Page de signatures électroniques / Electronic Signatures Page

Size: px
Start display at page:

Download "Page de signatures électroniques / Electronic Signatures Page"

Transcription

1 Page de signatures électroniques / Electronic Signatures Page Information Documentaire / Document Information Titre / Title : Auteur / Author : Reference : This document has been digitally signed and timestamped. To verify signatures validity, please refer to procedure and tools available on web site By default, signatures validity is unknown. The? icon is present on each signature. After verification, the? icon disappears if signature is valid. Last product update: july Tous droits réservés Thales Alenia Space All rights reserved

2 Page laissée blanche intentionnellement Blank page intentionally left Tous droits réservés Thales Alenia Space All rights reserved

3 01/07/2006 ISSUE : 02 PAGE : 1 Total Pages : 52 THALES ALENIA SPACE CENTRALIZED SIGNATURE: CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Rédigé par/written by E. GENOTELLE Approbation/Approved TAS PKI Manager Responsabilité-Service-Société Responsibility-Office-Company E. BOURDEAU IS/ES R. ROSSIGNOL IS/IT Security PL. NAUT IS/ES/PS G. MAIONE Quality Entité Emettrice : DSI / SI/P (détentrice de l original) : GED LA TRACE DE VALIDATION EST DONNEE PAR LE WORKFLOW GED

4 ISSUE : 02 PAGE : 2 ENREGISTREMENT DES EVOLUTIONS / CHANGE RECORDS ISSUE DATE : DESCRIPTION DES EVOLUTIONS : CHANGE RECORD REDACTEUR AUTHOR 01 10/12/2004 First issue Genotelle 02 01/07/2006 Taking into account Thales Alenia Space organization Genotelle Certificate hash algorithm is now SHA-1 03 Thales Alenia Space H. DERREY

5 ISSUE : 02 PAGE : 3 TABLE DES MATIERES / TABLE OF CONTENTS 1. OBJET / OBJECT DOMAINE D'APPLICATION / APPLICABILITY TERMINOLOGIE ET DOCUMENTATION / TERMINOLOGY AND DOCUMENTATION DOCUMENTS APPLICABLES / APPLICABLE DOCUMENTS DOCUMENTS DE REFERENCE / REFERENCE DOCUMENTS TERMINOLOGIE / TERMINOLOGY ABREVIATIONS / ABBREVIATIONS CONVENTIONS INTRODUCTION OVERVIEW NEEDS AND CONSTRAINTS OVERVIEW TASCS PRINCIPLES ET ARCHITECTURE OVERVIEW IDENTIFICATION COMMUNITY AND APPLICABILITY Certification authorities Registration authorities End entities Applicability CONTACT DETAILS Specification administration organization Contact person Person determining CPS suitability for the policy GENERAL PROVISIONS [PROV] OBLIGATIONS CA obligations RA obligations Subscriber obligations Relying party obligations Repository obligations TASCS Service obligations LIABILITY CA liability RA liability FINANCIAL RESPONSIBILITY INTERPRETATION AND ENFORCEMENT Governing law Severability, survival, merger, notice Dispute resolution procedures FEES Certificate issuance or renewal fees Certificate access fees Revocation or status information access fees Fees for other services such as policy information Refund policy PUBLICATION AND REPOSITORY Publication of CA information Frequency of publication... 21

6 ISSUE : 02 PAGE : Access controls Repositories COMPLIANCE AUDIT Frequency of entity compliance audit Identity/qualifications of auditor Auditor's relationship to audited party Topics covered by audit Actions taken as a result of deficiency Communication of results CONFIDENTIALITY Types of information to be kept confidential Types of information not considered confidential Disclosure of certificate revocation/suspension information Release to law enforcement officials Release as part of civil discovery Disclosure upon owner's request Other information release circumstances INTELLECTUAL PROPERTY RIGHTS IDENTIFICATION AND AUTHENTICATION [AUTH] INITIAL REGISTRATION Types of names Need for names to be meaningful Rules for interpreting various name forms Uniqueness of names Name claim dispute resolution procedure Recognition, authentication and role of trademarks Method to prove possession of private key Authentication of organization identity Authentication of individual identity AUTHENTICATION FOR RENEWAL AFTER PERIOD OF VALIDITY (ROUTINE REKEY) REKEY AFTER REVOCATION REVOCATION REQUEST OPERATIONAL REQUIREMENTS [OPER] CERTIFICATE APPLICATION CERTIFICATE ISSUANCE CERTIFICATE ACCEPTANCE CERTIFICATE SUSPENSION AND REVOCATION Circumstances for revocation Who can request revocation Procedure for revocation request Revocation request grace period Circumstances for suspension Who can request suspension Procedure for suspension request Limits on suspension period CRL issuance frequency CRL checking requirements On-line revocation/status checking availability On-line revocation checking requirements Other forms of revocation advertisements available Checking requirements for other forms of revocation Advertisements... 31

7 ISSUE : 02 PAGE : Special requirements rekey compromise SECURITY AUDIT PROCEDURES Types of event recorded Frequency of processing log Retention period for audit log Protection of audit log Audit log backup procedures Audit collection system (internal vs external) Notification to event-causing subject Vulnerability assessments RECORDS ARCHIVAL Types of event recorded Retention period for archive Protection of archives Archive backup procedures Requirements for time-stamping of records Archive collection system (internal or external) Procedures to obtain and verify archive information KEY CHANGEOVER COMPROMISE AND DISASTER RECOVERY Computing resources, software, and/or data are corrupted Entity public key is revoked Entity key is compromised Secure facility after a natural or other type of disaster CA TERMINATION PHYSICAL, PROCEDURAL, AND PERSONNEL SECURITY CONTROLS [PSEC] PHYSICAL CONTROLS Site location and construction Physical access Power and air conditioning Water exposures Fire prevention and protection Media storage Waste disposal Off-site backup PROCEDURAL CONTROLS Trusted roles Number of persons required per task Identification and authentication for each role PERSONNEL CONTROLS Background, qualifications, experience, and clearance requirements Background check procedures Training requirements Retraining frequency and requirements Job rotation frequency and sequence Sanctions for unauthorized actions Contracting personnel requirements Documentation supplied to personnel TECHNICAL SECURITY CONTROLS [TSEC] KEY PAIR GENERATION AND INSTALLATION Key pair generation Private key delivery to entity... 41

8 ISSUE : 02 PAGE : Public key delivery to certificate issuer CA public key delivery to users Key sizes Public key parameters generation Parameter quality checking Hardware/software key generation Key usage purposes PRIVATE KEY PROTECTION Standards for cryptographic module Private key (n out of m) multi-person control Private key escrow Private key backup Private key archival Private key entry into cryptographic module Method of activating private key Method of deactivating private key Method of destroying private key OTHER ASPECTS OF KEY PAIR MANAGEMENT Public key archival Usage periods for the public and private keys ACTIVATION DATA Activation data generation and installation Activation data protection Other aspects of activation data COMPUTER SECURITY CONTROLS Specific computer security technical requirements Computer security rating LIFE CYCLE TECHNICAL CONTROLS System development controls Security management controls Life cycle security ratings NETWORK SECURITY CONTROLS CRYPTOGRAPHIC MODULE ENGINEERING CONTROLS CERTIFICATE AND CRL PROFILES [PROF] CERTIFICATE PROFILE Version Certificate extensions Algorithm object identifiers Name forms no stipulation Name constraints Certificate policy Object Identifier Usage of Policy Constraints extension Policy qualifiers syntax and semantics Processing semantics for the critical certificate policy extension CRL PROFILE Version number(s) CRL and CRL entry extensions SPECIFICATION ADMINISTRATION [SPEC] SPECIFICATION CHANGE PROCEDURES Items That Can Change Without Notification Changes With Notification PUBLICATION AND NOTIFICATION POLICIES...52

9 ISSUE : 02 PAGE : CPS APPROVAL PROCEDURES...52 LISTE DES FIGURES / LIST OF FIGURES Figure 1: TASCS architecture overview Figure 2 Method of activating private key... 45

10 ISSUE : 02 PAGE : 8 1. OBJET / OBJECT In order to provide a digital signature system integrated to its document management systems, Thales Alenia Space has decided to deploy a Public Key Infrastructure. The deployment of any public key infrastructure requires the definition of a certificate policy and a certification policy statement. This document describes the principles of the Thales Alenia Space signature Certification Policy in order to highlight the rights, duties, commitments and responsibilities of each members involved in PKI. This document is based on RFC 2527 document model. 2. DOMAINE D'APPLICATION / APPLICABILITY Tous sites Cannes Kourou Nanterre Toulouse Valence 3. TERMINOLOGIE ET DOCUMENTATION / TERMINOLOGY AND DOCUMENTATION 3.1 DOCUMENTS APPLICABLES / APPLICABLE DOCUMENTS Id Référence Issue Titre TI1 REF-ASPI-TI-1-F 2/- DIRECTIVE RELATIVE AU PROCESSUS TRAITEMENT DE L'INFORMATION TI2 REF-ASPI-TI-2-F 2/- LE PROCESSUS TRAITEMENT DE L'INFORMATION GEDSIG-SP TIGED-ASP-SP-16 1/- GEDSIG SPECIFICATIONS GEDPKI-SP GED-ASP-SP-979 1/- GEDPKI SPECIFICATIONS 3.2 DOCUMENTS DE REFERENCE / REFERENCE DOCUMENTS Id Référence Issue Titre RFC1321 RFC 1321 The MD5 Message-Digest Algorithm RFC2459 RFC 2459 Internet X.509 Public Key Infrastructure RFC2527 RFC2527 Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework X501 X.501 ITU-T Recommendation X.501: Information Technology - Open Systems Interconnection - The Directory: Models, X509 X.509 ITU-T Recommendation X.509 (1997 E): Information Technology - Open Systems Interconnection - The Directory: Authentication Framework, June 1997.

11 ISSUE : 02 PAGE : TERMINOLOGIE / TERMINOLOGY Activation Data Private data, other than keys, that are required to access cryptographic modules. Authority A list of revoked sub-cas and CAs Certificates published by the current Revocation List Thales Alenia Space Root CA. (ARL) Certificate A digital certificate is a signed data structure that binds one or more attributes of an entity with its corresponding public key. By being signed by a recognized and trusted authority (i.e. the Certification Authority) a digital certificate provides assurance that a particular public key belongs to a specific entity (and that the entity possesses the corresponding private key). The certificate format is in accordance with ITU Recommendation X.509. Certificate are documents that define the rules, procedures and practices to be Policies (CP) and employed in the use, administration and management of certificates within Certification a PKI environment. The CP contains rules and obligations to be fulfilled. Practice The CPS describes the concrete processes implemented to respect these Statements (CPS) rules. Certificate Revocation List (CRL) Certification Authority (CA) Certification Authorization Certificate repository Cross-Certificate Data Integrity Department Digital Signature A list maintained by a Certification Authority of the certificates which it has issued that have been revoked before their natural expiry time. Certification Authorities are the people, processes and tools responsible for the creation, issue and management of public-key certificates used within a PKI. Authorization for a Subscriber to request an Thales Alenia Space Certificate. A database or other storage component, which is accessible to all users of a PKI, within which public-key certificates, certificate revocation information and policy information can be held. A certificate used to establish a trust relationship between two Certification Authorities. Each CA certifies the public key of the other CA and trusts the certificates that have been issued by the other CA as its own issued certificates. Assurance that the data are unchanged from creation to reception. A department is a subset of any organization identified by Thales Alenia Space HQ. The result of a transformation of a message by means of a cryptographic system using keys such that a person who has the initial message can determine: - Whether the transformation was created using the key that corresponds to the signer s key and

12 ISSUE : 02 PAGE : 10 - Whether the message has been altered since the transformation was made Employee End-Entity Entity FIPS Issuing CA ITSEC Key Pair MD5 Object Identifier (OID) Organization PIN Policy Policy (PA) Private Key Public Key Authority Public Key Infrastructure (PKI) PKI client software PKI-enabled applications An employee is any person employed by an Thales Alenia Space unit. An Entity that uses the keys and Certificates created within the PKI for purposes other than the management of these keys and Certificates. An End-Entity may be a Subscriber or a Relying-Party. Any autonomous element within the Public Key Infrastructure. This may be a CA, an RA or an End-Entity. Federal Information Processing Standards. In the context of a particular certificate, the issuing CA is the CA that signed and issued the certificate. Information Security Technology Evaluation Criteria a Public Key and the corresponding Private Key One of the message digest algorithms developed by RSA Data Security, Inc. The unique alphanumeric/numeric identifier registered according to the ISO registration standard to reference a specific object or object class. In the Thales Alenia Space PKI it is used to identify uniquely each of the 2 policies and cryptographic algorithms supported. An Thales Alenia Space organization identified by Thales Alenia Space HQ. Personal Identity Number a secret code that can be used as activation data Certificate Policies and Certification Practice Statements are policy documents that define the procedures and practices to be applied in the use, the administration and the management of certificates within a PKI. An Thales Alenia Space body responsible for setting, implementing, and administering policy decisions regarding CP and CPS throughout the Thales Alenia Space PKI. The key kept secret by its owner. Associated with the corresponding Public Key within a Key Pair. The key is included in the Certificate and is published. Matching with its Private Key to form a Key Pair. A set of policies, processes, server platforms, software and workstations used for the purpose of administering certificates and keys. Client-side software required to ensure that PKI-entities are able to make full use of the key and digital certificate management services of a PKI (e.g. key creation, automatic key update and refreshment) Software applications which have been modified to enable their use within a PKI. Typically this involves modifying an application so that it becomes compatible with the use of digital certificates (e.g. to authenticate a remote user and authenticate itself to a remote user)

13 ISSUE : 02 PAGE : 11 PKI Operator System A person with the following roles: - Configuration and maintenance of the CA system hardware and software, - Configuration of CA Security policies, - Commencement and cessation of CA services PKI Administrator with the following roles : - Management of the Subscriber initialization process - Creation, renewal or revocation of certificates - Distribution of tokens (where applicable) Registration Authority (RA) Relying Party Root CA Routine Rekey SHA-1 Sponsor Sub CA Subscriber Trusted CA Registration Authorities are the people, the processes and the tools that are responsible for authenticating the identity of new entities (users or computing devices) requiring certificates from CAs. They act as agents of CAs (and can carry out some of the functions of a CA if required). Entity trusting the Certificates signed by the Thales Alenia Space Internal CA to, but not limited to, authenticate Digital Signatures, to check documents integrity or to encrypt communications to the Certificate subject. The self signed CA signing the sub CAs (for instance the Internal or B to B CA) Certificates. Procedure which is used to generate a new key-pair for an entity as the previous key-pair is about to expire.. One of the message digest algorithms In the Thales Alenia Space PKI, a sponsor is a department or an employee s manager that has nominated a specific individual or organization to be issued with a certificate. A CA, which Certificate is signed by the Root CA Private Key. Individual or application to whom the CA has issued a signature A CA recognized by the Thales Alenia Space Internal CA as issuing Certificates respecting satisfying standards of quality and security. 3.4 ABREVIATIONS / ABBREVIATIONS ARL CA CMA CPS CRL DMS DN DSA I&A LDAP ISO OID PKI Authority Revocation List Certification Authority Certificate Manufacturing Authority Certification Practice Statement Certificate Revocation List Document Management System Distinguished Name Digital signature algorithm Identification and Authentication Lightweight Directory Access Protocol International Standards Organization Object Identifier Public Key Infrastructure

14 ISSUE : 02 PAGE : 12 PMA Policy Management Authority RA Registration Authority X.500 The ITU-T (International Telecommunication Union-T) standard that establishes a distributed, hierarchical directory protocol organized by country, region, Organization, etc. 3.5 CONVENTIONS Paragraphs preceded by symbol "F" gives information of how to satisfy requirements specified just above. 4. INTRODUCTION 4.1 OVERVIEW This document contains the rules governing the use of Thales Alenia Space centralized signature certificates among those parties involved in the Public Key Infrastructure described by this policy, namely PKI service provider and end entities. PKI Service Provider is consisted of : Policy Management Authority, Issuing Certification Authorities, Registration Authorities and Repositories End Entities are consisted of : Certificate Holders and Authorized Relying Parties This document describes the roles, responsibilities, and relationships of the PKI Service Providers and End Entities (collectively Participants ), and the rules and requirements for the issuance, acquisition, management, and use of TASCS Certificates to verify Digital Signatures. This document also describes the practices TASCS follows in issuing and managing certificate, and to inform potential users of TASCS certificates about what they need to know prior to relying on TASCS-issued certificates. 4.2 NEEDS AND CONSTRAINTS OVERVIEW Thales Alenia Space provides to all its employees a service allowing to digitally sign very easily electronic documents. This signature service, called Thales Alenia Space Centralized Signature (TASCS) service shall be integrated to Thales Alenia Space business tools, such as its document management system.

15 ISSUE : 02 PAGE : 13 This signature service must be very simple to deploy, to maintain, to administrate and to use, taking into account the large employees number. The TASCS must be implemented with the international norms representing state of the art. 4.3 TASCS PRINCIPLES ET ARCHITECTURE OVERVIEW Digital signature relies on X.509 certificates delivered by a PKI. Because classical certificate enrollment process may be tedious for this purpose and not satisfy Thales Alenia Space requirements, TASCS service relies on a PKI called TASCS PKI, issuing automatically and centralizing certificates for all Thales Alenia Space users according to TAS common directory (SIPRO). Thales Alenia Space SIPRO users SIPRO Thales Alenia Space Centralized Signature CA Thales Alenia Space Centralized Signature Service Secure Certificate Store Thales Alenia Space DMS users DMS Figure 1: TASCS architecture overview When signing, users do not have to request a certificate, nor have a specific signature tool. The TASCS service relies on a dedicated PKI, named TASCS (Thales Alenia Space Centralized Signature) PKI, automatically creating and renewing certificates and keys for all Thales Alenia Space internal users. When creating certificates, TASCS CA gets information on users (name, address, status, ) from the TAS common directory (SIPRO). SIPRO is updated by human resource team. It is supposed to contain the most up-to-date and reliable information.

16 ISSUE : 02 PAGE : 14 TASCS CA stores users certificates and keys in a secure certificate store. This store is only accessed by TASCS service that uses keys only when signing a document after authenticating the users for each signature apposition. 4.4 IDENTIFICATION An Object IDentifier (OID) will be included upon identification by the Policy Authority. 4.5 COMMUNITY AND APPLICABILITY This certificate policy has satisfied the general public key certificate needs and constraints of Thales Alenia Space for digital signature Certification authorities A CA operating under this policy is responsible for: Creating and Signing certificates binding Subscribers with their digital signature keys, Promulgating certificate status through CRLs, Ensuring adherence with this certificate policy. A CA ensures that there is at least one Certificate and CRL repository associated with this policy Registration authorities As far as certificates are automatically created for users (cf. 4.3), there is no RA. This section is not applicable End entities Subscribers within TASCS PKI are issued to Thales Alenia Space users referenced and activated in Thales Alenia Space Common directory (SIPRO). TASCS service is available from Thales Alenia Space site Applicability This CPS applies to all TASCS PKI participants, including Thales Alenia Space users, customers, resellers and relying parties involved in document signature process.

17 ISSUE : 02 PAGE : 15 TASCS certificates are only used for digital signature. Applications using these certificates are: TASCS service for signature apposition signature verification tools 4.6 CONTACT DETAILS Specification administration organization The Thales Alenia Space Corporate Information System Security Officer (ISSO) is responsible for this document and for applying this CP and CPS Contact person The contact person for this policy is the Thales Alenia Space ISSO Person determining CPS suitability for the policy The Thales Alenia Space ISSO is responsible for determining CPS suitability for this policy. 5. GENERAL PROVISIONS [PROV] 5.1 OBLIGATIONS CA obligations Reference PKI-SP0007-PROV-001 : A CA will operate in accordance with its Certificate Practice Statement (CPS), with this Certificate Policy (CP), and with Thales Alenia Space standards when issuing and managing the keys. Reference PKI-SP0007-PROV-002 : The CA will ensure that the RA operating on its behalf will comply with the relevant provisions of this CP concerning the operation of RA. Reference PKI-SP0007-PROV-003 : A CA shall take all reasonable measures to ensure that Subscribers are aware of their respective rights and obligations regarding the operation and management of any keys, certificates, or End- Entity hardware and software used in connection with the PKI. Reference PKI-SP0007-PROV-004 : A CA must:

18 ISSUE : 02 PAGE : 16 Publish this document, Have in place mechanisms and procedures to ensure subscribers are aware of and agree to abide by the stipulations in this document Ensure that its certification services are in accordance with this document Notification of revocation of certificates Reference PKI-SP0007-PROV-005 : A CA must make CRLs available to a Subscriber or Relying Party in accordance with Section Accuracy of representations Reference PKI-SP0007-PROV-006 : A CA will provide to each Subscriber notice of the Subscriber s rights and obligations under this Certificate Policy. Such notice will include a description of the permitted uses of certificates issued under this CP, the Subscriber s obligations concerning key protection, and procedures for communication between the Subscriber and the RA, including communication of changes in service delivery or changes to this policy. Such notice will also indicate procedures to address suspected key compromise, certificate or key renewal, service cancellation, and resolution of disputes. F At certificate generation time, the CA takes information from TAS common directory (SIPRO) which contains the most reliable information on Subscribers (first name, last name, address, status). SIPRO is updated every day with information coming from Human Resource management tool. The CA checks every day the validity of the Subscriber information. It compares information from TAS common directory and the generated certificates. The checked information are information in certificate subject of the subscriber (cf. 10.1). If there is a difference, CA automatically renews the certificate for this user. Reference PKI-SP0007-PROV-007 : A CA will ensure that any notice includes a description of a Relying Party s obligations with respect of use, verification, and validation of certificates Time between request for a certificate and the issue thereof Not applicable.

19 ISSUE : 02 PAGE : Revocation and renewal of certificates Reference PKI-SP0007-PROV-008 : A CA will ensure that procedures concerning the expiry, revocation, or re-issue of a certificate will be compliant with the relevant provisions of this CP and will be expressly stated in its CPS, the Subscriber Agreement, or any other applicable document outlining the terms and conditions of the certificate use. Reference PKI-SP0007-PROV-009 : A CA will also ensure that notice of revocation of a certificate will be posted to the CRL within the time limits stated in and The address of the CRL must be defined in the certificate Protection of private keys Reference PKI-SP0007-PROV-010 : A CA will ensure that its private keys and its activation data are protected in accordance with Sections 4 and 9. Reference PKI-SP0007-PROV-011 : A CA will ensure that the private keys that it holds or stores, and the activation data are protected in accordance with Sections 7 and 9. Reference PKI-SP0007-PROV-012 : A CA will ensure that any private keys for the confidentiality of a Subscriber that have been backed-up or archived are protected in accordance with Section Restrictions on the use of an issuing CA's private key Reference PKI-SP0007-PROV-013 : A CA will ensure that its certificate signing private key is used only to sign certificates and CRLs. A CA may issue certificates to Subscribers. A CA may also recognize other CAs when expressly authorized by the Thales PA RA obligations Not applicable.

20 ISSUE : 02 PAGE : Subscriber obligations Reference PKI-SP0007-PROV-014 : The Subscriber is obliged to enter into an agreement or abide by an acceptable use policy which outlines the terms and conditions of use of the certificates and keys, including permitted applications and purposes. This agreement may be read during signature process Accuracy of representations Not applicable Protection of subscriber private key and key token Not applicable Restrictions on use of private keys by subscribers Reference PKI-SP0007-PROV-015 : The Subscriber will use the keys and certificates only for the purposes authorized by this policy. F This requirement is conformed in so far as only TASCS service accesses subscriber private keys Notification if private keys are compromised Reference PKI-SP0007-PROV-016 : If a Subscriber suspects that a private key has been compromised, he or she must immediately notify the CA in the manner Relying party obligations The rights and the obligations of a Relying Party who is a member of this PKI are covered by this policy Use of certificates for appropriate purpose Reference PKI-SP0007-PROV-017 : Before using a Subscriber s certificate, a Relying Party must ensure that it is appropriate for the intended use.

California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority. Version 3.

California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority. Version 3. California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority Version 3.4 April 2015 Table of Contents 1.0 INTRODUCTION... 8 1.1 OVERVIEW... 8 1.2

More information

CMS Illinois Department of Central Management Services

CMS Illinois Department of Central Management Services CMS Illinois Department of Central Management Services State of Illinois Public Key Infrastructure Certification Practices Statement For Digital Signature And Encryption Applications Version 3.3 (IETF

More information

Apple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc.

Apple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc. Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.

More information

THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY. July 2011 Version 2.0. Copyright 2006-2011, The Walt Disney Company

THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY. July 2011 Version 2.0. Copyright 2006-2011, The Walt Disney Company THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY July 2011 Version 2.0 Copyright 2006-2011, The Walt Disney Company Version Control Version Revision Date Revision Description Revised

More information

THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc.

THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc. THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Last Revision Date: June 28, 2007 Version: 3.0 Published By: RSA Security Inc. Copyright 2002-2007 by

More information

Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr

Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr Version 0.3 August 2002 Online : http://www.urec.cnrs.fr/igc/doc/datagrid-fr.policy.pdf Old versions Version 0.2 :

More information

TR-GRID CERTIFICATION AUTHORITY

TR-GRID CERTIFICATION AUTHORITY TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.1 January, 2009 Table of Contents: TABLE OF CONTENTS:...2 1. INTRODUCTION...7 1.1 OVERVIEW...7 1.2 DOCUMENT

More information

Neutralus Certification Practices Statement

Neutralus Certification Practices Statement Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX...1 1.0 INTRODUCTION...3 1.1 Overview...3 1.2 Policy Identification...3 1.3 Community & Applicability...3 1.4 Contact Details...3

More information

apple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc.

apple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc. Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.8 Effective Date: June 11, 2012 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2.

More information

Fraunhofer Corporate PKI. Certification Practice Statement

Fraunhofer Corporate PKI. Certification Practice Statement Fraunhofer Corporate PKI Certification Practice Statement Version 1.1 Published in June 2012 Object Identifier of this Document: 1.3.6.1.4.1.778.80.3.2.1 Contact: Fraunhofer Competence Center PKI Fraunhofer

More information

Certification Practice Statement

Certification Practice Statement FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification

More information

TR-GRID CERTIFICATION AUTHORITY

TR-GRID CERTIFICATION AUTHORITY TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.3 May 15, 2014 Table of Contents TABLE OF CONTENTS:... 2 1. INTRODUCTION... 7 1.1 OVERVIEW... 7 1.2 DOCUMENT

More information

Polish Grid Certification Authority Certificate Policy and Certification Practice Statement

Polish Grid Certification Authority Certificate Policy and Certification Practice Statement Polish Grid Certification Authority Certificate Policy and Certification Practice Statement version 0.4 (DRAFT ) September 2, 2002 1 1 Introduction 1.1 Overview This document is written according to the

More information

Danske Bank Group Certificate Policy

Danske Bank Group Certificate Policy Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...

More information

SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY

SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY Document Classification: Public Version Number: 2.5 Issue Date: June 25, 2015 National Center for Digital Certification Policies and Regulations Department Digitally

More information

ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0

ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 June 30, 2004 Table of Contents Table of Contents...2 1 Introduction...3 1.1 Overview...3 1.1.1 General Definitions...4

More information

epki Root Certification Authority Certification Practice Statement Version 1.2

epki Root Certification Authority Certification Practice Statement Version 1.2 epki Root Certification Authority Certification Practice Statement Version 1.2 Chunghwa Telecom Co., Ltd. August 21, 2015 Contents 1. INTRODUCTION... 1 1.1 OVERVIEW... 1 1.1.1 Certification Practice Statement...

More information

X.509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA)

X.509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA) .509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA) June 11, 2007 FINAL Version 1.6.1 FOR OFFICIAL USE ONLY SIGNATURE PAGE U.S. Government

More information

SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates

SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates Version March 2004 Version 2004-03 SwissSign Gold CP/CPS Page 1 of 66 Table of Contents 1. INTRODUCTION...9 1.1 Overview...

More information

Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement

Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement Version 2.2 Document OID: 1.3.6.1.4.1.36355.2.1.2.2 February 2012 Contents

More information

ING Public Key Infrastructure Certificate Practice Statement. Version 5.3 - June 2015

ING Public Key Infrastructure Certificate Practice Statement. Version 5.3 - June 2015 ING Public Key Infrastructure Certificate Practice Statement Version 5.3 - June 2015 Colophon Commissioned by Additional copies ING Corporate PKI Policy Approval Authority Additional copies of this document

More information

Gandi CA Certification Practice Statement

Gandi CA Certification Practice Statement Gandi CA Certification Practice Statement Gandi SAS 15 Place de la Nation Paris 75011 France Version 1.0 TABLE OF CONTENTS 1.INTRODUCTION...10 1.1.Overview...10 1.2.Document Name and Identification...10

More information

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Table of Contents 1. Introduction... 5 1.1. Trademarks...

More information

Trusted Certificate Service

Trusted Certificate Service TCS Server and Code Signing Personal CA CPS Version 2.0 (rev 15) Page 1/40 Trusted Certificate Service TCS Server CAs, escience Server CA, and Code Signing CA Certificate Practice Statement Version 2.0

More information

X.509 Certificate Policy for India PKI

X.509 Certificate Policy for India PKI X.509 Certificate Policy for India PKI Version 1.4 May 2015 Controller of Certifying Authorities Department of Information Technology Ministry of Communications and Information Technology Document Control

More information

Registration Practices Statement. Grid Registration Authority Approved December, 2011 Version 1.00

Registration Practices Statement. Grid Registration Authority Approved December, 2011 Version 1.00 Registration Practices Statement Grid Registration Authority Approved December, 2011 Version 1.00 i TABLE OF CONTENTS 1. Introduction... 1 1.1. Overview... 1 1.2. Document name and Identification... 1

More information

Ericsson Group Certificate Value Statement - 2013

Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...

More information

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016 National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy Version 1.1 February 2, 2016 Copyright 2016, Georgia Tech Research Institute Table of Contents TABLE OF CONTENTS I 1 INTRODUCTION

More information

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria Gatekeeper PKI Framework ISBN 1 921182 24 5 Department of Finance and Deregulation Australian Government Information Management Office Commonwealth of Australia 2009 This work is copyright. Apart from

More information

VeriSign Trust Network Certificate Policies

VeriSign Trust Network Certificate Policies VeriSign Trust Network Certificate Policies Version 2.8.1 Effective Date: February 1, 2009 VeriSign, Inc. 487 E. Middlefield Road Mountain View, CA 94043 USA +1 650.961.7500 http//:www.verisign.com - 1-

More information

Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States

Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States www.globessl.com TABLE OF CONTENTS 1. INTRODUCTION...

More information

phicert Direct Certificate Policy and Certification Practices Statement

phicert Direct Certificate Policy and Certification Practices Statement phicert Direct Certificate Policy and Certification Practices Statement Version 1. 1 Effective Date: March 31, 2014 Copyright 2013-2014 EMR Direct. All rights reserved. [Trademark Notices] phicert is a

More information

TeliaSonera Server Certificate Policy and Certification Practice Statement

TeliaSonera Server Certificate Policy and Certification Practice Statement TeliaSonera Server Certificate Policy and Certification Practice Statement v.1.4 TeliaSonera Server Certificate Policy and Certification Practice Statement CA name Validation OID TeliaSonera Server CA

More information

American International Group, Inc. DNS Practice Statement for the AIG Zone. Version 0.2

American International Group, Inc. DNS Practice Statement for the AIG Zone. Version 0.2 American International Group, Inc. DNS Practice Statement for the AIG Zone Version 0.2 1 Table of contents 1 INTRODUCTION... 6 1.1 Overview...6 1.2 Document Name and Identification...6 1.3 Community and

More information

EuropeanSSL Secure Certification Practice Statement

EuropeanSSL Secure Certification Practice Statement EuropeanSSL Secure Certification Practice Statement Eunetic GmbH Version 1.0 14 July 2008 Wagnerstrasse 25 76448 Durmersheim Tel: +49 (0) 180 / 386 384 2 Fax: +49 (0) 180 / 329 329 329 www.eunetic.eu TABLE

More information

TELSTRA RSS CA Subscriber Agreement (SA)

TELSTRA RSS CA Subscriber Agreement (SA) TELSTRA RSS CA Subscriber Agreement (SA) Last Revision Date: December 16, 2009 Version: Published By: Telstra Corporation Ltd Copyright 2009 by Telstra Corporation All rights reserved. No part of this

More information

PKI NBP Certification Policy for ESCB Signature Certificates. OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5

PKI NBP Certification Policy for ESCB Signature Certificates. OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5 PKI NBP Certification Policy for ESCB Signature Certificates OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5 Security Department NBP Warsaw, 2015 Table of Contents 1. Introduction 1 1.1 Overview 1 1.2 Document

More information

Metropolitan Police Service Enterprise PKI. Root Certificate Authority, Certificate Policy. Version 6.1 10 th February 2012 NOT PROTECTIVELY MARKED

Metropolitan Police Service Enterprise PKI. Root Certificate Authority, Certificate Policy. Version 6.1 10 th February 2012 NOT PROTECTIVELY MARKED Metropolitan Police Service Enterprise PKI Root Certificate Authority, Certificate Policy Version 6.1 10 th February 2012 Version Control Issue Release Date Comments A 02/11/07 First draft release of CP

More information

CERTIFICATE POLICY KEYNECTIS SSL CA

CERTIFICATE POLICY KEYNECTIS SSL CA CERTIFICATE POLICY KEYNECTIS SSL CA Date: 05/02/2009 KEYNECTIS SSL CA CERTIFICATE POLICY Subject: KEYNECTIS SSL CA Certificate Policy Version number: 1.1 Number of pages: 49 Status of the Project Final

More information

KIBS Certification Practice Statement for non-qualified Certificates

KIBS Certification Practice Statement for non-qualified Certificates KIBS Certification Practice Statement for non-qualified Certificates Version 1.0 Effective Date: September, 2012 KIBS AD Skopje Kuzman Josifovski Pitu 1 1000, Skopje, Republic of Macedonia Phone number:

More information

Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS)

Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS) [Draft] Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS) Version: 1.00 August, 2015 Bangladesh Bank Page 2 of 42 Document Reference Title Document Type Bangladesh Bank

More information

Adobe Systems Incorporated. Adobe Root CA Certification Practice Statement. Revision #5. Revision History

Adobe Systems Incorporated. Adobe Root CA Certification Practice Statement. Revision #5. Revision History Adobe Systems Incorporated Adobe Root CA Revision #5 Revision History Rev # Date Author Description of Change(s) 1 4/1/03 Deloitte & Touche First draft 2 4/7/03 Deloitte & Touche Further refinements 3

More information

Certificate Policy. SWIFT Qualified Certificates SWIFT

Certificate Policy. SWIFT Qualified Certificates SWIFT SWIFT SWIFT Qualified Certificates Certificate Policy This Certificate Policy applies to Qualified Certificates issued by SWIFT. It indicates the requirements and procedures to be followed, and the responsibilities

More information

Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure

Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure 1.0 INTRODUCTION 1.1 Overview The Federal Reserve Banks operate a public key infrastructure (PKI) that manages

More information

TREND MICRO SSL CERTIFICATION PRACTICE STATEMENT. Version 2.0

TREND MICRO SSL CERTIFICATION PRACTICE STATEMENT. Version 2.0 TREND MICRO SSL CERTIFICATION PRACTICE STATEMENT Version 2.0 Effective Date: 14 April 2015 TABLE OF CONTENTS 1. INTRODUCTION 1.1 Overview 1.2 Document name and identification 1.3 PKI participants 1.3.1

More information

SSL.com Certification Practice Statement

SSL.com Certification Practice Statement SSL.com Certification Practice Statement SSL.com Version 1.0 February 15, 2012 2260 W Holcombe Blvd Ste 700 Houston, Texas, 77019 US Tel: +1 SSL-CERTIFICATE (+1-775-237-8434) Fax: +1 832-201-7706 www.ssl.com

More information

CERTIFICATION POLICY QUEBEC CERTIFICATION CENTRE. 2015 Notarius Inc.

CERTIFICATION POLICY QUEBEC CERTIFICATION CENTRE. 2015 Notarius Inc. CERTIFICATION POLICY QUEBEC CERTIFICATION CENTRE 2015 Notarius Inc. Document Version: 4.5 OID: 2.16.124.113550 Effective Date: July 17, 2015 TABLE OF CONTENTS 1. GENERAL PROVISIONS...8 1.1 PURPOSE...8

More information

PKI NBP Certification Policy for ESCB Encryption Certificates. OID: 1.3.6.1.4.1.31995.1.2.3.1 version 1.2

PKI NBP Certification Policy for ESCB Encryption Certificates. OID: 1.3.6.1.4.1.31995.1.2.3.1 version 1.2 PKI NBP Certification Policy for ESCB Encryption Certificates OID: 1.3.6.1.4.1.31995.1.2.3.1 version 1.2 Security Department NBP Warsaw, 2015 Table of Contents 1. Introduction 1 1.1 Overview 1 1.2 Document

More information

GENERAL PROVISIONS...6

GENERAL PROVISIONS...6 Preface This Key Recovery Policy (KRP) is provided as a requirements document to the External Certification Authorities (ECA). An ECA must implement key recovery policies, procedures, and mechanisms that

More information

Certificate Policy KEYNECTIS SSL CA CP. Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2

Certificate Policy KEYNECTIS SSL CA CP. Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2 Certificate Policy KEYNECTIS SSL CA CP Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2 KEYNECTIS SSL CA CP Version 1.2 Pages 51 Status Draft Final Author Emmanuel Montacutelli OpenTrust

More information

ACXIOM. PUBLIC KEY INFRASTRUCTURE Certificate Policy Version 5.5

ACXIOM. PUBLIC KEY INFRASTRUCTURE Certificate Policy Version 5.5 ACXIOM PUBLIC KEY INFRASTRUCTURE Certificate Policy Version 5.5 Date: 19 Mar 2007 Certificate Policy Version 5.5 LEGAL DISCLAIMIER acknowledges that no portion of this document is intended or shall be

More information

Symantec Trust Network (STN) Certificate Policy

Symantec Trust Network (STN) Certificate Policy Symantec Trust Network (STN) Certificate Policy Version 2.8.5 Effective Date: September 8, 2011 Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA +1 650.527.8000 http//:www.symantec.com

More information

Trusted Certificate Service (TCS)

Trusted Certificate Service (TCS) TCS Personal and escience Personal CA CPS Version 2.0 (rev 15) Page 1/40 Trusted Certificate Service (TCS) TCS Personal CA, escience Personal CA, and Document Signing CA Certificate Practice Statement

More information

CA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT

CA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT CA Certificate Policy SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT This page is intentionally left blank. 2 ODETTE CA Certificate Policy Version Number Issue Date Changed By 1.0 1 st April 2009 Original

More information

CERTIFICATE POLICY (CP) (For SSL, EV SSL, OSC and similar electronic certificates)

CERTIFICATE POLICY (CP) (For SSL, EV SSL, OSC and similar electronic certificates) (CP) (For SSL, EV SSL, OSC and similar electronic certificates) VERSION : 09 DATE : 01.12.2014 1. INTRODUCTION... 10 1.1. Overview... 10 1.2. Document Name and Identification... 11 1.3. Participants...

More information

Certification Practice Statement

Certification Practice Statement Certification Practice Statement Revision R1 2013-01-09 1 Copyright Printed: January 9, 2013 This work is the intellectual property of Salzburger Banken Software. Reproduction and distribution require

More information

- X.509 PKI EMAIL SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1

- X.509 PKI EMAIL SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1 - X.509 PKI EMAIL SECURITY GATEWAY Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1 Commerzbank AG - Page 1 Document control: Title: Description : RFC Schema: Authors: Commerzbank

More information

thawte Certification Practice Statement Version 2.3

thawte Certification Practice Statement Version 2.3 thawte Certification Practice Statement Version 2.3 Effective Date: July, 2006 thawte Certification Practice Statement 2006 thawte, Inc. All rights reserved. Printed in the United States of America. Revision

More information

TC TrustCenter GmbH. Certification Practice Statement

TC TrustCenter GmbH. Certification Practice Statement TC TrustCenter GmbH Certification Practice Statement NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certification Practice Statement is published in conformance

More information

Certification Practice Statement. Internet Security Research Group (ISRG)

Certification Practice Statement. Internet Security Research Group (ISRG) Certification Practice Statement Internet Security Research Group (ISRG) Version 1.0 Updated May 5, 2015 Approved by ISRG Policy Management Authority Web Site: https://letsencrypt.org Page 1 of 11 Copyright

More information

The Boeing Company. Boeing Commercial Airline PKI. Basic Assurance CERTIFICATE POLICY

The Boeing Company. Boeing Commercial Airline PKI. Basic Assurance CERTIFICATE POLICY The Boeing Company Boeing Commercial Airline PKI Basic Assurance CERTIFICATE POLICY Version 1.4 PA Board Approved: 7-19-2013 via e-mal PKI-233 BCA PKI Basic Assurance Certificate Policy Page 1 of 69 Signature

More information

thawte Certification Practice Statement

thawte Certification Practice Statement thawte Certification Practice Statement Version 3.7.5 Effective Date: 4 June, 2012 (All CA/Browser Forum-specific requirements are effective on July 1, 2012) thawte Certification Practice Statement 2012

More information

TeliaSonera Public Root CA. Certification Practice Statement. Revision Date: 2006-11-17. Version: Rev A. Published by: TeliaSonera Sverige AB

TeliaSonera Public Root CA. Certification Practice Statement. Revision Date: 2006-11-17. Version: Rev A. Published by: TeliaSonera Sverige AB Document no 1/011 01-AZDA 102 213 TeliaSonera Sverige AB Certification Practice Statement Rev A TeliaSonera Public Root CA Certification Practice Statement Revision Date: 2006-11-17 Version: Rev A Published

More information

Certification Practice Statement (ANZ PKI)

Certification Practice Statement (ANZ PKI) Certification Practice Statement March 2009 1. Overview 1.1 What is a Certification Practice Statement? A certification practice statement is a statement of the practices that a Certification Authority

More information

Equens Certificate Policy

Equens Certificate Policy Equens Certificate Policy WebServices and Connectivity Final H.C. van der Wijck 11 March 2015 Classification: Open Version 3.0 Version history Version no. Version date Status Edited by Most important edit(s)

More information

X.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities

X.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities X.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities Version 5.1 May 2014 Notice to all parties seeking to rely Reliance

More information

Visa Public Key Infrastructure Certificate Policy (CP)

Visa Public Key Infrastructure Certificate Policy (CP) Visa Public Key Infrastructure Certificate Policy (CP) Version 1.7 Effective: 24 January 2013 2010-2013 Visa. All Rights Reserved. Visa Public Important Note on Confidentiality and Copyright The Visa Confidential

More information

Starfield Technologies, LLC. Certificate Policy and Certification Practice Statement (CP/CPS)

Starfield Technologies, LLC. Certificate Policy and Certification Practice Statement (CP/CPS) Starfield Technologies, LLC Certificate Policy and Certification Practice Statement (CP/CPS) Version 3.8 April 15, 2016 i Starfield CP-CPS V3.8 Table of Contents 1 Introduction... 1 1.1 Overview... 1 1.2

More information

Internet Security Research Group (ISRG)

Internet Security Research Group (ISRG) Internet Security Research Group (ISRG) Certificate Policy Version 1.0 Updated May 5, 2015 Approved by ISRG Policy Management Authority ISRG Web Site: https://letsencrypt.org Page 1 of 83 Copyright Notice

More information

SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION

SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION I. DEFINITIONS For the purpose of this Service Description, capitalized terms have the meaning defined herein. All other capitalized

More information

XN--P1AI (РФ) DNSSEC Policy and Practice Statement

XN--P1AI (РФ) DNSSEC Policy and Practice Statement XN--P1AI (РФ) DNSSEC Policy and Practice Statement XN--P1AI (РФ) DNSSEC Policy and Practice Statement... 1 INTRODUCTION... 2 Overview... 2 Document name and identification... 2 Community and Applicability...

More information

Certificate Policy for the United States Patent and Trademark Office November 26, 2013 Version 2.5

Certificate Policy for the United States Patent and Trademark Office November 26, 2013 Version 2.5 Certificate Policy for the United States Patent and Trademark Office November 26, 2013 Prepared by: United States Patent and Trademark Office Public Key Infrastructure Policy Authority This page is intentionally

More information

Public Certification Authority Certification Practice Statement of Chunghwa Telecom (PublicCA CPS) Version 1.5

Public Certification Authority Certification Practice Statement of Chunghwa Telecom (PublicCA CPS) Version 1.5 Public Certification Authority Certification Practice Statement of Chunghwa Telecom (PublicCA CPS) Version 1.5 Chunghwa Telecom Co., Ltd. August 21, 2015 Contents 1. INTRODUCTION... 1 1.1 OVERVIEW... 1

More information

Symantec External Certificate Authority Key Recovery Practice Statement (KRPS)

Symantec External Certificate Authority Key Recovery Practice Statement (KRPS) Symantec External Certificate Authority Key Recovery Practice Statement (KRPS) Version 2 24 April 2013 (Portions of this document have been redacted.) Symantec Corporation 350 Ellis Street Mountain View,

More information

REVENUE ON-LINE SERVICE CERTIFICATE POLICY. Document Version 1.2 Date: 15 September 2007. OID for this CP: 1.2.372.980003.1.1.1.1.

REVENUE ON-LINE SERVICE CERTIFICATE POLICY. Document Version 1.2 Date: 15 September 2007. OID for this CP: 1.2.372.980003.1.1.1.1. REVENUE ON-LINE SERVICE CERTIFICATE POLICY Document Version 1.2 Date: 15 September 2007 OID for this CP: 1.2.372.980003.1.1.1.1.1 No part of this document may be copied, reproduced, translated, or reduced

More information

INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456. Aristotle University of Thessaloniki PKI (www.pki.auth.gr) WHOM IT MAY CONCERN

INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456. Aristotle University of Thessaloniki PKI (www.pki.auth.gr) WHOM IT MAY CONCERN Title INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456 Customer Aristotle University of Thessaloniki PKI (www.pki.auth.gr) To WHOM IT MAY CONCERN Date 18 March 2011 Independent Audit

More information

Ford Motor Company CA Certification Practice Statement

Ford Motor Company CA Certification Practice Statement Certification Practice Statement Date: February 21, 2008 Version: 1.0.1 Table of Contents Document History... 1 Acknowledgments... 1 1. Introduction... 2 1.1 Overview... 3 1.2 Ford Motor Company Certificate

More information

Swiss Government Root CA II. Document OID: 2.16.756.1.17.3.21.1

Swiss Government Root CA II. Document OID: 2.16.756.1.17.3.21.1 Swiss Government Root CA II CP/CPS End-user Certificates Swiss Government PKI - Root CA II Certificate Policy and Certification Practice Statement (CP/CPS) Document OID: 2.16.756.1.17.3.21.1 Project Name:

More information

Federal Reserve Banks Certification Authority (FR-CA) Certification Practice Statement

Federal Reserve Banks Certification Authority (FR-CA) Certification Practice Statement Certification Practice Statement 1.0 INTRODUCTION 1.1 OVERVIEW The Federal Reserve Banks ( FRBs ), utilizing Public Key Infrastructure ( PKI ) technology and operating as a Certification Authority ( FR-CA

More information

SSL CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT

SSL CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT SSL CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Kamu Sertifikasyon Merkezi TÜBİTAK Yerleşkesi, P.K. 74 Gebze 41470 Kocaeli, TURKEY Tel: +90 (0) 262 648 18 18 Fax: +90 (0) 262 648 18 00 www.kamusm.gov.tr

More information

Version 3.0. Effective Date: 15 october, 2008

Version 3.0. Effective Date: 15 october, 2008 Getronics Version 3.0 Effective Date: 15 october, 2008 Getronics Nederland B.V. Fauststraat 1 P.O. Box 9105 7300 HN Apeldoorn The Netherlands Phone: +31 (0)20 570 4511 http://www.pki.getronicspinkroccade.nl

More information

SECOM Trust.net Root1 CA

SECOM Trust.net Root1 CA CERTIFICATE POLICY/ CERTIFICATION PRACTICE STATEMENT May 22, 2006 Version 2.00 SECOM Trust Systems Co.,Ltd. Revision History Version Date Description V1.00 2003.08.01 Initial Draft (Translated from Japanese

More information

CERTIFICATION PRACTICE STATEMENT UPDATE

CERTIFICATION PRACTICE STATEMENT UPDATE CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.

More information

Post.Trust Certificate Authority

Post.Trust Certificate Authority Post.Trust Certificate Authority Certification Practice Statement CA Policy and Procedures Document Issue date: 03 April 2014 Version: 2.7.2.1 Release Contents DEFINITIONS... 6 LIST OF ABBREVIATIONS...

More information

Certificate Policy and Certification Practice Statement

Certificate Policy and Certification Practice Statement DigiCert Certificate Policy and Certification Practice Statement DigiCert, Inc. Version 3.03 March 15, 2007 333 South 520 West Lindon, UT 84042 USA Tel: 1-801-805-1620 Fax: 1-801-705-0481 www.digicert.com

More information

Advantage Security Certification Practice Statement

Advantage Security Certification Practice Statement Advantage Security Certification Practice Statement Version 3.8.5 Effective Date: 01/01/2012 Advantage Security S. de R.L. de C.V. Prol. Paseo de la Reforma # 625 Int 402, Col Paseo de las Lomas. Del Alvaro

More information

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4

More information

Tata Consultancy Services Limited Certifying Authority. Certification Practice Statement

Tata Consultancy Services Limited Certifying Authority. Certification Practice Statement Tata Consultancy Services Limited Certifying Authority Certification Practice Statement IN SUPPORT OF PUBLIC KEY INFRASTRUCTURE SERVICES TCS-CA TRUST NETWORK DATE OF PUBLICATION: DECEMBER 2007 PROPOSED

More information

X.509 Certification Practice Statement for the Australian Department of Defence

X.509 Certification Practice Statement for the Australian Department of Defence X.509 Certification Practice Statement for the Australian Department of Defence Version 5.1 December 2014 Document Management This document is controlled by: Changes are authorised by: Defence Public Key

More information

TeliaSonera Root CA v1 Certificate Practice Statement. Published by: TeliaSonera AB

TeliaSonera Root CA v1 Certificate Practice Statement. Published by: TeliaSonera AB 2007-10-18 1 (46) TeliaSonera Root CA v1 Certificate Practice Statement Published by: TeliaSonera AB Company Information Created Modified Approved Valid from 2007-10-12 Reg. office: Printed Coverage Business

More information

Comodo Certification Practice Statement

Comodo Certification Practice Statement Comodo Certification Practice Statement Notice: This CPS should be read in conjunction with the following documents:- * LiteSSL addendum to the Certificate Practice Statement * Proposed Amendments to the

More information

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES Table of contents 1.0 SOFTWARE 1 2.0 HARDWARE 2 3.0 TECHNICAL COMPONENTS 2 3.1 KEY MANAGEMENT

More information

CERTIFICATION PRACTICE STATEMENT. EV SSL CA Certification Practice Statement

CERTIFICATION PRACTICE STATEMENT. EV SSL CA Certification Practice Statement CERTIFICATION PRACTICE STATEMENT EV SSL CA Certification Practice Statement Emmanuel Montacutelli September 1, 2015 OpenTrust_DMS_EV Statement SSL CA Certification Practice Manage d Services Signature

More information

Certipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012

Certipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012 Certipost Trust Services Version 1.2 Effective date 03 May 2012 Certipost NV ALL RIGHTS RESERVED. 2 13 Definitions : Activation Data Certificate Certificate Holder Certificate Public Registry Certificate

More information

DNSSEC Policy and Practice Statement.amsterdam

DNSSEC Policy and Practice Statement.amsterdam DNSSEC Policy and Practice Statement.amsterdam Contact T +31 26 352 55 00 support@sidn.nl www.sidn.nl Offices Meander 501 6825 MD Arnhem Mailing address Postbus 5022 6802 EA Arnhem May 24, 2016 Public

More information

REGISTRATION AUTHORITY (RA) POLICY. Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A.

REGISTRATION AUTHORITY (RA) POLICY. Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. REGISTRATION AUTHORITY (RA) POLICY Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. INDEX Contenido 1. LEGAL FRAMEWORK... 4 1.1. Legal Base...

More information

Operational Research Consultants, Inc. Non Federal Issuer. Certificate Policy. Version 1.0.1

Operational Research Consultants, Inc. Non Federal Issuer. Certificate Policy. Version 1.0.1 Operational Research Consultants, Inc. Non Federal Issuer Certificate Policy Version 1.0.1 Operational Research Consultants, Inc. 11250 Waples Mill Road South Tower, Suite 210 Fairfax, Virginia 22030 June

More information

Version 2.4 of April 25, 2008

Version 2.4 of April 25, 2008 TC TrustCenter GmbH Certificate Policy for SAFE NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certificate Policy is published in conformance with international

More information

Committee on National Security Systems

Committee on National Security Systems Committee on National Security Systems CNSS Instruction No. 1300 October 2009 INSTRUCTION FOR NATIONAL SECURITY SYSTEMS PUBLIC KEY INFRASTRUCTURE X.509 CERTIFICATE POLICY Under CNSS Policy No. 25 National

More information