Home | Aktuelles | Amateurfunk | Chaoswelle | DARC-OV | Afu-Lexikon | Service | Datenschutz | Impressum | Anmelden
(HAM-PKI policy work in progress)
Aktuelle Version (19:27, 27. Dez. 2014) (bearbeiten) (rückgängig)
(HAM-PKI policy work in progress)
 

Aktuelle Version

Inhaltsverzeichnis

ChaosWelle PKI Certification And Revocation Policy

This document is a WIP draft policy listing the conditions required to issue HAM-PKI certificates by Chaoswelle CA, as well as the conditions for revocation of such certificates.

Certificate Issuance

The Chaoswelle CA will issue HAM-PKI Certificates (Certs) to Applicants that have been successfully Authorized.

Certs

A HAM-PKI Cert created by Chaoswelle CA must contain the following information in its distinguished name (DN):

TODO: Are additional fields needed / allowed?

An audit record is created for every issued Cert containing the following data:

Applicants

Certs are issued to the following entities:

Authorization

Natural Person

A natural person needs to provide the following documents to be entitled for a Cert:

Certificate Revocation

Chaoswelle CA will be operating a CRL and indicate that CRL in the issued Certs. To put a given Cert on the CRL, proof is needed that the Cert was issued to an incorrect Applicant, i.e. the Callsign, Full Name or E-Mail Address values of the Cert do not belong to the person using the Cert.

This proof must be presented by the actual owner of the Callsign or E-Mail Address, or by a third party that can believably show that the Cert was issued wrongly.

Certs will only be revoked if they were issued to the wrong person, or used by a different person. Technical abuse of Internet services by the official owner of a Cert does not qualify for revocation. Instead, technical measures must be taken at the abused system.