PKI Framework

Compliance to relevant CPS as approved and provided by the Controller


Certificate profile, including:

  • Version number(s) supported
  • Certificate extensions populated and their criticality
  • Cryptographic algorithm object identifiers
  • Name forms (meaning, naming hierarchy used to ensure that the certificate subject can be uniquely identified - if required) used for the CA, RA, and subscribers names
  • Name constraints used and the name forms used in the name constraints
  • Applicable Certificate Policy Object Identifier(s)
  • Usage of the policy constraints extension
  • Policy qualifiers syntax and semantics and
  • Processing semantics for the critical Certificate Policy extension

CRL profile, including:

  • Version numbers supported for CRLs
  • CRL and CRL entry extensions populated and their criticality

CA Environmental Controls CPS and CP administration:

  • CPS and CP change control procedures
  • Publication and notification policies
  • CPS and CP approval procedures

Confidentiality, including:

  • Applicable statutory or regulatory requirements to keep information confidentia
  • Kinds of information to be kept confidential
  • Kinds of information not considered confidential
  • Disclosure of information concerning certificate revocation and suspension
  • Release to law enforcement officials
  • Release as part of civil discovery
  • Disclosure upon owner's request
  • Other information release circumstances Intellectual property rights