source: branches/irods-mockup/certs/NERSC-SLCS.signing_policy @ 197

Revision 197, 1.5 KB checked in by mmamonski, 11 years ago (diff)

certs in main dir - used by make linux dist

Line 
1# $Id: b93d6240.signing_policy,v 1.1 2009/01/10 01:15:56 pmacvsmh Exp $
2# Based-on-Id: 1c3f2ca8.signing_policy,v 1.2 2003/05/27 16:29:35 helm Exp $
3
4# ca-signing-policy.conf, see ca-signing-policy.doc for more information
5#
6# This is the configuration file describing the policy for what CAs are
7# allowed to sign whoses certificates.
8#
9# This file is parsed from start to finish with a given CA and subject
10# name.
11# subject names may include the following wildcard characters:
12#    *    Matches any number of characters.
13#    ?    Matches any single character.
14#
15# CA names must be specified (no wildcards). Names containing whitespaces
16# must be included in single quotes, e.g. 'Certification Authority'.
17# Names must not contain new line symbols.
18# The value of condition attribute is represented as a set of regular
19# expressions. Each regular expression must be included in double quotes. 
20#
21# This policy file dictates the following policy:
22#
23#  The  NERSC Online SLCS CA signs certificates in the NERSC domain
24#
25# Format:
26#------------------------------------------------------------------------
27#  token type  | def.authority |                value             
28#--------------|---------------|-----------------------------------------
29# EACL entry #1|
30
31 access_id_CA      X509         '/DC=net/DC=ES/OU=Certificate Authorities/CN=NERSC Online CA'
32 
33 pos_rights        globus        CA:sign
34 
35 cond_subjects     globus       '"/DC=gov/DC=nersc/*"'
36
37
38#
39# End NERSC Online CA Policy
Note: See TracBrowser for help on using the repository browser.