Certification Practice Statement

From Wikipedia, the free encyclopedia
Jump to: navigation, search

A Certification Practice Statement (CPS) is a document from a certificate authority or a member of a web of trust which describes their practice for issuing and managing public key certificates.[1]

Some elements of a CPS include documenting practices of:

  • issuance
  • publication
  • archiving
  • revocation
  • renewal

By detailing the practice of issuance, revocation and renewal, a CPS aids entities in judging the relative reliability of a given certificate authority.[2]

Certificate authorities[edit]

In a certificate authority, the CPS should derive from the organization's certificate policy and may be referenced in issued certificates.[3]

Web of trust[edit]

Because individuals act as certifiers in a web of trust, individual CPS documents are sometimes used. For example, in a PGP WoT, the CPS might state that the certifying entity checked two forms of legal government ID before signing the person's public key.

Digital signatures[edit]

When verifying digital signatures, it's necessary to review the CPS so as to determine the meaning of the issuance of the certificate by the certifying entity.[4]

References[edit]

  1. ^ http://tools.ietf.org/html/rfc3647#page-15
  2. ^ American Bar Association Digital Signature Guidelines 1996, ISBN 1-57073-250-7 (section 1.8.1)
  3. ^ https://technet.microsoft.com/en-us/library/cc780454(v=ws.10).aspx
  4. ^ American Bar Association Digital Signature Guidelines 1996, ISBN 1-57073-250-7

External links[edit]