PACIFIC GAS AND ELECTRIC COMPANY
2y ago
52 Views
1 Downloads
417.02 KB
27 Pages
Report/dmca
Download PDF

Transcription

PACIFIC GAS AND ELECTRIC COMPANYENTERPRISE PUBLIC KEY INFRASTRUCTURECERTIFICATE POLICYJanuary 2012Version 0.1Copyright 2012, Entrust, Inc.

Pacific Gas and Electric Company Enterprise Public Key Infrastructure Certificate PolicyVersion ControlVersion1.0Revision DateRevision DescriptionRevised byInitial ReleaseEntrust Managed ServicePolicy AuthorityPage - i

Pacific Gas and Electric Company Enterprise Public Key Infrastructure Certificate PolicyTable of Contents1INTRODUCTION. 11.1 OVERVIEW . 11.2 DOCUMENT NAME AND IDENTIFICATION . 11.2.1Policy Object Identifiers . 11.3 PKI PARTICIPANTS . 21.3.1Certification Authorities . 21.3.2Registration Authorities . 21.3.3Subscribers . 31.3.4Relying Parties . 31.3.5Other Participants . 31.4 CERTIFICATE USAGE . 41.4.1Appropriate Certificate Uses . 41.4.2Prohibited Certificate Uses . 41.5 POLICY ADMINISTRATION . 51.6 DEFINITIONS AND ACRONYMS . 51.6.1List of Definitions . 51.6.2List of Acronyms . 52PUBLICATION AND REPOSITORY RESPONSIBILITIES . 72.1 REPOSITORIES . 72.2 PUBLICATION OF CERTIFICATION INFORMATION . 72.3 TIME OR FREQUENCY OF PUBLICATION. 72.4 ACCESS CONTROLS ON REPOSITORIES . 73IDENTIFICATION AND AUTHENTICATION . 83.1 NAMING . 83.2 INITIAL IDENTITY VALIDATION . 83.2.1Method to Prove Possession of Private Key . 83.2.2Authentication of Organization Identity . 83.2.3Authentication of Individual Identity . 83.2.4Non-verified Subscriber Information . 83.2.5Validation of Authority . 83.2.6Criteria for Interoperation . 83.3 IDENTIFICATION AND AUTHENTICATION FOR RE-KEY REQUESTS . 83.3.1Identification and Authentication for Routine Re-key. 83.3.2Identification and Authentication for Re-key after Revocation. 83.4 IDENTIFICATION AND AUTHENTICATION FOR REVOCATION REQUEST . 94CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS .104.1 CERTIFICATE APPLICATION.104.1.1Who Can Submit a Certificate Application.104.1.2Enrollment Process and Responsibilities.104.2 CERTIFICATE APPLICATION PROCESSING .104.3 CERTIFICATE ISSUANCE .104.4 CERTIFICATE ACCEPTANCE.104.4.1Conduct Constituting Certificate Acceptance.104.4.2Publication of the Certificate by the CA .104.4.3Notification of Certificate Issuance by the CA to Other Entities .104.5 KEY PAIR AND CERTIFICATE USAGE .104.6 CERTIFICATE RENEWAL .104.7 CERTIFICATE RE-KEY .104.7.1Circumstance for Certificate Re-key.104.7.2Who May Request Certification of a New Public Key .114.7.3Processing Certificate Re-keying Requests .114.7.4Notification of New Certificate Issuance to Subscriber .114.7.5Conduct Constituting Acceptance of a Re-keyed Certificate .114.7.6Publication of the Re-keyed Certificate by the CA .11Page - ii

Pacific Gas and Electric Company Enterprise Public Key Infrastructure Certificate Policy4.7.7Notification of Certificate Issuance by the CA to Other Entities .114.8 CERTIFICATE MODIFICATION .114.9 CERTIFICATE REVOCATION AND SUSPENSION.114.9.1Circumstances for Revocation .114.9.2Who Can Request Revocation .114.9.3Procedure for Revocation Request .114.9.4Revocation Request Grace Period .114.9.5Time within which CA Must Process the Revocation Request .114.9.6Revocation Checking Requirement for Relying Parties .124.9.7CRL Issuance Frequency .124.9.8Maximum Latency for CRLs .124.9.9On-line Revocation/Status Checking Availability .124.9.10On-line Revocation Checking Requirements .124.9.11Other Forms of Revocation Advertisements Available .124.9.12Special Requirements re: Re-key Compromise .124.9.13Circumstances for Suspension .124.9.14Who Can Request Suspension .124.9.15Procedure for Suspension Request .134.9.16Limits on Suspension Period .134.10CERTIFICATE STATUS SERVICES .134.10.1Operational Characteristics .134.10.2Service Availability .134.10.3Optional Features .134.11END OF SUBSCRIPTION .134.12KEY ESCROW AND RECOVERY .134.12.1Key Escrow and Recovery Policy and Practices .134.12.2Session Key Encapsulation and Recovery Policy and Practices.135FACILITY MANAGEMENT, AND OPERATIONAL CONTROLS.145.1 PHYSICAL CONTROLS .145.2 PROCEDURAL CONTROLS .145.3 PERSONNEL CONTROLS .145.4 AUDIT LOGGING PROCEDURES .145.5 RECORDS ARCHIVAL.145.6 KEY CHANGEOVER .145.7 COMPROMISE AND DISASTER RECOVERY .145.8 CA OR RA TERMINATION .146TECHNICAL SECURITY CONTROLS .156.1 KEY PAIR GENERATION AND INSTALLATION .156.1.1Key Pair Generation .156.1.2Private Key Delivery to Subscriber .156.1.3Public Key Delivery to Certificate Issuer .156.1.4CA Public Key Delivery to Relying Parties .156.1.5Key Sizes .156.1.6Public Key Parameters Generation and Quality Checking .156.1.7Key Usage Purposes .156.2 PRIVATE KEY PROTECTION AND CRYPTOGRAPHIC MODULE ENGINEERING CONTROLS .156.3 OTHER ASPECTS OF KEY PAIR MANAGEMENT .156.3.1Public Key Archival .156.3.2Certificate Operational Periods and Key Pair Usage Periods .156.4 ACTIVATION DATA .156.5 COMPUTER SECURITY CONTROLS .156.6 LIFE CYCLE TECHNICAL CONTROLS .156.7 NETWORK SECURITY CONTROLS .166.8 TIME-STAMPING .167CERTIFICATE, CRL, AND OCSP PROFILES .177.1 CERTIFICATE PROFILE .17Page - iii

Pacific Gas and Electric Company Enterprise Public Key Infrastructure Certificate Policy7.2 CRL PROFILE .177.2.1Version Number .177.2.2CRL and CRL Entry Extensions.177.3 OCSP PROFILE .187.3.1Version Number .187.3.2OCSP Extensions .188COMPLIANCE AUDIT AND OTHER ASSESSMENTS .198.1 FREQUENCY OR CIRCUMSTANCES OF ASSESSMENT .198.2 IDENTITY/QUALIFICATIONS OF ASSESSOR .198.3 ASSESSOR’S RELATIONSHIP TO ASSESSED ENTITY .198.4 TOPICS COVERED BY ASSESSMENT .198.5 ACTIONS TAKEN AS A RESULT OF DEFICIENCY .198.6 COMMUNICATION OF RESULTS .199OTHER BUSINESS AND LEGAL MATTERS .209.1 FEES .209.2 FINANCIAL RESPONSIBILITY .209.3 CONFIDENTIALITY OF BUSINESS INFORMATION .209.3.1Scope of Confidential Information .209.3.2Information not within the Scope of Confidential Information .209.3.3Responsibility to Protect Confidential Information .209.4 PRIVACY OF PERSONAL INFORMATION .209.5 INTELLECTUAL PROPERTY RIGHTS .209.6 REPRESENTATIONS AND WARRANTIES.209.7 DISCLAIMERS OF WARRANTIES.219.8 LIMITATIONS OF LIABILITY .219.9 INDEMNITIES .219.10TERM AND TERMINATION .219.11INDIVIDUAL NOTICES AND COMMUNICATIONS WITH PARTICIPANTS .219.12AMENDMENTS .219.12.1Procedure for Amendment .219.12.2Notification Mechanism and Period .229.12.3Circumstances under Which OID Must be Changed .229.13DISPUTE RESOLUTION PROVISIONS .229.14GOVERNING LAW .229.15COMPLIANCE WITH APPLICABLE LAW .229.16MISCELLANEOUS PROVISIONS .229.16.1Entire Agreement .229.16.2Assignment .229.16.3Severability .2

Pacific Gas and Electric Company Enterprise Public Key Infrastructure Certificate Policy Page - i Version Control Version Revision Date Revision Description Revised by 1.0 Initial Release

Related Books

PACIFIC GAS AND ELECTRIC COMPANY 2020 WILDFIRE

PACIFIC GAS AND ELECTRIC COMPANY 2020 WILDFIRE

Pacific Gas and Electric Company 2019 Wildfire Safety Plan

Pacific Gas and Electric Company 2019 Wildfire Safety Plan

Packaged Cooling with Electric Heat and Gas/Electric .

Packaged Cooling with Electric Heat and Gas/Electric .

Ford Motor Company Parent Company Ford Motor Company SUVs .

Ford Motor Company Parent Company Ford Motor Company SUVs .

FOR LP-GAS AND ELECTRIC OPERATION

FOR LP-GAS AND ELECTRIC OPERATION

PUBLIC UTILITIES COMMISSION - Gas and power company for .

PUBLIC UTILITIES COMMISSION - Gas and power company for .

SOUTHERN CALIFORNIA GAS COMPANY ADVANCED

SOUTHERN CALIFORNIA GAS COMPANY ADVANCED

DTE GAS COMPANY - Michigan

DTE GAS COMPANY - Michigan

WISCONSIN ELECTRIC POWER COMPANY

WISCONSIN ELECTRIC POWER COMPANY

General Electric Company - LexisNexis

General Electric Company - LexisNexis

HYBRID POWER SYSTEMS AND THEIR POTENTIAL IN THE PACIFIC .

HYBRID POWER SYSTEMS AND THEIR POTENTIAL IN THE PACIFIC .

COVID-19 Impact on Asian American and Pacific Islander .

COVID-19 Impact on Asian American and Pacific Islander .

PopularTags

Recent Views