The IETF PKIX4 "Framework" by Santosh Chokhani of CygnaCom Solutions, Inc. and Warwick Ford of VeriSign, is a concise list of technical and legal issues giving rise to specific certificate policy statements.  In analyzing the universe of potential certificate policies, the issues in the the Framework can be thought of as Rows which intersect Columns representing variables presented by different PKIs. 

---

  March 1999 - RFC 2527 containing the IETF PKIX4 Framework;  April 25, 1998 draft of the IETF PKIX4 "Framework" by Santosh

March 25, 1999 Revised Drafts by Gary Stoneburner of NIST, of Two Protection Profiles under Common Criteria - v 0.5 "CS2 - Protection Profile Guidance for near-term COTS",  and v 0.1 "CS2-Protection Profile for near-term COTS Operating Systems"

  March 1999 - RFC 2527 containing the IETF PKIX4 Framework;  April 25, 1998 draft of the IETF PKIX4 "Framework" by Santosh Chokhani of Cygnacom Solutions and Warwick Ford of VeriSign, Inc..

Jan 98 - "Delta Certificate Policies to Fulfill Specific Application Requirements -- or how to eliminate the proliferation of distinct certificate policies,"  an elegant paper by veteran PKI consultant J.F. Sauriol of Labcal Technologies, Inc. in Quebec,simple enough to be understood by a PKI novice, explaining how certificate policies can be designed by incremental changes without re-inventing the wheel.  Includes a concise and readable summary of the IETF PKIX4 Framework by Santosh Chokhani and Warwick Ford.   (Copyright 1998 Labcal Technologies, Inc., All Rights Reserved. By Permission). Francois Marinier, J.F. Sauriol, and David Cramm of Labcal are all active in the ABA Information Security Committee PKI Accreditation WorkGroup.