Dashboard > openOSI Object Identifier name space > ... > >
  openOSI Object Identifier name space Log In   View a printable version of the current page.
Added by Jose REMY, last edited by Jose REMY on Sep 21, 2007

( DESC 'law' )

Governing law for common certificate practice statements

This object identifier (OID) describes governing law for common certification practices statement.

ASN1 notation: {iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) openosi(27630) cps(1) common(0) legal(9) law(14) }
URN notation: urn:oid:
IETF DOT notation:
BNF notation (RFC822 Backus-Naur form): ( DESC 'law' )
Description:  Common certificate practice statements - LAW

This document identifies and introduces the set of provisions, and indicates the types of entities and applications for which this CP / CPS is targeted.

Governing law for Certificate policy of openOSI Certification authority (CA)

This Certificate Policy (CP) indicates governing law of openOSI identity services using digital keys (X.509 certificates):


This openOSI CP is consistent with the Internet Engineering Task Force (IETF) Public Key Infrastructure X.509 (IETF PKIX) RFC 3647, Certificate Policy and Certification Practices Framework. Parts of this document are also inspired by FBCA (US Federal Bridge Certification Authority) certificate policy although openOSI don't assert any FBCA CP OID except in policy mapping extensions.

Governing law for Certification practices statement of openOSI Certification authority (CA)

This Certification practices statement (CPS) defines five certificate's profile. They help the user to determine the level of trust that its organization or given services can put in the certificates that are issued from openOSI CA inheriting this OID. For each of its four level of assurance (Basic, CLOUD, INTERMEDIATE, HIGH) openOSI define five certificate profile (for persons, for virtual persons, for hosts, for software or appliance services, for software code). For each certificate profile there is an appropriate process for enforcing business and law matters corresponding to the level of assurance.

In addition to European and French law, openOSI services meet US federal laws mainly concerning children and health information.

openOSI services are not targeted to children, It is parent's responsibility to check further usage of certificates that children may obtain from openOSI.

openOSI services are not targeted to personal health information, although openOSI credentials (certificates) may be used to encrypt, store and access medical information in personal space of portals. openOSI cannot access personal data, safely stored in openOSI certificate's protected personal space. Access to these data is granted by and under the responsibility of the owner of the data.

For its directories openOSI ensure the appropriate authorization level based on the following rules:

  • Entry creation by openOSI with data submitted by an entity in the frame of a given level of assurance
  • Verification by openOSI of the set or subset of data regarding required level of assurance
    • Verified data are authentified by openOSI
    • Other data are considered optional, they are not authentified and are published for convenience
  • Initialization of administrator and "owner only" write/execute rights
    • Administrator updates entry's authentified subset of data
    • Entity updates other published data
    • Entity cannot update its authentified subset of data
  • Anonymous read rights are granted on the entry, although search list are not allowed
    • To read an entry, exact searched identification (CN and UID) MUST be provided
    • If partial searched identification is provided directory returns 0 or 1 entry


With this OID, the aim of openOSI is to publish governing law for its certificate policy common statements that are inherited by the following OID. In addition this common OID may be refined by a child of same following OID :


The usage of this common certificate policy is to be a single point of reference for others openOSI CP/CPS OID. This OID can be used by anyone under an LGPL license if corresponding policy is enforced.

Applicable law

See also [[] which relates to the protection of personally identifiable private information of certificate applicants, subscribers, and other participants. See also [[] which relates to stated requirements that participants comply with applicable law, for example, laws relating to cryptographic hardware and software. See also [[] which relates to the time period in which a CP or a CPS remains in force and the circumstances under which the document can be terminated and is therefore erased.

XML format

	<asn1-notation>{iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) openosi(27630) cps(1) common(0) law(1)}</asn1-notation>
	<description> Law for Certificate policy with Common certification practices statement </description>
	<information>More <i>information</i> can be found in <a href="http://openosi.org/osi/display/oid/">openOSI law for common CP/CPS</a> </information>

Site powered by a free Open Source Project / Non-profit License (more) of Confluence - the Enterprise wiki.
Learn more or evaluate Confluence for your organisation.
Powered by Atlassian Confluence, the Enterprise Wiki. (Version: 2.4.2 Build:#703 Mar 12, 2007) - Bug/feature request - Contact Administrators