FBCA CP Section 6.3.2, Certificate Operational Periods/Key Usage Periods, v2.27

Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.3.2, Certificate Operational Periods/Key Usage Periods
Identifier https://artifacts.trustmarkinitiative.org/lib/tips/fbca-cp-section-6.3.2_-certificate-operational-periods_key-usage-periods/2.27/
Publication Date 2018-10-30
Issuing Organization
Trustmark Support help@trustmarkinitiative.org 555-555-5555 No Mailing Address
Keywords PIV-I, Security, Identity, Federal Bridge
Legal Notice This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein.
Loading...

Trust Expression:

TD_PrivateKeyLifetimeForSelfSignedTrustAnchorPKICertificates and TD_CertificateLifetimeForSelfSignedTrustAnchorPKICertificates and TD_PrivateKeyLifetimeForPKICertificateAuthorityIssuedSubscriberCertificates and TD_PrivateKeyLifetimeForKeysUsedToSignPKICertificateRevocartionLists and TD_PrivateKeyLifetimeForKeysUsedToIssuePKIOCSPResponderCertificates and TD_PrivateKeyLifetimeForCodeAndContentSigningPKICertificates and TD_PublicKeyLifetimeForCodeAndContentSigningPKICertificates and TD_CertificateandPrivateKeyLifetimeforSubscriberPKISigningCertificates and TD_PKISubscriberKeyManagementCertificateLifetime and TD_PIVISubscriberCertificateExpiration and TD_PKICertificateStatusServerCertificateValidityPeriod and TD_PKISubscriberCertificateLimitsDoNotExceedThoseOfTheIssuingCertificateAuthorityCertificate and TD_PKISubscriberCertificateValidityPeriodDoesNotExceedReKeyIdentityRequirements

References (13)

 TD  Private Key Lifetime For Self-Signed Trust Anchor PKI Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of private keys for self-signed PKI certificates used as trust anchors.
ID TD_PrivateKeyLifetimeForSelfSignedTrustAnchorPKICertificates
Provider Reference
 TD  Certificate Lifetime For Self-Signed Trust Anchor PKI Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of self-signed PKI certificates used as trust anchors.
ID TD_CertificateLifetimeForSelfSignedTrustAnchorPKICertificates
Provider Reference
 TD  Private Key Lifetime For PKI Certificate Authority Issued Subscriber Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of private keys for PKI certificates used to issue subscriber certificates.
ID TD_PrivateKeyLifetimeForPKICertificateAuthorityIssuedSubscriberCertificates
Provider Reference
 TD  Private Key Lifetime For Keys Used To Sign PKI Certificate Revocartion Lists, v1.0
Description Addresses the requirements for limiting the lifetime of private keys used to sign PKI Certificate Revocation Lists.
ID TD_PrivateKeyLifetimeForKeysUsedToSignPKICertificateRevocartionLists
Provider Reference
 TD  Private Key Lifetime For Keys Used To Issue PKI OCSP Responder Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of private keys used to issue PKI OCSP responder certificates.
ID TD_PrivateKeyLifetimeForKeysUsedToIssuePKIOCSPResponderCertificates
Provider Reference
 TD  Private Key Lifetime For Code And Content Signing PKI Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of private keys for PKI certificates used to sign code and content.
ID TD_PrivateKeyLifetimeForCodeAndContentSigningPKICertificates
Provider Reference
 TD  Public Key Lifetime For Code And Content Signing PKI Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of public keys for PKI certificates used to sign code and content.
ID TD_PublicKeyLifetimeForCodeAndContentSigningPKICertificates
Provider Reference
 TD  Certificate and Private Key Lifetime for Subscriber PKI Signing Certificates, v1.0
Description Addresses the requirements for limiting the lifetime of PKI subscriber signing certificates and their private keys.
ID TD_CertificateandPrivateKeyLifetimeforSubscriberPKISigningCertificates
Provider Reference
 TD  PKI Subscriber Key Management Certificate Lifetime, v1.0
Description Addresses the requirements for limiting the lifetime of PKI subscriber key management certificates.
ID TD_PKISubscriberKeyManagementCertificateLifetime
Provider Reference
 TD  PIV-I Subscriber Certificate Expiration, v1.0
Description Addresses the requirements for the expiration of PIV-I subscriber certificates.
ID TD_PIVISubscriberCertificateExpiration
Provider Reference
 TD  PKI Certificate Status Server Certificate Validity Period, v1.0
Description Addresses the requirements for limiting the validity period of PKI Certificate Status Server certificates that provide revocation status.
ID TD_PKICertificateStatusServerCertificateValidityPeriod
Provider Reference
 TD  PKI Subscriber Certificate Limits Do Not Exceed Those Of The Issuing Certificate Authority Certificate, v1.0
Description Addresses the requirement for CAs must not issue subscriber certificates that extend beyond the expiration date of their own certificates and public keys.
ID TD_PKISubscriberCertificateLimitsDoNotExceedThoseOfTheIssuingCertificateAuthorityCertificate
Provider Reference
 TD  PKI Subscriber Certificate Validity Period Does Not Exceed Re-Key Identity Requirements, v1.0
Description Addresses requirements for the validity of PKI subscriber certificates to not exceed routine re-key identity requirements.
ID TD_PKISubscriberCertificateValidityPeriodDoesNotExceedReKeyIdentityRequirements
Provider Reference
Also available as XML or JSON