The IPRA certifies only PCAs, not CAs or users. Each PCA must file with the IPRA a description of its proposed policy. This document will be published as an informational RFC. A copy of the document, signed by the IPRA (in the form of a PEM MIC-ONLY message) will be made available via electronic mail access by the IPRA. This convention is adopted so that every Internet user has a reference point for determining the policies associated with the issuance of any certificate which he may encounter. The existence of a digitally signed copy of the document ensures the immutability of the document. Authorization of a PCA to operate in the Internet hierarchy is signified by the publication of the policy document, and the issuance of a certificate to the PCA, signed by the IPRA. An outline for PCA policy statements is contained in Section 3.4.3 of this document.
As part of registration, each PCA will be required to execute a legal agreement with the IPRA, and to pay a fee to defray the costs of operating the IPRA. Each a PCA must specify its distinguished name. The IPRA will take reasonable precautions to ensure that the distinguished name claimed by a PCA is legitimate, e.g., requiring the PCA to provide documentation supporting its claim to a DN. However, the certification of a PCA by the IPRA does not constitute a endorsement of the PCA's claim to this DN outside of the context of this certification system.