目录1。简介5 1.1。概述5 1.2。文档名称和标识6 1.3。PKI参与者8 1.3.1。DiviCert政策授权机构和认证机构8 1.3.2。注册机构9 1.3.3。订户9 1.3.4。依靠各方9 1.3.5。其他参与者10 1.4。证书使用率10 1.4.1。适当的证书使用10 1.4.1.1保证水平10 1.4.2禁止证书使用11 1.5。政策管理11 1.5.1。设施，管理和运营控制41 5.1。物理控制41 5.2程序控制42 5.3人事控制43 5.4审核记录程序45 5.5记录档案档案47Organization Administering the Document 11 1.5.2 Contact Person 11 1.5.3 Person Determining CPS Suitability for the Policy 12 1.5.4 CP Approval Procedures 12 1.6 DEFINITIONS AND ACRONYMS 12 1.6.1 Definitions 12 1.6.2 Acronyms 14 2 PUBLICATION AND REPOSITORY RESPONSIBILITIES 16 2.1 REPOSITORIES 16 2.2 PUBLICATION OF CERTIFICATION INFORMATION 16 2.3 TIME OR FREQUENCY OF PUBLICATION 16 2.4 ACCESS CONTROLS ON REPOSITORIES 16 3 IDENTIFICATION AND AUTHENTICATION 17 3.1 NAMING 17 3.1.1 Types of Names 17 3.1.2 Need for Names to be Meaningful 17 3.1.3 Anonymity or Pseudonymity of Subscribers 17 3.2 INITIAL IDENTITY VALIDATION 18 3.2.1 Method to Prove Possession of Private Key 18 3.2.2 Authentication of Organization Identity and Domain/Email Control 18 3.2.3 Authentication of Individual Identity 24 3.2.3.1 Authentication for Role-based Client Certificates 24 3.2.3.2 Authentication of Devices with Human 25 3.2.3.3 Authentication of Devices with Human 25 3.2.4 Non-verified Subscriber Information 25 3.2.5 Validation of Authority 26 3.3 IDENTIFICATION AND AUTHENTICATION FOR RE-KEY REQUESTS 27 3.4 IDENTIFICATION AND AUTHENTICATION FOR REVOCATION REQUEST 28 4 CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS 29 4.1 CERTIFICATE APPLICATION 29 4.2 CERTIFICATE APPLICATION PROCESSING 29 4.3 CERTIFICATE ISSUANCE 30 4.4 CERTIFICATE ACCEPTANCE 31 4.5 KEY PAIR AND CERTIFICATE USAGE 31 4.6 CERTIFICATE RENEWAL 31 4.7证书重新键32 4.8证书修改33 4.9证书撤销和暂停33 4.10证书状态服务40 4.11订阅40 4.12密钥托管和恢复40 5。