Forums » #65 Grid Certificate Profile »
Document is in public comment until May 10th, 2013
Added by Redmine Admin over 9 years ago
Abstract:
This document provides guidance for the use of directory names, attributes, and extensions in
X.509 certificates, such that they are usable by the majority of the grid infrastructures today.
The intended audience for this document includes issuers of X.509 certificates for use in grid
infrastructures, and implementers of X.509 validation software for grid purposes.
Interoperability for X.509 identity certificates between the issuers of certificates and the
software that interprets them is increasingly more important as the number of participants in
grids that rely on a X.509 certificates grows. It is difficult to predict which particular software
will be used by the parties relying on the certificate, and how this software interprets specific
name forms, attributes, and extensions. This document gives guidance and defines explicit
restrictions on the certificate profile to ensure the certificate is interpreted by the relying party
in the way the issuer intended. It specifies and further restricts the certificate format as
defined in RFC5280 and the X.509 standard.
This document extends the guidance in GFD.125 by specifying additional constraints and
providing further clarification.