• About this guide
    • Acronyms
    • Revision information
    • Other documents
    • Documentation feedback
  • Introduction
    • Scope
    • Identification
    • PKI Participants
    • Certificate Usage
    • Policy Administration
    • Definitions
  • Publication and Repository Responsibilities
  • Identification and Authentication
    • Naming
    • Initial Identity Validation
    • Identification and Authentication for Re-Key Requests
    • Identification and Authentication for Revocation Requests
  • Certificate Life-Cycle Operational Requirements
    • Certificate Application
    • Certificate Application Processing
    • Certificate Issuance
    • Certificate Acceptance
    • Key Pair and Certificate Usage
    • Certificate Renewal
    • Certificate Re-Key
    • Certificate Modification
    • Certificate Revocation and Suspension
    • Certificate Status Services
    • End of Subscription
    • Key Escrow and Recovery
  • Management, Operational and Physical Controls
    • Physical Security Controls
    • Procedural Controls for the CA
    • Personnel Controls
    • Audit Logging Procedures
    • Records Archival
    • Key Changeover
    • Compromise and Disaster Recovery
    • CA Termination
  • Technical Security Controls
    • Key Pair Generation
    • Private Key Protection
    • Other Aspects of Key-Pair Management
    • Activation Data
    • Computer Security Controls
    • Life-Cycle Technical Controls
    • Network Security Controls
    • Time-stamping
  • Certificate and CRL Profiles
    • Certificate Profile
      • Version Numbers
      • Certificate Extensions
      • Algorithm Object Identifiers
      • Name Forms
      • Name Constraints
      • Certificate Policy Object Identifier
      • Usage of Policy Constraints Extension
      • Policy Qualifiers Syntax and Semantics
      • Processing Semantics for the Critical Certificate Policy Extension
    • CRL Profile
    • OCSP Profile
  • Compliance Audit and Other Assessment
  • Other Business and Legal Matters
  • Certificate profiles reference
    • Authority profiles
      • Azure Firewall Intermediate CA certificate profile
      • Basic authorities certificate profiles
      • TLS Proxy CA certificate profile
    • Subscriber certificate profiles
      • Active Directory (WSTEP) certificate profiles
      • CMPv2 certificate profiles
      • Code signing certificate profile
      • eSIM certificate profiles
      • EST certificate profiles
      • Intune certificate profiles
      • MDMWS certificate profiles
      • Mobile device certificate profile
      • Multiuse certificate profiles
      • Private SSL (ACMEv2) certificate profiles
      • S/MIME Secure Email certificate profiles
      • SCEP certificate profiles
      • Smartcard certificate profiles
      • V2G certificate profiles