PKI – CP/CPS Development Service

The CP and CPS documents describe your specific PKI architecture and include sections on certificate uses, naming, identification, authentication, key generation, procedures, operational controls, technical controls, revocation lists, audits, assessments, and legal matters.

Encryption Consulting (EC) will work collaboratively with customer stakeholders to develop a Certificate Policy (CP) / Certificate Practice Statement (CPS) document following the template provided in Request for Comment (RFC) #3647

Document Template

During this activity, Encryption Consulting’s team will:

  • Prepare a CPS document template in accordance with RFC #3647
  • Assist customer in drafting the content of CP/CPS
  • Identify additional operations practices needed for inclusion in the CP/CPS
  • Review final draft of CP/CPS with Key stakeholders

Certificate Policy (CP)

  • A document that sets out the rights, duties, and obligations of each party in a Public Key Infrastructure
  • The Certificate Policy (CP) is a document which usually has legal effect
  • A CP is usually publicly exposed by CAs, for example on a Web Site (VeriSign, etc.)

Certificate Practice Statement (CPS)

  • A document that sets out what happens in practice to support the policy statements made in the CP in a PKI
  • The Certificate Practice Statement (CPS) is the document which may have legal effect in limited circumstances

Trusted By

See how Encryption Consulting assisted a Retail institution in implementing a new Public Key Infrastructure.

Suggested Resources

Blog

Certificate Policy (CP) and Certificate Practice Statement (CPS)

A certificate policy describes the measures taken to validate a certificate’s subject prior to certificate issuance

Report

Encryption Consulting PKI & IoT Trends Survey

A study on global usage trends on Public Key Infrastructure (PKI) and Internet of Things (IoT) along with their application possibilities.

Training

PKI Training

PKI course is recommended for anyone using or managing certificates, designing or deploying a PKI enterprise solution, or evaluating & selecting a commercial PKI Technology Solution

Let's talk