Comparison of Certificate Policies for Merging Public Key Infrastructures during Merger and Acquisition of Companies

TL;DR

This paper presents a method to compare and assess certificate policies in PKIs to facilitate merging companies' infrastructures during mergers and acquisitions.

Contribution

It introduces a systematic approach for evaluating certificate policies to determine compatibility during PKI mergers in corporate acquisitions.

Findings

Provides a comparison framework for certificate policies

Identifies compatibility issues in PKI merging scenarios

Enhances understanding of policy alignment during mergers

Abstract

The Public Key Infrastructure(PKI) provides facilities for data encryption, digital signature and time stamping. It is a system where different authorities verify and authenticate the validity of each participant with the use of digital certificates. A Certificate Policy (CP) is a named set of rules and it indicates the applicability of a certificate in a Public Key Infrastructure. Sometimes two companies or organizations with different PKIs merge. Therefore it would be necessary that their PKIs are also able to merge. Sometimes, the unification of different PKIs is not possible because of the different certificate policies. This paper presents a method to compare and assess certificate policies during merger and acquisition of companies.