DOCSLIB.ORG

SSL.Com Certificate Policy and Certification Practice Statement

SSL.Com Certificate Policy and Certification Practice Statement

2019 SSL.com Certificate Policy and Certification Practice Statement SSL.COM CP/CPS VERSION 1.8 Table of Contents 1 INTRODUCTION ................................................................................................................................................. 1 1.1 Overview - The SSL.com CP/CPS......................................................................................................... 1 1.2 Identification Number and Document Name ................................................................................. 2 1.2.1 Document Identification Number .............................................................................................. 2 1.2.2 Document Name ................................................................................................................................ 3 1.2.3 Certification Practice Statements and specific scenarios ................................................. 3 1.2.4 Provision and amendment of SSL.com CP/CPS .................................................................... 3 1.3 PKI participants and their roles .......................................................................................................... 3 1.3.1 Certification Authority .................................................................................................................... 6 1.3.2 Registration Authority .................................................................................................................... 6 1.3.2.1 Enterprise RAs ............................................................................................................................... 7 1.3.2.2 Guidelines Compliance Obligation ......................................................................................... 8 1.3.3 Subscribers.......................................................................................................................................... 8 1.3.4. Relying Parties .................................................................................................................................. 9 1.3.5 Other participants in the SSL.com PKI ..................................................................................... 9 1.4 Certificate usage ..................................................................................................................................... 10 1.4.1 Allowed certificate usage ............................................................................................................ 10 1.4.2 Prohibited certificate usage ....................................................................................................... 10 1.5 Policy Administration........................................................................................................................... 10 1.5.1 Organization administering the SSL.com CP/CPS ............................................................. 10 1.5.2 Contact information for the SSL.com PMA........................................................................... 10 1.5.3 Person determining CP/CPS suitability for the policy .................................................... 11 1.5.4 SSL.com CP/CPS approval and amendment ........................................................................ 11 1.5.5 SSL.com CP/CPS annual review ............................................................................................... 11 1.6 Definitions and acronyms ................................................................................................................... 11 1.6.1 Definitions ........................................................................................................................................ 11 1.6.2 Acronyms .......................................................................................................................................... 23 1.6.3 References ........................................................................................................................................ 24 1.6.4 Conventions ..................................................................................................................................... 25 2 SSL.com DOCUMENTS AND REPOSITORY ............................................................................................ 26 2.1 Repositories ............................................................................................................................................. 26 2.2 Publication of certification information ........................................................................................ 26 2.2.1 SSL.com PKI CP/CPS ..................................................................................................................... 26 i 2.2.2 Certificate Revocation List and On-line Certificate Status Protocol .......................... 26 2.2.3 SSL.com Certificate Subscriber Agreement ......................................................................... 27 2.2.4 SSL.com Relying Party Agreement and Warranty ............................................................ 27 2.2.5 SSL.com Root and Intermediate Certificates....................................................................... 27 2.2.6 Audit Reports .................................................................................................................................. 27 2.2.7 Additional resources related to SSL.com EV Certificates ............................................... 27 2.2.8 Other SSL.com Legal Documents ............................................................................................. 27 2.2.9 Documents not included in the SSL.com Repository ....................................................... 27 2.3. Time or Frequency of Publication .................................................................................................. 28 2.3.1 Frequency of Publication of Certificates ............................................................................... 28 2.3.2 Frequency of Publication of CRLs ........................................................................................... 28 2.3.3 Frequency of Publication of CP/CPS, Terms & Conditions ............................................ 28 2.3.4 Notification of major changes ................................................................................................... 28 2.4 Access Controls on Repositories ...................................................................................................... 28 3 NAMING, IDENTIFICATION AND AUTHENTICATION ...................................................................... 29 3.1 Naming ....................................................................................................................................................... 29 3.1.1 Type of names ................................................................................................................................. 29 3.1.2 Need for names to be meaningful, unambiguous and unique ...................................... 29 3.1.3 Anonymous, pseudonymous and role-based Certificates .............................................. 29 3.1.4 Rules for interpreting various name forms ......................................................................... 29 3.1.5 Uniqueness of names ................................................................................................................... 29 3.1.6 Recognition, authentication, and role of trademarks ...................................................... 30 3.2 Initial identity validation .................................................................................................................... 30 3.2.1 Method to prove possession of Private Key ........................................................................ 31 3.2.2 Authentication of organization identity ............................................................................... 31 3.2.3 Authentication of individual identity ..................................................................................... 41 3.2.4 Non-verified information ........................................................................................................... 42 3.2.5 Validation of authority................................................................................................................. 42 3.2.6 Criteria for interoperation ......................................................................................................... 42 3.3 Identification and authentication for re-keying ......................................................................... 42 3.3.1 Re-keying request by Subscriber ............................................................................................ 43 3.3.2 Identification and authentication for re-key after revocation ..................................... 43 3.4 Identification and authentication for revocation requests .................................................... 43 3.4.1 Identification and authentication for revocation requests by Subscribers ............ 43 ii 3.4.2 Revocation requests by non-Subscribers ............................................................................. 43 3.4.3 Identification and authentication for revocation requests by other participants in the SSL.com PKI ......................................................................................................................................... 44 4 CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS ......................................................

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    127 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us