Certificate Policy

A certificate policy describes the measures taken to validate a certificate’s subject prior to certificate issuance and the intended purposes of the certificate. For many organizations, it is the certificate-issuance policy that determines whether the presented certificate will be trusted.

For example, an organization is more likely to trust a certificate issued after a requestor presents photo identification than a certificate issued based on a user knowing an account and password combination.

Contents of a Certificate Policy

A certificate policy should include the following information:

  • How the user’s identity is validated during certificate enrollment. Is identity provided by an account and password combination or must requestors ...

Get Windows Server® 2008 PKI and Certificate Security now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.