| TIP: FBCA CP Section 3.2.3.2, Authentication Of Human Subscribers For Role-Based Certificates

FBCA CP Section 3.2.3.2, Authentication Of Human Subscribers For Role-Based Certificates, v2.27

Profile of base requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, Section 3.2.3.2, Authentication Of Human Subscribers For Role-Based Certificates, for entities operating at all levels of assurance (LOA).

Identifier

https://artifacts.trustmarkinitiative.org/lib/tips/fbca-cp-section-3.2.3.2_-authentication-of-human-subscribers-for-role-based-certificates/2.27/

Publication Date

2021-02-04

Issuing Organization

Trustmark Initiative (https://trustmarkinitiative.org/) View Contact

Trustmark Support

help@trustmarkinitiative.org

555-555-5555

No Mailing Address

Keywords

PIV-I, Security, Identity, Federal Bridge

Legal Notice

This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.

Tree View
Details View

Trust Expression:

TD_RolebasedPKICertificateKeyPairUniqueness and TD_RolesForRolebasedPKICertificatesIdentifyIndividuals and TD_RolebasedPKICertificatesNotShared and TD_RolebasedPKICertificatesIssuedToIndividualSubscribers and TD_RolebasedPKICertificatesProtectedInSameMannerAsIndividualCertificates and TD_SponsorIdentityInformationRecordedBeforeIssuingRolebasedPKICertificate and TD_RolebasedPKICertificateSponsorsHoldPersonalCertificatesAtSameAssuranceLevelOrHigher and TD_ProceduresForIssuingRolebasedPKITokensComplyWithPKICertificatePolicyCP and TD_CertificateAuthorityCAValidatesRolesForPseudonymousPKICertificatesThatIdentifySubjectsByOrganizationalRoles and TD_CertificateAuthorityCAValidatesDelegatedAuthorityForPseudonymousPKICertificatesThatIdentifySubjectsByOrganizationalRoles

References (10)

TD Role-based PKI Certificate Key Pair Uniqueness, v1.0
Description	Addresses the requirement for key-pairs in role-based PKI certificates to be unique to each individual certificate.
ID	TD_RolebasedPKICertificateKeyPairUniqueness
Provider Reference

TD Roles For Role-based PKI Certificates Identify Individuals, v1.0
Description	Addresses the requirement that roles for which role-based PKI certificates may be issued are limited to those that uniquely identify a specific individual within an organization.
ID	TD_RolesForRolebasedPKICertificatesIdentifyIndividuals
Provider Reference

TD Role-based PKI Certificates Not Shared, v1.0
Description	Addresses the requirement for an organization to prohibit the sharing of role-based PKI certificates.
ID	TD_RolebasedPKICertificatesNotShared
Provider Reference

TD Role-based PKI Certificates Issued To Individual Subscribers, v1.0
Description	Addresses the requirement for role-based PKI certificates to be issued only to individual subscribers.
ID	TD_RolebasedPKICertificatesIssuedToIndividualSubscribers
Provider Reference

TD Role-based PKI Certificates Protected In Same Manner As Individual Certificates, v1.0
Description	Addresses the requirement for role-based PKI certificates to be protected in the same manner as individual certificates.
ID	TD_RolebasedPKICertificatesProtectedInSameMannerAsIndividualCertificates
Provider Reference

TD Sponsor Identity Information Recorded Before Issuing Role-based PKI Certificate, v1.0
Description	Addresses the requirement for organization PKI certificate authorities (CAs) to record identity information for a sponsor associated with the role before issuing a role-based certificate.
ID	TD_SponsorIdentityInformationRecordedBeforeIssuingRolebasedPKICertificate
Provider Reference

TD Role-based PKI Certificate Sponsors Hold Personal Certificates At Same Assurance Level Or Higher, v1.0
Description	Addresses the requirement for sponsors of role-based PKI certificates to hold an individual certificate issued by the same CA at the same or higher assurance level as the role-based certificates they sponsor.
ID	TD_RolebasedPKICertificateSponsorsHoldPersonalCertificatesAtSameAssuranceLevelOrHigher
Provider Reference

TD Procedures For Issuing Role-based PKI Tokens Comply With PKI Certificate Policy (CP), v1.0
Description	Addresses the requirement for procedures for issuing role-based PKI tokens to comply with all other stipulations of the applicable certificate policy (e.g., key generation, private key protection, and Subscriber obligations).
ID	TD_ProceduresForIssuingRolebasedPKITokensComplyWithPKICertificatePolicyCP
Provider Reference

TD Certificate Authority (CA) Validates Roles For Pseudonymous PKI Certificates That Identify Subjects By Organizational Roles, v1.0
Description	Addresses the requirement for CAs to validate that individuals hold the roles identified in pseudonymous PKI certificates that identify subjects by their organizational roles.
ID	TD_CertificateAuthorityCAValidatesRolesForPseudonymousPKICertificatesThatIdentifySubjectsByOrganizationalRoles
Provider Reference

TD Certificate Authority (CA) Validates Delegated Authority For Pseudonymous PKI Certificates That Identify Subjects By Organizational Roles, v1.0
Description	Addresses the requirement for CAs to validate that individuals hold the roles identified in pseudonymous PKI certificates that identify subjects by their organizational roles.
ID	TD_CertificateAuthorityCAValidatesDelegatedAuthorityForPseudonymousPKICertificatesThatIdentifySubjectsByOrganizationalRoles
Provider Reference

Sources (1)

FBCA-CP	X.509 Certificate Policy For the Federal Bridge Certification Authority (FBCA), Version 2.27. December 2, 2013.

Also available as XML or JSON