Here you can find the Certificate Guideline (CP) and the Declaration on the Certificate Operation (CPS) of Commerzbank Inhouse CA. Information on the QuoVadis Trust Center is not filed here and should be obtained directly from QuoVadis.
The term “Certificate Policy” (CP) is defined in the X.509 standard and means the whole set of rules and specifications, which define the applicability of a certificate type. The aim of a Certificate Policy is discussed in detail in RFC 3647 („Certificate Policy and Certification Practices Framework“). The CP helps the certificate user in deciding if a certain certificate or application can be trusted.A CP should explain:
The concept of a “Certification Practice Statement (CPS)” was developed by the American Bar Association (ABA) and is quoted in their Digital Signature Guidelines (ABA Guidelines). The CPS is a detailed description of the certification operations of the organization. For this reason, organizations running one or more certification authorities, usually also provide a cps. As part of a company-wide PKI, the CPS is an adequate means for organizations to protect themselves, as well as to illustrate commercial transactions with certificate owners and trusting parties.