Policy CA Enforcement
Trying to understand how / if the CPS and Certificate Policies are enforced? If I define different CPS or Certificate Policies in a 2 or 3 tier hierarchy, are the practices and policies defined in any way technically enforces or it is only a "statement"
that is suppose to be followed?
Example. Although my Policy CA / Certificate Policy states that I will validate a users identity by means of drivers license before issuing a certificate, how technically is that enforced? What prevents a Certificate Manager from issuing that user a certificate
without seeing his/her drivers license?
Thanks,
Paul
May 20th, 2011 6:50pm
On Fri, 20 May 2011 15:50:58 +0000, PaulT15 wrote:
Trying to understand how / if the CPS and?Certificate Policies are enforced? If I define different CPS or Certificate Policies in a 2 or 3 tier hierarchy, are the practices and policies defined in any way technically enforces or it is only a "statement"
that is suppose to be followed?
Example. Although my Policy CA / Certificate Policy states that I will validate a users identity by means of drivers license before issuing a certificate, how technically is that enforced? What prevents a Certificate Manager from issuing that user a certificate
without seeing his/her drivers license?
Out of the box, they are not enforced with any technical controls. That's
why something like FIM CM is a good idea as it allows you to apply
technical controls that support your policies and procedures.
Paul Adare
MVP - Identity Lifecycle Manager
http://www.identit.ca
Output: What people who talk backwards do with their cat.
Free Windows Admin Tool Kit Click here and download it now
May 20th, 2011 8:14pm