CPS Identification and Authentication

This section describes the measures taken to validate a requestor's identity prior to certificate issuance. It must reflect the certificate policy or policies implemented at the CA and detail identification procedures for:

■ Initial registration for a certificate. The measures taken to validate the identity of the certificate requestor.

■ Renewal of a certificate. Are the measures used for initial registration repeated when a certificate is renewed? In some cases, possession of an existing certificate and private key is sufficient proof of identity to receive a new certificate at renewal time.

■ Replacement of a revoked certificate. If a certificate must be replaced because of key compromise, such as a stolen laptop, what measures will be taken to ensure that the authorized user, not the person who stole the laptop, receives a new certificate?

■ Requests for revocation. When a certificate must be revoked, what measures will be taken to ensure that the requestor is authorized to request revocation of a certificate?

Was this article helpful?

0 0

Post a comment