- NATO PKI Certificate Policy
The NATO Public Key Infrastructure (PKI) Certificate Policy defines the creation and management of Version 3 X.509 public-key certificates for use in applications requiring security services. These security services may be standalone or between networked computer-based systems. Such applications include, but are not limited to, electronic mail; storage or transmission of unclassified and classified information; signature of files, messages or electronic forms; contract formation signatures; and authentication of infrastructure components such as web servers, firewalls, and directories. The network backbone for these network security products may be unprotected networks such as the Internet, or protected networks such as National Defence Networks (NDNs) or the NATO General Communications System. This document does not define a particular implementation of the NPKI, or the plans for future Certificate Policies. It is the intent of this Policy to identify the minimum requirements and procedures that are necessary to support trust in the NPKI, and to minimise imposition of specific implementation requirements on NPKI Certification authorities (CAs), registration authorities (RAs), subscribers, and relying parties. The Certificate Policies defined in this document are intended for use by NATO civil and military bodies. NPKI subscribers shall consult their issuing NPKI CA to obtain further details of the implementation of these Certificate Policies. They have been designed to satisfy the general public key certificate requirements of NATO. NPKI CAs are not obligated to issue, recognise or support all NATO policies. They are also not limited to only these policies, in that any NPKI CA may issue, recognise or support additional Certificate Policies with the approval of the NPMA. The NPKI operates in a closed environment governed by NATO rules and regulations concerning the enforceability, construction, interpretation and validity of these Certificate Policies.
- C3 Policies and Directives