Certificate policy
Encyclopedia
A certificate policy is a document which aims to state what are the different actors of a public key infrastructure
(PKI), their roles and their duties. This document is published in the PKI perimeter.
When in use with X.509
certificates
, a specific field can be set to include a link to the associated certificate policy. Thus, during an exchange, any relying party has an access to the assurance level associated with the certificate, and can make a decision concerning the level of trust
to put in the certificate.
of e-mail
(aka S/MIME
), encryption
of data, authentication
(e.g. of a Web server
, as when one uses HTTPS) or further issuance of certificates (delegation of authority). Prohibited uses are specified in the same way.
and authentication
. When a certification application is filled, the certification authority (or, by delegation, the registration authority
) is in charge of checking the information provided by the applicant, such as his identity. This is to make sure that the CA is not take part in an identity theft
.
of the key
s is also mentioned in a certificate policy. Users may be allowed to generate their own keys and submit them to the CA for generation of an associated certificate. The PKI may also choose to prohibit user-generated keys, and provide a separated and probably more secure way of generating the keys (for example, by using a hardware security module
).
and logging procedures involved in the PKI to ensure data integrity
, availability
and confidentiality
.
(by use of key escrow
) and various types of controls regarding the technical environment (computers, network).
are described here.
Public key infrastructure
Public Key Infrastructure is a set of hardware, software, people, policies, and procedures needed to create, manage, distribute, use, store, and revoke digital certificates. In cryptography, a PKI is an arrangement that binds public keys with respective user identities by means of a certificate...
(PKI), their roles and their duties. This document is published in the PKI perimeter.
When in use with X.509
X.509
In cryptography, X.509 is an ITU-T standard for a public key infrastructure and Privilege Management Infrastructure . X.509 specifies, amongst other things, standard formats for public key certificates, certificate revocation lists, attribute certificates, and a certification path validation...
certificates
Public key certificate
In cryptography, a public key certificate is an electronic document which uses a digital signature to bind a public key with an identity — information such as the name of a person or an organization, their address, and so forth...
, a specific field can be set to include a link to the associated certificate policy. Thus, during an exchange, any relying party has an access to the assurance level associated with the certificate, and can make a decision concerning the level of trust
Trust metric
In psychology and sociology, a trust metric is a measurement of the degree to which one social actor trusts another social actor...
to put in the certificate.
RFC 3647
The reference document for writing a certificate policy is, , RFC 3647. The RFC proposes a framework for the writing of certificate policies and certification practice statements. The points described below are based on the framework presented in the RFC.Architecture
The document should describe the general architecture of the related PKI, present the different actors of the PKI and any exchange based on certificates issued by this very same PKI.Certificate uses
An important point of the certificate policy is the description of the authorized and prohibited certificate uses. When a certificate is issued, it can be stated in its attributes what use cases it is intended to fulfill. For example, a certificate can be issued for digital signatureDigital signature
A digital signature or digital signature scheme is a mathematical scheme for demonstrating the authenticity of a digital message or document. A valid digital signature gives a recipient reason to believe that the message was created by a known sender, and that it was not altered in transit...
of e-mail
Email
Electronic mail, commonly known as email or e-mail, is a method of exchanging digital messages from an author to one or more recipients. Modern email operates across the Internet or other computer networks. Some early email systems required that the author and the recipient both be online at the...
(aka S/MIME
S/MIME
S/MIME is a standard for public key encryption and signing of MIME data. S/MIME is on an IETF standards track and defined in a number of documents, most importantly RFCs. S/MIME was originally developed by RSA Data Security Inc...
), encryption
Encryption
In cryptography, encryption is the process of transforming information using an algorithm to make it unreadable to anyone except those possessing special knowledge, usually referred to as a key. The result of the process is encrypted information...
of data, authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
(e.g. of a Web server
Web server
Web server can refer to either the hardware or the software that helps to deliver content that can be accessed through the Internet....
, as when one uses HTTPS) or further issuance of certificates (delegation of authority). Prohibited uses are specified in the same way.
Naming, identification and authentication
The document describes also how are certificates names to be chosen, and besides, the associated needs for identificationIdentity (philosophy)
In philosophy, identity, from , is the relation each thing bears just to itself. According to Leibniz's law two things sharing every attribute are not only similar, but are the same thing. The concept of sameness has given rise to the general concept of identity, as in personal identity and...
and authentication
Authentication
Authentication is the act of confirming the truth of an attribute of a datum or entity...
. When a certification application is filled, the certification authority (or, by delegation, the registration authority
Registration authority
A registration authority or maintenance agency is a body given the responsibility of maintaining lists of codes under international standards and issuing new codes to those wishing to register them...
) is in charge of checking the information provided by the applicant, such as his identity. This is to make sure that the CA is not take part in an identity theft
Identity theft
Identity theft is a form of stealing another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name...
.
Key generation
The generationKey generation
Key generation is the process of generating keys for cryptography. A key is used to encrypt and decrypt whatever data is being encrypted/decrypted....
of the key
Key (cryptography)
In cryptography, a key is a piece of information that determines the functional output of a cryptographic algorithm or cipher. Without a key, the algorithm would produce no useful result. In encryption, a key specifies the particular transformation of plaintext into ciphertext, or vice versa...
s is also mentioned in a certificate policy. Users may be allowed to generate their own keys and submit them to the CA for generation of an associated certificate. The PKI may also choose to prohibit user-generated keys, and provide a separated and probably more secure way of generating the keys (for example, by using a hardware security module
Hardware Security Module
A hardware security module is a type of secure cryptoprocessor targeted at managing digital keys, accelerating cryptoprocesses in terms of digital signings/second and for providing strong authentication to access critical keys for server applications...
).
Procedures
The different procedures for certificate application, issuance, acceptance, renewal, re-key, modification and revocation are a large part of the document. These procedures describe how each actor of the PKI has to act in order for the whole assurance level to be accepted.Operational controls
Then, a chapter is found regarding physical and procedural controls, auditAudit
The general definition of an audit is an evaluation of a person, organization, system, process, enterprise, project or product. The term most commonly refers to audits in accounting, but similar concepts also exist in project management, quality management, and energy conservation.- Accounting...
and logging procedures involved in the PKI to ensure data integrity
Data integrity
Data Integrity in its broadest meaning refers to the trustworthiness of system resources over their entire life cycle. In more analytic terms, it is "the representational faithfulness of information to the true state of the object that the information represents, where representational faithfulness...
, availability
Availability
In telecommunications and reliability theory, the term availability has the following meanings:* The degree to which a system, subsystem, or equipment is in a specified operable and committable state at the start of a mission, when the mission is called for at an unknown, i.e., a random, time...
and confidentiality
Confidentiality
Confidentiality is an ethical principle associated with several professions . In ethics, and in law and alternative forms of legal resolution such as mediation, some types of communication between a person and one of these professionals are "privileged" and may not be discussed or divulged to...
.
Technical controls
This part describes what are the technical requirements regarding key sizes, protection of private keysPublic-key cryptography
Public-key cryptography refers to a cryptographic system requiring two separate keys, one to lock or encrypt the plaintext, and one to unlock or decrypt the cyphertext. Neither key will do both functions. One of these keys is published or public and the other is kept private...
(by use of key escrow
Key escrow
Key escrow is an arrangement in which the keys needed to decrypt encrypted data are held in escrow so that, under certain circumstances, an authorized third party may gain access to those keys...
) and various types of controls regarding the technical environment (computers, network).
Certificate revocation lists
The CRLs are a vital part of any PKI, and as such, a specific chapter is dedicated to the description of the management associated with these lists, to ensure consistency between certificate status and the content of the list.Audit and assessments
The PKI needs to be audited to ensure it complies with the rules stated in its documents, such as the certificate policy. The procedures used to assess such complianceRegulatory compliance
In general, compliance means conforming to a rule, such as a specification, policy, standard or law. Regulatory compliance describes the goal that corporations or public agencies aspire to in their efforts to ensure that personnel are aware of and take steps to comply with relevant laws and...
are described here.