is the
+ topics moved from RFC 2527's Section 4, in the order that they
+ appeared in Section 4. Section 6 of the new framework is almost the
+ same as the old Section 6, with some exceptions, such as the
+ consolidation of old Section 6.8 (cryptographic module engineering
+ controls) into Section 6.2.1 (now called "cryptographic module
+ standards and controls") and the addition of time-stamping in a new
+ Section 6.8. Section 7 is almost identical to the old Section 7, the
+ major change being the addition of a section covering OCSP profile.
+ Section 8 is almost identical to RFC 2527's Section 2.7.
+
+ New Section 9 contains business and legal topics that were covered in
+ RFC 2527's Section 2, including fees, financial responsibility,
+ confidentiality, and intellectual property. It adds a section on the
+ privacy of personal information, which has become a significant
+ policy issue. The "liability" Section 2.2 in RFC 2527 now appears in
+ Sections 9.6 through 9.9, covering representations and warranties,
+ disclaimers, limitations of liability, and indemnities. Section 9.10
+ adds a section concerning the duration of the effectiveness of
+ documentation. Section 9.12 collects terms concerning the way in
+ which a document (CP, CPS, agreement, or other document) may be
+ amended, formerly appearing in Section 8.1. Section 9 includes
+ "legal boilerplate" topics, some of which were in the old Section 2.
+ Finally, Section 9.17 is a catch-all "other provisions" section where
+ drafters can place information that does not fit well into any other
+ section of the framework.
+
+ The following matrix shows the sections in the old RFC 2527 framework
+ and their successor sections in the new framework.
+
+
+
+
+Chokhani, et al. Informational [Page 61]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ORIGINAL RFC 2527 NEW RFC SECTION
+ SECTION
+ ------------------------------------------------------
+ 1. Introduction 1.
+ ------------------------------------------------------
+ 1.1 Overview 1.1
+ ------------------------------------------------------
+ 1.2 Identification 1.2
+ ------------------------------------------------------
+ 1.3 Community and
+ Applicability 1.3
+ ------------------------------------------------------
+ 1.3.1 Certification
+ Authorities 1.3.1
+ ------------------------------------------------------
+ 1.3.2 Registration Authorities 1.3.2
+ ------------------------------------------------------
+ 1.3.3 End entities 1.3.3,
+ 1.3.4
+ ------------------------------------------------------
+ 1.3.4 Applicability 1.4, 4.5
+ ------------------------------------------------------
+ 1.4 Contact Details 1.5
+ ------------------------------------------------------
+ 1.4.1 Specification Administration
+ Organization 1.5.1
+ ------------------------------------------------------
+ 1.4.2 Contact Person 1.5.2
+ ------------------------------------------------------
+ 1.4.3 Person Determining CPS
+ Suitability for the Policy 1.5.3
+ ------------------------------------------------------
+ 2. General Provisions 2, 8, 9
+ ------------------------------------------------------
+ 2.1 Obligations 2.6.4
+ ------------------------------------------------------
+ 2.1.1 1A Obligations Integrated
+ throughout
+ portions of the
+ framework that
+ apply to CAs
+ ------------------------------------------------------
+ 2.1.2 RA Obligations Integrated
+ throughout
+ portions of the
+ framework that
+ apply to RAs
+
+
+
+
+Chokhani, et al. Informational [Page 62]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 2.1.3 Subscriber Obligations 4.1.2, 4.4, 4.5,
+ 4.5.1, 4.6.5,
+ 4.7.5, 4.8.1,
+ 4.8.5, 4.9.1,
+ 4.9.2, 4.9.13,
+ 4.9.15, 5., 6.,
+ 9.6.3, 9.9
+ ------------------------------------------------------
+ 2.1.4 Relying Party Obligations 4.5, 4.5.2, 4.9.6,
+ 5., 6., 9.6.4, 9.9
+ ------------------------------------------------------
+ 2.1.5 Repository Obligations 2., 4.4.2, 4.4.3,
+ 4.6.6, 4.6.7,
+ 4.7.6, 4.7.7,
+ 4.8.6, 4.8.7
+ ------------------------------------------------------
+ 2.2 Liability 9.6, 9.7, 9.8, 9.9
+ ------------------------------------------------------
+ 2.2.1 CA Liability 9.6.1, 9.7., 9.8,
+ 9.9
+ ------------------------------------------------------
+ 2.2.2 RA Liability 9.6.2, 9.7, 9.8, 9.9
+ ------------------------------------------------------
+ 2.3 Financial Responsibility 9.2
+ ------------------------------------------------------
+ 2.3.1 Indemnification by Relying
+ Parties 9.9
+ ------------------------------------------------------
+ 2.3.2 Fiduciary Relationships 9.7
+ ------------------------------------------------------
+ 2.4 Interpretation and Enforcement 9.16
+ ------------------------------------------------------
+ 2.4.1 Governing Law 9.14, 9.15
+ ------------------------------------------------------
+ 2.4.2 Severability, Survival,
+ Merger, Notice 9.10.3, 9.11,
+ 9.16.1,9.16.3
+ ------------------------------------------------------
+ 2.4.3 Dispute Resolution
+ Procedures 9.13, 9.16.4
+ ------------------------------------------------------
+ 2.5 Fees 9.1
+ ------------------------------------------------------
+ 2.5.1 Certificate Issuance
+ or Renewal Fees 9.1.1
+ ------------------------------------------------------
+ 2.5.2 Certificate Access Fees 9.1.2
+
+
+
+Chokhani, et al. Informational [Page 63]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 2.5.3 Revocation or Status
+ Information Access Fees 9.1.3
+ ------------------------------------------------------
+ 2.5.4 Fees for Other Services Such
+ as Policy Information 9.1.4
+ ------------------------------------------------------
+ 2.5.5 Refund Policy 9.1.5
+ ------------------------------------------------------
+ 2.6 Publication and Repository 2.
+ ------------------------------------------------------
+ 2.6.1 Publication of CA
+ Information 2.2, 4.4.2,
+ 4.4.3, 4.6.6,
+ 4.6.7, 4.7.6,
+ 4.7.7, 4.8.6,
+ 4.8.7
+ ------------------------------------------------------
+ 2.6.2 Frequency of Publication 2.3
+ ------------------------------------------------------
+ 2.6.3 Access Controls 2.4
+ ------------------------------------------------------
+ 2.6.4 Repositories 2.1
+ ------------------------------------------------------
+ 2.7 Compliance Audit 8.
+ ------------------------------------------------------
+ 2.7.1 Frequency of Entity Compliance
+ Audit 8.1
+ ------------------------------------------------------
+ 2.7.2 Identity/Qualifications of
+ Auditor 8.2
+ ------------------------------------------------------
+ 2.7.3 Auditor's Relationship to Audited
+ Party 8.3
+ ------------------------------------------------------
+ 2.7.4 Topics Covered by Audit 8.4
+ ------------------------------------------------------
+ 2.7.5 Actions Taken as a Result of
+ Deficiency 8.5
+ ------------------------------------------------------
+ 2.7.6 Communications of Results 8.6
+ ------------------------------------------------------
+ 2.8 Confidentiality 9.3, 9.4
+ ------------------------------------------------------
+ 2.8.1 Types of Information to be
+ Kept Confidential 9.3.1, 9.4.2
+
+
+
+
+
+Chokhani, et al. Informational [Page 64]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 2.8.2 Types of Information Not
+ Considered Confidential 9.3.2, 9.4.3
+ ------------------------------------------------------
+ 2.8.3 Disclosure of Certificate
+ Revocation/Suspension
+ Information 9.3.1, 9.3.2,
+ 9.3.3, 9.4.2,
+ 9.4.3, 9.4.4
+ ------------------------------------------------------
+ 2.8.4 Release to Law Enforcement
+ Officials 9.3.3, 9.4.6
+ ------------------------------------------------------
+ 2.8.5 Release as Part of Civil
+ Discovery 9.3.3, 9.4.6
+ ------------------------------------------------------
+ 2.8.6 Disclosure Upon Owner's
+ Request 9.3.3, 9.4.7
+ ------------------------------------------------------
+ 2.8.7 Other Information Release
+ Circumstances 9.3.3, 9.4.7
+ ------------------------------------------------------
+ 2.9 Intellectual Property Rights 9.5
+ ------------------------------------------------------
+ 3. Identification and Authentication 3.
+ ------------------------------------------------------
+ 3.1 Initial Registration 3.1, 3.2
+ ------------------------------------------------------
+ 3.1.1 Type of Names 3.1.1
+ ------------------------------------------------------
+ 3.1.2 Need for Names to be
+ Meaningful 3.1.2, 3.1.3
+ ------------------------------------------------------
+ 3.1.3 Rules for Interpreting
+ Various Name Forms 3.1.4
+ ------------------------------------------------------
+ 3.1.4 Uniqueness of Names 3.1.5
+ ------------------------------------------------------
+ 3.1.5 Name Claim Dispute
+ Resolution Procedure 3.1.6
+ ------------------------------------------------------
+ 3.1.6 Recognition, Authentication,
+ and Role of Trademarks 3.1.6
+ ------------------------------------------------------
+ 3.1.7 Method to Prove Possession
+ of Private Key 3.2.1
+
+
+
+
+
+Chokhani, et al. Informational [Page 65]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 3.1.8 Authentication of
+ Organization Identity 3.2.2
+ ------------------------------------------------------
+ 3.1.9 Authentication of
+ Individual Identity 3.2.3
+ ------------------------------------------------------
+ 3.2 Routine Rekey 3.3.1, 4.6, 4.7
+ ------------------------------------------------------
+ 3.3 Rekey After Revocation 3.3.2
+ ------------------------------------------------------
+ 3.4 Revocation Request 3.4
+ ------------------------------------------------------
+ 4. Operational Requirements 4., 5.
+ ------------------------------------------------------
+ 4.1 Certificate Application 4.1, 4.2, 4.6,
+ 4.7
+ ------------------------------------------------------
+ 4.2 Certificate Issuance 4.2, 4.3, 4.4.3,
+ 4.6, 4.7, 4.8.4,
+ 4.8.6, 4.8.7
+ ------------------------------------------------------
+ 4.3 Certificate Acceptance 4.3.2, 4.4, 4.6,
+ 4.7, 4.8.4-4.8.7
+ ------------------------------------------------------
+ 4.4 Certificate Suspension
+ and Revocation 4.8, 4.9
+ ------------------------------------------------------
+ 4.4.1 Circumstances for Revocation 4.8.1, 4.9.1
+ ------------------------------------------------------
+ 4.4.2 Who Can Request Revocation 4.8.2, 4.9.2
+ ------------------------------------------------------
+ 4.4.3 Procedure for Revocation
+ Request 4.8.3-4.8.7,
+ 4.9.3
+ ------------------------------------------------------
+ 4.4.4 Revocation Request
+ Grace Period 4.9.4
+ ------------------------------------------------------
+ 4.4.5 Circumstances for Suspension 4.9.13
+ ------------------------------------------------------
+ 4.4.6 Who Can Request Suspension 4.9.14
+ ------------------------------------------------------
+ 4.4.7 Procedure for Suspension
+ Request 4.9.15
+ ------------------------------------------------------
+ 4.4.8 Limits on Suspension Period 4.9.16
+
+
+
+
+Chokhani, et al. Informational [Page 66]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 4.4.9 CRL Issuance Frequency
+ (If Applicable) 4.9.7, 4.9.8,
+ 4.10
+ ------------------------------------------------------
+ 4.4.10 CRL Checking Requirements 4.9.6, 4.10
+ ------------------------------------------------------
+ 4.4.11 On-Line Revocation/
+ Status Checking
+ Availability 4.9.9, 4.10
+ ------------------------------------------------------
+ 4.4.12 On-Line Revocation
+ Checking Requirements 4.9.6, 4.9.10,
+ 4.10
+ ------------------------------------------------------
+ 4.4.13 Other Forms
+ of Revocation
+ Advertisements 4.9.11, 4.10
+ ------------------------------------------------------
+ 4.4.14 Checking Requirements
+ for Other Forms of
+ Revocation
+ Advertisements 4.9.6, 4.9.11,
+ 4.10
+ ------------------------------------------------------
+ 4.4.15 Special Requirements re
+ Key Compromise 4.9.12
+ ------------------------------------------------------
+ 4.5 Security Audit Procedures 5.4
+ ------------------------------------------------------
+ 4.5.1 Types of Events Recorded 5.4.1
+ ------------------------------------------------------
+ 4.5.2 Frequency of Processing Log 5.4.2
+ ------------------------------------------------------
+ 4.5.3 Retention Period for Audit
+ Log 5.4.3
+ ------------------------------------------------------
+ 4.5.4 Protection of Audit Log 5.4.4
+ ------------------------------------------------------
+ 4.5.5 Audit Log Backup Procedures 5.4.5
+ ------------------------------------------------------
+ 4.5.6 Audit Collection System
+ (Internal vs. External) 5.4.6
+ ------------------------------------------------------
+ 4.5.7 Notification to Event-Causing
+ Subject 5.4.7
+ ------------------------------------------------------
+ 4.5.8 Vulnerability Assessments 5.4.8
+
+
+
+Chokhani, et al. Informational [Page 67]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 4.6 Records Archival 5.5
+ ------------------------------------------------------
+ 4.6.1 Types of Records Archived 5.5.1
+ ------------------------------------------------------
+ 4.6.2 Retention Period for Archive 5.5.2
+ ------------------------------------------------------
+ 4.6.3 Protection of Archive 5.5.3
+ ------------------------------------------------------
+ 4.6.4 Archive Backup Procedures 5.5.4
+ ------------------------------------------------------
+ 4.6.5 Requirements for
+ Time-Stamping of Records 5.5.5
+ ------------------------------------------------------
+ 4.6.6 Archive Collection System
+ (Internal or External) 5.5.6
+ ------------------------------------------------------
+ 4.6.6 Procedures to Obtain and
+ Verify Archive Information 5.5.7
+ ------------------------------------------------------
+ 4.7 Key Changeover 5.6
+ ------------------------------------------------------
+ 4.8 Compromise and Disaster
+ Recovery 5.7, 5.7.1
+ ------------------------------------------------------
+ 4.8.1 Computing Resources, Software,
+ and/or Data Are Corrupted 5.7.2
+ ------------------------------------------------------
+ 4.8.2 Entity Public
+ Key is Revoked 4.9.7, 4.9.9,
+ 4.9.11
+ ------------------------------------------------------
+ 4.8.3 Entity Key is Compromised 5.7.3
+ ------------------------------------------------------
+ 4.8.4 Secure Facility After a Natural
+ or Other Type of Disaster 5.7.4
+ ------------------------------------------------------
+ 4.9 CA Termination 5.8
+ ------------------------------------------------------
+ 5. Physical, Procedural, and
+ Personnel Security Controls 5.
+ ------------------------------------------------------
+ 5.1 Physical Controls 5.1
+ ------------------------------------------------------
+ 5.1.1 Site Location and Construction 5.1.1
+ ------------------------------------------------------
+ 5.1.2 Physical Access 5.1.2
+
+
+
+
+Chokhani, et al. Informational [Page 68]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 5.1.3 Power and Air Conditioning 5.1.3
+ ------------------------------------------------------
+
+ 5.1.4 Water Exposures 5.1.4
+ ------------------------------------------------------
+ 5.1.5 Fire Prevention and Protection 5.1.5
+ ------------------------------------------------------
+ 5.1.6 Media Storage 5.1.6
+ ------------------------------------------------------
+ 5.1.7 Waste Disposal 5.1.7
+ ------------------------------------------------------
+ 5.1.8 Off-Site Backup 5.1.8
+ ------------------------------------------------------
+ 5.2 Procedural Controls 5.2
+ ------------------------------------------------------
+ 5.2.1 Trusted Roles 5.2.1, 5.2.4
+ ------------------------------------------------------
+ 5.2.2 Number of Persons
+ Required per Task 5.2.2, 5.2.4
+ ------------------------------------------------------
+ 5.2.3 Identification and
+ Authentication for Each Role 5.2.3
+ ------------------------------------------------------
+ 5.3 Personnel Controls 5.3
+ ------------------------------------------------------
+ 5.3.1 Background, Qualifications,
+ Experience, and Clearance
+ Requirements 5.3.1
+ ------------------------------------------------------
+ 5.3.2 Background Check Procedures 5.3.2
+ ------------------------------------------------------
+ 5.3.3 Training Requirements 5.3.3
+ ------------------------------------------------------
+ 5.3.4 Retraining Frequency
+ and Requirements 5.3.4
+ ------------------------------------------------------
+ 5.3.5 Job Rotation Frequency
+ and Sequence 5.3.5
+ ------------------------------------------------------
+ 5.3.6 Sanctions for
+ Unauthorized Actions 5.3.6
+ ------------------------------------------------------
+ 5.3.7 Contracting Personnel
+ Requirements 5.3.7
+ ------------------------------------------------------
+ 5.3.8 Documentation Supplied to
+ Personnel 5.3.8
+
+
+
+Chokhani, et al. Informational [Page 69]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 6. Technical Security Controls 6.
+ ------------------------------------------------------
+ 6.1 Key Pair Generation and
+ Installation 6.1
+ ------------------------------------------------------
+ 6.1.1 Key Pair Generation 6.1.1
+ ------------------------------------------------------
+ 6.1.2 Private Key Delivery to Entity 6.1.2
+ ------------------------------------------------------
+ 6.1.3 Public Key Delivery to
+ Certificate Issuer 6.1.3
+ ------------------------------------------------------
+ 6.1.4 CA Public Key Delivery to Users 6.1.4
+ ------------------------------------------------------
+ 6.1.5 Key Sizes 6.1.5
+ ------------------------------------------------------
+ 6.1.6 Public Key Parameters Generation 6.1.6
+ ------------------------------------------------------
+ 6.1.7 Parameter Quality Checking 6.1.6
+ ------------------------------------------------------
+ 6.1.8 Hardware/Software Key Generation 6.1.1
+ ------------------------------------------------------
+ 6.1.9 Key Usage Purposes
+ (as per X.509 v3 Key Usage Field) 6.1.9
+ ------------------------------------------------------
+ 6.2 Private Key Protection 6.2
+ ------------------------------------------------------
+ 6.2.1 Standards for Cryptographic
+ Module 6.2.1
+ ------------------------------------------------------
+
+ 6.2.2 Private Key (n out of m)
+ Multi-Person Control 6.2.2
+ ------------------------------------------------------
+ 6.2.3 Private Key Escrow 6.2.3
+ ------------------------------------------------------
+ 6.2.4 Private Key Backup 6.2.4
+ ------------------------------------------------------
+ 6.2.5 Private Key Archival 6.2.5
+ ------------------------------------------------------
+ 6.2.6 Private Key Entry Into
+ Cryptographic Module 6.2.6, 6.2.7
+ ------------------------------------------------------
+ 6.2.7 Method of Activating
+ Private Key 6.2.8
+
+
+
+
+
+Chokhani, et al. Informational [Page 70]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 6.2.8 Method of Deactivating
+ Private Key 6.2.9
+ ------------------------------------------------------
+ 6.2.9 Method of Destroying Private
+ Key 6.2.10
+ ------------------------------------------------------
+ 6.3 Other Aspects of Key Pair
+ Management 6.3
+ ------------------------------------------------------
+ 6.3.1 Public Key Archival 6.3.1
+ ------------------------------------------------------
+ 6.3.2 Usage Periods for the Public
+ and Private Keys 6.3.2
+ ------------------------------------------------------
+ 6.4 Activation Data 6.4
+ ------------------------------------------------------
+ 6.4.1 Activation Data Generation
+ and Installation 6.4.1
+ ------------------------------------------------------
+ 6.4.2 Activation Data Protection 6.4.2
+ ------------------------------------------------------
+ 6.4.3 Other Aspects of Activation
+ Data 6.4.3
+ ------------------------------------------------------
+ 6.5 Computer Security Controls 6.5
+ ------------------------------------------------------
+ 6.5.1 Specific Computer Security
+ Technical Requirements 6.5.1
+ ------------------------------------------------------
+ 6.5.2 Computer Security Rating 6.5.2
+ ------------------------------------------------------
+ 6.6 Life Cycle Technical Controls 6.6
+ ------------------------------------------------------
+ 6.6.1 System Development Controls 6.6.1
+ ------------------------------------------------------
+ 6.6.2 Security Management Controls 6.6.2
+ ------------------------------------------------------
+ 6.6.3 Life Cycle Security Controls 6.6.3
+ ------------------------------------------------------
+ 6.7 Network Security Controls 6.7
+ ------------------------------------------------------
+ 6.8 Cryptographic Module
+ Engineering Controls 6.2.1, 6.2,
+ 6.2.1, 6.2.11
+ ------------------------------------------------------
+ 7.Certificate and CRL Profiles 7.
+
+
+
+
+Chokhani, et al. Informational [Page 71]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 7.1 Certificate Profile 7.1
+ ------------------------------------------------------
+ 7.1.1 Version Number(s) 7.1.1
+ ------------------------------------------------------
+ 7.1.2 Certificate Extensions 7.1.2
+ ------------------------------------------------------
+ 7.1.3 Algorithm Object Identifiers 7.1.3
+ ------------------------------------------------------
+ 7.1.4 Name Forms 7.1.4
+ ------------------------------------------------------
+ 7.1.5 Name Constraints 7.1.5
+ ------------------------------------------------------
+ 7.1.6 Certificate Policy Object
+ Identifier 7.1.6
+ ------------------------------------------------------
+ 7.1.7 Usage of Policy Constraints
+ Extension 7.1.7
+ ------------------------------------------------------
+ 7.1.8 Policy Qualifiers Syntax
+ and Semantics 7.1.8
+ ------------------------------------------------------
+ 7.1.9 Processing Semantics for
+ the Critical Certificate
+ Policies Extension 7.1.9
+ ------------------------------------------------------
+ 7.2 CRL Profile 7.2
+ ------------------------------------------------------
+ 7.2.1 Version Number(s) 7.2.1
+ ------------------------------------------------------
+ 7.2.2 CRL and CRL Entry Extensions 7.2.1
+ ------------------------------------------------------
+ 8. Specification Administration N/A
+ ------------------------------------------------------
+ 8.1 Specification Change
+ Procedures 9.12
+ ------------------------------------------------------
+ 8.2 Publication and Notification
+ Policies 2.2, 2.3
+ ------------------------------------------------------
+ 8.3 CPS Approval Procedures 1.5.4
+ ------------------------------------------------------
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 72]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ The following matrix shows the sections in the new framework and the
+ sections in RFC 2527 to which the headings in the new framework
+ correspond.
+
+ NEW RFC SECTION ORIGINAL RFC 2527
+ SECTION
+ ------------------------------------------------------
+ 1. Introduction 1.
+ ------------------------------------------------------
+ 1.1 Overview 1.1
+ ------------------------------------------------------
+ 1.2 Document Name and Identification 1.2
+ ------------------------------------------------------
+ 1.3 PKI Participants 1.3
+ ------------------------------------------------------
+ 1.3.1 Certification Authorities 1.3.1
+ ------------------------------------------------------
+ 1.3.2 Registration Authorities 1.3.2
+ ------------------------------------------------------
+ 1.3.3 Subscribers 1.3.3
+ ------------------------------------------------------
+ 1.3.4 Relying Parties 1.3.3
+ ------------------------------------------------------
+ 1.3.5 Other Participants N/A
+ ------------------------------------------------------
+ 1.4 Certificate Usage 1.3.4
+ ------------------------------------------------------
+ 1.4.1 Appropriate Certificate Uses 1.3.4
+ ------------------------------------------------------
+ 1.4.2 Prohibited Certificate Uses 1.3.4
+ ------------------------------------------------------
+ 1.5 Policy Administration 1.4
+ ------------------------------------------------------
+ 1.5.1 Organization Administering
+ the Document 1.4.1
+ ------------------------------------------------------
+ 1.5.2 Contact Person 1.4.2
+ ------------------------------------------------------
+ 1.5.3 Person Determining CPS
+ Suitability for the Policy 1.4.3
+ ------------------------------------------------------
+ 1.5.4 CPS Approval Procedures 8.3
+ ------------------------------------------------------
+ 1.6 Definitions and Acronyms N/A
+ ------------------------------------------------------
+ 2. Publication and Repository
+ Responsibilities 2.1.5, 2.6
+
+
+
+
+Chokhani, et al. Informational [Page 73]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 2.1 Repositories 2.6.4
+ ------------------------------------------------------
+ 2.2 Publication of Certification
+ Information 2.6.1, 8.2
+ ------------------------------------------------------
+ 2.3 Time or Frequency of
+ Publication 2.6.2, 8.2
+ ------------------------------------------------------
+ 2.4 Access Controls on Repositories 2.6.3
+ ------------------------------------------------------
+ 3. Identification and Authentication 3.
+ ------------------------------------------------------
+ 3.1 Naming 3.1
+ ------------------------------------------------------
+ 3.1.1 Type of Names 3.1.1
+ ------------------------------------------------------
+ 3.1.2 Need for Names to be Meaningful 3.1.2
+ ------------------------------------------------------
+ 3.1.3. Anonymity or Pseudonymity of
+ Subscribers 3.1.2
+ ------------------------------------------------------
+ 3.1.4 Rules for Interpreting Various
+ Name Forms 3.1.3
+ ------------------------------------------------------
+ 3.1.5 Uniqueness of Names 3.1.4
+ ------------------------------------------------------
+ 3.1.6 Recognition, Authentication,
+ and Role of Trademarks 3.1.5, 3.1.6
+ ------------------------------------------------------
+ 3.2 Initial Identity Validation 3.1
+ ------------------------------------------------------
+ 3.2.1 Method to Prove Possession
+ of Private Key 3.1.7
+ ------------------------------------------------------
+ 3.2.2 Authentication of
+ Organization Identity 3.1.8
+ ------------------------------------------------------
+ 3.2.3 Authentication of Individual
+ Identity 3.1.9
+ ------------------------------------------------------
+ 3.2.4 Non-Verified Subscriber
+ Information N/A
+ ------------------------------------------------------
+ 3.2.5 Validation of Authority 3.1.9
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 74]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 3.2.6 Criteria for Interoperation 4.1
+ ------------------------------------------------------
+ 3.3 Identification and Authentication
+ for Re-Key Requests 3.2, 3.3
+ ------------------------------------------------------
+ 3.3.1 Identification and
+ Authentication for Routine
+ Re-Key 3.2
+ ------------------------------------------------------
+ 3.3.2 Identification and
+ Authentication for Re-Key
+ After Revocation 3.3
+ ------------------------------------------------------
+ 3.4 Identification and Authentication
+ for Revocation Request 3.4
+ ------------------------------------------------------
+ 4. Certificate Life-Cycle
+ Operational Requirements 4.
+ ------------------------------------------------------
+ 4.1 Certificate Application 4.1
+ ------------------------------------------------------
+ 4.1.1 Who Can Submit a Certificate
+ Application 4.1
+ ------------------------------------------------------
+ 4.1.2 Enrollment Process and
+ Responsibilities 2.1.3, 4.1
+ ------------------------------------------------------
+ 4.2 Certificate Application
+ Processing 4.1, 4.2
+ ------------------------------------------------------
+ 4.2.1 Performing Identification
+ and Authentication Functions 4.1, 4.2
+ ------------------------------------------------------
+ 4.2.2 Approval or Rejection of
+ Certificate Applications 4.1, 4.2
+ ------------------------------------------------------
+ 4.2.3 Time to Process
+ Certificate Applications 4.1, 4.2
+ ------------------------------------------------------
+ 4.3 Certificate Issuance 4.2
+ ------------------------------------------------------
+ 4.3.1 CA Actions During
+ Certificate Issuance 4.2
+ ------------------------------------------------------
+ 4.3.2 Notifications to Subscriber by
+ the CA of Issuance of Certificate 4.2, 4.3
+
+
+
+
+Chokhani, et al. Informational [Page 75]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 4.4 Certificate Acceptance 2.1.3, 4.3
+ ------------------------------------------------------
+ 4.4.1 Conduct Constituting
+ Certificate Acceptance 4.3
+ ------------------------------------------------------
+ 4.4.2 Publication of the
+ Certificate by the CA 2.1.5, 2.6.1, 4.3
+ ------------------------------------------------------
+ 4.4.3 Notification of
+ Certificate Issuance by
+ the CA to Other Entities 2.1.5, 2.6.1,
+ 4.2, 4.3
+ ------------------------------------------------------
+ 4.5 Key Pair and
+ Certificate Usage 1.3.4, 2.1.3,
+ 2.1.4
+ ------------------------------------------------------
+ 4.5.1 Subscriber Private Key
+ and Certificate Usage 1.3.4, 2.1.3
+ ------------------------------------------------------
+ 4.5.2 Relying Party Public
+ Key and Certificate
+ Usage 1.3.4, 2.1.4
+ ------------------------------------------------------
+ 4.6 Certificate Renewal 3.2, 4.1, 4.2,
+ 4.3
+ ------------------------------------------------------
+ 4.6.1 Circumstances for
+ Certificate Renewal 3.2, 4.1
+ ------------------------------------------------------
+ 4.6.2 Who May Request Renewal 3.2, 4.1
+ ------------------------------------------------------
+ 4.6.3 Processing Certificate
+ Renewal Requests 3.2, 4.1, 4.2
+ ------------------------------------------------------
+ 4.6.4 Notification of New
+ Certificate Issuance to
+ Subscriber 3.2, 4.2, 4.3
+ ------------------------------------------------------
+ 4.6.5 Conduct Constituting
+ Acceptance of a Renewal
+ Certificate 2.1.3, 3.2, 4.3
+ ------------------------------------------------------
+ 4.6.6 Publication of the
+ Renewal Certificate
+ by the CA 2.1.5, 2.6.1,
+ 3.2, 4.3
+
+
+
+Chokhani, et al. Informational [Page 76]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 4.6.7 Notification of
+ Certificate Issuance by
+ the CA to Other Entities 2.1.5, 2.6.1, 3.2,
+ 4.2, 4.3
+ ------------------------------------------------------
+ 4.7 Certificate Re-Key 3.2, 4.1, 4.2, 4.3
+ ------------------------------------------------------
+ 4.7.1 Circumstances for
+ Certificate Re-Key 3.2, 4.1
+ ------------------------------------------------------
+ 4.7.2 Who May Request Certification
+ of a New Public Key 3.2, 4.1
+ ------------------------------------------------------
+ 4.7.3 Processing Certificate
+ Re-Keying Requests 3.2, 4.1, 4.2
+ ------------------------------------------------------
+ 4.7.4 Notification of New
+ Certificate Issuance to
+ Subscriber 3.2, 4.2, 4.3
+ ------------------------------------------------------
+ 4.7.5 Conduct Constituting
+ Acceptance of a
+ Re-Keyed Certificate 2.1.3, 3.2, 4.3
+ ------------------------------------------------------
+ 4.7.6 Publication of the
+ Re-Keyed Certificate
+ by the CA 2.1.5, 2.6.1,
+ 3.2, 4.3
+ ------------------------------------------------------
+ 4.7.7 Notification of Certificate
+ Issuance by the CA
+ to Other Entities 2.1.5, 2.6.1,
+ 3.2, 4.2, 4.3
+ ------------------------------------------------------
+ 4.8 Certificate Modification 4.4
+ ------------------------------------------------------
+ 4.8.1 Circumstances for
+ Certificate Modification 2.1.3, 4.4.1
+ ------------------------------------------------------
+ 4.8.2 Who May Request Certificate
+ Modification 4.4.2
+ ------------------------------------------------------
+ 4.8.3 Processing Certificate
+ Modification Requests 4.4.3
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 77]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 4.8.4 Notification of New
+ Certificate Issuance to
+ Subscriber 4.2, 4.3, 4.4.3
+ ------------------------------------------------------
+ 4.8.5 Conduct Constituting
+ Acceptance of Modified
+ Certificate 2.1.3, 4.3, 4.4.3
+ ------------------------------------------------------
+ 4.8.6 Publication of the Modified
+ Certificate by
+ the CA 2.1.5, 2.6.1,
+ 4.2, 4.3, 4.4.3
+ ------------------------------------------------------
+ 4.8.7 Notification of
+ Certificate Issuance by
+ the CA to Other
+ Entities 2.1.5, 2.6.1,
+ 4.2, 4.3, 4.4.3
+ ------------------------------------------------------
+ 4.9 Certificate Revocation
+ and Suspension 4.4
+ ------------------------------------------------------
+ 4.9.1 Circumstances for Revocation 2.1.3, 4.4.1
+ ------------------------------------------------------
+ 4.9.2 Who Can Request Revocation 4.4.2
+ ------------------------------------------------------
+ 4.9.3 Procedure for Revocation
+ Request 2.1.3, 4.4.3
+ ------------------------------------------------------
+ 4.9.4 Revocation Request Grace
+ Period 4.4.4
+ ------------------------------------------------------
+ 4.9.5 Time Within Which CA Must
+ Process the Revocation Request N/A
+ ------------------------------------------------------
+ 4.9.6 Revocation Checking
+ Requirements for Relying
+ Parties 2.1.4, 4.4.10,
+ 4.4.12, 4.4.14
+ ------------------------------------------------------
+ 4.9.7 CRL Issuance Frequency 4.4.9, 4.8.3
+ ------------------------------------------------------
+ 4.9.8 Maximum Latency for CRLs 4.4.9
+ ------------------------------------------------------
+ 4.9.9 On-Line Revocation/Status
+ Checking Availability 4.4.11, 4.8.3
+
+
+
+
+Chokhani, et al. Informational [Page 78]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 4.9.10 On-Line Revocation
+ Checking Requirements 4.4.12
+ ------------------------------------------------------
+ 4.9.11 Other Forms of Revocation
+ Advertisements Available 4.4.13, 4.4.14,
+ 4.8.3
+ ------------------------------------------------------
+ 4.9.12 Special Requirements re
+ Key Compromise 4.4.15
+ ------------------------------------------------------
+ 4.9.13 Circumstances for Suspension 2.1.3, 4.4.5
+ ------------------------------------------------------
+ 4.9.14 Who Can Request Suspension 4.4.6
+ ------------------------------------------------------
+ 4.9.15 Procedure for
+ Suspension Request 2.1.3, 4.4.7
+ ------------------------------------------------------
+ 4.9.16 Limits on Suspension Period 4.4.8
+ ------------------------------------------------------
+ 4.10 Certificate Status Services 4.4.9-4.4.14
+ ------------------------------------------------------
+ 4.10.1 Operational
+ Characteristics 4.4.9, 4.4.11,
+ 4.4.13
+ ------------------------------------------------------
+ 4.10.2 Service Availability 4.4.9, 4.4.11,
+ 4.4.13
+ ------------------------------------------------------
+ 4.10.3 Operational Features 4.4.9, 4.4.11,
+ 4.4.13
+ ------------------------------------------------------
+ 4.11 End of Subscription N/A
+ ------------------------------------------------------
+ 4.12 Key Escrow and Recovery 6.2.3
+ ------------------------------------------------------
+ 4.12.1 Key Escrow and Recovery Policy
+ and Practices 6.2.3
+ ------------------------------------------------------
+ 4.12.2 Session Key Encapsulation
+ and Recovery Policy and
+ Practices 6.2.3
+ ------------------------------------------------------
+ 5. Facility, Management, and
+ Operational Controls 2.1.3, 2.1.4,
+ 4., 5.
+ ------------------------------------------------------
+ 5.1 Physical Controls 5.1
+
+
+
+Chokhani, et al. Informational [Page 79]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 5.1.1 Site Location and Construction 5.1.1
+ ------------------------------------------------------
+ 5.1.2 Physical Access 5.1.2
+ ------------------------------------------------------
+ 5.1.3 Power and Air Conditioning 5.1.3
+ ------------------------------------------------------
+ 5.1.4 Water Exposures 5.1.4
+ ------------------------------------------------------
+ 5.1.5 Fire Prevention and Protection 5.1.5
+ ------------------------------------------------------
+ 5.1.6 Media Storage 5.1.6
+ ------------------------------------------------------
+ 5.1.7 Waste Disposal 5.1.7
+ ------------------------------------------------------
+ 5.1.8 Off-Site Backup 5.1.8
+ ------------------------------------------------------
+ 5.2 Procedural Controls 5.2
+ ------------------------------------------------------
+ 5.2.1 Trusted Roles 5.2.1
+ ------------------------------------------------------
+ 5.2.2 Number of Persons Required
+ per Task 5.2.2
+ ------------------------------------------------------
+ 5.2.3 Identification and
+ Authentication for Each Role 5.2.3
+ ------------------------------------------------------
+ 5.2.4 Roles Requiring Separation
+ of Duties 5.2.1, 5.2.2
+ ------------------------------------------------------
+ 5.3 Personnel Controls 5.3
+ ------------------------------------------------------
+ 5.3.1 Qualifications, Experience,
+ and Clearance Requirements 5.3.1
+ ------------------------------------------------------
+ 5.3.2 Background Check Procedures 5.3.2
+ ------------------------------------------------------
+ 5.3.3 Training Requirements 5.3.3
+ ------------------------------------------------------
+ 5.3.4 Retraining Frequency
+ and Requirements 5.3.4
+ ------------------------------------------------------
+ 5.3.5 Job Rotation Frequency
+ and Sequence 5.3.5
+ ------------------------------------------------------
+ 5.3.6 Sanctions for Unauthorized
+ Actions 5.3.6
+
+
+
+
+Chokhani, et al. Informational [Page 80]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 5.3.7 Independent Contractor
+ Requirements 5.3.7
+ ------------------------------------------------------
+ 5.3.8 Documentation Supplied to
+ Personnel 5.3.8
+ ------------------------------------------------------
+ 5.4 Audit Logging Procedures 4.5
+ ------------------------------------------------------
+ 5.4.1 Types of Events Recorded 4.5.1
+ ------------------------------------------------------
+ 5.4.2 Frequency of Processing Log 4.5.2
+ ------------------------------------------------------
+ 5.4.3 Retention Period for Audit
+ Log 4.5.3
+ ------------------------------------------------------
+ 5.4.4 Protection of Audit Log 4.5.4
+ ------------------------------------------------------
+ 5.4.5 Audit Log Backup Procedures 4.5.5
+ ------------------------------------------------------
+ 5.4.6 Audit Collection System
+ (Internal vs. External) 4.5.6
+ ------------------------------------------------------
+ 5.4.7 Notification to Event-Causing
+ Subject 4.5.7
+ ------------------------------------------------------
+ 5.4.8 Vulnerability Assessments 4.5.8
+ ------------------------------------------------------
+ 5.5 Records Archival 4.6
+ ------------------------------------------------------
+ 5.5.1 Types of Records Archived 4.6.1
+ ------------------------------------------------------
+ 5.5.2 Retention Period for Archive 4.6.2
+ ------------------------------------------------------
+ 5.5.3 Protection of Archive 4.6.3
+ ------------------------------------------------------
+ 5.5.4 Archive Backup Procedures 4.6.4
+ ------------------------------------------------------
+ 5.5.5 Requirements for Time-Stamping
+ of Records 4.6.5
+ ------------------------------------------------------
+ 5.5.6 Archive Collection System
+ (Internal or External) 4.6.6
+ ------------------------------------------------------
+ 5.5.7 Procedures to Obtain and
+ Verify Archive
+ Information 4.6.7
+
+
+
+
+Chokhani, et al. Informational [Page 81]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 5.6 Key Changeover 4.7
+ ------------------------------------------------------
+ 5.7 Compromise and Disaster Recovery 4.8
+ ------------------------------------------------------
+ 5.7.1 Incident and Compromise
+ Handling Procedures 4.8
+ ------------------------------------------------------
+ 5.7.2 Computing Resources, Software,
+ and/or Data Are Corrupted 4.8.1
+ ------------------------------------------------------
+ 5.7.3 Entity Private Key
+ Compromise Procedures 4.8.3
+ ------------------------------------------------------
+ 5.7.4 Business Continuity
+ Capabilities After a
+ Disaster 4.8.4
+ ------------------------------------------------------
+ 5.8 CA or RA Termination 4.9
+ ------------------------------------------------------
+ 6. Technical Security Controls 2.1.3, 2.1.4,
+ 6.
+ ------------------------------------------------------
+ 6.1 Key Pair Generation and
+ Installation 6.1
+ ------------------------------------------------------
+ 6.1.1 Key Pair Generation 6.1.1, 6.1.8
+ ------------------------------------------------------
+ 6.1.2 Private Key Delivery to
+ Subscriber 6.1.2
+ ------------------------------------------------------
+ 6.1.3 Public Key Delivery to
+ Certificate Issuer 6.1.3
+ ------------------------------------------------------
+ 6.1.4 CA Public Key Delivery to
+ Relying Parties 6.1.4
+ ------------------------------------------------------
+ 6.1.5 Key Sizes 6.1.5
+ ------------------------------------------------------
+ 6.1.6 Public Key Parameters Generation
+ and Quality Checking 6.1.6, 6.1.7
+ ------------------------------------------------------
+ 6.1.7 Key Usage Purposes
+ (as per X.509 v3
+ Key Usage Field) 6.1.9
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 82]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 6.2 Private Key Protection and
+ Cryptographic Module
+ Engineering Controls 6.2, 6.8
+ ------------------------------------------------------
+ 6.2.1 Cryptographic Module Standards
+ and Controls 6.2.1, 6.8
+ ------------------------------------------------------
+ 6.2.2 Private Key (n out of m)
+ Multi-Person Control 6.2.2
+ ------------------------------------------------------
+ 6.2.3 Private Key Escrow 6.2.3
+ ------------------------------------------------------
+ 6.2.4 Private Key Backup 6.2.4
+ ------------------------------------------------------
+ 6.2.5 Private Key Archival 6.2.5
+ ------------------------------------------------------
+ 6.2.6 Private Key Transfer Into
+ or From a Cryptographic
+ Module 6.2.6
+ ------------------------------------------------------
+ 6.2.7 Private Key Storage on
+ Cryptographic Module 6.2.6
+ ------------------------------------------------------
+ 6.2.8 Method of Activating Private
+ Key 6.2.7
+ ------------------------------------------------------
+ 6.2.9 Method of Deactivating
+ Private Key 6.2.8
+ ------------------------------------------------------
+ 6.2.10 Method of Destroying
+ Private Key 6.2.9
+ ------------------------------------------------------
+ 6.2.11 Cryptographic Module Rating 6.2.1, 6.8
+ ------------------------------------------------------
+ 6.3 Other Aspects of Key Pair
+ Management 6.3
+ ------------------------------------------------------
+ 6.3.1 Public Key Archival 6.3.1
+ ------------------------------------------------------
+ 6.3.2 Certificate Operational
+ Periods and Key Pair Usage
+ Periods 6.3.2
+ ------------------------------------------------------
+ 6.4 Activation Data 6.4
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 83]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 6.4.1 Activation Data Generation
+ and Installation 6.4.1
+ ------------------------------------------------------
+ 6.4.2 Activation Data Protection 6.4.2
+ ------------------------------------------------------
+ 6.4.3 Other Aspects of Activation
+ Data 6.4.3
+ ------------------------------------------------------
+ 6.5 Computer Security Controls 6.5
+ ------------------------------------------------------
+ 6.5.1 Specific Computer Security
+ Technical Requirements 6.5.1
+ ------------------------------------------------------
+ 6.5.2 Computer Security Rating 6.5.2
+ ------------------------------------------------------
+ 6.6 Life Cycle Technical Controls 6.6
+ ------------------------------------------------------
+ 6.6.1 System Development Controls 6.6.1
+ ------------------------------------------------------
+ 6.6.2 Security Management Controls 6.6.2
+ ------------------------------------------------------
+ 6.6.3 Life Cycle Security Controls 6.6.3
+ ------------------------------------------------------
+ 6.7 Network Security Controls 6.7
+ ------------------------------------------------------
+ 6.8 Time-Stamping N/A
+ ------------------------------------------------------
+ 7. Certificate, CRL, and
+ OCSP Profiles 7.
+ ------------------------------------------------------
+ 7.1 Certificate Profile 7.1
+ ------------------------------------------------------
+ 7.1.1 Version Number(s) 7.1.1
+ ------------------------------------------------------
+ 7.1.2 Certificate Extensions 7.1.2
+ ------------------------------------------------------
+ 7.1.3 Algorithm Object Identifiers 7.1.3
+ ------------------------------------------------------
+ 7.1.4 Name Forms 7.1.4
+ ------------------------------------------------------
+ 7.1.5 Name Constraints 7.1.5
+ ------------------------------------------------------
+ 7.1.6 Certificate Policy
+ Object Identifier 7.1.6
+ ------------------------------------------------------
+ 7.1.7 Usage of Policy Constraints
+ Extension 7.1.7
+
+
+
+Chokhani, et al. Informational [Page 84]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 7.1.8 Policy Qualifiers Syntax
+ and Semantics 7.1.8
+ ------------------------------------------------------
+ 7.1.9 Processing Semantics for the
+ Critical Certificate Policies
+ Extension 7.1.9
+ ------------------------------------------------------
+ 7.2 CRL Profile 7.2
+ ------------------------------------------------------
+ 7.2.1 Version Number(s) 7.2.1
+ ------------------------------------------------------
+ 7.2.2 CRL and CRL Entry Extensions 7.2.1
+ ------------------------------------------------------
+ 7.3 OCSP Profile N/A
+ ------------------------------------------------------
+ 7.3.1 Version Number(s) N/A
+ ------------------------------------------------------
+ 7.3.2 OCSP Extensions N/A
+ ------------------------------------------------------
+ 8. Compliance Audit and Other
+ Assessments 2.7
+ ------------------------------------------------------
+ 8.1 Frequency and Circumstances
+ of Assessment 2.7.1
+ ------------------------------------------------------
+ 8.2 Identity/Qualifications of
+ Assessor 2.7.2
+ ------------------------------------------------------
+ 8.3 Assessor's Relationship to
+ Assessed Entity 2.7.3
+ ------------------------------------------------------
+ 8.4 Topics Covered by Assessment 2.7.4
+ ------------------------------------------------------
+ 8.5 Actions Taken as a Result
+ of Deficiency 2.7.5
+ ------------------------------------------------------
+ 8.6 Communications of Results 2.7.6
+ ------------------------------------------------------
+ 9. Other Business and Legal
+ Matters 2.
+
+ ------------------------------------------------------
+ 9.1 Fees 2.5
+ ------------------------------------------------------
+ 9.1.1 Certificate Issuance or
+ Renewal Fees 2.5.1
+
+
+
+
+Chokhani, et al. Informational [Page 85]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 9.1.2 Certificate Access Fees 2.5.2
+ ------------------------------------------------------
+ 9.1.3 Revocation or Status
+ Information Access Fees 2.5.3
+ ------------------------------------------------------
+ 9.1.4 Fees for Other Services 2.5.4
+ ------------------------------------------------------
+ 9.1.5 Refund Policy 2.5.5
+ ------------------------------------------------------
+ 9.2 Financial Responsibility 2.3
+ ------------------------------------------------------
+ 9.2.1 Insurance Coverage 2.3
+ ------------------------------------------------------
+ 9.2.2 Other Assets 2.3
+ ------------------------------------------------------
+ 9.2.3 Insurance or Warranty Coverage
+ for End-Entities 2.3
+ ------------------------------------------------------
+ 9.3 Confidentiality of Business
+ Information 2.8
+ ------------------------------------------------------
+ 9.3.1 Scope of Confidential
+ Information 2.8.1, 2.8.3
+ ------------------------------------------------------
+ 9.3.2 Information Not Within the
+ Scope of Confidential
+ Information 2.8.2, 2.8.3
+ ------------------------------------------------------
+ 9.3.3 Responsibility to Protect
+ Confidential Information 2.8,
+
+ 2.8.3-2.8.7
+ ------------------------------------------------------
+ 9.4 Privacy of Personal Information 2.8
+ ------------------------------------------------------
+ 9.4.1 Privacy Plan N/A
+ ------------------------------------------------------
+ 9.4.2 Information Treated as Private 2.8.1, 2.8.3
+ ------------------------------------------------------
+ 9.4.3 Information Not Deemed Private 2.8.2, 2.8.3
+ ------------------------------------------------------
+ 9.4.4 Responsibility to Protect
+ Private Information 2.8, 2.8.1,
+ 2.8.3
+ ------------------------------------------------------
+ 9.4.5 Notice and Consent to Use
+ Private Information N/A
+
+
+
+Chokhani, et al. Informational [Page 86]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 9.4.6 Disclosure Pursuant to
+ Judicial or Administrative
+ Process 2.8.4-2.8.5
+ ------------------------------------------------------
+ 9.4.7 Other Information Disclosure
+ Circumstances 2.8.6-2.8.7
+ ------------------------------------------------------
+ 9.5 Intellectual Property rights 2.9
+ ------------------------------------------------------
+ 9.6 Representations and Warranties 2.2
+ ------------------------------------------------------
+ 9.6.1 CA Representations and
+ Warranties 2.2.1
+ ------------------------------------------------------
+ 9.6.2 RA Representations and
+ Warranties 2.2.2
+ ------------------------------------------------------
+ 9.6.3 Subscriber Representations
+ and Warranties 2.1.3
+ ------------------------------------------------------
+
+ 9.6.4 Relying Party Representations
+ and Warranties 2.1.4
+ ------------------------------------------------------
+ 9.6.5 Representations and Warranties
+ of Other Participants N/A
+ ------------------------------------------------------
+ 9.7 Disclaimers of Warranties 2.2, 2.3.2
+ ------------------------------------------------------
+ 9.8 Limitations of Liability 2.2
+ ------------------------------------------------------
+ 9.9 Indemnities 2.1.3, 2.1.4,
+ 2.2, 2.3.1
+ ------------------------------------------------------
+ 9.10 Term and Termination N/A
+ ------------------------------------------------------
+ 9.10.1 Term N/A
+ ------------------------------------------------------
+ 9.10.2 Termination N/A
+ ------------------------------------------------------
+ 9.10.3 Effect of Termination and
+ Survival N/A
+ ------------------------------------------------------
+ 9.11 Individual Notices and
+ Communications with Participants 2.4.2
+ ------------------------------------------------------
+ 9.12 Amendments 8.1
+
+
+
+Chokhani, et al. Informational [Page 87]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ ------------------------------------------------------
+ 9.12.1 Procedure for Amendment 8.1
+ ------------------------------------------------------
+ 9.12.2 Notification Mechanism
+ and Period 8.1
+ ------------------------------------------------------
+ 9.12.3 Circumstances Under Which OID
+ Must be Changed 8.1
+ ------------------------------------------------------
+ 9.13 Dispute Resolution Provisions 2.4.3
+ ------------------------------------------------------
+ 9.14 Governing Law 2.4.1
+ ------------------------------------------------------
+ 9.15 Compliance with Applicable Law 2.4.1
+ ------------------------------------------------------
+ 9.16 Miscellaneous Provisions 2.4
+ ------------------------------------------------------
+ 9.16.1 Entire Agreement 2.4.2
+ ------------------------------------------------------
+ 9.16.2 Assignment N/A
+ ------------------------------------------------------
+ 9.16.3 Severability 2.4.2
+ ------------------------------------------------------
+ 9.16.4 Enforcement (Attorney's Fees
+ and Waiver of Rights) 2.4.3
+ ------------------------------------------------------
+ 9.17 Other Provisions N/A
+ ------------------------------------------------------
+
+8. Acknowledgements
+
+ The development of the predecessor document (RFC 2527) was supported
+ by the Government of Canada's Policy Management Authority (PMA)
+ Committee, the National Security Agency, the National Institute of
+ Standards and Technology (NIST), and the American Bar Association
+ Information Security Committee Accreditation Working Group.
+
+ This revision effort is largely a result of constant inspiration from
+ Michael Baum. Michael Power, Mike Jenkins, and Alice Sturgeon have
+ also made several contributions.
+
+9. References
+
+ [ABA1] American Bar Association, Digital Signature Guidelines: Legal
+ Infrastructure for Certification Authorities and Secure
+ Electronic Commerce, 1996.
+
+
+
+
+
+Chokhani, et al. Informational [Page 88]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ [ABA2] American Bar Association, PKI Assessment Guidelines, v0.30,
+ Public Draft For Comment, June 2001.
+
+ [BAU1] Michael. S. Baum, Federal Certification Authority Liability
+ and Policy, NIST-GCR-94-654, June 1994, available at
+ http://www.verisign.com/repository/pubs/index.html.
+
+ [ETS] European Telecommunications Standards Institute, "Policy
+ Requirements for Certification Authorities Issuing Qualified
+ Certificates," ETSI TS 101 456, Version 1.1.1, December 2000.
+
+ [GOC] Government of Canada PKI Policy Management Authority, "Digital
+ Signature and Confidentiality Certificate Policies for the
+ Government of Canada Public Key Infrastructure," v.3.02, April
+ 1999.
+
+ [IDT] Identrus, LLC, "Identrus Identity Certificate Policy" IP-IPC
+ Version 1.7, March 2001.
+
+ [ISO1] ISO/IEC 9594-8/ITU-T Recommendation X.509, "Information
+ Technology - Open Systems Interconnection: The Directory:
+ Authentication Framework," 1997 edition. (Pending publication
+ of 2000 edition, use 1997 edition.)
+
+ [PEM1] Kent, S., "Privacy Enhancement for Internet Electronic Mail:
+ Part II: Certificate-Based Key Management", RFC 1422, February
+ 1993.
+
+ [PKI1] Housley, R., Polk, W. Ford, W. and D. Solo, "Internet X.509
+ Public Key Infrastructure Certificate and Certificate
+ Revocation List (CRL) Profile", RFC 3280, April 2002.
+
+ [CPF] Chokhani, S. and W. Ford, "Internet X.509 Public Key
+ Infrastructure, Certificate Policy and Certification Practices
+ Statement Framework", RFC 2527, March 1999.
+
+10. Notes
+
+ 1. A paper copy of the ABA Digital Signature Guidelines can be
+ purchased from the ABA. See http://www.abanet.com for ordering
+ details. The DSG may also be downloaded without charge from the
+ ABA website at
+ http://www.abanet.org/scitech/ec/isc/digital_signature.html.
+
+ 2. A draft of the PKI Assessment Guidelines may be downloaded
+ without charge from the ABA website at
+ http://www.abanet.org/scitech/ec/isc/pag/pag.html.
+
+
+
+
+Chokhani, et al. Informational [Page 89]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 3. The term "meaningful" means that the name form has commonly
+ understood semantics to determine the identity of a person and/or
+ organization. Directory names and RFC 822 names may be more or
+ less meaningful.
+
+ 4. The subject may not need to prove to the CA that the subject has
+ possession of the private key corresponding to the public key
+ being registered if the CA generates the subject's key pair on
+ the subject's behalf.
+
+ 5. Examples of means to identify and authenticate individuals
+ include biometric means (such as thumb print, ten finger print,
+ and scan of the face, palm, or retina), a driver's license, a
+ credit card, a company badge, and a government badge.
+
+ 6. Certificate "modification" does not refer to making a change to
+ an existing certificate, since this would prevent the
+ verification of any digital signatures on the certificate and
+ cause the certificate to be invalid. Rather, the concept of
+ "modification" refers to a situation where the information
+ referred to in the certificate has changed or should be changed,
+ and the CA issues a new certificate containing the modified
+ information. One example is a subscriber that changes his or her
+ name, which would necessitate the issuance of a new certificate
+ containing the new name.
+
+ 7. The n out of m rule allows a private key to be split in m parts.
+ The m parts may be given to m different individuals. Any n parts
+ out of the m parts may be used to fully reconstitute the private
+ key, but having any n-1 parts provides one with no information
+ about the private key.
+
+ 8. A private key may be escrowed, backed up, or archived. Each of
+ these functions has a different purpose. Thus, a private key may
+ go through any subset of these functions depending on the
+ requirements. The purpose of escrow is to allow a third party
+ (such as an organization or government) to obtain the private key
+ without the cooperation of the subscriber. The purpose of back
+ up is to allow the subscriber to reconstitute the key in case of
+ the destruction or corruption of the key for business continuity
+ purposes. The purpose of archives is to provide for reuse of the
+ private key in the future, e.g., use to decrypt a document.
+
+ 9. WebTrust refers to the "WebTrust Program for Certification
+ Authorities," from the American Institute of Certified Public
+ Accountants, Inc., and the Canadian Institute of Chartered
+ Accountants.
+
+
+
+
+Chokhani, et al. Informational [Page 90]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ 10. See <http://www.aicpa.org>.
+
+ 11. All or some of the following items may be different for the
+ various types of entities, i.e., CA, RA, and end entities.
+
+11. List of Acronyms
+
+ ABA - American Bar Association
+ CA - Certification Authority
+ CP - Certificate Policy
+ CPS - Certification Practice Statement
+ CRL - Certificate Revocation List
+ DAM - Draft Amendment
+ FIPS - Federal Information Processing Standard
+ I&A - Identification and Authentication
+ IEC - International Electrotechnical Commission
+ IETF - Internet Engineering Task Force
+ IP - Internet Protocol
+ ISO - International Organization for Standardization
+ ITU - International Telecommunications Union
+ NIST - National Institute of Standards and Technology
+ OID - Object Identifier
+ PIN - Personal Identification Number
+ PKI - Public Key Infrastructure
+ PKIX - Public Key Infrastructure (X.509) (IETF Working Group)
+ RA - Registration Authority
+ RFC - Request For Comment
+ URL - Uniform Resource Locator
+ US - United States
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 91]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+12. Authors' Addresses
+
+ Santosh Chokhani
+ Orion Security Solutions, Inc.
+ 3410 N. Buchanan Street
+ Arlington, VA 22207
+
+ Phone: (703) 237-4621
+ Fax: (703) 237-4920
+ EMail: chokhani@orionsec.com
+
+
+ Warwick Ford
+ VeriSign, Inc.
+ 6 Ellery Square
+ Cambridge, MA 02138
+
+ Phone: (617) 642-0139
+ EMail: wford@verisign.com
+
+
+ Randy V. Sabett, J.D., CISSP
+ Cooley Godward LLP
+ One Freedom Square, Reston Town Center
+ 11951 Freedom Drive
+ Reston, VA 20190-5656
+
+ Phone: (703) 456-8137
+ Fax: (703) 456-8100
+ EMail: rsabett@cooley.com
+
+
+ Charles (Chas) R. Merrill
+ McCarter & English, LLP
+ Four Gateway Center
+ 100 Mulberry Street
+ Newark, New Jersey 07101-0652
+
+ Phone: (973) 622-4444
+ Fax: (973) 624-7070
+ EMail: cmerrill@mccarter.com
+
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 92]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+ Stephen S. Wu
+ Infoliance, Inc.
+ 800 West El Camino Real
+ Suite 180
+ Mountain View, CA 94040
+
+ Phone: (650) 917-8045
+ Fax: (650) 618-1454
+ EMail: swu@infoliance.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 93]
+
+RFC 3647 Internet X.509 Public Key Infrastructure November 2003
+
+
+13. Full Copyright Statement
+
+ Copyright (C) The Internet Society (2003). All Rights Reserved.
+
+ This document and translations of it may be copied and furnished to
+ others, and derivative works that comment on or otherwise explain it
+ or assist in its implementation may be prepared, copied, published
+ and distributed, in whole or in part, without restriction of any
+ kind, provided that the above copyright notice and this paragraph are
+ included on all such copies and derivative works. However, this
+ document itself may not be modified in any way, such as by removing
+ the copyright notice or references to the Internet Society or other
+ Internet organizations, except as needed for the purpose of
+ developing Internet standards in which case the procedures for
+ copyrights defined in the Internet Standards process must be
+ followed, or as required to translate it into languages other than
+ English.
+
+ The limited permissions granted above are perpetual and will not be
+ revoked by the Internet Society or its successors or assignees.
+
+ This document and the information contained herein is provided on an
+ "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
+ TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
+ BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
+ HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
+ MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
+
+Acknowledgement
+
+ Funding for the RFC Editor function is currently provided by the
+ Internet Society.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Chokhani, et al. Informational [Page 94]
+