This repository and information will soon be put in a public archive. Existing documents are moved to https://www.idmanagement.gov/governance/fpkiarchive/.
New documents will post to https://www.idmanagement.gov/governance/fpkiaudit/
The website https://devicepki.idmanagement.gov/ will redirect to https://www.idmanagement.gov/governance/fpkiaudit/ around May 2023.
This repository is for the open development of an x509 Certificate Policy for the US Federal Government. This repository supports the efforts to establish a new Public Trust Device Root and an issuing certification authority infrastructure focused on .gov and .mil websites.
For information on US Federal Executive Branch policy for websites and HTTPS, please review the Memorandum 15-13 HTTPS Everywhere documentation. (https://https.cio.gov).
The scope of the effort includes:
- TLS certificates only
- Webservices on the Internet
- Certificate Transparency (CT)
- No Name Redaction
- Name Constraints for .gov and .mil
This repository supports the development and version control for the Certificate Policy and Certificate Profiles, and the distribution of the policy and profiles digitally on a website. The Certificate Policy and Certificate Profiles are located in this top folder. All other folders contain information for the website.
Certificate profiles:
- Self-Signed Root CA Certificate Profile
- Intermediate or Subordinate CA Certificate Profile
- Server Authentication Certificate Profile
- Delegated OCSP Responder Certificate Profile
Profiles for the OCSP Responses and the Certificate Revocation Lists.
For information on how to contribute to the site, review How to Comment. The source repository exists here.
Direct changes and line edits to the content may be submitted through a pull request or by opening Issues for discussion. You do not need to install any software to submit content.
This repository is for open and transparent public reviews and contributions. The General Services Administration is supporting this effort and maintains the repository for the US Federal Government.
Please contact lachelle.levan at gsa dot gov with questions.
This work is based on the CA/Browser Forum Baseline Requirements, which is licensed under the Creative Commons Attribution 4.0 International License.
All contributions to this project waive copyright and related rights in the work worldwide through the CC0 1.0 Universal public domain dedication. Any original contributions by United States government employees are automatically in the public domain within the United States.
As stated in CONTRIBUTING:
All contributions to this project will be released into the public domain worldwide through the CC0 1.0 Universal public domain dedication.
By submitting a pull request, you are agreeing to comply with this waiver of copyright interest.