Raytheon Company Public Key Infrastructure (PKI) Certificate Policy

More documents

Recommendations

Info

Signature Page _____________________________________________ _______________ Jeffrey C Brown Raytheon Chief Information Security Officer DATE _____________________________________________ _______________ Anthony A Jones Raytheon Policy Management Authority Chair DATE 2 7/25/2011
Table of Contents 1 INTRODUCTION .......................................................................................................... 11 1.1 Overview ....................................................................................................................... 12 1.1.1 Certificate Policy (CP) ............................................................................................. 12 1.1.2 Relationship between this CP & the Raytheon CPS ............................................... 12 1.1.3 Scope ...................................................................................................................... 13 1.2 Document Identification .............................................................................................. 14 1.3 PKI Participants ........................................................................................................... 16 1.3.1 PKI Authorities ......................................................................................................... 16 1.3.2 Registration Authority (RA) ...................................................................................... 18 1.3.3 Subscribers ............................................................................................................. 18 1.3.4 Relying Parties ........................................................................................................ 19 1.3.5 Other Participants .................................................................................................... 19 1.3.6 Applicability ............................................................................................................. 19 1.4 Certificate Usage .......................................................................................................... 20 1.4.1 Appropriate Certificate Uses ................................................................................... 20 1.4.2 Prohibited Certificate Uses ...................................................................................... 20 1.5 Policy Administration .................................................................................................. 21 1.5.1 Organization administering the document ............................................................... 21 1.5.2 Contact Person ........................................................................................................ 21 1.5.3 Person Determining Certification Practice Statement Suitability for the Policy ....... 21 1.5.4 CPS Approval Procedures ...................................................................................... 21 1.5.5 Waivers ................................................................................................................... 21 2 PUBLICATION & PKI REPOSITORY RESPONSIBILITES .................................................... 22 2.1 PKI Repositories .......................................................................................................... 22 2.1.1 Repository Obligations ............................................................................................ 22 2.2 Publication of Certificate Information ........................................................................ 22 2.2.1 Publication of CA Information .................................................................................. 22 2.2.2 Interoperability ......................................................................................................... 22 2.3 Time or Frequency of Publication .............................................................................. 22 2.4 Access Controls on PKI Repositories ....................................................................... 22 3 IDENTIFICATION & AUTHENTICATION ........................................................................... 23 3.1 Naming .......................................................................................................................... 23 3.1.1 Types of Names ...................................................................................................... 23 3.1.2 Need for Names to be Meaningful ........................................................................... 23 3.1.3 Anonymity or Pseudonymity of Subscribers ............................................................ 23 3.1.4 Rules for Interpreting Various Name Forms ............................................................ 23 3.1.5 Uniqueness of Names ............................................................................................. 23 3 7/25/2011
Page 1: Raytheon Company Public Key Infrast
Page 5 and 6: 4.6.7 Notification of Certificate I
Page 7 and 8: 5.4.8 Vulnerability Assessments ...
Page 9 and 10: 9 OTHER BUSINESS AND LEGAL MATTERS
Page 11 and 12: 1 INTRODUCTION This Certificate Pol
Page 13 and 14: 1.1.3 Scope The following diagram r
Page 15 and 16: 1. The CAs asserting id-raytheon-SH
Page 17 and 18: approval of the PMA. The ROA activi
Page 19 and 20: � Raytheon employees and eligible
Page 21 and 22: 1.5 Policy Administration 1.5.1 Org
Page 23 and 24: 3.1 Naming 3 IDENTIFICATION & AUTHE
Page 25 and 26: establishing how the applicant is k
Page 27 and 28: 4. The Identity Verifier shall reco
Page 29 and 30: 3.3.1 Identification and Authentica
Page 31 and 32: For subscriber certificates, the pr
Page 33 and 34: 4.3.1 CA Actions during Certificate
Page 35 and 36: 4.7.4 Notification of New Certifica
Page 37 and 38: Any CA may unilaterally revoke anot
Page 39 and 40: 4.9.8 Maximum Latency for CRLs The
Page 41 and 42: 4.12.2 Session Key Encapsulation an
Page 43 and 44: depart shall initial a sign-out she
Page 45 and 46: � Performing or overseeing intern
Page 47 and 48: � Be trustworthy; � Have no oth
Page 49 and 50: administrative documents (e.g., Adm
Page 51 and 52: REVOCATION PROFILE MANAGEMENT Audit
Page 53 and 54:
It is acceptable for the system to
Page 55 and 56:
5.6 Key Changeover A CA uses a sign
Page 57 and 58:
If a RA signature keys are compromi
Page 59 and 60:
show that appropriate role separati
Page 61 and 62:
Hashing: Cryptographic Function Has
Page 63 and 64:
6.2 Private Key Protection and Cryp
Page 65 and 66:
6.3 Other Aspects of Key Management
Page 67 and 68:
� All hardware must be shipped or
Page 69 and 70:
7 CERTIFICATE, CRL AND OCSP PROFILE
Page 71 and 72:
When multiple values exist for an a
Page 73 and 74:
8 COMPLIANCE AUDIT AND OTHER ASSESS
Page 75 and 76:
9.1 Fees 9 OTHER BUSINESS AND LEGAL
Page 77 and 78:
� There are no material misrepres
Page 79 and 80:
� Ensure that certificate and rev
Page 81 and 82:
as a termination of this CP unless
Page 83 and 84:
enforce the agreement to arbitrate,
Page 85 and 86:
10 CERTIFICATE, CRL, AND OCSP FORMA
Page 87 and 88:
Field Value Policy Mapping For SHA-
Page 89 and 90:
10.3 Raytheon Root CA Certificate (
Page 91 and 92:
91 7/25/2011
Page 93 and 94:
10.6 Medium Assurance Signing CA Ce
Page 95 and 96:
Field Value Entrust Version Info c=
Page 97 and 98:
10.9 Medium Assurance Code Signing
Page 99 and 100:
Field Value Entrust Version Info En
Page 101 and 102:
10.12 Medium Assurance Domain Contr
Page 103 and 104:
10.13 Medium Assurance Role Signatu
Page 105 and 106:
10.15 OCSP Responder Certificate Th
Page 107 and 108:
10.17 Medium Assurance CA CRL Forma
Page 109 and 110:
11 PKI REPOSITORY INTEROPERABILITY
Page 111 and 112:
BIBLIOGRAPHY The following document
Page 113 and 114:
HTTP Hypertext Transfer Protocol IA
Page 115 and 116:
13 GLOSSARY Access Ability to make
Page 117 and 118:
Client (application) A system entit
Page 119 and 120:
Non-Repudiation Assurance that the
Page 121 and 122:
other CA. (See superior CA). Subscr
show all

Raytheon Company Public Key Infrastructure (PKI) Certificate Policy

Create successful ePaper yourself

Delete template?

Save as template?