Columbia University Certificate Authority Practice Statement (draft)

Last updated: August 25, 2000.

This is a draft, to be used for advisory purposes only.

Contents:

The Columbia CA Hierarchy
Standards and Protocols Used by the COD CA
Services provided by the COD CA
Key Management
Certificate Revocation
Contact information
DISCLAIMER

The Columbia CA Hierarchy

The Columbia CA consists of two Root CAs which issue certificates. One, the 'Columbia University Certificate Authority', grants long-term certificates to servers. The other, the 'Columbia University COD CA', grants short-term certificates to endusers.

Standards and Protocols Used by the COD CA

The Columbia COD CA issues certificates in compliance with the X509 specifications. The certificate bearer's private key is expected to be an RSA key. We expect to support other cryptographic protocols (DSA?) in the future.

Services provided

The Columbia COD CA Provides the following services:

Issuance of certificates

Certificates are provided only for the following purposes:

for verification by a third party provider of a service to which a member of the Columbia University community wishes to gain access; these certificates are short-lived (at most 1 hour) and should be treated as valid proof of identity for one transaction only

These services are available only to members of the Columbia community and for third party providers with whom we have made previous arrangements. If you wish to discuss an arragement of this sort, please see the contact information below.

Key Management

These certificates are never seen by the end-user and the private key is discarded immediately upon creation. These certificates should not be relied up for signing or for any other purpose than the one described above.

Certificate Revocation

Since these certificates are not linked to stored private keys and since they are good for one-time use only, there is no need for a revocation procedure.

Contact information

You may send any queries to cert-auth@columbia.edu. If you have urgent questions that cannot wait for email, you may call Ariel Glenn at 212-854-9492.

If you have general questions about the Web, please contact webmaster@columbia.edu.

DISCLAIMER

COLUMBIA MAKES NO REPRESENTATIONS OR WARRANTIES, EXPRESS OR IMPLIED, WITH RESPECT TO THESE SERVICES, INCLUDING ANY WARRANTIES OF TITLE, NONINFRINGEMENT OF COPYRIGHT OR PATENT RIGHTS OF OTHERS, MERCHANTABILITY, OR FITNESS OR SUITABILITY FOR ANY PURPOSE.