SPECIFIC DOCUMENTATION FOR CORPORATE CERTIFICATES

Transcription

1 SPECIFIC DOCUMENTATION FOR CORPORATE CERTIFICATES IZENPE 2015 This document is the property of IZENPE and may be reproduced only in its entirety.

2 1. Introduction This document includes the Specific Documentation for certificates issued by Ziurtapen eta Zerbitzu Enpresa-Empresa de Certificación y Servicios, Izenpe, S.A. (henceforth, Izenpe) in the corporate field. The purpose of this document is to detail and complete the information already provided more generically in the IZENPE Certification Practice Statement. This documentation specifically regulates the references which the Certification Practice Statement makes with regard to this Specific Documentation. Specifically, this documentation regulates the certificates issued in the field, of Public Administrations and entities belonging to the public sector, - Public Entity Personnel Certificate - Recognized corporate certificate - Non-recognized corporate certificate NOTE. For these purposes, Izenpe understands Recognised Corporate certificates to be entities included in article 3 of the Royal Legislative Decree 3/2001, from 14th November approving the Reworked Text of the Public Sector Contract Law. Understanding as such: - Public-law entities set up by Law or tied to one or several public administrations or dependent on them. - Independent organisations. - Public universities. - Commercial companies with majority public shareholders (direct or indirect). - Consortiums, foundations and associations with majority public shareholders. - Private-law public organisations. In the private field, - Recognized Private Corporate Certificate - Non-recognized Private Corporate Certificate 1.1 Description of certificates Izenpe, in the scope of the Digital Certification Service, by virtue of which the Public Entity Users of the service obtain digital certificates, issues: I. In the field of Public Administrations and entities belonging to the public sector, the following types of certificates: Public Entity Personnel Certificate - This certificate, with the legal consideration of a recognised certificate, is issued in the scope of the recognised public administration personnel CA and the cryptography hardware device. 2 of 22

3 - It identifies - the current public administration, as subscriber, and the person who holds a role or position in it. - The subscriber administration could perform identification functions for the key owners belonging to it. - The administration service personnel receive a certificate with the following uses: - Electronic signature with the legal consideration of a recognised certificate, in accordance with what appears in articles 8, 11, 12, 13, 18 and 20 of the LFE. - Encrypting, without the legal consideration of a recognised certificate, for encryption uses. Recognized corporate certificate - This certificate, with the legal consideration of a recognised certificate, is issued in the scope of the recognised public administration personal CA and in the cryptography hardware device. - It identifies the entity acting as the certificate subscriber and the person holding a post or position in it, as key owner. - The applicant entity service personnel receive a certificate with the following uses: - Electronic signature with the legal consideration of a recognised certificate, in accordance with what appears in articles 8, 11, 12, 13, 18 and 20 of the LFE. - Encrypting, without the legal consideration of a recognised certificate, for encryption uses. Non-recognized corporate certificate - This certificate, with the legal consideration of a non-recognised certificate, is issued in the scope of the recognised public administration personnel CA and in the cryptographic hardware device. - It identifies the entity acting as the certificate subscriber and the person holding a post or position in it, as key owner. II. Entities belonging to the private scope Recognized Private Corporate Certificate - This certificate, with the legal consideration of a recognised certificate, is issued in the scope of the Citizens and recognised entities CA in the cryptographic hardware device. - It identifies the applicant entity as the subscriber and physical person holding a post or position in the entity, as key owner and who is responsible for holding the signature keys. 3 of 22

4 Non-recognized Private Corporate Certificate - This certificate, with the legal consideration of a non-recognised certificate, is issued in the scope of the Citizens and recognised entities CA and in the cryptographic hardware device. - It identifies the entity applying for the certificate as the subscriber and physical person holding a post or position in the entity, and who is responsible for holding the signature keys. - The use of this certificate is limited to the field of the job performed. The identity and any information that the certificates should contain will have to be checked by Izenpe or the Registration Authority that Izenpe uses to subscribe to the relevant legal instrument. 1.2 Identification In order to identify certificates, IZENPE has assigned you the following object identifiers (OID). CERTIFICATE OID Public Entity Personnel Certificate Basque Government personnel Recognized corporate certificate Non-recognized corporate certificate Recognized Private Corporate Certificate Non-recognized Private Corporate Certificate The Basque Government Personnel, Recognised Corporate Public entities and Recognised Corporate private entities, as these are recognised certificates, also include the following object identifier (OID) defined TS , produced by the European Institute of Telecommunication Standards, on recognised certificate profiles: Community and scope of use Users will be considered to be: - Certificate applicant, person applying for the certificate in the name of an organisation. - Signatory, the natural person identified in the certificate. - Certificate subscriber, the public administration or organisation identified in the certificate. - Key owners, the natural persons who own or are responsible for safeguarding the digital signature keys. The holder of the keys will be the signatory, 4 of 22

5 Scope of use The certificates will be used in the scope of the actual competences of the User Administration or Organisation and the position or role performed. The non recognised corporate certificate will only be used in the post or position. However, key owners may also employ these certificates for other uses provided that they respect the usage limitations set forth with third parties in the relevant legal instruments. 1.4 General provisions Obligations concerning identification Izenpe, either directly or through the User Entities with which it has signed the corresponding agreement, checks the corresponding registries to verify the identity and any other personal information concerning applicants, subscribers, and key holders for certificates. In addition, it verifies that the key holder is duly authorized by the subscriber. Obligations of certificate subscribers The subscriber obligations are: - As compiled in the Certification Practice Statement: Certificate subscribers' obligations - Both the subscriber and the key owner are responsible for requesting revocation of a certificate under the terms described in the Certification Practice Statement. 5 of 22

6 2 Operational requirements 2.1 Certificate application and information accreditation Processing the certificate and accreditation for identity In the case of non-recognized corporate certificates: Recognised Private Corporate, Personnel from Public entities and Recognised Corporate Certificate, requiring accreditation for the key owner identity. - Attendance not required, delivered to Izenpe: - Electronically, issue application signed electronically by both the applicant and the key owner by means of a recognised certificate in accordance with what appears in the LFE. - Or by post to Izenpe's address, a) Certificate issue application signed by both the applicant and the key owner and validated by a notary. b) Issue applicant signed by the applicant and the key owner. Criterion only applicable to the key owner in the circumstances considered in article 13.4 a) LFE. (Circumstances in which Izenpe has identified the applicant within the last five years). - In person, by the key owner. Having obtained all the required documentation, the applicant should send it to IZENPE's address. Once validated, the key holder will appear - At Izenpe, on prior appointment, in the closest Registry Office. - Or at the subscriber organisation in the event that Izenpe has subscribed the relevant legal instrument. In the case of the following certificates: For Personnel from Public Entities, the key owner can be identified before the applicant administration with which Izenpe has signed the relevant legal agreement. For certificates requested in the municipal field, applicants can be identified before the Town Council Secretary within the framework of their public notary work. The following should be presented: 1. Issue application signed by both the applicant and the key owner. 2. Original or authentic copy of the following documentation in force (both from the applicant and the key owner), a) Identity card (DNI), passport or driving licence, for national citizens. 6 of 22

7 b) For foreign citizens: I. Members of the European Union or States belonging to the European Economic Area, must present: - Their national identity document, or equivalent in their country, or passport. - And a certificate issued by the Register of EU Nationals. II. Non EU citizens must present their Foreigner Identification Number (NIE) and current passport. NOTE 1. The applicant should bring a copy of their DNI In the case of Non-Recognised Private Corporate and Non-Recognised Corporate certificates, due to the fact they are not recognised, Izenpe does not require accreditation for the key owner identity. The certificate will be processed in the following ways: - Attendance not required, delivered to Izenpe: 1. Signed issue application 2. Original or authentic copy of the following valid documentation: a) Identity card (DNI), passport or driving licence, for national citizens. b) For foreign citizens: I. Members of the European Union or States belonging to the European Economic Area, must present: - Their national identity document, or equivalent in their country, or passport. - And a certificate issued by the Register of EU Nationals. II. Non EU citizens must present their Foreigner Identification Number (NIE) and current passport. Having formulated the first Issue Application, if the information appearing in the initial Issue Application changes for later key owner certificate applications, the applicant Organisation will be responsible for communicating the changes to Izenpe and sending a new Application. Documentation accrediting the applicant entity Izenpe, prior to certificate issue, will validate the required documentation (NIF, valid organisation constitution and accreditation of the applicant's power). In order to determine which documentation should be provided by each type of entity, the applicant will be able to consult Appendix I of this Specific Documentation regarding the documentation required from each entity depending on its legal configuration. 7 of 22

8 TYPE OF ORGANISATION ENTITY 1. Commercial Companies 2. Associations, Foundations, Cooperatives 3. Public Administrations and entities belonging to the public sector 4. Professional colleges *If the applicant entity does not appear in the chart, send a mail to info@izenpe.com to request more information. NOTE 2. By signing the Issue Application, the applicant will accept the Subscriber's Contract and the Conditions for Use. The Registration Office will keep a record of the required documentation and will prove the applicant s identification when appropriate. 2.2 Issue and delivery of certificate Izenpe will issue the certificate and deliver it In the event of delivery in person, at the time of issue, Izenpe will hand over the PIN, the PIN unlock key (PUK) and the sheet featuring the telephone identification password. At this point, the applicant should sign, through the Issue Application, the certificate delivery receipt. If the application is not in person, the certificate will be sent to the postal address given in the Issue Application, in two stages: a) Sending the certificate b) Sending the PIN, PIN unlock key (PUK) and the sheet featuring the telephone identification password. If the applicant has not received the certificate within 1 month of applying for issue, they should contact Izenpe. The applicant should sign and return the Receipt and Acceptance Sheet to Izenpe. 2.3 Revocation of Certificates Revocation application The revocation of a certificate can be requested by: 8 of 22

9 - The subscriber. It is understood that the following are authorised to request the certificate revocation: the Legal Representative from the subscribing entity, the Personnel Manager or third party authority by either of the above. - The applicant. - Key owner - Izenpe. The Izenpe administrators and Registration Offices are authorised to request the revocation of end-entity subscriber certificates. Procedure The revocation applicant will process the Revocation Application through Izenpe. The certificate can be revoked at any time and in all cases involving loss or theft. The applicant can revoke the certificate through the following channels: - Personally: o By requesting a prior appointment with Izenpe through o Or at the subscriber organisation with whom Izenpe has subscribed the relevant legal instrument. - Over the phone, by calling The following are required for identification: o Telephone Identification Password (given on the password sheet) o DNI / NIE o Entity NIF 9 of 22

10 - Online, by going on to and using a certificate recognised by the LFE, electronic DNI or a certificate recognised by Izenpe for identification. - Or by post, sending the certificate revocation application signed and validated before a notary. Revocation Causes Causes can be viewed in the Certification Practice Statement Renewal of Certificates To renew a certificate the applicant must follow the certificate issuance process established. 10 of 22

11 3 Management of Changes The modifications made to this document will be approved by the IZENPE Security Committee. These modifications will be included in a Specific Documentation Update Document whose maintenance is guaranteed by IZENPE. The updated versions of the specific documentation can be consulted at the following address 11 of 22

12 4 Certificate profiles 4.1 Public Entity Personnel Certificate Campo / extensión Opcional / Crítica Contenido version Versión 3 signature issuer validity subject SN G CN dnqualifier Número secuencial único sha256withrsaencryption Igual al campo subject del certificado de la CA emisora 4 años DNI / NIE Primer Apellido Nombre Nombre y Apellidos Depende de tipo de documento. DNI: "-dni [DNI] -TIS [TIS] -cif [CIF]" NIE: "-nie [NIE] -TIS [TIS] -cif [CIF]" Condiciones de uso en nola erabili jakiteko Entitate publikoen ziurtagiri - Certificado de entidad publica Ziurtagiri onartua - Certificado reconocido Opcional Cargo o Departamento Opcional Grupo VPN O Organización C ES subjectpublickeyinfo RSA 2048 bits mínimo extensions issueraltname Igual a la extensión subjectaltname del certificado de la CA emisora subjectaltname rfc822name del suscriptor OtherName: UserPrincipalName Opcional Nombre principal de usuario extendedkeyusage netscapecerttype subjectkeyidentifier authoritykeyidentifier clientauth, protection, smartcardlogon SSL_Client, SMIME_Client Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Bermeen mugak ezagutzeko Ziurtagirian konfiantza izan aurretik kontratua irakurri. Limitaciones de garantias en Consulte el contrato antes de confiar en el certificado ocsp qcstatements QcCompliance Presente QcSSCD Presente keyusage Crítica digitalsignature, keyencipherment, dataencipherment 12 of 22

13 4.2 Basque Government Personnel Certificate Campo / extensión Opcional / Crítica Contenido version Versión 3 signature issuer validity subject SN G CN dnqualifier Número secuencial único sha1withrsaencryption Igual al campo subject del certificado de la CA emisora 4 años DNI / NIE Primer Apellido Nombre Nombre y Apellidos Depende de tipo de documento. DNI: "-dni [DNI] -cif [CIF]" NIE: "-nie [NIE] -cif [CIF]" Condiciones de uso en nola erabili jakiteko Entitate publikoen ziurtagiri - Certificado de entidad publica Ziurtagiri onartua - Certificado reconocido Opcional Cargo o Departamento Opcional Grupo VPN O C subjectpublickeyinfo extensions issueraltname subjectaltname Organización ES RSA 2048 bits mínimo Igual a la extensión subjectaltname del certificado de la CA emisora rfc822name del suscriptor OtherName: UserPrincipalName Opcional Nombre principal de usuario extendedkeyusage netscapecerttype subjectkeyidentifier authoritykeyidentifier clientauth, protection, smartcardlogon SSL_Client, SMIME_Client Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Bermeen mugak ezagutzeko Ziurtagirian konfiantza izan aurretik kontratua irakurri. Limitaciones de garantias en Consulte el contrato antes de confiar en el certificado ocsp qcstatements QcCompliance Presente QcSSCD Presente keyusage Crítica digitalsignature 13 of 22

14 Recognized corporate certificate Campo / extensión Opcional / Crítica Contenido version Versión 3 signature issuer validity subject SN G CN dnqualifier Número secuencial único sha256withrsaencryption Igual al campo subject del certificado de la CA emisora 4 años DNI / NIE Primer Apellido Nombre Nombre y Apellidos Depende de tipo de documento. DNI: "-dni [DNI] -TIS [TIS] -cif [CIF]" NIE: "-nie [NIE] -TIS [TIS] -cif [CIF]" Condiciones de uso en nola erabili jakiteko Ziurtagiri korporatibo onartua - Cert. corporativo reconocido Ziurtagiri onartua - Certificado reconocido Opcional Cargo o Departamento Opcional Grupo VPN O Organización C ES subjectpublickeyinfo RSA 2048 bits mínimo extensions issueraltname Igual a la extensión subjectaltname del certificado de la CA emisora subjectaltname rfc822name del suscriptor OtherName: UserPrincipalName Opcional Nombre principal de usuario extendedkeyusage netscapecerttype subjectkeyidentifier authoritykeyidentifier clientauth, protection, smartcardlogon SSL_Client, SMIME_Client Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Bermeen mugak ezagutzeko Ziurtagirian konfiantza izan aurretik kontratua irakurri. Limitaciones de garantias en Consulte el contrato antes de confiar en el certificado ocsp qcstatements QcCompliance Presente QcSSCD Presente keyusage Crítica digitalsignature, keyencipherment, dataencipherment 14 of 22

15 4.3 Recognized corporate hardware Campo / extensión Opcional / Crítica Contenido version Versión 3 signature issuer validity subject SN G CN dnqualifier Número secuencial único sha256withrsasignature Igual al campo subject del certificado de la CA emisora 4 años DNI / NIE Apellidos Nombre Nombre y Apellidos Depende de tipo de documento. DNI: "-dni [DNI] -cif [CIF]" NIE: "-nie [NIE] -cif [CIF]" Condiciones de uso en nola erabili jakiteko HSM Ziurtagiri korporatibo onartua - Cert. corporativo reconocido HSM Ziurtagiri onartua - Certificado reconocido Opcional Cargo o Departamento Opcional Grupo VPN O Organización C ES subjectpublickeyinfo RSA 2048 bits mínimo extensions issueraltname Igual a la extensión subjectaltname del certificado de la CA emisora subjectaltname rfc822name extendedkeyusage netscapecerttype subjectkeyidentifier authoritykeyidentifier del suscriptor clientauth, protection SSL_Client, SMIME_Client Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Bermeen mugak ezagutzeko Ziurtagirian konfiantza izan aurretik kontratua irakurri. Limitaciones de garantias en Consulte el contrato antes de confiar en el certificado ocsp qcstatements QcCompliance Presente QcSSCD Presente keyusage Crítica digitalsignature, keyencipherment, dataencipherment 15 of 22

16 4.4 Non-recognized corporate certificate Campo / extensión Opcional / Crítica Contenido version Versión 3 signature issuer validity subject SN G CN dnqualifier Número secuencial único sha256withrsaencryption Igual al campo subject del certificado de la CA emisora 4 años DNI / NIE Primer Apellido Nombre Nombre y Apellidos Depende de tipo de documento. DNI: "-dni [DNI]" NIE: "-nie [NIE]" Condiciones de uso en nola erabili jakiteko Ziurtagiri korporatiboa Certificado corporativo Opcional Cargo o Departamento Opcional Grupo VPN O Organización subjectpublickeyinfo RSA 2048 bits mínimo extensions issueraltname Igual a la extensión subjectaltname del certificado de la CA emisora subjectaltname rfc822name del suscriptor OtherName: UserPrincipalName Opcional Nombre principal de usuario extendedkeyusage netscapecerttype subjectkeyidentifier authoritykeyidentifier clientauth, protection, smartcardlogon SSL_Client, SMIME_Client Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Ziurtagiria Euskal Autonomia Erkidegoko sektore publikoko erakundeen barne-sareetan bakarrik erabil daiteke. Uso restringido al ambito de redes internas de Entidades del Sector Publico Vasco ocsp keyusage Crítica digitalsignature, keyencipherment, dataencipherment 16 of 22

17 4.5 Recognized Private Corporate Certificate Campo / extensión Opcional / Crítica Contenido version Versión 3 signature issuer validity subject SN G CN dnqualifier Número secuencial único sha256withrsaencryption Igual al campo subject del certificado de la CA emisora 4 años DNI / NIE Primer Apellido Nombre Nombre y Apellidos Depende de tipo de documento. DNI: "-dni [DNI] -cif [CIF]" NIE: "-nie [NIE] -cif [CIF]" Condiciones de uso en nola erabili jakiteko Ziurtagiri korporatibo pribatua - Certificado corporativo privado Ziurtagiri onartua - Certificado reconocido Opcional Cargo o Departamento Opcional Grupo VPN O Organización C ES subjectpublickeyinfo RSA 2048 bits mínimo extensions issueraltname Igual a la extensión subjectaltname del certificado de la CA emisora subjectaltname rfc822name del suscriptor OtherName: UserPrincipalName Opcional Nombre principal de usuario extendedkeyusage subjectkeyidentifier authoritykeyidentifier clientauth, protection, smartcardlogon Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Bermeen mugak ezagutzeko Ziurtagirian konfiantza izan aurretik kontratua irakurri. Limitaciones de garantias en Consulte el contrato antes de confiar en el certificado ocsp qcstatements QcCompliance QcSSCD Presente Presente keyusage Crítica digitalsignature, keyencipherment, dataencipherment 17 of 22

18 4.6 Non-recognized Private Corporate Certificate Campo / extensión Opcional / Crítica Contenido version Versión 3 Número secuencial único signature sha256withrsaencryption issuer Igual al campo subject del certificado de la CA emisora validity 4 años subject DNI / NIE SN Primer Apellido G Nombre CN Nombre y Apellidos dnqualifier Depende de tipo de documento. DNI: "-dni [DNI]" NIE: "-nie [NIE]" Condiciones de uso en nola erabili jakiteko Ziurtagiri korporatibo pribatua - Certificado corporativo privado Opcional Cargo o Departamento Opcional Grupo VPN O Organización subjectpublickeyinfo RSA 2048 bits mínimo extensions issueraltname Igual a la extensión subjectaltname del certificado de la CA emisora subjectaltname rfc822name del usuario OtherName: UserPrincipalName Opcional Nombre principal de usuario extendedkeyusage netscapecerttype subjectkeyidentifier authoritykeyidentifier clientauth, protection, smartcardlogon SSL_Client, SMIME_Client Identificador de la clave pública Incluir sólo campo keyidentifier certificatepolicies policyidentifier cpsuri usernotice crldistributionpoints authorityinfoaccess ( en Desarrollo) Bermeen mugak ezagutzeko Ziurtagirian konfiantza izan aurretik kontratua irakurri. Limitaciones de garantias en Consulte el contrato antes de confiar en el certificado ocsp keyusage Crítica digitalsignature, keyencipherment, dataencipherment 18 of 22

19 Appendix I TYPE OF ORGANISATION ENTITY 1. Commercial Companies 2. Associations, Foundations, Cooperatives 3. Public Administrations and entities belonging to the public sector 4. Professional colleges 1. Commercial Companies As accreditation for the applicant organisation the following should be provided: Original Mercantile Register certification proving that the entity's registration is in force. As accreditation for the physical applicant's authority In the event of legal representative (sole or joint administrator or managing director), original certification from the Mercantile Register proving that they are a valid legal representative. If the applicant is a voluntary representative, - It will accredit power to perform administration acts or hold contracts in the name of the entity, providing original certificates from the Mercantile Register proving that this authority is in force. NOTE. - All certificates, once despatched, are valid for 15 natural days. - Izenpe, in compliance with the LFE, will keep all the documentation provided. In the event that the applicant wishes to keep the original documentation provided, they should also present a photocopy of it. 19 of 22

20 2. Associations, Foundations and Cooperatives As accreditation for the applicant organisation the following should be provided: Original certification from the Registry of Associations, Foundations and Cooperatives where it is registered proving the entity's registration is in force. As accreditation for the physical applicant's authority In the case of the legal representative, original certification from the Register proving they are a valid legal representative. If the applicant is a voluntary representative, - It will accredit power to perform administration acts or hold contracts in the name of the entity, providing original certificates from the Register proving that this authority is in force. In the case of Associations, Foundations and Cooperatives registered in the corresponding Basque Government registers, it will not be necessary to provide certification accrediting the organisation or the physical applicant's authority as long as they authorise Izenpe to consult each Register. NOTE. - All certificates, once despatched, are valid for 15 natural days. - Izenpe, in compliance with the LFE, will keep all the documentation provided. In the event that the applicant wishes to keep the original documentation provided, they should also present a photocopy of it. 20 of 22

21 3. Public Administrations and entities belonging to the public sector NOTE. For these purposes, Izenpe understands entities belonging to the public sector to be entities includes in article 3 of the Royal Legislative Decree 3/2001, from 14th November approving the Reworked Text of the Public Sector Contract Law. Understanding as such: - Public-law entities set up by Law or tied to one or several public administrations or dependent on them. - Independent organisations. - Public universities. - Commercial companies with majority public shareholders (direct or indirect). - Consortiums, foundations and associations with majority public shareholders. - Private-law public organisations. As accreditation for the applicant organisation the following should be provided: Public Administrations, will provide the standard reference proving their validity. Entities belonging to the public sector - Entities that must be registered, original Register certification proving that the entity's registration is in force. - Entities created by law, reference to the company creation law along with certification sent out by the secretary/lawyer proving the entity is valid. As accreditation for the physical applicant's authority - In the case of legal representative, Public Administrations and entities belonging to the public sector, certificate proving validity in the role. - If the applicant is not a legal representative, Public Administrations, certificate proving the applicant's competence to perform administration tasks or hold contracts in the name of the organisation. Entities belonging to the public sector, - Entities whose registration is compulsory and whose authorities include performing administration tasks or holding contracts, original certification from the Register proving this authority is currently valid. - Entities created by law, despatched certificate proving the applicant's competence to perform administration tasks or hold contracts. NOTE. - All certificates, once despatched, are valid for 15 natural days. - Izenpe, in compliance with the LFE, will keep all the documentation provided. In the event that the applicant wishes to keep the original documentation provided, they should also present a photocopy of it. 21 of 22