1 CERTIFICATE POLICIES (CP) Certificate ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. CP
2 Certificate INDEX 1. LEGAL FRAMEWORK Legal Base Validation Legal Support INTRODUCTION Document Name Identification Publication Definitions and Acronyms Definitions Acronyms PARTICIPATING ENTITIES Credited Entities (CE) Certification Authority (CA) AC Root Authority Registration Authority (RA) Applicant Subscriber Signatory Password Protection Relaying Party CERTIFICATE CHARACTERISTICS Certificate Validity Period Support Types Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 2
3 Certificate 4.3. Secure Signature Creation Device (SSCD) Software Support CERTIFICATE TYPES Recognized Corporate Certificates Certificate for the Public Administration Private Certificates Secure Server Certificates LEGAL PERSON CERTIFICATE General Aspects Application field Certificate Data Certificate Use Appropriate Certificate Use Unauthorized Use of Certificates Key and Certificates Generation Tariffs Certificate Request Who can request a Certificate? Certificate Application Process Certificate Application Processing Execution of Authentication and Identification Functions Certificate Application Approval or Rejection Certificate Emission RA Actions CA Actions Certificate Delivery Certificate Acceptance Manners to Accept a Certificate Approval or rejection of the Certificate Applications Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 3
4 Certificate 6.8. Revocation and Suspension of Certificates Revocation Circumstances Causes for Revocation Who can request a revocation Application Revocation Procedures Period in which the CA should resolve the Revocation Verification Obligation of Revocations by Third Parties Emission Frequency of the CPSs Maximum Time between the Generation and Publication of the CRLs Availability of the Online Certificate Verification Status System Requirements for Online Revocation Checking CERTIFICATE RENEWAL Suspension Circumstances Who can Request a suspension Suspension Period Limits REVIEW Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 4
5 Certificate 1. LEGAL FRAMEWORK 1.1. Legal Base The Electronic Commerce, Electronic Signatures and Data Messaging Law, its Regulation; Organic Consumer Defense Law, CONATEL Organic Transparency Law of Information and Accreditation 1.2. Validation The present document will become valid since approval date Legal Support a) The Electronic Commerce, Electronic Signature and Data Messaging Law, published in the Official Register No. 577 April 17, b) According to Art. 37 of the Electronic Commerce, Electronic Signature, and Data Messaging Law, the National Telecommunications Council is the organism for authorization, registry and regulation of Certification Entities Information and Credited Related Services. c) The General Regulation of the Electronic Commerce, Electronic Signature, and Data Messaging Law, was expended by executive decree No 3496 published in the official registry 7435 on December 31, 2002, and its constant reforms in executive decree 1356 on September 29, 2008, published in the Official Registry No. 440 on October 6, d) The second listed article added by article 4 of the executive decree No stated after article 17 of general regulation by the Law of Electronic Commerce, Electronic Signatures and Data Messaging, states that the accreditation as an information certification entity and related services, will consist in an administrative act emitted by CONATEL through a resolution that will be registered in the National Public Registry of Information certification entity. e) Resolution CONATEL-2008 published in October 08, 2008, this resolution model was approved for the Accreditation as an Information Certification and Related Services Entity. f) Resolution No. TEL CONATEL-2010 published on October 22, 2010, approved the Accreditation Petition for the company SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL S.A. as an information certification and related services entity, for which SENATEL subscribed in the respective administrative act, as the model approved by the National Telecommunications Council. Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 5
6 Certificate 2. INTRODUCTION 2.1. Presentation The present document contains the Certification Policy (CP) of ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL for Certificate. This CP specifies and affirms to what has been established in the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL CPS, which determined a set of rules that indicate the procedures followed by the Certification Entity when presenting its services for digital certificates application, identification, emission, acceptance, and revoke, as well as its limits of use, application range and technical characteristics for this type of certificate. This Certificate Policy (CP) together with the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL CPS, are aimed to anyone who trusts in these types of certificates Document Name Identification Name: Version: 3.0 Description: s Certificate Policies Emission Date: June 24 th, Publication This document can be freely obtained at Definitions and Acronyms Definitions Electronic Certificates: Is a document signed electronically by a certification service provider which links signature verification data to a signatory and confirms its identity. Recognized Certificate: A certificate issued by a Credited Entity that meets the requirements established by the law regarding identity verification and other circumstances by applicants and Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 6
7 Certificate reliability of guarantees of certification services given. Public Key and Private Key: The asymmetric cryptography in which PKI is based on uses key pairs (this could also be two key pairs), which one is encrypted and can only be decrypted with the other and vice versa. One of these keys is called Public and is included in the electronic certificate, while the other is called Private and only is known by the certificate holder. Signature Creation Data (Private Key): Are unique data, such as codes or private cryptographic passwords, which the subscriber uses to create electronic signatures. Data Signature Verification (Public Key): Are data, such as codes or private cryptographic passwords, used to verify the electronic signature. Security Device for Signature Creation (SDSC): Instruments used to apply data for signature creation. Electronic Signature: Is a group of data in electronic form, entered with others, which can be used as a medium for personal identification. Advanced Electronic Signature: Is an electronic signature that establishes personal subscriber identification concerning signed data, and is used to check integrity, being linked exclusively to the subscriber, like referred data, and also it has been created by means to maintain exclusive control. Hash Function: Is an operation that is done in any size data group, so that the obtained result is another data group, regardless of the original size, that has the property of being uniquely associated with the initial data. Certificate Revocation List (CRL): This is a list that contains revoked or suspended certificates. Hardware Security Module (HSM): This is a Hardware Module used to make cryptographic functions and also it is used to store passwords in safe mode. Time Stamping: Electronic annotation signed electronically which is added to a message data that records the date, hour, and the identity of the person making the annotation. Time Stamping Authority (TSA): entity that issues trusted time stamps. Validation Authority (VA): trusted entity that provides information on the validity of digital certificates and electronic signatures Acronyms Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 7
8 Certificate CA: Certification Authority Sub CA: RA: CP: DCP: CRL: HSM: LDAP: OCSP: PKI: SPC: TSA: VA: ICE: OID: DN: Certification Authority Subordinate Register Authority Certification Policy Declaration of Certification Practices Certificate Revocation List Hardware Security Module Lightweight Directory Access Protocol Online Certificate Status Protocol Public Key Infrastructure Service Provider for Certification Time Stamp Authority Validation Authority Information Certification Entity Object Identifier Distinguished Name C: Country, Distinguished Name Attribute CN: Common Name, Distinguished Name Attribute O: Organization, Distinguished Name Attribute OU: Organizational Unit, Distinguished Name Attribute SN: ISO: PKCS: UTF8: Surname, Distinguished Name Attribute International Organizational for Standardization Public Key Cryptography Standards Unicode Transformation Format 8 bits. Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 8
9 Certificate 3. PARTICIPATING ENTITIES 3.1. Credited Entities (CE) Security Data Seguridad en Datos y Firma Digital is a Credited Entity (CE) that emits certificates recognized by the Electronic Commerce Electronic Signatures and Data Messaging Law. Security Data Seguridad en Datos y Firma Digital is the entity that emits these certificates and is the company responsible of the operation of life cycle certificates. The authorization functions, registry, issuing and revoke of destination entity personal certificates, can be done by other entities associated by contract with Security Data Seguridad en Datos y Firma Digital, which will considered as intermediary. Security Data Seguridad en Datos y Firma Digital also offer electronic signatures validation services and time stamping, which is controlled by their own norms and regulations which are not included in this document Certification Authority (CA) The system of certification of Security Data Seguridad en Datos y Firma Digital is composed of diverse CA or Certification Authority which is organized under a Certification Hierarchy AC Root Authority An AC Root Authority is the entity inside the hierarchy that emits certificates to other certification authorities and whose public key certificate has been self-signed. Its purpose is to sign the certificate of other ACs in the Certification Hierarchy Registration Authority (RA) Security Data Seguridad en Datos y Firma Digital Registration Authority is the entity in charge of: Certificate applications Identify the applicant and check if he/she meets with the necessary requirements for the Certificate Application. Check the situation of the person that will be the certificate signatory. Administrate password generation and certificate emissions. Submit the certificate to the subscriber. A representative for the RA of Security Data Seguridad en Datos y Firma Digital could be: Any Cooperation that is client of Security Data Seguridad en Datos y Firma Digital, for the issuing of certificates under the name of the Corporation or under members of the cooperation. Any trusted entity that reaches an agreement with Security Data Seguridad en Datos y Firma Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 9
10 Certificate Digital so they can act as representative of Security Data Seguridad en Datos y Firma Digital. Security Data Seguridad en Datos y Firma Digital itself. Security Data Seguridad en Datos y Firma Digital will formalize relations by contract with every one of the entities that act as RA of Security Data Seguridad en Datos y Firma Digital. The entity that acts as the RA of Security Data Seguridad en Datos y Firma Digital can authorize one or various people as the RA Operator in order to operate with the information system of certificate emissions of Security Data Seguridad en Datos y Firma Digital under the RA name. For the subscribers where geographical location represents a logistic problem for subscriber identification and in the application and delivery of certificates, the RA could appoint these functions to another trusted company. This entity should have a special relationship with the RA and have a trusted relationship with the certificate subscriber which justifies this appointment. This trusted entity should sign a collaborative agreement with the RA in which this appointment is accepted by these functions. Security Data Seguridad en Datos y Firma Digital should know and expressively authorize such agreement Applicant An applicant is the person that, under his/her own name or representing a third party, requests the emission of a certificate by Security Data Seguridad en Datos y Firma Digital. The type of requirements that an applicant must meet depends of the certificate type requested which requirements are published in the Certification Policy of each type of concrete certification Subscriber The subscriber is the person (natural or legal) that has contracted the certification services of Security Data Seguridad en Datos y Firma Digital. Therefore this person will be the owner of the certificate. Generally, the subscriber of a certificate of Security Data Seguridad en Datos y Firma Digital will be a cooperation (private business, public entity, or natural person), whose name will appear on the certificate Signatory The Signatory is the person that possesses a signature creation device and that acts under its own name or in representation of a legal entity. The signatory will be responsible of guarding the data of the signature creation, that is, the personal key Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 10
11 Certificate which is associated to the certificate Password Protection The protection of creation data of associated firms of each certificate is the responsibility of the natural or legal person, whose identification will be included in the electronic certificate Relaying Party A relaying party is all (person or organization) that voluntarily trusts in a certificate emitted by Security Data Seguridad en Datos y Firma Digital. The certificates emitted by Data Seguridad en Datos y Firma Digital are accepted by the majority of Ecuadorian State public organizations such as Ministries and Departments etc. The obligations and responsibilities of Data Seguridad en Datos y Firma Digital with relaying parties is limited to the ones stated here in this CPS. Relaying Parties should take note the limitations in its use. 4. CERTIFICATE CHARACTERISTICS 4.1. Certificate Validity Period Legal Representation Certificates are valid for two years according to the Electronic Commerce, Electronic Signature and Messaging Data Law (Decree No. 3469) Support Types The Legal Representation certificates can generate hardware or software support Secure Signature Creation Device (SSCD) The private passwords of the certificates emitted by the hardware support is generated and stored in a Secure Device of Signature Creation as a Smart Card or a Cryptographic Token. The SSCD provided by Security Data Seguridad en Datos y Firma Digital S.A. also contain FIPS certificates. Therefore, the usage of Company Employee Cooperative Certificates with SSCD permits to safely Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 11
12 Certificate execute Electronic Signatures. These SSCD generated certificate passwords cannot be in any way copied, which means in the case of loss or destruction of the device it will be necessary to start a new certificate emission process. In order to activate the SSCD it will be necessary to introduce the PIN number. If the PIN is for five consecutive times entered incorrectly the device will be blocked and therefore it will be inoperable. In order to unblock the device, the person must take the blocked device to the RA or send the device back to the company and there the device will be unblocked as well as emitting a new certificate. The PIN is secret and personal for each user; an initial PIN will be given which can be changed by the user by means of a special program Software Support The private keys from the emitted certificates in software support are generated and stored in an internet browser, for example Microsoft Explorer The certificates for legal persons in software can be copied to other formats; therefore it is possible to make security copies of them. 5. CERTIFICATE TYPES 5.1. Recognized Corporate Certificates Cooperative certificates are recognized electronic signature certificates which the subscriber is a Corporation (private business, organization or Public Administration): Legal Representative Cooperation Certificate: Are recognized certificates by the natural person that identifies the subscriber as a corporation and the signatory as a legal representative of this cooperation. Judicial Cooperation Certificate: Are certificates recognized by the judicial person that identifies the subscriber as a Judicial Person. Natural Person Cooperative Certificate: Are certificates that are recognized by the natural person which identifies the subscriber as Corporation and the signatory as associated to the corporation Certificate for the Public Administration The certificate for the Public Administration is an electronic certificate emitted according to the Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 12
13 Certificate requirements established in the Ecuadorian Electronic Commerce, Electronic Signatures and Data Messaging Law. Public Functionary Cooperate Certificate: Are certificates recognized by the natural person that identifies the subscriber as a cooperation and the signatory as a legal representative of this corporation Private Certificates Natural Person Certificate: Are recognized certificates by the natural person that identifies the subscriber as a natural person who can use these certificates for personal, legal and tax issues Secure Server Certificates Secure Server Certificates: are certificates that announce an Internet domain as a judicial entity or a determined registered merchant. 6. LEGAL PERSON CERTIFICATE 6.1. General Aspects Application field The certificates emitted by the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL under this CP, can be used for the creation of digital signatures and encoding. This can also be used as an identification mechanism for computer services and applications. For this reason, everything related to the Ecuadorian Legislation regarding Electronic Signatures will be applied to this point Certificate Data The information that is included in the Legal person Certificate emitted by the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL are the following: Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 13
14 Certificate Fields included in the Certificate Description Version Versión Shows the version inside the X.509 standard (v3) Serial number Número de Serie Certificate serial number Signature Algorithm Algoritmo de firma sha256rsa algorithm signature Signature hash algorithm Algoritmo de firma para sha256 HASH Organizational Unit Information Name (OU) Certification Entity (ICE) Domain Component(DC) Domain Name (securitydata.net.ec) Issuer Emisor Organization Name Certification (O) Organization Name- Security Data Seguridad en Datos y Firma Digital Country Name (c) Country of Certification Authorization - Ecuador (ec) Valid from Válido Desde Certificate emission date Valid to Válido Hasta Certificate expiration date Common Name (CN) Subscriber name Subject Firmante Organizational Unit Information Name (OU) Certification Entity (ICE) Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 14
15 Certificate Organization Name (O) Country Name (c) Certification Organization Name- Security Data Seguridad en Datos y Firma Digital Country of Certification Authority - Ecuador (ec) Public Key Clave Pública Subscriber public Key Key Usage Uso de clave Identifies where applicable Access to authority Acceso a información Information where OSCP will be used Information Certificate Guideline de autoridad Directivas del Certificado Detailed information of the certificate including the link to the Certificate s CP Social reason RUC RUP Name of Legal Representative Address Telephone City Country Subject Alternative Nombre Alternativo del Subscriber Name Firmante CRL Distribution Points Puntos de Distribución Distribution CRL points. Address where the CRLs are published. de la CRL Private Key Usage Periodos de uso de The private key time frame Period clave Privada Authority Key Identifier Identificador de clave X509 standard extension de entidad emisora Subject Key Identifier Identificador de clave X509 standard extension de asunto Basic Constrains Restricciones Básicas Determines CA destination, certification routes as ICE final entity. Entrust Version Info Información de Entrust PKI platform information Thumbprint Algorithm Algoritmo de CA signature algorithms identificación Thumbprint Huella Digital Fingerprint associated with the certificate 6.2. Certificate Use Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 15
16 Certificate Appropriate Certificate Use The subscriber could use the Electronic signature certificate, according to what has been established in this Certificate Policy, in the service contract that subscribes with the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL and the CPS. Improper use of a certificate is when this is used to realize unauthorized operations according to the certificate policies and is applicable to each certificate and the contracts of the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL with its subscriptions, in consequence the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL could revoke the certificate and thus terminating the contract. Authorized use of certificates emitted by the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL could be specified in each type of certificate. If the subscriber certificate in a particular time frame is stolen, i.e. the private password, the user should start the revoke proceedings as mentioned in this CP and the CPS. The certificate of Electronic signatures is emitted by the ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL to the subscriber and should be used as intended. The user is prohibited to alter the certificate in any way. The electronic signature certificates cannot be used in illegal actions according to the established in the Ecuadorian legislation. Electronic signature certificates presents the following guarantees: o Authenticity: the document information and its electronic signature undoubtedly corresponds to the person who signed the signed the contract. o Integrity: The information in the electronic document has not been modified or altered after signing. o No repudiation: The person who has electronically signed the document cannot deny his or her signature. o Confidentiality: The contained information has been coded and by the will of the emitter, only the receptor is permitted to decode it Unauthorized Use of Certificates It is prohibited any use that would contradict Ecuadorian and Community Norms, international agreements ratified by the Ecuadorian Government, native customs, and moral and public conduct. It is also prohibited the distinctive use of the stated in this Declaration of Certified Practices or in its corresponding Certification Policy. The certificates has not been designed nor destined to nor permits its use or retail as control equipment for dangerous situations or for use that requires unerring decisions such as nuclear plant equipment, Systems navigation or aerial communications or army systems control, where Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 16
17 Certificate an error could directly cause death, personal injury or serious environmental damages. Final user certificates cannot be used to sign public key certificates of any kind, or sign certification revokes lists Key and Certificates Generation The Key and Certificate storage support will be a cryptographic device. Access to the cryptographic device where the private key is stored is done through password (PIN). In order to employ an electronic signature it is necessary to introduce the Pin number which should only be known to the subscriber. When generating keys it is not allowed to make a security copy of generated key Tariffs The price of Company Employee Certificates will depend on their duration. Security Data Seguridad en Datos y Firma Digital S.A. might establish the tariffs, which are considered appropriate for the subscribers as well as establish appropriate payment methods in each case. For more details about price and payment conditions of this type of Certificate Security Data Seguridad en Datos y Firma Digital S.A. should be contacted Certificate Request Who can request a Certificate? The subscriber is the legal person that identifies the subscriber as a. The subscriber should possess the following documentation: a) National Taxpayer Registry (RUC) of the company. b) National Provider Registry (RUP) in case of possessing it. c) Certified and legible copy of the appointment of the legal representative and attaching a clear copy of his/her identification card. d) Certified copy of the applicant company constitution in which must contain the name or names of the people that will legally represent the company. (This must be notarized). e) Authorization signed by the legal representative. Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 17
18 Certificate Certificate Application Process The applicant must contact Security Data Seguridad en Datos y Firma Digital to arrange the certificate application either through the CA web page or any of the associate RAs. The RA will provide the applicant with the following information: Necessary application to hand in, in order to process the application and to verify the subscriber identity. Availability in order to execute the registry process. Information about the emission and revoke process of the private key protection as well as responsibilities and conditions of device and certificate use. How to access and consult the present document and certification policies. The following points specify the required documentation for the certificate application Certificate Application Processing Execution of Authentication and Identification Functions It is the responsibility of the RA to carry out in a reliable way subscriber identification and authorization. This process should be done before the certificate emission Certificate Application Approval or Rejection Once the certificate application is done, the RA should verify the information provided by the applicant, including identity confirmation of the subscriber. If the information is incorrect, the RA will reject the petition and state the reasons why. If the information is correct, the subscriber and/or applicant and Security Data Seguridad en Datos y Firma Digital will sign the corresponding legal document Certificate Emission RA Actions Once the application is approved, the RA will notify the applicant and/or subscriber who must do the Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 18
19 Certificate following. a) The applicant and/or subscriber personally present himself/herself to the RA, according to the established protocols. b) Pay the certificate fee or present its receipt to the RA (Software or Hardware). c) Read, accept, and sign the contract, which the RA will archive and the signatory can obtain a copy of this document. d) If the Subscriber requires the certificate via Hardware and does not have the Token, the RA will send it to the subscriber and when the subscriber has his own device, this should be approved by Security Data Seguridad en Datos y Firma Digital before its use. The RA has a list of approved devices. e) The RA will impute data into the system and proceed to emit generation certificate keys which will be delivered in the following manner: The first, Reference Number, will be sent to the applicant and the second, Authorization Code, are printed for the applicant at that moment together with the receipt CA Actions Once the application is approved, the key pairs are emitted (Authorization Code and Reference Number) and must be delivered to the subscriber safely. The CA will carry out the following actions: a) Key Pair Generation: it will generate key pairs in the CA, which will be sent to the client, the first key (reference number) will be sent via and the second (Authorization Code) will be printed and given directly to the RA. b) Receipt Emission: The receipt will be emitted to the client and attaching it to the printed document described in the previous Certificate Delivery When the subscriber has both passwords generated (Authorization code and reference number), he can now generate the certificate. Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 19
20 Certificate a) In Software Both passwords must be entered on the web page and must follow the procedure described in the Certificate Activation Manual via software found on the web page once this procedure is done a certificate is issued, one that the applicant will install on his computer. b) In Hardware Both passwords must be entered on the web page and must follow the procedure described in the Certificate Activation Manual via Hardware that is found on the web page the procedure is concluded, the Certificate is issued, program which will then install the Token Certificate Acceptance Manners to Accept a Certificate The certificate will be accepted the moment a legal instrument linked between the subscriber and Security Data Seguridad en Datos y Firma Digital has been signed and the certificate has been physically delivered, either personally or by any secure means. As evidence to this acceptance there must be an acceptance sheet signed by the applicant. The certificate will be considered valid since the day the acceptance sheet was signed. The acceptance sheet must be delivered to the RA physically Approval or rejection of the Certificate Applications Once the certificate has been generated and accepted by the subscriber or signatory, the certificate can be published in the certificates repositories that are considered necessary 6.8. Revocation and Suspension of Certificates Revocation Circumstances The revocation of a certificate means the loss of its validity, and is irreversible. The suspension means a temporary loss of a certificate and is reversible. Document: Version: Substitutes: Emission Date: Review Date: Initials: Page 20
CERTIFICATE POLICIES (CP) Natural Person Certificate ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. CP INDEX 1. LEGAL FRAMEWORK... 5 1.1. Legal Base... 5 1.2. Validation... 5 1.3. Legal Support...
REGISTRATION AUTHORITY (RA) POLICY Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. INDEX Contenido 1. LEGAL FRAMEWORK... 4 1.1. Legal Base...
CERTIFICATION PRACTICE STATEMENT (CPS) OF SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. Version.0 (CPS) INDEX 1. LEGAL FRAMEWORK... 10 1.1. Legal Base... 10 1.. Validation... 10 1.. Legal Support...
CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.
Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...
CERTIMETIERSARTISANAT and C@RTEUROPE ELECTRONIC SIGNATURE SERVICE SUBSCRIPTION CONTRACT SPECIFIC TERMS AND CONDITIONS Please fill in the form using BLOCK CAPITALS. All fields are mandatory. 1 1. SUBSCRIBER
COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...
Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure 1.0 INTRODUCTION 1.1 Overview The Federal Reserve Banks operate a public key infrastructure (PKI) that manages
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Table of Contents 1. Introduction... 5 1.1. Trademarks...
FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.8 Effective Date: June 11, 2012 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2.
HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 2.1 Date : 12 November 2003 Prepared by : Information Technology Services Center Hong Kong University of
PKI Tutorial Jim Kleinsteiber February 6, 2002 Page 1 Outline Public Key Cryptography Refresher Course Public / Private Key Pair Public-Key Is it really yours? Digital Certificate Certificate Authority
SUBSECRETARÍA S.G. DE TECNOLOGÍAS DE LA INFORMACIÓN Y COMUNICACIONES Certification Service Provider of the Ministry of Employment and Social Securityp Profile for Electronic seal certificate firstname.lastname@example.org
Equens Certificate Policy WebServices and Connectivity Final H.C. van der Wijck 11 March 2015 Classification: Open Version 3.0 Version history Version no. Version date Status Edited by Most important edit(s)
Gandi CA Certification Practice Statement Gandi SAS 15 Place de la Nation Paris 75011 France Version 1.0 TABLE OF CONTENTS 1.INTRODUCTION...10 1.1.Overview...10 1.2.Document Name and Identification...10
CA Certificate Policy SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT This page is intentionally left blank. 2 ODETTE CA Certificate Policy Version Number Issue Date Changed By 1.0 1 st April 2009 Original
Représentant les avocats d Europe Representing Europe s lawyers TECHNICAL STANDARDS FOR INTEROPERABILITY OF ELECTRONIC ID CARDS Technical standards for interoperability of electronic ID cards 1. Introduction
Class 3 Registration Authority Charter Version 1.0 applicable from 09 November 2010 Building A, Cambridge Park, 5 Bauhinia Street, Highveld Park, South Africa, 0046 Phone +27 (0)12 676 9240 Fax +27 (0)12
Fraunhofer Corporate PKI Certification Practice Statement Version 1.1 Published in June 2012 Object Identifier of this Document: 184.108.40.206.4.1.7220.127.116.11.1 Contact: Fraunhofer Competence Center PKI Fraunhofer
Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University October 2015 1 List of Figures Contents 1 Introduction 1 2 History 2 3 Public Key Infrastructure (PKI) 3 3.1 Certificate
SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates Version March 2004 Version 2004-03 SwissSign Gold CP/CPS Page 1 of 66 Table of Contents 1. INTRODUCTION...9 1.1 Overview...
PostSignum CA Certification Policy applicable to qualified personal certificates Version 3.0 7565 Page 1/60 TABLE OF CONTENTS 1 Introduction... 5 1.1 Review... 5 1.2 Name and clear specification of a document...
Certificate Policy for Secure Server (SSL), Extended Validation (EV) SSL, Electronic Office and Extended Validation (EV) Electronic Office Certificates National Register of Associations. Number 171.443.
Certipost Trust Services Version 1.2 Effective date 03 May 2012 Certipost NV ALL RIGHTS RESERVED. 2 13 Definitions : Activation Data Certificate Certificate Holder Certificate Public Registry Certificate
SUBSECRETARÍA S.G. DE TECNOLOGÍAS DE LA INFORMACIÓN Y COMUNICACIONES Certification Service Provider of the Ministry of Employment and Social Security Profile for Public Employee certificates email@example.com
THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Last Revision Date: June 28, 2007 Version: 3.0 Published By: RSA Security Inc. Copyright 2002-2007 by
Certificate Policy for SSL Client & S/MIME Certificates OID: 18.104.22.168.11.1 Copyright Actalis S.p.A. All rights reserved. Via dell Aprica 18 20158 Milano Tel +39-02-68825.1 Fax +39-02-68825.223 www.actalis.it
THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY July 2011 Version 2.0 Copyright 2006-2011, The Walt Disney Company Version Control Version Revision Date Revision Description Revised
SYMANTEC NON-FEDERAL SHARED SERVICE PROVIDER PKI SERVICE DESCRIPTION I. DEFINITIONS For the purpose of this Service Description, capitalized terms have the meaning defined herein. All other capitalized
SWIFT SWIFT Qualified Certificates Certificate Policy This Certificate Policy applies to Qualified Certificates issued by SWIFT. It indicates the requirements and procedures to be followed, and the responsibilities
Registration Authority Charter Version 3.0 is applicable from Effective Date Inyanda House 21 Wellington Road Parktown, 2193 Phone +27 (0)11 544 9368 Fax +27 (0)11 544 9599 Website: http://www.transnet.co.za/
ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 June 30, 2004 Table of Contents Table of Contents...2 1 Introduction...3 1.1 Overview...3 1.1.1 General Definitions...4
Polish Grid Certification Authority Certificate Policy and Certification Practice Statement version 0.4 (DRAFT ) September 2, 2002 1 1 Introduction 1.1 Overview This document is written according to the
Document no 1/011 01-AZDA 102 213 TeliaSonera Sverige AB Certification Practice Statement Rev A TeliaSonera Public Root CA Certification Practice Statement Revision Date: 2006-11-17 Version: Rev A Published
REGISTRATION WWW..CO.ZA Eskom Registration Authority Charter Version 2.0 applicable from 20 November 2009 Megawatt Park Maxwell Drive Sunninghill, SOUTH AFRICA, 2157 Phone +27 (0)11 800 8111 Fax +27 (0)11
Certification Practice Statement Version 2.0 Effective Date: October 1, 2006 Continovation Services Inc. (CSI) Certification Practice Statement 2006 Continovation Services Inc. All rights reserved. Trademark
HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 1.1 Date : 3 March 2000 Prepared by : Information Technology Services Center Hong Kong University of Science
TC TrustCenter GmbH Certification Practice Statement NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certification Practice Statement is published in conformance
[Draft] Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS) Version: 1.00 August, 2015 Bangladesh Bank Page 2 of 42 Document Reference Title Document Type Bangladesh Bank
TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.1 January, 2009 Table of Contents: TABLE OF CONTENTS:...2 1. INTRODUCTION...7 1.1 OVERVIEW...7 1.2 DOCUMENT
Certification Practice Statement Date: February 21, 2008 Version: 1.0.1 Table of Contents Document History... 1 Acknowledgments... 1 1. Introduction... 2 1.1 Overview... 3 1.2 Ford Motor Company Certificate
Certification Practice Statement 1.0 INTRODUCTION 1.1 OVERVIEW The Federal Reserve Banks ( FRBs ), utilizing Public Key Infrastructure ( PKI ) technology and operating as a Certification Authority ( FR-CA
TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.3 May 15, 2014 Table of Contents TABLE OF CONTENTS:... 2 1. INTRODUCTION... 7 1.1 OVERVIEW... 7 1.2 DOCUMENT
Visa Public Key Infrastructure Certificate Policy (CP) Version 1.7 Effective: 24 January 2013 2010-2013 Visa. All Rights Reserved. Visa Public Important Note on Confidentiality and Copyright The Visa Confidential
NCDC GOVERNMENT-CA PKI DISCLOSURE STATEMENT Document Classification: Public Version Number: 1.5 Issue Date: June 11, 2015 Copyright 2015 National Center for Digital Certification, Kingdom of Saudi Arabia.
PostSignum CA Certification Policy applicable to qualified certificates for electronic signature Version 1.0 7565 Page 1/67 TABLE OF CONTENTS 1 Introduction... 10 1.1 Overview... 10 1.2 Document Name and
Application ID Number (For Official Use only) APPLICATION FOR DIGITAL CERTIFICATE Instructions: 1. Please fill the form in BLOCK LETTERS ONLY. 2. All fields are mandatory. 3. Present one (1) copy and the
DEFENSE INFORMATION SYSTEMS AGENCY JOINT INTEROPERABILITY TEST COMMAND FORT HUACHUCA, ARIZONA DEPARTMENT OF DEFENSE PUBLIC KEY INFRASTRUCTURE EXTERNAL CERTIFICATION AUTHORITY MASTER TEST PLAN VERSION 1.0
SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY Document Classification: Public Version Number: 2.5 Issue Date: June 25, 2015 National Center for Digital Certification Policies and Regulations Department Digitally
Study on Mutual Recognition of esignatures: update of Country Profiles Icelandic country profile This report / paper was prepared for the IDABC programme by: Coordinated by: Hans Graux (time.lex), Brigitte
DigiCert Certificate Policy DigiCert, Inc. Version 4.03 May 3, 2011 Suite 200 Canopy Building II 355 South 520 West Lindon, UT 84042 USA Tel: 1 801 877 2100 Fax: 1 801 705 0481 www.digicert.com TABLE OF
CERTIFICATE POLICY Citizen Reference: Citizen certification policy Version no: 1.0 Date: 11 of janury, 2016 IZENPE 2016 This document is the property of Izenpe. It may only be reproduced in its entirety.
User Manual Internet Access for the public key certification service Version 1.2 / October 2014 1 Content TABLE OF CONTENTS 1 GENERAL INFORMATION... 3 1.1 INTRODUCTION... 3 2 IDENTIFICATION DATA... 3 2.1
ComSign Ltd. Certification Practice Statement (CPS) Procedures relating to issuing electronic certificates that comply with provisions of the Electronic Signature Law and its regulations. Version 3. 1.1.
VeriSign Trust Network Certificate Policies Version 2.8.1 Effective Date: February 1, 2009 VeriSign, Inc. 487 E. Middlefield Road Mountain View, CA 94043 USA +1 650.961.7500 http//:www.verisign.com - 1-
Federal Reserve Certification Authority (FR-CA) Certification Practice Statement for United States Treasury Auctions 1.0 INTRODUCTION 1.1 OVERVIEW The Federal Reserve Bank of New York ( FRBNY ) acts as
EBIZID EBIZID CPS Certification Practice Statement Version 1.02 Contents 1 General 7 1.1 EBIZID 7 1.2 Digital Certificates 7 1.3 User Interaction for Selecting a Certification Service 7 1.4 EBIZID Registration
Public key infrastructure (PKI) in Komerční banka Certification policy (CP) with a high level of personal identity verification of the applicant/client Confided/Company certificate Komerční banka, a.s.,
Trustis FPS PKI Glossary of Terms The following terminology shall have the definitions as given below: Activation Data Asymmetric Cryptosystem Authentication Certificate Certificate Authority (CA) Certificate
Certificates Noah Zani, Tim Strasser, Andrés Baumeler Overview Motivation Introduction Public Key Infrastructure (PKI) Economic Aspects Motivation Need for secure, trusted communication Growing certificate
PKI Belgium Government CA Government AA Certification Practice Statement 22.214.171.124.1.1.3 126.96.36.199.188.8.131.52 184.108.40.206.220.127.116.11 18.104.22.168.22.214.171.124 126.96.36.199.1.1.6 188.8.131.52.184.108.40.206 220.127.116.11.1.1.3 18.104.22.168.22.214.171.124
TrustAssured Service Policy (PKI) Disclosure Statement Version 1.1 1. Contact Information Enquiries or other communications about this statement should be addressed to: The Royal Bank of Scotland TrustAssured
E-TUGRA INFORMATIC TECHNOLOGIES AND SERVICES CORP (E-TUGRA) QUALIFIED CERTIFICATE POLICY AND PRACTICE STATEMENT (CP-CPS) VERSION 1.0 DATE OF ENTRY INTO FORCE : JUNE, 2008 OID 2.16.7126.96.36.199.1.1.2 E-TUGRA
Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States www.globessl.com TABLE OF CONTENTS 1. INTRODUCTION...
(CP) (For SSL, EV SSL, OSC and similar electronic certificates) VERSION : 09 DATE : 01.12.2014 1. INTRODUCTION... 10 1.1. Overview... 10 1.2. Document Name and Identification... 11 1.3. Participants...
Public Key Certification Infrastructure Petr Hanácek firstname.lastname@example.org Faculty of Electrical Engineering and Computer Science Brno University of Technology Abstract Jan Staudek email@example.com
DigiCert Certification Practice Statement DigiCert, Inc. Version 2.22 June 01, 2005 333 South 520 West Orem, UT 84042 USA Tel: 1-801-805-1620 Fax: 1-801-705-0481 www.digicert.com 1 General...7 1.1 DigiCert,
CERTIFICATE POLICY KEYNECTIS SSL CA Date: 05/02/2009 KEYNECTIS SSL CA CERTIFICATE POLICY Subject: KEYNECTIS SSL CA Certificate Policy Version number: 1.1 Number of pages: 49 Status of the Project Final
Comodo Certification Practice Statement Notice: This CPS should be read in conjunction with the following documents:- * LiteSSL addendum to the Certificate Practice Statement * Proposed Amendments to the
2007-10-18 1 (46) TeliaSonera Root CA v1 Certificate Practice Statement Published by: TeliaSonera AB Company Information Created Modified Approved Valid from 2007-10-12 Reg. office: Printed Coverage Business