[Go to /]
Structures
Membership
Contact us

IGTF
APGridPMA
TAGPMA
REFEDS
SCI
WISE

Documents
Charter
Guidelines
One Statement Policies

CAOPS-WG
Wiki

Technical Info
CA Distribution download
Subject Locator
Find your local CA
About your certificate

Newsletter issues
Subscribe
Service notices

Tools download and fetch-crl
Technical documentation
IGTF OID Registry
SHA-2 timeline

Meetings
CERN, Geneva, CH, Feb 5-7, 2025
Amsterdam, NL, Sept 23-24, 2024

Overview
Agendas
Intranet and Reviews (closed)

Guidelines for On-line PKI Certification Authorities

  • Guidelines for On-line PKI Certification Authorities
    Status: Endorsed: EUGridPMA
    Formats available: Adobe PDF Office XML

    The Guidelines for On-line PKI Certification Authorities apply to those PKI CAs where the certificate issuing machine is directly or indirectly connected to any other computer device. The architecture should protect against the very harmful leaking of private keys, since there is no viable possibility to quickly withdraw a compromised root CA from trust anchor distributions.

    Other versions:

    • Policy development area: HTML;

Comments to David Groep. This site is hosted at Nikhef, subject to the privacy policy.