Certification Authority Rating And Trust (CARAT) published the ''CARAT Guidelines''(info) subtitled Guidelines for Constructing Policies Governing the Use of Identity-Based Public Key Certificates dated 2000-01-14.

Guidelines that are intended to help organizations create closed, but interoperable Public Key Infrastructures (PKIs) that can be used to facilitate pilot projects employing public key technology.

Such organizations, called Policy Authorities in this document, can use the Guidelines to analyze their particular needs and to construct a PKI that will meet those needs. One important product of that analysis is likely to be a Certificate Policy, which may be thought of as a charter for a particular PKI.

A Certificate Policy defines who the parties are, the relationships and obligations of the parties to one another, and what uses are acceptable within the PKI. The last part of these Guidelines includes high level drafting instructions for Certificate Policy writers. The Guidelines suggest that Policy Authorities use contracts to make the provisions of a Certificate Policy legally binding among the parties

More Information#

There might be more information for this subject on one of the following:

Add new attachment

Only authorized users are allowed to upload new attachments.

List of attachments

Kind Attachment Name Size Version Date Modified Author Change note
1999-12-10-carat-final-011400-... 293.6 kB 1 31-Jan-2016 04:58 jim CARAT Guidelines
« This page (revision-3) was last changed on 31-Jan-2016 05:02 by jim