1 | # $Id: d1b603c3.signing_policy,v 1.2 2006/11/24 17:00:35 pmacvsdg Exp $ |
---|
2 | # |
---|
3 | # This file is parsed from start to finish with a given CA and subject |
---|
4 | # name. |
---|
5 | # subject names may include the following wildcard characters: |
---|
6 | # * Matches any number of characters. |
---|
7 | # ? Matches any single character. |
---|
8 | # |
---|
9 | # CA names must be specified (no wildcards). Names containing whitespaces |
---|
10 | # must be included in single quotes, e.g. 'Certification Authority'. |
---|
11 | # Names must not contain new line symbols. |
---|
12 | # The value of condition attribute is represented as a set of regular |
---|
13 | # expressions. Each regular expression must be included in double quotes. |
---|
14 | # |
---|
15 | # This policy file dictates the following policy: |
---|
16 | # |
---|
17 | # The ESnet root CA signs certificates of various entities. |
---|
18 | # |
---|
19 | # Format: |
---|
20 | #------------------------------------------------------------------------ |
---|
21 | # token type | def.authority | value |
---|
22 | #--------------|---------------|----------------------------------------- |
---|
23 | # EACL entry #1| |
---|
24 | |
---|
25 | access_id_CA X509 '/DC=net/DC=ES/O=ESnet/OU=Certificate Authorities/CN=ESnet Root CA 1' |
---|
26 | |
---|
27 | pos_rights globus CA:sign |
---|
28 | |
---|
29 | cond_subjects globus '"/DC=org/DC=DOEGrids/OU=Certificate Authorities/*" "/DC=net/DC=ES/*" "/DC=org/DC=fusiongrid/OU=Certificate Authorities/*"' |
---|
30 | |
---|
31 | # |
---|
32 | # End DOE SG CA Policy |
---|
33 | # |
---|
34 | # $Log: d1b603c3.signing_policy,v $ |
---|
35 | # Revision 1.2 2006/11/24 17:00:35 pmacvsdg |
---|
36 | # Updated ESnet and DOEGrids certs as per Mike signed mail of Nov 9 2006 |
---|
37 | # verified PGP signatures on tar ball using DGs web of trust |
---|
38 | # |
---|
39 | # Revision 1.5 2006/04/20 20:23:16 helm |
---|
40 | # Added fusion grid subdir from mrt, removed misleading doc |
---|
41 | # |
---|
42 | # Revision 1.4 2006/04/20 20:17:22 helm |
---|
43 | # revision change |
---|
44 | # |
---|
45 | # Revision 1.2 2003/05/27 16:29:35 helm |
---|
46 | # Change statement of policy |
---|
47 | # |
---|
48 | # Revision 1.1 2003/05/22 22:38:22 helm |
---|
49 | # *** empty log message *** |
---|
50 | # |
---|
51 | # Revision 1.3 2003/05/03 01:31:42 dhiva |
---|
52 | # Fixed the Subject Name of the ESnet Root CA |
---|
53 | # Modified the access_id_CA and included /O=ESnet |
---|
54 | # |
---|
55 | # Revision 1.2 2003/05/03 01:18:09 dhiva |
---|
56 | # $Id: d1b603c3.signing_policy,v 1.2 2006/11/24 17:00:35 pmacvsdg Exp $ included for all these files |
---|
57 | # |
---|
58 | # Revision 1.1 2003/05/03 01:15:06 dhiva |
---|
59 | # Globus Support Files for pki1.doegrids.org CA |
---|
60 | # |
---|