Root Authority Certificate College Park Certificate Authority

University of Maryland at College Park Certificate Policies and Practices

Certificate Policy (CP) and Certificate Practices Statement (CPS) documents allow Relying Parties at one institution to make informed decisions based on the Policies and Practices of another institution. As long as Certificates granted by this Certificate Authority are used solely within this institution, the need for formal policy documents is minimal.

Our short-term goal is to run a medium-security Public Key Infrastructure (PKI), with a longer-term (5-7 years) goal of being certified by the Higher Education Bridge Authority.

At this stage of the project some consideration on the part of our clients would be appreciated. Specifically, it should be expected that:

1. Implementation of some parts of the PKI will be delayed
   • the identity, privacy, and code signing CAs
   • a certificate revocation infrastructure
   • certification of this PKI by a higher authority
   • formal CP and CPS documents
2. Implementation of some eminently desireable goals may not be possible at all
   • Our root certificate may never be signed by a globally recognized signing authority such as Thawte or Verisign
   • Use of these CAs with some client software may not be possible unless or until the vendors of such software implement functional, standards-based PKI capabilities
3. Some mistakes will be made
   • some aspects of this PKI have already been redesigned three times
   • extending this PKI to additional platforms may require further redesign

What we have accomplished is a best-effort solution, but there may well be problems that will be discovered only after the PKI has been in operation for a time.