---
title: Policies
framework: security
role: collectionGroup
role_heading: API Collection
path: security/policies
---

# Policies

Obtain policies for establishing trust.

## Overview

Overview For a certificate that is deemed intact and valid (because the chain of signatures is unbroken back to a trusted root certificate), you evaluate it against a set of rules known as a trust policy. The policy indicates how particular fields or extensions of a certificate affect whether it should be trusted for a particular use. For example, the policy may state that a certificate must not be expired or must be marked as valid for encryption, code signing, or some other specific purpose. Usually you use a standard, predefined policy, such as the basic X509 policy or the SSL policy. You can also create custom policies with the certificate, key, and trust services API.

## Topics

### Standard Policies

- [SecPolicyCreateBasicX509()](security/secpolicycreatebasicx509().md)
- [SecPolicyCreateSSL(_:_:)](security/secpolicycreatessl(_:_:).md)
- [SecPolicyCreateRevocation(_:)](security/secpolicycreaterevocation(_:).md)
- [Revocation Policy Constants](security/revocation-policy-constants.md)
- [SecPolicy](security/secpolicy.md)
- [SecPolicyGetTypeID()](security/secpolicygettypeid().md)

### Advanced Policy Management

- [SecPolicyCreateWithProperties(_:_:)](security/secpolicycreatewithproperties(_:_:).md)
- [SecPolicyCopyProperties(_:)](security/secpolicycopyproperties(_:).md)
- [Security Policy Keys](security/security-policy-keys.md)
- [Standard Policies for Specific Certificate Types](security/standard-policies-for-specific-certificate-types.md)

### Legacy Symbols

- [SecPolicySearch](security/secpolicysearch.md)