A Certification Authority (CA) describes in a Certificate Practice Statement (CPS) the procedures and practices that it employs when managing certificates (issuing, revoking, renewing, and rekeying). The CPS describes manual processes for securely operating the CA and contains information on cryptographic aspects, including management of the keys used by the CA (see also key management). The certificate authority documents in its CPS that it manages certificates according to some certificate policy (see trust model). The certificate policy lists the requirements for the management of certificates by the CA and defines the applicability of a certificate issued under this policy. The policy might for example indicate that the certificate may be used for authenticating the subject (holder) in certain types of business transactions. The certificate policy under which a certificate is issued may be indicated in the certificate. For X.509certificates a specific extension is defined for...
This is a preview of subscription content, log in via an institution.
References
RfC2527: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework. See http://www.rfc-editor.org/rfc.html
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 International Federation for Information Processing
About this entry
Cite this entry
Pedersen, T. (2005). CPS, Certificate Practice Statement. In: van Tilborg, H.C.A. (eds) Encyclopedia of Cryptography and Security. Springer, Boston, MA . https://doi.org/10.1007/0-387-23483-7_83
Download citation
DOI: https://doi.org/10.1007/0-387-23483-7_83
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-23473-1
Online ISBN: 978-0-387-23483-0
eBook Packages: Computer ScienceReference Module Computer Science and Engineering