Secure CA operation
BSI TR-03145 Secure Certification Authority operation
文档结构: - Introduction, scope - Abbreviation - Concept and approach: 图~ - Aims of the CA - Processes of the CA - General security requirements
abbr
certificate policy (CP): 一些命名规则,标识common security requirement, RFC3647
certification practice statement (CPS): CA对签发、管理、撤销、续期的实际操作策略
Certificate Management Processes
Private key of the CA
Maintaining: (process) - Certificate generation process - Trustworthy CA certificate
Trustworthy Manner: (Depends on) - General security requirements
Objectives -> Treats -> Requirements
Rationale: - Objective -> Requirements -> Rationale - Treat -> Requirements -> Rationale