FBCA CP Section 6.3.2, Certificate Operational Periods/Key Usage Periods, v2.27
Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.3.2, Certificate Operational Periods/Key Usage Periods
Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/fbca-cp-section-6.3.2_-certificate-operational-periods_key-usage-periods/2.27/ | ||||
Publication Date | 2018-10-30 | ||||
Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
Keywords | PIV-I, Security, Identity, Federal Bridge | ||||
Legal Notice | This artifact is published by the Georgia Tech Research Institute (GTRI) as part of the Trustmark Initiative. This artifact and the information contained herein is provided on an "AS IS" basis, and GTRI disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, GTRI disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |
Loading...
Trust Expression:
TD_PrivateKeyLifetimeForSelfSignedTrustAnchorPKICertificates and TD_CertificateLifetimeForSelfSignedTrustAnchorPKICertificates and TD_PrivateKeyLifetimeForPKICertificateAuthorityIssuedSubscriberCertificates and TD_PrivateKeyLifetimeForKeysUsedToSignPKICertificateRevocartionLists and TD_PrivateKeyLifetimeForKeysUsedToIssuePKIOCSPResponderCertificates and TD_PrivateKeyLifetimeForCodeAndContentSigningPKICertificates and TD_PublicKeyLifetimeForCodeAndContentSigningPKICertificates and TD_CertificateandPrivateKeyLifetimeforSubscriberPKISigningCertificates and TD_PKISubscriberKeyManagementCertificateLifetime and TD_PIVISubscriberCertificateExpiration and TD_PKICertificateStatusServerCertificateValidityPeriod and TD_PKISubscriberCertificateLimitsDoNotExceedThoseOfTheIssuingCertificateAuthorityCertificate and TD_PKISubscriberCertificateValidityPeriodDoesNotExceedReKeyIdentityRequirements
References (13)
TD Private Key Lifetime For Self-Signed Trust Anchor PKI Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of private keys for self-signed PKI certificates used as trust anchors. |
ID | TD_PrivateKeyLifetimeForSelfSignedTrustAnchorPKICertificates |
Provider Reference |
TD Certificate Lifetime For Self-Signed Trust Anchor PKI Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of self-signed PKI certificates used as trust anchors. |
ID | TD_CertificateLifetimeForSelfSignedTrustAnchorPKICertificates |
Provider Reference |
TD Private Key Lifetime For PKI Certificate Authority Issued Subscriber Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of private keys for PKI certificates used to issue subscriber certificates. |
ID | TD_PrivateKeyLifetimeForPKICertificateAuthorityIssuedSubscriberCertificates |
Provider Reference |
TD Private Key Lifetime For Keys Used To Sign PKI Certificate Revocartion Lists, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of private keys used to sign PKI Certificate Revocation Lists. |
ID | TD_PrivateKeyLifetimeForKeysUsedToSignPKICertificateRevocartionLists |
Provider Reference |
TD Private Key Lifetime For Keys Used To Issue PKI OCSP Responder Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of private keys used to issue PKI OCSP responder certificates. |
ID | TD_PrivateKeyLifetimeForKeysUsedToIssuePKIOCSPResponderCertificates |
Provider Reference |
TD Private Key Lifetime For Code And Content Signing PKI Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of private keys for PKI certificates used to sign code and content. |
ID | TD_PrivateKeyLifetimeForCodeAndContentSigningPKICertificates |
Provider Reference |
TD Public Key Lifetime For Code And Content Signing PKI Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of public keys for PKI certificates used to sign code and content. |
ID | TD_PublicKeyLifetimeForCodeAndContentSigningPKICertificates |
Provider Reference |
TD Certificate and Private Key Lifetime for Subscriber PKI Signing Certificates, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of PKI subscriber signing certificates and their private keys. |
ID | TD_CertificateandPrivateKeyLifetimeforSubscriberPKISigningCertificates |
Provider Reference |
TD PKI Subscriber Key Management Certificate Lifetime, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the lifetime of PKI subscriber key management certificates. |
ID | TD_PKISubscriberKeyManagementCertificateLifetime |
Provider Reference |
TD PIV-I Subscriber Certificate Expiration, v1.0 | |
---|---|
Description | Addresses the requirements for the expiration of PIV-I subscriber certificates. |
ID | TD_PIVISubscriberCertificateExpiration |
Provider Reference |
TD PKI Certificate Status Server Certificate Validity Period, v1.0 | |
---|---|
Description | Addresses the requirements for limiting the validity period of PKI Certificate Status Server certificates that provide revocation status. |
ID | TD_PKICertificateStatusServerCertificateValidityPeriod |
Provider Reference |
TD PKI Subscriber Certificate Limits Do Not Exceed Those Of The Issuing Certificate Authority Certificate, v1.0 | |
---|---|
Description | Addresses the requirement for CAs must not issue subscriber certificates that extend beyond the expiration date of their own certificates and public keys. |
ID | TD_PKISubscriberCertificateLimitsDoNotExceedThoseOfTheIssuingCertificateAuthorityCertificate |
Provider Reference |
TD PKI Subscriber Certificate Validity Period Does Not Exceed Re-Key Identity Requirements, v1.0 | |
---|---|
Description | Addresses requirements for the validity of PKI subscriber certificates to not exceed routine re-key identity requirements. |
ID | TD_PKISubscriberCertificateValidityPeriodDoesNotExceedReKeyIdentityRequirements |
Provider Reference |