[197] | 1 | # $Id: 1c3f2ca8.signing_policy,v 1.2 2006/11/24 17:00:35 pmacvsdg Exp $ |
---|
| 2 | |
---|
| 3 | # ca-signing-policy.conf, see ca-signing-policy.doc for more information |
---|
| 4 | # |
---|
| 5 | # This is the configuration file describing the policy for what CAs are |
---|
| 6 | # allowed to sign whoses certificates. |
---|
| 7 | # |
---|
| 8 | # This file is parsed from start to finish with a given CA and subject |
---|
| 9 | # name. |
---|
| 10 | # subject names may include the following wildcard characters: |
---|
| 11 | # * Matches any number of characters. |
---|
| 12 | # ? Matches any single character. |
---|
| 13 | # |
---|
| 14 | # CA names must be specified (no wildcards). Names containing whitespaces |
---|
| 15 | # must be included in single quotes, e.g. 'Certification Authority'. |
---|
| 16 | # Names must not contain new line symbols. |
---|
| 17 | # The value of condition attribute is represented as a set of regular |
---|
| 18 | # expressions. Each regular expression must be included in double quotes. |
---|
| 19 | # |
---|
| 20 | # This policy file dictates the following policy: |
---|
| 21 | # |
---|
| 22 | # The DOEGrids CA signs certificates for doegrids.org |
---|
| 23 | # |
---|
| 24 | # Format: |
---|
| 25 | #------------------------------------------------------------------------ |
---|
| 26 | # token type | def.authority | value |
---|
| 27 | #--------------|---------------|----------------------------------------- |
---|
| 28 | # EACL entry #1| |
---|
| 29 | |
---|
| 30 | access_id_CA X509 '/DC=org/DC=DOEGrids/OU=Certificate Authorities/CN=DOEGrids CA 1' |
---|
| 31 | |
---|
| 32 | pos_rights globus CA:sign |
---|
| 33 | |
---|
| 34 | cond_subjects globus '"/DC=org/DC=DOEGrids/*" "/DC=org/DC=doegrids/*" "/O=DOEGrids.org/*" "/O=doegrids.org/*"' |
---|
| 35 | |
---|
| 36 | |
---|
| 37 | # |
---|
| 38 | # End DOE SG CA Policy |
---|
| 39 | # |
---|
| 40 | # $Log: 1c3f2ca8.signing_policy,v $ |
---|
| 41 | # Revision 1.2 2006/11/24 17:00:35 pmacvsdg |
---|
| 42 | # Updated ESnet and DOEGrids certs as per Mike signed mail of Nov 9 2006 |
---|
| 43 | # verified PGP signatures on tar ball using DGs web of trust |
---|
| 44 | # |
---|
| 45 | # Revision 1.3 2006/08/23 23:07:04 dhiva |
---|
| 46 | # updated with doesciencegrid string removal |
---|
| 47 | # |
---|
| 48 | # Revision 1.2 2003/05/27 16:29:35 helm |
---|
| 49 | # Change statement of policy |
---|
| 50 | # |
---|
| 51 | # Revision 1.1 2003/05/22 22:38:21 helm |
---|
| 52 | # *** empty log message *** |
---|
| 53 | # |
---|
| 54 | # Revision 1.4 2003/05/09 22:21:39 helm |
---|
| 55 | # doegrids |
---|
| 56 | # |
---|
| 57 | # Revision 1.3 2003/05/03 01:29:50 dhiva |
---|
| 58 | # modified the cond_subject |
---|
| 59 | # from /DC=/DOEGrids |
---|
| 60 | # to /DC=DOEGrids |
---|
| 61 | # |
---|
| 62 | # Revision 1.2 2003/05/03 01:16:38 dhiva |
---|
| 63 | # $Id: 1c3f2ca8.signing_policy,v 1.2 2006/11/24 17:00:35 pmacvsdg Exp $ Included |
---|
| 64 | # |
---|
| 65 | # Revision 1.1 2003/05/03 01:15:05 dhiva |
---|
| 66 | # Globus Support Files for pki1.doegrids.org CA |
---|
| 67 | # |
---|