Merge pull request #1206 from GSA/1113-FPKIpolicy-Updates

1113 fpki policy updates
GSA · Nov 14, 2024 · cebc44e · cebc44e
2 parents e145d73 + faf39a8
commit cebc44e
Show file tree

Hide file tree

Showing 15 changed files with 71 additions and 2 deletions.
diff --git a/_data/fpkidocs.yml b/_data/fpkidocs.yml
@@ -7,6 +7,75 @@
 # 
 # Used on: https://www.idmanagement.gov/fpki/
 
+- category: Common Profile
+  numberProposal: 2.2
+  name: Common Policy X.509 Certificate and Certificate Revocation List (CRL) Profiles v2.2
+  date: 9/30/2022
+  url: /docs/archived/fpki-common-profile-22.pdf
+  status: post
+  remove: 10/25/2027
+
+- category: Common Certificate Policy
+  numberProposal: 2.8
+  name: X.509 Certificate Policy For The U.S. FPKI Common Policy Framework v2.8
+  date: 10/25/2024
+  url: /docs/archived/fpki-x509-cert-policy-common-28.pdf
+  status: post
+  remove: 10/25/2027
+
+- category: Common Change Proposal
+  numberProposal: 2024-06
+  name: Proposal 2024-06 | Modify role-based certificate requirements for delegated digital signature uses
+  description: Add requirements around role-based certificates that can be used to support delegated digital signatures that convey the authority of a given role to specific delegates.
+  date: 10/16/2024
+  url: /docs/archived/fpki-common-cp-2406.pdf
+  status: post
+  remove: 10/16/2027
+
+- category: Common Change Proposal
+  numberProposal: 2024-07
+  name: Proposal 2024-07 | Trusted Agent and Key Recovery Role/Responsibility Clarifications 
+  description: Clarify the description of the trusted agent role in order to ensure that it is not confused with a standard trusted roles and thus does not require an equivalent background investigation. Additionally, clarify seemingly conflicting policy language regarding Key Recovery Officials (KROs) and Third Party Key Recovery Requestors to include their responsibilities. 
+  date: 10/25/2024
+  url: /docs/archived/fpki-common-cp-2407.pdf
+  status: post
+  remove: 10/25/2027
+
+- category: Common Change Proposal
+  numberProposal: 2024-08
+  name: Proposal 2024-08 | Clarifications on Private Key Recovery Storage and Private Key Activation 
+  description: Clarify the key storage requirements for Third-Party recovery of PIV key management keys that were originally issued to subscribers asserting common-hardware policies. Additionally, clarify requirements for securely recording private key activation data.
+  date: 10/25/2024
+  url: /docs/archived/fpki-common-cp-2408.pdf
+  status: post
+  remove: 10/25/2027
+
+- category: Federal Bridge Certificate Policy
+  numberProposal: 3.5
+  name: X.509 Certificate Policy For The Federal Bridge CA (FBCA) v3.5
+  date: 10/25/2024
+  url: /docs/archived/fpki-x509-cert-policy-fbca-35.pdf
+  status: post
+  remove: 10/25/2027
+
+- category: Federal Bridge Change Proposal
+  numberProposal: 2024-09
+  name: Proposal 2024-09 | Trusted Agent and Key Recovery Role/Responsibility Clarifications 
+  description: Clarify the description of the trusted agent role in order to ensure that it is not confused with a standard trusted roles and thus does not require an equivalent background investigation. Additionally, clarify seemingly conflicting policy language regarding Key Recovery Officials (KROs) and Third Party Key Recovery Requestors to include their responsibilities.
+  date: 10/25/2024
+  url: /docs/archived/fpki-fbca-cp-2409.pdf
+  status: post
+  remove: 10/25/2027
+
+- category: Federal Bridge Change Proposal
+  numberProposal: 2024-10
+  name: Proposal 2024-10 | Clarifications on Private Key Recovery Storage and Private Key Activation 
+  description: Clarify the key storage requirements for Third-Party recovery of PIV key management keys that were originally issued to subscribers asserting common-hardware policies. Additionally, clarify requirements for securely recording private key activation data.
+  date: 10/25/2024
+  url: /docs/archived/fpki-fbca-cp-2410.pdf
+  status: post
+  remove: 10/25/2027
+
 - category: FPKIMA Audit Letter
   numberProposal: 2023
   name: FPKIMA Audit Letter 2023

diff --git a/_ficampmo/fpki.md b/_ficampmo/fpki.md
@@ -43,8 +43,8 @@ The [FPKI Policy Authority (FPKIPA)]({{site.baseurl}}/ficam/#federal-public-key-
 
 |Federal PKI Policy | Policy Name | Profile | Change Proposals |
 | -------------- | ----------- | ------- | ---------------- |
-| Federal Common Policy | [X.509 Certificate Policy for the U.S. FPKI Common Policy Framework v2.8]({{site.baseurl}}/docs/fpki-x509-cert-policy-common.pdf){:target="_blank"}{:rel="noopener noreferrer"} | [Common Policy X.509 Certificate and CRL Profiles v2.2]({{site.baseurl}}/docs/fpki-x509-cert-profile-common.pdf){:target="_blank"}{:rel="noopener noreferrer"}  | [Common Change Proposals]({{site.baseurl}}/fpki/#federal-pki-document-archive) |
-| Federal Bridge | [X.509 Certificate Policy for the Federal Bridge Certification Authority (FBCA) v3.5]({{site.baseurl}}/docs/fpki-x509-cert-policy-fbca.pdf){:target="_blank"}{:rel="noopener noreferrer"} <br><br> and [PIV-I for Federal Agencies]({{site.baseurl}}/university/pivi/){:target="_blank"}{:rel="noopener noreferrer"} | [Federal Bridge Certification Authority (FBCA) X.509 Certificate and CRL Extensions Profile v2.0]({{site.baseurl}}/docs/fpki-x509-cert-profiles-fbca.pdf){:target="_blank"}{:rel="noopener noreferrer"} | [Bridge Change Proposals]({{site.baseurl}}/fpki/#federal-pki-document-archive) |
+| Federal Common Policy | [X.509 Certificate Policy for the U.S. FPKI Common Policy Framework v2.9]({{site.baseurl}}/docs/fpki-x509-cert-policy-common.pdf){:target="_blank"}{:rel="noopener noreferrer"} | [Common Policy X.509 Certificate and CRL Profiles v2.3]({{site.baseurl}}/docs/fpki-x509-cert-profile-common.pdf){:target="_blank"}{:rel="noopener noreferrer"}  | [Common Change Proposals]({{site.baseurl}}/fpki/#federal-pki-document-archive) |
+| Federal Bridge | [X.509 Certificate Policy for the Federal Bridge Certification Authority (FBCA) v3.6]({{site.baseurl}}/docs/fpki-x509-cert-policy-fbca.pdf){:target="_blank"}{:rel="noopener noreferrer"} <br><br> and [PIV-I for Federal Agencies]({{site.baseurl}}/university/pivi/){:target="_blank"}{:rel="noopener noreferrer"} | [Federal Bridge Certification Authority (FBCA) X.509 Certificate and CRL Extensions Profile v2.0]({{site.baseurl}}/docs/fpki-x509-cert-profiles-fbca.pdf){:target="_blank"}{:rel="noopener noreferrer"} | [Bridge Change Proposals]({{site.baseurl}}/fpki/#federal-pki-document-archive) |
 | Federal Public Trust TLS | [U.S. Federal Public Trust TLS PKI Certificate Policy v1.1]({{site.baseurl}}/docs/us-federal-public-trust-tls-cp.pdf){:target="_blank"}{:rel="noopener noreferrer"} | Profiles are included in Section 7 of the Policy | No change proposals |
 
 The FPKI has the following supplementary guidance:

diff --git a/docs/archived/fpki-common-cp-2406.pdf b/docs/archived/fpki-common-cp-2406.pdf
diff --git a/docs/archived/fpki-common-cp-2407.pdf b/docs/archived/fpki-common-cp-2407.pdf
diff --git a/docs/archived/fpki-common-cp-2408.pdf b/docs/archived/fpki-common-cp-2408.pdf
diff --git a/docs/archived/fpki-common-profile-22.pdf b/docs/archived/fpki-common-profile-22.pdf
diff --git a/docs/archived/fpki-fbca-cp-2409.pdf b/docs/archived/fpki-fbca-cp-2409.pdf
diff --git a/docs/archived/fpki-fbca-cp-2410.pdf b/docs/archived/fpki-fbca-cp-2410.pdf
diff --git a/docs/archived/fpki-x509-cert-policy-common-28.pdf b/docs/archived/fpki-x509-cert-policy-common-28.pdf
diff --git a/docs/archived/fpki-x509-cert-policy-fbca-35.pdf b/docs/archived/fpki-x509-cert-policy-fbca-35.pdf
diff --git a/docs/fpki-x509-cert-policy-common.docx b/docs/fpki-x509-cert-policy-common.docx
diff --git a/docs/fpki-x509-cert-policy-common.pdf b/docs/fpki-x509-cert-policy-common.pdf
diff --git a/docs/fpki-x509-cert-policy-fbca.docx b/docs/fpki-x509-cert-policy-fbca.docx
diff --git a/docs/fpki-x509-cert-policy-fbca.pdf b/docs/fpki-x509-cert-policy-fbca.pdf
diff --git a/docs/fpki-x509-cert-profile-common.pdf b/docs/fpki-x509-cert-profile-common.pdf