证书策略(“Certificate Policy”)是可标记在数字证书中的,用于体现数字证书所能满足的安全要求。
认证路径长度和证书策略是对信任关系的限制,将其作为约束条件加到谓词逻辑中更好地反映出现实中的信任。
Certification path length and certificate policies are constraints of trust, it is reasonable to add them as conditions to the logic.
本例中我们隐含地信任robert Relyea做了个好的选择,我们也希望Mozilla的内建证书策略对其他的内建证书也是合理的。
In this case, we're implicitly trusting that Robert Relyea made a good choice. We also hope that Mozilla's built-in certificate policy is reasonable for the other built-in certificates.
添加到密匙环的每一个证书都是这个策略的一个例外。
Each certificate added to the key ring is an exception to this policy.
应用推荐