This profile for Server Authentication Certificates contains two (2) certificate types:
- Domain Validation TLS Server Authentication Certificates
- Organization Validation TLS Server Authentication Certificates
There are two (2) differences in the certificate profile implementations between Domain Validation and Organization Validation. The differences are in the Subject Identity Information and the Certificate Policies.
| Field or Extension | Domain Validation | Organization Validation |
|---|---|---|
| Subject Identity Information | cn=<one domain name>,c=US | cn=<one domain name>,S=District of Columbia,O=U.S.Government,c=US |
| Certificate Policies | Asserts both the U.S. Government and CAB Forum policy OIDs for Domain Validation | Asserts both the U.S. Government and CAB Forum policy OIDs for Organization Validation |
Below is the full server authentication certificate profile with all fields and extensions.
| Field | Value and Requirements |
|---|---|
| Serial Number | Serial number shall be a unique positive integer with a minimum of 64 bits of entropy generated by a CSPRNG. Serial number shall not exceed 20 bytes in length. Serial numbers shall be non-sequential. |
| Issuer Signature Algorithm | sha256 WithRSAEncryption {1.2.840.113549.1.1.11} |
| Issuer Distinguished Name | Unique X.500 Issuing CA DN as specified in Section 7.1.4 of this CP |
| Validity Period | Validity Period dates shall be encoded as UTCTime for dates through 2049 and GeneralizedTime for dates thereafter Validity Period shall be no longer than 395 days from date of issue. |
| Subject Distinguished Name | Geo-political SDNs: CN (required) shall contain a Fully-Qualified Domain Name that is one of the values contained in the Certificate's subjectAltName extension Organization Name, and State or Province (optional): If present, shall contain both Organization Name, and State or Province. organizationName shall be U.S. Government, and StateorProvince shall be District of Columbia. Country (required) and shall be c=US All other attributes, for the subject field, shall not be included. |
| Subject Public Key Information | Public key algorithm associated with the public key. May be either RSA or Elliptic curve. rsaEncryption {1.2.840.113549.1.1.1} Elliptic curve key {1.2.840.10045.2.1} Parameters: For RSA, parameters field is populated with NULL. For ECC Implicitly specify parameters through an OID associated with a NIST approved curve referenced in 800-78-1: Curve P-256 {1.2.840.10045.3.1.7} Curve P-384 {1.3.132.0.34} Curve P-521 {1.3.132.0.35} For RSA public keys, modulus shall be 2048, 3072, or 4096 bits. Public exponent e shall be an odd positive integer such that 2^16+1 < =e < 2^256-1. |
| Issuer Signature | sha256 WithRSAEncryption {1.2.840.113549.1.1.11} |
| Extension | Required | Critical | Value and Requirements |
|---|---|---|---|
| Authority Key Identifier | Mandatory | False | Octet String Derived using the SHA-1 hash of the Issuer’s public key in accordance with RFC 5280. shall match SKI of issuing CA Certificate |
| basicConstraints | Mandatory | True | cA=False |
| Subject Key Identifier | Mandatory | False | Octet String Derived using SHA-1 hash of the public key in accordance with RFC 5280 |
| Key Usage | Mandatory | True | Required Key Usage: digitalSignature Optional Key Usage: keyEncipherment for RSA Keys keyAgreement for Elliptic Curve Prohibited Key Usage: keyCertSign and cRLSign |
| Extended Key Usage | Mandatory | False | Required Extended Key Usage: Server Authentication id-kp-serverAuth {1.3.6.1.5.5.7.3.1} Optional Extended Key Usage: Client Authentication id-kp-clientAuth {1.3.6.1.5.5.7.3.2} Prohibited Extended Key Usage: anyEKU EKU {2.5.29.37.0} all others |
| Certificate Policies | Mandatory | False | Required Certificate Policy Fields: See Section 7.1.6.4. One US Government certificate policy OID listed in Section 7.1.6.1 asserting compliance with this CP, and one CAB Forum certificate policy OID listed in Section 7.1.6.1 asserting compliance with the CAB Forum Baseline Requirements. Optional Certificate Policy Fields: certificatePolicies:policyQualifiers policyQualifierId id-qt 1 qualifier:cPSuri |
| Subject Alternative Name | Mandatory | False | This extension shall contain at least one entry. Each entry shall be a dNSName containing the Fully-Qualified Domain Name of a server. This extension shall not include any Internal Name values. All entries shall be validated in accordance with Section 3.2.2.4. Underscore characters (“_”) shall not be present in dNSName entries. |
| Authority Information Access | Mandatory | False | Required AIA Fields: OCSP Publicly accessible URI of Issuing CA's OCSP responder accessMethod = {1.3.6.1.5.5.7.48.1} Id-ad-caIssuers Publicly accessible URI of Issuing CA’s certificate accessMethod = {1.3.6.1.5.5.7.48.2} All instances of this access method shall include the HTTP URI name form to specify an HTTP accessible location containing either a single DER encoded certificate, or a BER or DER encoded “certs-only” CMS message as specified in [RFC 5272]. |
| CRL Distribution Points | Optional | False | If included, shall include at least one HTTP URI to the location of a publicly accessible, full and complete CRL. The reasons and cRLIssuer fields shall be omitted. |
| Private Extensions | Optional | False | Only extensions that have context for use on the public Internet are allowed. Private extensions must not cause interoperability issues. CA shall be aware of and defend reason for including in the certificate, and use of Private Extensions shall be approved by the FPKI Policy Authority. |
| Transparency Information | Optional | False | If included, shall include two or more SCTs or inclusion proofs. From RFC 6962, contains one or more "TransItem" structures in a "TransItemList". |