CCMS policies
A set of requirements defining the operation of the CCMS. This may include both machine and human-interpretable content, describing various aspects of CCMS operations including identification and authentication methods of entities performing PKI roles (e.g., electors, certificate authorities), minimum security-related requirements for each role (e.g., personnel controls, network security controls etc.), definition of operational practices related to registration of new and de-registration of old certificates, specification of the certificate trust list (CTL) format and lifecycle management, management of the revocation of trust, and management of distributed credentials (e.g., lifecycle of enrollment, authorization certificates).