Posts

Showing posts from June, 2016

What is C4CA

C4CA is  Citizen and Commerce Class Common Certification Authority C4 is a streamlined process based on memorandum of agreement rather than detailed review  of CP and CPS for compliance. The C4 policy is modeled against the FBCA Rudimentary  level of assurance and defines requirements for certificates accepted by the U.S. Federal  Government for the purpose of authenticating citizens and commercial enterprises for many  electronic services.  Certification authorities and credential services by citizens and  companies (e.g., AOL, Wells Fargo, PEPCO) conducting business with the federal  government are subordinate to, or have the option to two-way cross-certify with, the C4 CA. 

Federal PKI

PUBLIC KEY INFRASTRUCTURES - FEDERAL PKI Federal PKI NIST plays a leading role in the deployment of the Federal PKI, serving as an advisor for architectural issues and leading the development, evaluation, and maintenance of certificate policies for the Federal PKI. The Federal PKI architecture features the Federal Bridge Certification Authority (FBCA), which supports interoperability among PKI domains with disparate policies in a peer to peer fashion, and the Common Policy Root CA, which manages a hierarchical PKI. FPKI Architecture The FBCA operates under the FBCA Certificate Policy, which specifies five levels of assurance. The FBCA issues certificates to the Principal CA of a PKI domain after the Federal PKI Policy Authority: (1) determines which FBCA levels of assurance are satisfied by the policies supported in that PKI domain; (2) determines that the PKI domain fulfills its responsibilities under those policies; and (3) establishes a legal agreement between the FBCA and ...