The purpose of the DOE Science Grid CA is to issue certificates for other DOE Lab's Science Grid CAs. It is not the current intent to issue identity certificates for individuals, servers, or services (that is, end entities). Such certificates should be issued by the applicant's institution. However, exceptions and applications that lie outside this model will be considered on a case-by-case basis.

Until a formal policy is developed in the DoE Science Grid, certificates will be issued based on completion of the certificate signing request enrollment forms

https://doegrid.es.net Certificate Manager Enrollment

and an interview to verify identity.

We currently make no claims and have no requirements for CA certificate content (including subject name and extensions), other than Basic Constraints for CA's.

ESnet considers this an experimental service at this time. The responsibility for the use of these certificates lies solely with the relying party. ESnet disclaims all responsibility for misuse, authenticity, or disputes about the appropriateness of any certificate signed by this service.

These conditions are subject to change without notice and have not been vetted by the legal staff. Therefore at this time they should read as a statement of intent only.

Contact: Michael Helm (ESnet)