# Signing policy for UK e-Science CA
# This file should be installed in
# /etc/grid-security/certificates
# as <hash>.signing_policy along with
# the CA certificate as <hash>.<digit>
# -- here <hash> is the output of
# openssl x509 -hash -noout -in <certificate>
# and <digit> is the lowest single (decimal)
# digit that makes the file unique (in case
# you have other CA certificates that hash to
# the same value)
access_id_CA      X509         '/C=UK/O=eScience/OU=Authority/CN=CA/Email=ca-operator@grid-support.ac.uk'
pos_rights        globus        CA:sign
cond_subjects     globus     '"/C=UK/O=eScience/*"'
#
access_id_CA      X509         '/C=UK/O=eScience/OU=Authority/CN=CA/emailAddress=ca-operator@grid-support.ac.uk'
pos_rights        globus        CA:sign
cond_subjects     globus     '"/C=UK/O=eScience/*"'