1. INTRODUCTION
Prev   Next

 1. INTRODUCTION

This Certificate Policy defines the Basic Level certificate policy for use by the conforming CAs when issuing public key certificates.

This document is consistent with RFC 2527. Therefore there are some sections that are maintained for compatibility, although they do not apply exactly to the services required by this CP. Glossary provides a glossary of terms used in this document.

Within this document the words ‘MUST’, ‘MUST NOT’, ‘REQUIRED’, ‘SHALL’, ‘SHALL NOT’, ‘SHOULD’, ‘SHOULD NOT’, ‘RECOMMENDED’, ‘MAY’, ‘OPTIONAL’ are to be interpreted as in RFC 2119. (See Appendix A).

In this document the expression ‘conforming CA’ is used to indicate a CA whose behavior is conforming to the set of provisions specified in this document.

1.1. Overview

This CP describes the requirements which MUST be met by a conforming CA in issuing digital public key certificates.

This CP MAY be used by a relying party to determine the level of trust associated with this policy. An X.509 Version 3 certificate issued by a conforming CA SHOULD contain a reference to this certificate policy.

More detailed information about the practices which a conforming CA employs in its operations in issuing certificates can be found in its Certification Practice Statements (CPS).

1.2. Identification

1.2.1. Certificate Policy Name

CESNETCABasicCertificatePolicyv2:0

1.2.2. Object Identifiers

This certificate policy is identified by the following unique registered Object Identifier (OID):

1.3.6.1.4.1.8057.1.2.2.2.0

ISO assigned1
US Department of Defense6
Internet1
IANA registered private enterprises1
CESNET8057
PKI1
Certificate Policies2
Basic Level Certificate Policy2
Major version2
Minor version0

1.3. Community and Applicability

A conforming CA can choose freely which are the community and applicability of their issued certificates but it MUST clearly specify them in its own CPS.

1.3.1. Certification authorities

Requirements described in this CP are binding for CESNET CA and any other conforming CA when issuing Basic Level public key certificates.

1.3.2. Registration authorities

This CP is binding for Registration Authorities (RA) operated by CESNET CA or on behalf of CESNET CA or any other conforming CA.

1.3.3. End entities

The targeted end entities can be a natural person (individual or representing an organization) or a computer entity (e.g. a computer, a router or an application), capable of performing cryptographic operations.

Each conforming CA MUST detail in the CPS who are the end entities that it is willing to certify.

1.3.4. Applicability

Certificates issued by a conforming CA MUST NOT be used for financial transactions.

1.4. Contact Details

1.4.1. Specification administration organization

This CP is maintained by CESNET a. l. e. (http://www.cesnet.cz/).

1.4.2. Contact person

All questions and comments concerning this CP must be addressed to:


    CESNET CA 
    CESNET a. l. e.
    Zikova 4
    Prague
    160 00
    Czech Republic
      
    Email: 
    URI: http://www.cesnet.cz/pki/
  

1.4.3. Person determining CPS suitability for the policy

See Section 1.4.2.

Prev   Next
CESNET CA Basic Level Certificate Policy Home  2. GENERAL PROVISIONS