X.509 Certification Practice Statement
for the
VT Root
Certification Authority
March 28, 2006
Amended July 7, 2007
OBJECT IDENTIFIER 1.3.6.1.4.1.6760.5.2.3.1. 1
Release 1.0, Version 2.0

X.509 Certification Practice Statement
for the
VT Root
Certification Authorities
March 28, 2006
Amended March 16, 2011
OBJECT IDENTIFIER 1.3.6.1.4.1.6760.5.2.3.1. 1
Release 1.0, Version 3.0

add RCA Root Certification Authority

This Certification Practice Statement (CPS) defines the operational implementation of the terms and conditions, described in the Virginia Polytechnic Institute and State University (hereinafter Virginia Tech) Certificate Authority (VTCA) Certificate Policy identified by the object identifier 1.3.6.1.4.1.6760.5.2.1.1.1, for the VT Root Certificate Authority, (RCA), a VTCA.

This Certification Practice Statement (CPS) defines the operational implementation of the terms and conditions, described in the Virginia Polytechnic Institute and State University (hereinafter Virginia Tech) Certification Authority (VTCA) Certificate Policy identified by the object identifier 1.3.6.1.4.1.6760.5.2.1.1.1, for the VT Self Signed Root and Global Root Certification Authorities.

This CPS defines the operational implementation of the requirements set forth by the VTCA CP.

This CPS defines the operational implementation of the requirements set forth by the VTCA CP for the Virginia Tech Self Signed Root and Global Root CAs. The term RCA (Root Certification Authority) is used throughout this document as a reference to both the Virginia Tech Self Signed Root and Global Root Certification Authorities.

The C1SCA has a copy of the VTCA CP and CPS which has been digitally signed by the VTPKI-PMA chairman and one other member of the VTPKI-PMA. The VTPKI-PMA has the primary responsibility for approving policies/standards of the Virginia Tech Public Key Infrastructure (PKI) and the related Certificate Authorities operating within it. The web administrator of the VTCA PKI website publishes CP and CPS document updates to the website at the request of the VTPKI-PMA chairman and notifies the VTPKI-PMA membership whenever these updates occur.
• A digitally signed copy of the VTCA CP (Certificate Policy) is available at http://www.pki.vt.edu/rootca/cp.
• A digitally signed copy of the RCA CPS (Certification Practice Statement) is available at http://www.pki.vt.edu/rootca/cps .

A RCA has a copy of the VTCA CP and CPS which has been digitally signed by the VTPKI-PMA chairman and one other member of the VTPKI-PMA. The VTPKI-PMA has the primary responsibility for approving policies/standards of the Virginia Tech Public Key Infrastructure (PKI) and the related Certificate Authorities operating within it. The web administrator of the VTCA PKI website publishes CP and CPS document updates to the website at the request of the VTPKI-PMA chairman and notifies the VTPKI-PMA membership whenever these updates occur.
A digitally signed copy of the VTCA CP (Certificate Policy) and RCA CPS is available at

.

A PKC certificate issued by the RCA is ...... .

A PKC issued by the RCA is ......

{*}The Subject names of a PKC must be in the following format:
CN = < name of subordinate CA as determined by the PMA >,
O = Virginia Polytechnic Institute and State University,
C = US,
DC = vt,
DC = edu{*}

The Subject names of a PKC must be in the following format for certificates issued by the VT Self Signed Root CA:
CN = < name of subordinate CA as determined by the PMA >,
O = Virginia Polytechnic Institute and State University, C = US,
DC = vt,
DC = edu
Subject names for certificates issued by the VT Global Root CA must follow naming convention formats specified by the root key signing vendor, GlobalSign as follows:
CN = < name of subordinate CA as determined by the PMA >,
OU=Global < Server | User | SoftPDC > CA,
O=Virginia Tech,
C=US

VTPKI: Virginia Tech Public Key Infrastructure refers to the Virginia Tech Root CA and all of the Subordinate CAs within the PKI hierarchy.

VTPKI: Virginia Tech Public Key Infrastructure refers collectively to the Self Signed Root and Global Virginia Tech Root CAs and all of the Subordinate CAs within each PKI hierarchy.