Cover Page

X.509 Certification Practice Statement
for the
Class 1 Server
Certification Authority
March 28, 2006
Amended July 7, 2009
OBJECT IDENTIFIER 1.3.6.1.4.1.6760.5.2.3.2.1
Release 1.0, Version 2.0

X.509 Certification Practice Statement
for the
Server
Certification Authorities
March 28, 2006
Amended March 16, 2011
OBJECT IDENTIFIER 1.3.6.1.4.1.6760.5.2.3.2.1
Release 1.0, Version 3.0

1 INTRODUCTION thru 11. ACKNOWLEDGEMENTS

Change C1SCA to SCA

1 INTRODUCTION

This Certification Practice Statement (CPS) defines the operational implementation of the terms and conditions, described in the Virginia Polytechnic Institute and State University (hereinafter Virginia Tech) Certificate Authority (VTCA) Certificate Policy identified by the object identifier 1.3.6.1.4.1.6760.5.2.1.1.1, for the Class 1 Server Certificate Authority (C1SCA), a VTCA.

This Certification Practice Statement (CPS) defines the operational implementation of the terms and conditions, described in the Virginia Polytechnic Institute and State University (hereinafter Virginia Tech) Certification Authority (VTCA) Certificate Policy identified by the object identifier 1.3.6.1.4.1.6760.5.2.1.1.1, for the Class 1 Server Certification Authority and Global Server Certificate Authority.

Acronyms

Add the acronym: "SCA Server Certification Authority"

1.1 OVERVIEW

This CPS defines the operational implementation of the requirements set forth by the VTCA CP.

This CPS defines the operational implementation of the requirements set forth by the VTCA CP for the Virginia Tech Class 1 Server and Global Server CAs. The term SCA (Server Certification Authority) is used as a synonym throughout this document to reference both the Virginia Tech Class 1 Server and Global Server CAs.

1.1.1 Certificate Policy (CP)

The C1SCA has a copy of the VTCA CP and CPS which has been digitally signed by the VTPKI-PMA chairman and one other member of the VTPKI-PMA. The VTPKI-PMA has the primary responsibility for approving policies/standards of the Virginia Tech Public Key Infrastructure (PKI) and the related Certificate Authorities operating within it. The web administrator of the VTCA PKI website publishes CP and CPS document updates to the website at the request of the VTPKI-PMA chairman and notifies the VTPKI-PMA membership whenever these updates occur.
• A digitally signed copy of the VTCA CP (Certificate Policy) is available at http://www.pki.vt.edu/rootca/cp.
• A digitally signed copy of the RCA CPS (Certification Practice Statement) is available at http://www.pki.vt.edu/rootca/cps .

The SCA has a copy of the VTCA CP and CPS which has been digitally signed by the VTPKI-PMA chairman and one other member of the VTPKI-PMA. The VTPKI-PMA has the primary responsibility for approving policies/standards of the Virginia Tech Public Key Infrastructure (PKI) and the related Certificate Authorities operating within it. The web administrator of the VTCA PKI website publishes CP and CPS document updates to the website at the request of the VTPKI-PMA chairman and notifies the VTPKI-PMA membership whenever these updates occur.
• A digitally signed copy of the VTCA CP (Certificate Policy) is available at http://www.pki.vt.edu/rootca/cp
• A digitally signed copy of the SCA CPS (Certification Practice Statement) is available at http://www.pki.vt.edu/globalserver/cps

1.1.3 Interoperation with CAs External to this Policy Domain

The C1SCA does not interoperate with CAs external to this policy domain.

The Virginia Tech Class 1 Server CA which is a subordinate CA within the VT Self Signed Root CA hierarchy does not interoperate with CAs external to this policy domain. The Virginia Tech Global Server CA is a subordinate CA within the VT Global Root CA hierarchy which is chained to GlobalSign’s pre-distributed and trusted commercial GlobalSign Root CA.

7.1 CERTIFICATE PROFILE

The certificate profiles for the C1SCA and the end entity certificates issued by the C1SCA are published at http://www.pki.vt.edu/vtc1sca/cps/ .

The certificate profiles for an SCA and the end entity certificates issued by an SCA are published at http://www.pki.vt.edu/globalserver/cps/.

7.1.2 Certificate Extensions

Standard extensions, when populated, are described in Certificate Profiles published at: http://www.pki.vt.edu/vtc1sca/cps/ .

Standard extensions, when populated, are described in Certificate Profiles published at: http://www.pki.vt.edu/globalserver/cps

7.2.1 Version Numbers

Information on CRL extensions is documented in the certificate profiles for the C1SCA. The certificate profiles for the C1SCA and the end entity certificates issued by the C1SCA are published at http://www.pki.vt.edu/vtc1sca/cps/ .

Information on CRL extensions are documented in the certificate profiles for an SCA. The certificate profiles for an SCA and the end entity certificates issued by an SCA are published at http://www.pki.vt.edu/globalserver/cps/

10. GLOSSARY

VTPKI: Virginia Tech Public Key Infrastructure refers to the Virginia Tech Root CA and all of the Subordinate CAs within the PKI hierarchy.

VTPKI: Virginia Tech Public Key Infrastructure refers collectively to the Self Signed Root and Global Virginia Tech Root CAs and all of the Subordinate CAs within each PKI hierarchy.