RFC 2527 (rfc2527) - Page 1 of 45
Internet X
Alternative Format: Original Text Document
Network Working Group S. Chokhani
Request for Comments: 2527 CygnaCom Solutions, Inc.
Category: Informational W. Ford
VeriSign, Inc.
March 1999
Internet X.509 Public Key Infrastructure
Certificate Policy and Certification Practices Framework
Status of this Memo
This memo provides information for the Internet community. It does
not specify an Internet standard of any kind. Distribution of this
memo is unlimited.
Copyright Notice
Copyright (C) The Internet Society (1999). All Rights Reserved.
Abstract
This document presents a framework to assist the writers of
certificate policies or certification practice statements for
certification authorities and public key infrastructures. In
particular, the framework provides a comprehensive list of topics
that potentially (at the writer's discretion) need to be covered in a
certificate policy definition or a certification practice statement.
1. INTRODUCTION
1.1 BACKGROUND
A public-key certificate (hereinafter "certificate") binds a public-
key value to a set of information that identifies the entity (such as
person, organization, account, or site) associated with use of the
corresponding private key (this entity is known as the "subject" of
the certificate). A certificate is used by a "certificate user" or
"relying party" that needs to use, and rely upon the accuracy of, the
public key distributed via that certificate (a certificate user is
typically an entity that is verifying a digital signature from the
certificate's subject or an entity sending encrypted data to the
subject). The degree to which a certificate user can trust the
binding embodied in a certificate depends on several factors. These
factors include the practices followed by the certification authority
(CA) in authenticating the subject; the CA's operating policy,
procedures, and security controls; the subject's obligations (for
example, in protecting the private key); and the stated undertakings
Chokhani & Ford Informational