This section introduces the VeriSign Certification Practice Statement (CPS) and describes its structure and underlying conventions. It concludes with a list of acronyms and abbreviations used in the CPS.
This VeriSign Certification Practice Statement (CPS) presents the practices that VeriSign, its issuing authorities (IAs), and authorized non-VeriSign IAs participating in the provision of VeriSign's public certification services (PCS) employ in issuing and managing certificates and in maintaining a certificate-based public key infrastructure (PKI). It details and controls the certification process, from establishing IAs, commencing IA and repository operations, to enrolling subscribers. The PCS provide for issuing, managing, using, suspending, revoking, and renewing of certificates. The CPS is intended to legally bind and provide notice to all parties that create, use, and validate certificates within the context of the PCS. As such, the CPS plays a central role in governing the PCS, as represented in Figure 1.
FIGURE 1: THE CENTRAL ROLE OF THE VERISIGN CPS
This CPS governs only a portion of the complement of services offered by VeriSign. Other VeriSign services may neither require nor invoke a hierarchy of IAs. The PCS will inevitably evolve to accommodate other structures in response to market demand. This CPS is periodically updated to reflect new services and to improve the PCS infrastructure in general [Section 12.12.2].
The CPS takes a life cycle, or "cradle-to-grave", approach to describing certification processes. It begins with IA establishment and start-up procedures and then covers general IA operations; enrollment; use of certificates; certificate suspension, revocation, and expiration. The benefits of this approach include a chronological presentation of events and compatibility with the anticipated structure of leading private- and public-sector practice statements.
FIGURE 2: CPS LIFE CYCLE STRUCTURE
This certification practice statement should be cited in other documents as the "VeriSign CPS" or the "VeriSign Certification Practice Statement". It is internally cited as the "CPS" or as "CPS Section _" and its appendices as "Appendix Section 13". The CPS is updated periodically. Versions of the CPS are denoted by a version number following "CPS" (e.g., "version 1.2" or "CPS 1.2").
Underlined text in the on-line version of this CPS represents the first instance defined terms (see Appendix 13.1 - Definitions) are used in this CPS. The WWW-based version(s) of this CPS uses hypertext-linked underlined text (using HTML) for cross-referencing within the CPS and for quick reference to definitions and other relevant documents.
This CPS is published:
(i) in electronic form within the VeriSign repository at https://www.verisign.com,
(ii) in electronic form via E-mail from CPS-requests@verisign.com, and
(iii) in paper form from VeriSign, Inc., 1390 Shorebird Way, Mountain View, CA 94043 USA, Attn: Certification Services.
This CPS assumes that the reader is generally familiar with digital signatures, PKIs, and VeriSign's PCS. If not, we advise some training in the use of public key techniques before the reader applies for a certificate. Educational and training information is accessible from VeriSign at https://www.verisign.com and https://digitalid.verisign.com. Additional assistance is available from VeriSign customer service representatives (customer_service@verisign.com).
ALL PCS APPLICANTS AND SUBSCRIBERS ACKNOWLEDGE THAT (I) THEY HAVE BEEN ADVISED TO RECEIVE PROPER TRAINING IN THE USE OF PUBLIC KEY TECHNIQUES PRIOR TO APPLYING FOR A CERTIFICATE AND THAT (II) DOCUMENTATION, TRAINING, AND EDUCATION ABOUT DIGITAL SIGNATURES, CERTIFICATES, PKI, AND THE PCS ARE AVAILABLE FROM VERISIGN.
TABLE 1 -- TABLE OF ACRONYMS AND ABBREVIATIONS