Raytheon Company Public Key Infrastructure (PKI) Certificate Policy
Raytheon Company Public Key Infrastructure (PKI) Certificate Policy
Raytheon Company Public Key Infrastructure (PKI) Certificate Policy
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
1.1.3 Scope<br />
The following diagram represents the scope of the <strong>Raytheon</strong> <strong>PKI</strong>. The <strong>Raytheon</strong> Root CA shall<br />
cross-certify with the CertiPath Bridge CA. Subscriber certificates shall be issued by the<br />
<strong>Raytheon</strong> Signing CA.<br />
<strong>Raytheon</strong> Root<br />
CA<br />
<strong>Raytheon</strong> Class 3<br />
CA<br />
(Signing CA)<br />
<strong>Raytheon</strong> <strong>Public</strong> <strong>Key</strong><br />
<strong>Infrastructure</strong><br />
Cross-certified<br />
CertiPath Bridge<br />
CA<br />
Figure 1 – Scope of <strong>Raytheon</strong> <strong>PKI</strong> Architecture<br />
This CP imposes requirements on the following <strong>Raytheon</strong> CAs involved in Signing certificates:<br />
� <strong>Raytheon</strong> Root Certification Authority (RRCA)<br />
� <strong>Raytheon</strong> Signing CAs<br />
The <strong>Raytheon</strong> Root CA shall issue CA certificates only to the following:<br />
� <strong>Raytheon</strong> CAs approved by the RPMA to issue certificates to subscribers<br />
� External CAs approved by the RPMA to cross-certify to the <strong>Raytheon</strong> <strong>PKI</strong><br />
The RRCA may also issue certificates to <strong>PKI</strong> Trusted Roles who operate the CA.<br />
The scope of this CP in terms of subscriber (i.e., end entity) certificate types is limited to those<br />
listed in Section 10 and repeated here: identity, signature, encryption, web server, code signing,<br />
role signature, and role encryption.<br />
Within this document, the term CA, when used without qualifier, shall refer to any certification<br />
authority subject to the requirements of this certificate policy, including the RRCA and Signing<br />
CAs. Requirements that apply to a specific CA type shall be denoted by specify the CA type,<br />
e.g., RRCA or Signing CA.<br />
13 7/25/2011