1.6 Definitions and acronyms

1.6.1 Definitions

• ACME Protocol
  • A protocol used for validation, issuance, and management of certificates. The protocol is an open standard managed by the IETF.
• Applicant
  • An entity applying for a certificate.
• Baseline Requirements
  • A document published by the CAB Forum which outlines minimum requirements for publicly trusted Certificate Authorities.
• CAB Forum
  • Certificate Authority / Browser Forum, a group a CAs and browsers which come together to discuss technical and policy issues related to PKI systems. (https://cabforum.org/)
• Certificate Problem Report
  • Complaint of suspected Key Compromise, Certificate misuse, or other types of fraud, compromise, misuse, or inappropriate conduct related to Certificates.
• Certificate Repository
  • A repository of information about ISRG certificates. It is located at: https://letsencrypt.org/certificates/
• Cross Certificate
  • A certificate that is used to establish a trust relationship between two Root CAs.
• Policy and Legal Repository
  • A repository of policy and legal documents related to the ISRG PKI. It is located at: https://letsencrypt.org/repository/
• Key Pair
  • A Private Key and its associated Public Key.
• Private Key
  • The key in a Key Pair that must be kept secret. Used to create digital signatures that can be verified by the corresponding Public Key or to decrypt messages encrypted by the corresponding Public Key.
• Public Key
  • The only key in a Key Pair that can safely be publicly disclosed. Used by Relying Parties to verify digital signatures from the corresponding private key or to encrypt messages that can only be decrypted by the corresponding private key.
• Relying Party
  • An entity that relies upon information contained within certificates issued by ISRG PKI services.
• Root CA
  • The top-level Certification Authority whose Root Certificate is distributed by Application Software Suppliers and that issues Subordinate CA Certificates.
• Subscriber
  • An entity that has agreed to a Subscriber Agreement and is using ISRG PKI services.
• Trusted Contributor
  • A contributor who performs in a Trusted Role. Trusted Contributors may be employees, contractors, or community members. Trusted Contributors must be properly trained and qualified, and have the proper legal obligations in place before performing in a Trusted Role.
• Trusted Role
  • A role which qualifies a person to access or modify ISRG PKI systems, infrastructure, and confidential information.

1.6.2 Acronyms

• ACME
  • Automated Certificate Management Environment
• BRs
  • Baseline Requirements
• CA
  • Certificate Authority
• CAA
  • Certificate Authority Authorization
• CP
  • Certificate Policy
• CPS
  • Certification Practice Statement
• DV
  • Domain Validation
• FQDN
  • Fully Qualified Domain Name
• HSM
  • Hardware Security Module
• IDN
  • Internationalized Domain Name
• IP
  • Internet Protocol
• ISRG
  • Internet Security Research Group
• PKI
  • Public Key Infrastructure
• PMA
  • Policy Management Authority
• RA
  • Registration Authority
• SAN
  • Subject Alternative Name
• TLD
  • Top Level Domain

1.6.3 References

No references defined at this time.

1.6.4 Conventions

Terms not otherwise defined in this CP shall be as defined in applicable agreements, user manuals, Certificate Policies and Certification Practice Statements, of the CA.

The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this CP shall be interpreted in accordance with RFC 2119.