FBCA CP Section 3.2.3.3, Authentication Of Human Subscribers For Group Certificates, v2.27
Profile of base requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), version 2.27, Section 3.2.3.3, Authentication Of Human Subscribers For Group Certificates, for entities operating at all levels of assurance (LOA).
| Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/fbca-cp-section-3.2.3.3_-authentication-of-human-subscribers-for-group-certificates/2.27/ | ||||
| Publication Date | 2021-02-04 | ||||
| Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
| Keywords | PIV-I, Security, Identity, Federal Bridge | ||||
| Legal Notice | This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TD_IdentityInformationOfGroupPKICertificateSponsorIsRecorded and TD_InformationSystemsSecurityOfficeEnsuresPrivateKeyControlForGroupPKICertificates and TD_InformationSystemsSecurityOfficeMaintainsListOfSubscribersWithAccessToGroupPKICertificatePrivateKeys and TD_InformationSystemsSecurityOfficeAccountsForWhichSubscriberHasControlOfPrivateKeyAtWhatTime and TD_subjectNameDNsForGroupPKICertificatesDoNotImplyTheSubjectIsAnIndividual and TD_ListOfIndividualsHoldingSharedPrivateKeyForGroupPKICertificatesProvidedToPKICertificateAuthorityCA and TD_ListOfIndividualsHoldingSharedPrivateKeyRetainedByPKICertificateAuthorityCA and TD_ProceduresForIssuingGroupPKITokensForUseInSharedKeyApplicationsComplyWithPKICertificatePolicyCP
References (8)
| TD Identity Information Of Group PKI Certificate Sponsor Is Recorded, v1.0 | |
|---|---|
| Description | Addresses the requirement for an organization to record the identity information of sponsors for group PKI certificates before they are issued. |
| ID | TD_IdentityInformationOfGroupPKICertificateSponsorIsRecorded |
| Provider Reference | |
| TD Information Systems Security Office Ensures Private Key Control For Group PKI Certificates, v1.0 | |
|---|---|
| Description | Addresses requirements for ensuring control of the private keys for group PKI certificates. |
| ID | TD_InformationSystemsSecurityOfficeEnsuresPrivateKeyControlForGroupPKICertificates |
| Provider Reference | |
| TD Information Systems Security Office Maintains List Of Subscribers With Access To Group PKI Certificate Private Keys, v1.0 | |
|---|---|
| Description | Addresses requirements for an organization to maintain a list of subscribers who have access to use of the private key for group PKI certificates. |
| ID | TD_InformationSystemsSecurityOfficeMaintainsListOfSubscribersWithAccessToGroupPKICertificatePrivateKeys |
| Provider Reference | |
| TD Information Systems Security Office Accounts For Which Subscriber Has Control Of Private Key At What Time, v1.0 | |
|---|---|
| Description | Addresses the requirement for an organization to account for which subscriber had control of the private key for a group PKI certificate at a given time. |
| ID | TD_InformationSystemsSecurityOfficeAccountsForWhichSubscriberHasControlOfPrivateKeyAtWhatTime |
| Provider Reference | |
| TD subjectName DNs For Group PKI Certificates Do Not Imply The Subject Is An Individual, v1.0 | |
|---|---|
| Description | Addresses the requirement for the subjectName DN of a group PKI certificate to not imply that the subject is a single individual, e.g. by inclusion of a human name form. |
| ID | TD_subjectNameDNsForGroupPKICertificatesDoNotImplyTheSubjectIsAnIndividual |
| Provider Reference | |
| TD List Of Individuals Holding Shared Private Key For Group PKI Certificates Provided To PKI Certificate Authority (CA), v1.0 | |
|---|---|
| Description | Addresses the requirement for a list of those holding the shared private key for a group PKI certificate to be provided to the applicable certificate authority. |
| ID | TD_ListOfIndividualsHoldingSharedPrivateKeyForGroupPKICertificatesProvidedToPKICertificateAuthorityCA |
| Provider Reference | |
| TD List Of Individuals Holding Shared Private Key Retained By PKI Certificate Authority (CA), v1.0 | |
|---|---|
| Description | Addresses the requirement for a list of those holding the shared private key for a group PKI certificate to be retained by the applicable certificate authority. |
| ID | TD_ListOfIndividualsHoldingSharedPrivateKeyRetainedByPKICertificateAuthorityCA |
| Provider Reference | |
| TD Procedures For Issuing Group PKI Tokens For Use In Shared Key Applications Comply With PKI Certificate Policy (CP), v1.0 | |
|---|---|
| Description | Addresses the requirement for an organization to ensure that the procedures for issuing group PKI tokens comply with all other stipulations of the applicable certificate policy. |
| ID | TD_ProceduresForIssuingGroupPKITokensForUseInSharedKeyApplicationsComplyWithPKICertificatePolicyCP |
| Provider Reference | |
Sources (1)
| FBCA-CP | X.509 Certificate Policy For the Federal Bridge Certification Authority (FBCA), Version 2.27. December 2, 2013. |