HOME

TheInfoList



Click Here for Items Related To - Certificate Practice Statement
OR:
Certificate Practice Statement on:   [Wikipedia]   [Google]   [Amazon]

A Certification Practice Statement (CPS) is a document from a
certificate authority In cryptography, a certificate authority or certification authority (CA) is an entity that stores, signs, and issues digital certificates. A digital certificate certifies the ownership of a public key by the named subject of the certificate. Th ...
or a member of a
web of trust In cryptography, a web of trust is a concept used in PGP, GnuPG, and other OpenPGP-compatible systems to establish the authenticity of the binding between a public key and its owner. Its decentralized trust model is an alternative to the ...
which describes their practice for issuing and managing
public key certificate In cryptography, a public key certificate, also known as a digital certificate or identity certificate, is an electronic document used to prove the validity of a public key. The certificate includes information about the key, information about the ...
s. Some elements of a CPS include documenting practices of: * issuance * publication * archiving * revocation * renewal By detailing the practice of issuance, revocation and renewal, a CPS aids entities in judging the relative reliability of a given certificate authority.


Certificate authorities

In a certificate authority, the CPS should derive from the organization's
certificate policy A certificate policy (CP) is a document which aims to state what are the different entities of a public key infrastructure (PKI), their roles and their duties. This document is published in the PKI perimeter. When in use with X.509 certificates, ...
and may be referenced in issued certificates.


Web of trust

Because individuals act as certifiers in a web of trust, individual CPS documents are sometimes used. For example, in a PGP WoT, the CPS might state that the certifying entity checked two forms of legal government ID before signing the person's public key.


Digital signatures

When verifying digital signatures, it's necessary to review the CPS so as to determine the meaning of the issuance of the certificate by the certifying entity.American Bar Association Digital Signature Guidelines 1996,


References

{{Reflist


External links


Microsoft.com "Creating Certificate Policies and Certificate Practice Statements"
*
Security policy Security policy is a definition of what it means to ''be secure'' for a system, organization or other entity. For an organization, it addresses the constraints on behavior of its members as well as constraints imposed on adversaries by mechanism ...
* Example of a CPS for a Web of Trust: http://www.grep.be/gpg/cert-policy-v2 Key management Public-key cryptography