Dsr cp/cps version 11 Effective Date: November 18, 2022
§2.1). Subscriber Certificates can be downloaded by Subscribers from the RA
Download 0.58 Mb. Pdf ko'rish
|
Microsoft DSR PKI CP-CPS for TLS Ver 2.11 November 2022
|
§2.1). Subscriber Certificates can be downloaded by Subscribers from the RA application. 4.4.3 Notification of Certificate Issuance by the CA to Other Entities Microsoft may notify the public of the issuance of a certificate by adding it to one or more publicly accessible Certificate Transparency (CT) Logs. 4.5 Key Pair and Certificate Usage 4.5.1 Subscriber Private Key and Certificate Usage Use of a TLS Certificate is permitted once the Subscriber has agreed to the Subscriber Agreement. The Certificate shall be used in accordance with the Subscriber Agreement and the terms of this CP/CPS. Subscribers and CAs use their private keys for the purposes as constrained by the extensions (such as key usage, certificate policies, etc.) in the Certificates issued to them. Subscribers are required to protect their private keys from unauthorized use and discontinue use of the private key following expiration or revocation of the Certificate. 4.5.2 Relying Party Public Key and Certificate Usage Relying parties shall use public key Certificates and associated public keys for the purposes as constrained by the extensions (such as key usage, certificate policies, etc.) in the Certificates. A Relying Party is responsible for verifying the validity of the Certificate prior to relying on any Certificate. 4.6 Certificate Renewal DSR TLS CAs support certificate renewals as specified in the following sections. 4.6.1 Circumstance for Certificate Renewal Renewal requests may be submitted for certificates issued by DSR TLS CAs as long as the existing certificate is valid (i.e., not expired or revoked). 4.6.2 Who May Request Renewal Renewal requests shall be submitted by the subscriber, certificate owner (can be the same person as the subscriber), or a delegate. Such requests must be signed using the existing certificate (key based renewal). 4.6.3 Processing Certificate Renewal Requests DSR TLS CAs performs all identification, authorization, and validation checks specified in §3.2 during renewal. 4.6.4 Notification of New Certificate Issuance to Subscriber Subscribers are notified of new certificate issuance through emails. 4.6.5 Conduct Constituting Acceptance of a Renewal Certificate Refer to §4.4.1 4.6.6 Publication of the Renewal Certificate by the CA Refer to §4.4.2 4.6.7 Notification of Certificate Issuance by the CA to Other Entities No Stipulation. 4.7 Certificate Re-Key Any certificate re-key request shall be treated as initial certificate issuance. Refer to Download 0.58 Mb. Do'stlaringiz bilan baham: 
|