|
1.
|
Clear description of the referenced document:
|
|
|
|
Name:
|
IETF RFC 3647 (2003)
|
|
Title:
|
Internet X.509 Public Key Infrastructure - Certificate Policy and Certification Practices Framework
|
|
|
2.
|
Status of approval:
|
|
|
Informational RFC
|
|
3.
|
Justification for the specific reference:
|
|
|
required by CA/Browser Forum
|
|
4.
|
Current information, if any, about IPR issues:
|
|
|
Information on IPR issues regarding RFCs is available at: https://datatracker.ietf.org/ipr/search/. Specifically: https://datatracker.ietf.org/ipr/search/?option=rfc_search&rfc_search=3647
|
|
5.
|
Other useful information describing the "Quality" of the document:
|
|
|
at least two independent, interoperable implementations and sufficient successful operational experience exist; if IPR issues are known, then independent implementations must be based on at least two separate exercises of the licensing process; considered mature and final form of specification
|
|
6.
|
The degree of stability or maturity of the document:
|
|
|
at least two independent, interoperable implementations and sufficient successful operational experience exist; if IPR issues are known, then independent implementations must be based on at least two separate exercises of the licensing process; considered mature and final form of specification
|
|
7.
|
Relationship with other existing or emerging documents:
|
|
|
Obsoletes RFC 2527
|
|
8.
|
Any explicit references within that referenced document should also be listed:
|
|
|
[ABA2] American Bar Association, PKI Assessment Guidelines, v0.30,/
Public Draft For Comment, June 2001./
/
[BAU1] Michael. S. Baum, Federal Certification Authority Liability/
and Policy, NIST-GCR-94-654, June 1994, available at/
http://www.verisign.com/repository/pubs/index.html./
/
[ETS] European Telecommunications Standards Institute, "Policy/
Requirements for Certification Authorities Issuing Qualified/
Certificates," ETSI TS 101 456, Version 1.1.1, December 2000./
/
[GOC] Government of Canada PKI Policy Management Authority, "Digital/
Signature and Confidentiality Certificate Policies for the/
Government of Canada Public Key Infrastructure," v.3.02, April/
1999./
/
[IDT] Identrus, LLC, "Identrus Identity Certificate Policy" IP-IPC/
Version 1.7, March 2001./
/
[ISO1] ISO/IEC 9594-8/ITU-T Recommendation X.509, "Information/
Technology - Open Systems Interconnection: The Directory:/
Authentication Framework," 1997 edition. (Pending publication/
of 2000 edition, use 1997 edition.)/
/
[PEM1] Kent, S., "Privacy Enhancement for Internet Electronic Mail:/
Part II: Certificate-Based Key Management", RFC 1422, February/
1993./
/
[PKI1] Housley, R., Polk, W. Ford, W. and D. Solo, "Internet X.509/
Public Key Infrastructure Certificate and Certificate/
Revocation List (CRL) Profile", RFC 3280, April 2002./
/
[CPF] Chokhani, S. and W. Ford, "Internet X.509 Public Key/
Infrastructure, Certificate Policy and Certification Practices/
Statement Framework", RFC 2527, March 1999./
|
|
9.
|
Qualification of
ISOC/IETF:
|
|
|
9.1-9.6 Decisions of ITU Council to admit ISOC to participate in the work of the Sector (June 1995 and June 1996).
9.7 The Internet Engineering Steering Group (IESG) is responsible for ongoing maintenance of the RFCs when the need arises. Comments on RFCs and corresponding changes are accommodated through the existing standardization process.
9.8 Each revision of a given RFC has a different RFC number, so no confusion is possible. All RFCs always remain available on-line. An index of RFCs and their status may be found in the IETF archives at http://www.rfc-editor.org/rfc.html.
|
|
10.
|
Other (for any supplementary information):
|
|
|
None
|
|
