![[Go to /]](/ic-100x43.png){kind=small}
Structures
Membership
Contact us
IGTFAPGridPMA
TAGPMA
REFEDS
SCI
WISE
Documents
Charter
Guidelines
One Statement Policies
CAOPS-WG
Wiki
Technical Info
CA Distribution download
Subject Locator
Find your local CA
About your certificate
Newsletter issues
Subscribe
Service notices
Tools download and fetch-crl
Technical documentation
IGTF OID Registry
SHA-2 timeline
Meetings
Abingdon, UK, May 29-30, 2024
Overview
Agendas
Intranet and Reviews
Guidelines for On-line PKI Certification Authorities
- Guidelines for On-line PKI Certification Authorities
Status: Endorsed: EUGridPMA
Formats available: Adobe PDF Office XMLThe Guidelines for On-line PKI Certification Authorities apply to those PKI CAs where the certificate issuing machine is directly or indirectly connected to any other computer device. The architecture should protect against the very harmful leaking of private keys, since there is no viable possibility to quickly withdraw a compromised root CA from trust anchor distributions.
Other versions:
- Policy development area: HTML;
Comments to David Groep. This site is hosted at Nikhef, subject to the privacy policy.