Certification PracticesDB Lab. , ,

VLSI Systems Lab. ,

= =(Concepts)Certificate Practice Statement (CPS) PEM Policy StatementX.509

CPS CPS

Certification Practice Statement . . .

CPSCA CA .

ABA GuidelinesCPS : . .CA : , , .CPS CA .CPS CPS, , , , .

/1( Enrollment) . (Issuing Authority) PEM CA .PEM CA Infrastructure , PCA . (Nonverified subscriber information) . . .

/2 (: Operational period) , .( Relying party) party. (Repository) on-line database. ( Subscriber) , , party.

PEM /1CPS Policy Certification Authority( ) .PEM(RFC1422) PCA . . .

PEM /2RFC1422-PCAPCA identityPCA PCA security and privacy Naming Business issues

X.509 /1X.509 ver3 PEM PCA X.509 CA(public, interorganization) (practice) CPS CPS . CPS , .

X.509 /2 () . , .

CPS X.509 ( )

X.509 /3 (sensitive - but-unclassified) , .( )High assurance policy : - (high-value financial transaction), (particularly sensitivity data) medium assurance policy : low-value transaction, medium sensitivity datelow assurance policy : low-sensitivity

X.509 /4 : . . CPS CPS . , CPS .

X.509 /5, CPS . , high, medium, low assurance CA . ( CPS )

Certificate Classes /1 , , , trusted third party . , , , .VeriSign . CPS . , , .

Certificate Classes /2 1, 2, 3 .3 1 .

Class 1 certificates1 . E-mail . ( ) .

Certificate Classes /3Class 2 certificates . . , , On-line .Class 3 certificates . . 2 .

Certificate Classes /4

, private-sector . 3 IA .

3 (electronic banking)electronic data interchange(EDI)S/W validation.Membership-based on-line services

CPS /1CPS CPS , , (open community) . .CPS , , , . ( ) CPS CA .

CPS /2CPS , , CPS .CPS . .

CPS /3CPS (framework) (template) . CPS . .ABA Guidelines : (party) . : .

CPS /3

CPS /4 , .CPS , , . , .

(Foundation for Certification Operations )

(Levels of Service) certificate class, certificate policy

(Certificate Format) / 1 (profile) (field)

X.509 , , , , (relying parties),

(Certificate Format) / 2 X.509 Certificate policies CPS Other critical extensions CPS

(Certification Authority Relationship Structure) Hierarchical structure, PEM (infrastructure) CPS CPS CPS

NamingName subject (open electronic commerce ) naming system (subscriber) : personal name address, e-mail address, registered corporation name (songya@ce.hannam.ac.kr)

name naming authority naming authority CPS

/ 1(Publication and Repository) (publication)

:(subject) CPS

/ 2(Publication and Repository)Repository ( ) (infrastructure) (robust) ,

Inter-domain Certificationdomain

(certification practice) inter-domain certification ,

(Right to Investigate Compromises)

, (compromise) , CPS

(Trustworthiness and Security) , trustworthy system

(Trustworthy system) (misuse)

(Financial Responsibility) , .

(Records)(activities) . (creation), (issuance), (use), (suspension), (revocation), (expiration), (renewal), (re-enrollment)

time stamp

(Audit) (auditing)

CPS (entity) (audit obligations)

(Contingency Planning and Disaster Recovery) (certificate status) (revocation information) CPS

Local Registration Authority(LRA) RequirementsLRA

LRA application LRA (issue)

LRA

(Termination of Operations) .,

CPS 90 (records)

(Criminal Activity)

.

Certificate Application Procedures Key Generation and Protection : : - ( )Validation of Certificate Applications

Certificate Issuance Certification Authoritys Representations to Subscribers CPS , Certification Authoritys Representations to Relying Parties : ,

Certificate Acceptance Representations by Subscriber upon Acceptance : . writing CPS , ,

Certificate Acceptance (contd)Indemnity by Subscriber Publication : ,

Use of Certificates for Digital Signature Verification Digital Signature Verification Process => root pathWritings and Signatures Writing : Signature :

Certificate Suspension and Revocation ( ) ., , , , Subject CPS CPS denial-of-service attack , (, real-time) /

Warranties and Limitations of Liability - Warranties : ABA Guideline

Warranties and Limitations of Liability (contd) class procedure Party CPS party , ,

Warranties and Limitations of Liability (contd)Disclaimers and limitations on Obligations Damage and Loss Limitations party , . . class

Warranties and Limitations of Liability (contd)No Fiduciary Relationship , , time-stemp, party

Miscellaneous ProvisionsCPS Conflict of ProvisionsCPS CPS Governing Lawopen communication network Dispute Resolution

Miscellaneous Provisions (contd)Change Procedures CPS - ( )

Ongoing EvolutionHarmonization , EDI, , Web - Technical community : cross-certification Legal community : ABA Guideline .Business community : CommerceNet Certification authorities :

Ongoing Evolution (contd)AutomationCPS development toolsCertificate policy negotiation and mappingOnline policy and practice negotiationCommercial and Legislative/Regulatory Directions ABA Guideline . . . ( )