Neutralus Certification Practices Statement

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Neutralus Certification Practices Statement"

Transcription

1 Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX INTRODUCTION Overview Policy Identification Community & Applicability Contact Details References Definitions GENERAL PROVISIONS Obligations CA Obligations RA Obligations Subscriber Obligations Relying Party Obligations Liabilities Financial Responsibility Interpretation and Enforcement Fees Certificate Issuance or Renewal Fees Certificate Access Fees Revocation Information Access Fee Publication and Repository Publication of CA Information Frequency of Publication Access Controls Compliance Audit Security Audit Financial Audit IDENTIFICATION AND AUTHENTICATION Initial Registration Identity Tasks...8 Address Confirmation Certificate Renewal Revocation Request Refusal to Issue a Certificate OPERATIONAL REQUIREMENTS Certificate Application Certificate Issuance...10

2 4.3 Certificate Acceptance Certificate Revocation Circumstances for Revocation Who Can Request Revocation Procedure for Revocation Request Revocation Request Grace Period CRL Issuance Frequency On-line Revocation Checking Requirements Records Archival Types of Records Archived Retention Period for Archive Protection of Archive Archive Backup Procedures Key Change-over Compromise and Disaster Recovery Disaster Recovery Plan CA Termination PHYSICAL, PROCEDURAL, AND PERSONNEL SECURITY CONTROLS Physical Controls Procedural Controls Personnel Controls TECHNICAL SECURITY CONTROLS Key Pair Generation and Installation Private Key Protection Other Aspects of Key Pair Management Computer Security Controls Network Security Controls CERTIFICATE AND CRL PROFILES Certificate Profiles CRL Profile SPECIFICATION ADMINISTRATION Specification Change Procedures Specification Status...13

3 1.0 INTRODUCTION This document outlines the basis on which Neutralus, a division of ABILTY Network, Inc (ABILITY), issues standard certificates to users of the Neutralus Certification Authority (CA). 1.1 OVERVIEW Public Key Certificates (certificates) are issued under application-specific or customer-specific policies. A policy is a set of rules that indicates the applicability of a certificate to a particular community with common security and auditing requirements. The policy may be used to help decide whether the certificate is sufficiently trustworthy for a particular application. A user can evaluate the identity verification performed on the owner of a certificate to reassure himself or herself that the owner is the person named in the certificate. The Neutralus Certificate Authority is a root CA. It creates certificates from certificate requests approved by designated Neutralus Registration Authorities (RAs). A Neutralus RA signs all user requests for certificates and is a subordinate to the Root CA. Both the CA & RA use public key encryption in managing certificates. Public key encryption is a method for encrypting information in such a way that the Public Key used to encrypt the information is different from the Private Key used to decrypt the information. The matching Public and Private Keys are referred to as a key pair and both keys are required. 1.2 POLICY IDENTIFICATION This Certificate Practice Statement (CPS) is administered by Neutralus and is maintained at the Neutralus Certificate Management web site ( 1.3 COMMUNITY & APPLICABILITY This CPS assists subscribers of Neutralus and relying parties using Neutralus certificates as part of a process of secure communications. This CPS does not apply to certificates issued by any CA other than Neutralus. Typically, certificate subscribers and users need to assure themselves that the identity of their communication partners has been adequately verified. Refer to Section 3 for details on the verification process used for certificates issued under this CPS. 1.4 CONTACT DETAILS This CPS is administered by: ABILTY Network, Inc. Neutralus Division th Street North, Suite 900A Minneapolis, MN REFERENCES [ABA]: Digital Signature Guidelines, Information Security Committee, Electronic and Information Technology Division, Section of Science and Technology, American Bar Association, August 1, [PKIX4]: S. Chokhani, W. Ford, Internet X.509 Public Infrastructure Certificate Policy and Certificate Practices Framework.

4 1.6 DEFINITIONS In this CPS, definitions from ABA documentation on digital signatures are used or have been tailored to Neutralus usage. Authentication Private Key: a Private Key used by the Subscriber to digitally sign a message. CA: a Certification Authority. Certificate: a data structure that (1) identifies the Certification Authority issuing it; (2) names or otherwise identifies its Subscriber; (3) contains a Public Key that corresponds to a Private Key under the control of the Subscriber; (4) identifies its period of validity; and (5) contains a certificate serial number and is digitally signed by the CA issuing it. Certification Authority (CA): a Certification Authority is the entity that Authorizes and issues a certificate. The CA performs the following functions: (1) identifies and authenticates the intended Subscriber to be named in the certificate; (2) verifies that the Subscriber possesses the Private Key that corresponds to the Public Key that will be listed in the certificate and (3) creates and digitally signs the certificate. For this CPS, Neutralus is the body responsible for generating and certifying the Public Key certificates. Certificate Users: third parties that receive or rely on cryptographic keys to authenticate themselves, or another Certificate User, and/or to protect confidential information. Certification Request: an electronic document containing the details of the certificates that are to be created by the CA, completed and digitally signed by the Registration Agent (RA), and sent by the RA to the CA. Certificate Revocation List (CRL): a time-stamped list of revoked certificates that have been digitally signed by the Certification Authority. Certificate Practice Statement (CPS): a certificate practice statement is a statement of practices that a Certification Authority employs in issuing and revoking certificates, and that provides access to same. Confidentiality Private Key: a Private Key used by the Subscriber in the process of ciphering the contents of a message. Confirm: to ascertain through appropriate inquiry and investigation. CPS: Certificate Practice Statement. CRL: Certificate Revocation List. Emergency Key Recovery: a method for retrieving private confidentiality keys from the archive in an emergency. Key Pair: in an asymmetric cryptosystem, a Private Key and its mathematically related Public Key, having the property that the Public Key can verify a digital signature that the Private Key creates. The Public Key is distributed within a certificate issued by the CA. PIN: the Personal Identification Number self-selected and used by the Subscriber to import the Private Key into its own software package.

5 Policy: a definition of those terms and procedures, issued by the RA and the CA relating to a Private Key, Public Key, password and Public Key certificate issued to a user. The parties may vary the policy by mutual agreement from time to time. Private Key: part of a Subscriber s Key Pair that is held by the Subscriber, protected by a password, and not made available to anyone else. Public Key: part of a Subscriber s Key Pair, which is contained in the Subscriber s Public Key certificate, and is distributed to other users. Public Key Certificate: an electronic document generated by the CA, which is signed with the CA s Private Key, and which contains a Subscriber s Public Key and details of its ownership. RA: Registration Authority. Registration Authority: the component of Neutralus Directory CA that provides the user interface and business logic for issuing and administering user certificates. RAs are subordinate to the root and subordinate CAs, and there can be any number of RAs in a Neutralus Directory CA solution. Relying Party: a person who has received a certificate and a digital signature verifiable with reference to a Public Key listed in the certificate, and who is in a position to rely on them. Repository: a trustworthy system for storing and retrieving certificates or other information relevant to certificates. Revoke a Certificate: to permanently end the operational period of a certificate from a specified time. Root CA: the top most Certification Authority in a trust hierarchy. Root CA certificates are self-signed and can only be checked for authenticity against authorized published external sources. Subscriber: a person who (1) is the person named or identified in a certificate issued to such person and (2) holds a Private Key that corresponds to a Public Key listed in that certificate. A Subscriber is the person being issued Private Keys and/or certificates under the terms of this CPS. Subscriber Organization: is the organization that the Subscriber works for. Trustworthy System: computer hardware, software, and procedures that (1) are reasonably secure from intrusion and misuse; (2) provide a reasonably reliable level of availability, reliability, and correct operation; (3) are reasonably suited in performing their intended functions; and (4) adhere to generally accepted security principles. Valid Certificate: a certificate that (1) a Certification Authority has issued; (2) has been accepted by the listed Subscriber; (3) has not expired; and (4) has not been revoked. A certificate is not valid until it is issued by a Certification Authority and has been accepted by the Subscriber. 2.0 GENERAL PROVISIONS 2.1 OBLIGATIONS Neutralus is responsible for all aspects of the issuance and management of a Neutralus certificate, including control over the actual certificate manufacturing process, publication of the certificate, revocation of the certificate (if reasonably necessary), and for ensuring that all aspects of the services, operations, and infrastructure related to Neutralus certificates are performed in accordance with the policies and procedures outlined in this document.

6 2.1.1 CA Obligations By issuing a certificate to a Subscriber, Neutralus certifies to the Subscriber, and to all qualified relying parties who depend on the information contained in the certificate during its period of validity and in accordance with this CPS, that: Neutralus shall issue and revoke certificates in accordance with this CPS when required. Neutralus shall only create certificates for individuals and servers if their certificate application has been submitted by a Neutralus-certified RA. There shall be no known misrepresentations of fact in the certificate known to Neutralus and Neutralus shall take reasonable steps to confirm the accuracy of the information in the certificate. Neutralus shall accurately transcribe information provided by the Subscriber in the certificate application to the certificate. The Subscriber s Public and Private Key constitute a functional Key Pair. The Subscriber holds the Private Key that corresponds to the Public Key listed in his/her certificate. Neutralus shall promptly publish the Subscriber s certificate in Neutralus repository. Neutralus has a trustworthy system to generate, issue, and publish the certificate RA Obligations The RA shall be responsible for performing the following functions: Processing certificate requests and issuing certificates to Subscribers. Requesting certificates to the CA for a Subscriber that has been verified in accordance with Section 3 of this CPS. Ensuring that the Private Keys and PINs (if used) are not obtained by third parties prior to being accepted by the Subscriber. Complying with this CPS, and ensuring that the subscribers to whom the RA issues certificates also comply with this CPS. Issuing a new certificate to a Subscriber who suspects their keys may have become compromised, after checking the Subscriber s identity, and requesting of the CA a revocation of the Subscriber certificate in question. Issuing a copy of the CPS and CP to each Subscriber if requested Subscriber Obligations The Subscriber shall: Provide accurate information to the RA during the certificate application process. Immediately notify the RA of any changes in the information supplied in the application request. Acknowledge, by accepting the certificate, that all information provided during the certificate application process and included on the certificate is true. Use the certificate for purposes authorized by, and consistent with, the CP. Ensure that the Key Pair is not used in any transaction that is a violation of applicable law. Immediately request that their certificate be revoked under any instance in which a Key Pair is compromised, lost, or suspected to be lost.

7 Indemnify Neutralus for any loss to any person arising from failure to protect his/her Private Key and from the use of his/her Private Key by another person Relying Party Obligations A Relying Party has the right to rely on any certificate for digital signatures during the period of validity of the certificate if: The purpose for which the certificate was used was appropriate under the terms specified in the certificate under this CPS and CP. 2.2 LIABILITIES The Neutralus liability and warranty statements are contained in the CP. 2.3 FINANCIAL RESPONSIBILITY The Neutralus liability statement is contained in the CP. 2.4 INTERPRETATION AND ENFORCEMENT This CPS was prepared in accordance with the CP. 2.5 FEES Neutralus offers two classes of certificates: Personal Certificates and Server Certificates. All certificate classes are based upon the X.509v3 model recommended by the International Telecommunications Union (ITU). Personal Certificates will be used to authenticate certain information relating to the individual applicant. Server Certificates are used to authenticate servers to each other and/or to Internet certificate holders. Examples of their usage are authentication, access to a server or other facilities, and user authentication. The following paragraphs identify the current fees charged by Neutralus. Fees are subject to change over time at Neutralus sole discretion Certificate Issuance or Renewal Fees Current fees are contained in individual contracts between Neutralus and the Subscriber organization Certificate Access Fees No access fees are charged at this time Revocation Information Access Fee No access fees are charged at this time. 2.6 PUBLICATION AND REPOSITORY Publication of the Neutralus repository will occur only when required to satisfy trading partner requirements. Modifications or additions to the Neutralus CA information will be published as repository changes. Any changes to the Neutralus certificates issued are immediately reflected in the repository.

8 2.6.1 Publication of CA Information Neutralus shall publish the following information in its repository: All certificates that are issued. Certificate revocation information for all certificates that are issued. This CPS. Other relevant information relating to Neutralus certificates Frequency of Publication All information to be published in the Neutralus repository shall be published promptly after such information is available. Certificates will be published promptly upon acceptance of requests by the applicant. Information relating to the revocation of a certificate can be found in Section Access Controls The repository will be available to Subscribers, Relying Parties, and CAs who are cross-certified with Neutralus upon request. Read-only access shall be granted to this CPS and the Public Key of our CA. 2.7 COMPLIANCE AUDIT Security Audit Upon subscriber request, and at subscriber expense, Neutralus will submit to a security compliance audit by an independent, nationally recognized security audit organization that is qualified to perform a security audit on a CA and that has demonstrated significant experience on both general computer security and Public Key cryptographic technology. The purpose of this audit would be to demonstrate compliance with this CPS and to demonstrate the quality of the Neutralus system and services Financial Audit Initially and once-a-year thereafter, Neutralus will submit to a financial audit in accordance with Generally Accepted Accounting Practices (GAAP) by an independent accounting firm that is qualified to perform a financial audit. 3.0 IDENTIFICATION AND AUTHENTICATION 3.1 INITIAL REGISTRATION To obtain a Server Certificate or Personal Certificate, a Neutralus-authorized RA requires a completed sales order.

9 3.1.1 Tasks Prior to the issuance of a Server Certificate or Personal Certificate to a new customer, the RA performs specific tasks. The type of certificate requested determines the tasks performed. The following table summarizes the process for each certificate type: Verification Process Personal Certificate Server Certificate 1 Address Confirmation Yes Yes 2 Domain Name Confirmation No Yes Address Confirmation Personal Certificates are delivered via in an encrypted state to the address identified by the customer during the sales process. Server Certificates are issued after exchange with the customer using the address identified by the customer during the sales process. Domain Name Confirmation Server Certificates include the domain name of the subject organization and are installed by ABILITY staff on server identified by that domain name. 3.2 CERTIFICATE RENEWAL All certificates issued under this policy expire after the time period specified in the certificate, and this time will vary on a contractual basis. When the certificate expires, Neutralus will cease to certify its validity. 3.3 REVOCATION REQUEST Certificates may be revoked as discussed in Section 4.4.

10 3.4 REFUSAL TO ISSUE A CERTIFICATE Neutralus may refuse to issue a certificate for an application request or renewal request at the sole discretion of Neutralus without incurring any liability for loss or damages arising from the refusal. 4.0 OPERATIONAL REQUIREMENTS 4.1 CERTIFICATE APPLICATION An applicant must complete the Certificate Application to initiate the certificate application process. 4.2 CERTIFICATE ISSUANCE To issue a certificate, Neutralus generates a certificate request and logs it, generates the certificate, and places it in the Neutralus repository. Personal Certificates are delivered in an encrypted state via to the subscriber. The passphrase required to decrypt and install the Personal Certificate is supplied via mailed hard copy or via fax. Server Certificates are delivered via an encrypted connection to the subscriber s server by ABILITY authorized staff. 4.3 CERTIFICATE ACCEPTANCE The certificate is accepted upon installation. Once accepted by the applicant, the certificate is usable. 4.4 CERTIFICATE REVOCATION Only the Subscriber or the CA may revoke a certificate in accordance with approved procedures Circumstances for Revocation The Subscriber may initiate the certificate revocation process by notifying Neutralus of the need to revoke a certificate at any time after acceptance of the certificate. The CA may revoke a certificate for the following reasons. The Subscriber has: Informed the CA that his/her Private Key has been compromised. Requested revocation of the certificate Who Can Request Revocation The Subscriber or issuing RA initiates the certificate revocation process. Neutralus may revoke a certificate if it reasonably believes that the secrecy of the Private Key has been compromised or that the certificate was erroneously issued Procedure for Revocation Request The Subscriber or the issuing RA must provide his/her name, address and certificate Serial number to a Neutralus representative Revocation Request Grace Period There will be no grace period. Certificate revocation is immediate and irreversible.

11 4.4.5 CRL Issuance Frequency The CRL will be updated in the Neutralus repository when new revocations are performed. The repository will indicate the date and time of the most recent update On-line Revocation Checking Requirements The CRL list is available on the Neutralus Certificate Management Site, accessible through any web browser. 4.5 RECORDS ARCHIVAL Types of Records Archived The following data and files are archived: All computer security audit data All certificate application data All certificates, CRLs, and certificate status records generated Key histories All CPS documents Retention Period for Archive Archives of key and certificate information will be retained for seven years Protection of Archive The archived information will be encrypted and copied to storage media. It will also be physically protected from environmental threats and physical theft or destruction Archive Backup Procedures Backup procedures are in place so that a complete set of the backup archives will be readily available in the event of the loss or destruction of the primary archives. 4.6 KEY CHANGE-OVER The CA s signing key pair shall have an operational lifetime of no more than twenty years. At the end of nineteen years, a new key pair shall be generated. The private signing key of the new key pair shall be used to generate all new certificates and any necessary CRLs. The old private signing key shall be used only to generate CRLs. 4.7 COMPROMISE AND DISASTER RECOVERY Disaster Recovery Plan Neutralus maintains a backup of all critical files and can restore CA systems in the event of damage or destruction.

12 4.8 CA TERMINATION In the event that the CA terminates operations, all Subscribers and Relying Parties will be promptly notified. In addition, any CAs who are cross certified will be notified. All certificates issued by the RA and CA will be revoked. 5.0 PHYSICAL, PROCEDURAL, AND PERSONNEL SECURITY CONTROLS Neutralus has implemented commercially sound security controls to restrict access to the hardware and software used in providing CA services. 5.1 PHYSICAL CONTROLS Neutralus resides in a building that is physically secured. Access to Neutralus facilities, RA areas, and Computer Rooms housing the CA servers requires a unique key, which is given only to authorized personnel. Access is restricted based on job function. 5.2 PROCEDURAL CONTROLS Neutralus has implemented commercially acceptable security controls to restrict access to the facility, sections of the facility, hardware and software, databases and files, and any external cryptographic hardware modules or tokens used in provide services. 5.3 PERSONNEL CONTROLS Access to the Neutralus CA is tightly controlled. All ABILITY staff that have access to the Neutralus CA are required to meet high standards of integrity. Employees who have direct access to the CA are required to pass a criminal background check provided by a third-party organization. Employees who have access to Subscriber-provided data, certificates, servers and operating systems are restricted based upon job function. The principle of least privilege is exercised throughout. Employee access is granted to the facility, computer systems, and databases in a controlled manner based on job function. Furthermore, employees are subject to investigations, close supervision, and periodic security awareness training. 6.0 TECHNICAL SECURITY CONTROLS 6.1 KEY PAIR GENERATION AND INSTALLATION Neutralus generates a 2048-bit Key Pair for the signing certificates used by the CA using the RSA algorithm. Personal Certificates and Server Certificates are created with 1024-bit Key Pairs. The generation of all Neutralus Public/Private Key Parts is performed directly on a workstation that has never been attached to a network. 6.2 PRIVATE KEY PROTECTION Neutralus has provided generally accepted practices for safeguarding the CA s Private Keys. The CA s signing Private Keys shall not be escrowed. Upon termination of the Private Signing Key (expiration or revocation of a certificate), all copies of the Private Key shall be securely destroyed. 6.3 OTHER ASPECTS OF KEY PAIR MANAGEMENT The following statement describes other Key Pair issues:

13 Subscriber Key Pair must be replaced in accordance with the validity periods specified in the applicable certificate profile. The CA Signing Key shall only be used for signing certificates and CRLs. 6.4 COMPUTER SECURITY CONTROLS Neutralus uses computers systems having a high level of trust, and all CA systems are not connected to a network and are kept in locked, secured facilities. All system data is backed up on a periodic schedule and stored off-site in accordance with approved operating procedures. 6.5 NETWORK SECURITY CONTROLS Neutralus signing servers are not connected to a network. Certificate Requests are moved from the Neutralus network to the Neutralus signing servers using removable media, and the resulting certificates and CRLs are also moved from the signing servers to the Neutralus network using removable media. 7.0 CERTIFICATE AND CRL PROFILES 7.1 CERTIFICATE PROFILES All certificates will be issued in the X.509 version 3 format. These certificates will include a reference to the Neutralus Certificate Management site to indicate that this CPS governs that particular certificate. The certificate profile may be amended from time to time, including the addition of new certificate profiles. 7.2 CRL PROFILE The CRLs are issued in the X.509 version 2 format, in both DER (Distinguished Encoding Rules) and PEM (Privacy Enhanced Mail) formats. 8.0 SPECIFICATION ADMINISTRATION 8.1 SPECIFICATION CHANGE PROCEDURES The details of this CPS may be varied in writing by the CA from time to time. Updates to the CPS will be published as defined in Section 8.2. After each change, the version number and date will be updated. 8.2 SPECIFICATION STATUS Changes to this CPS shall become effective 30 days after final publication on the Web. Such changes to the CPS shall be deemed accepted by, and are binding on, all Subscribers and Relying Parties following the effective date of any applicable CPS change.

Federal Reserve Certification Authority (FR-CA) Certification Practice Statement for United States Treasury Auctions

Federal Reserve Certification Authority (FR-CA) Certification Practice Statement for United States Treasury Auctions Federal Reserve Certification Authority (FR-CA) Certification Practice Statement for United States Treasury Auctions 1.0 INTRODUCTION 1.1 OVERVIEW The Federal Reserve Bank of New York ( FRBNY ) acts as

More information

Certification Practice Statement

Certification Practice Statement FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification

More information

Federal Reserve Banks Certification Authority (FR-CA) Certification Practice Statement

Federal Reserve Banks Certification Authority (FR-CA) Certification Practice Statement Certification Practice Statement 1.0 INTRODUCTION 1.1 OVERVIEW The Federal Reserve Banks ( FRBs ), utilizing Public Key Infrastructure ( PKI ) technology and operating as a Certification Authority ( FR-CA

More information

CERTIFICATION PRACTICE STATEMENT. Document version: 1.2 Date: 15 September OID for this CPS: None

CERTIFICATION PRACTICE STATEMENT. Document version: 1.2 Date: 15 September OID for this CPS: None CERTIFICATION PRACTICE STATEMENT Document version: 1.2 Date: 15 September 2007 OID for this CPS: None Information in this document is subject to change without notice. No part of this document may be copied,

More information

Apple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc.

Apple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc. Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.

More information

apple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc.

apple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc. Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.8 Effective Date: June 11, 2012 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2.

More information

Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure

Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure 1.0 INTRODUCTION 1.1 Overview The Federal Reserve Banks operate a public key infrastructure (PKI) that manages

More information

TELSTRA RSS CA Subscriber Agreement (SA)

TELSTRA RSS CA Subscriber Agreement (SA) TELSTRA RSS CA Subscriber Agreement (SA) Last Revision Date: December 16, 2009 Version: Published By: Telstra Corporation Ltd Copyright 2009 by Telstra Corporation All rights reserved. No part of this

More information

Danske Bank Group Certificate Policy

Danske Bank Group Certificate Policy Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...

More information

Ericsson Group Certificate Value Statement - 2013

Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...

More information

HKUST CA. Certification Practice Statement

HKUST CA. Certification Practice Statement HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 1.1 Date : 3 March 2000 Prepared by : Information Technology Services Center Hong Kong University of Science

More information

1.1.1 Additional requirements for Trusted Root Issuer CAs Appropriate Certificate Usage Prohibited Certificate Usage...

1.1.1 Additional requirements for Trusted Root Issuer CAs Appropriate Certificate Usage Prohibited Certificate Usage... 1.1.1 Additional requirements for Trusted Root Issuer CAs... 10 1.3.1 Certification Authorities ( Issuer CAs )... 11 1.3.2 Registration Authorities... 11 1.3.3 Subscribers... 12 1.3.4 Relying Parties...

More information

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES Table of contents 1.0 SOFTWARE 1 2.0 HARDWARE 2 3.0 TECHNICAL COMPONENTS 2 3.1 KEY MANAGEMENT

More information

Certification Practice Statement

Certification Practice Statement Certification Practice Statement Version 2.0 Effective Date: October 1, 2006 Continovation Services Inc. (CSI) Certification Practice Statement 2006 Continovation Services Inc. All rights reserved. Trademark

More information

GlobalSign Subscriber Agreement for DocumentSign Digital ID for Adobe Certified Document Services (CDS)

GlobalSign Subscriber Agreement for DocumentSign Digital ID for Adobe Certified Document Services (CDS) GlobalSign Subscriber Agreement for DocumentSign Digital ID for Adobe Certified Document Services (CDS) Version 1.1 PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE DIGITAL CERTIFICATE ISSUED TO YOU

More information

StartCom Certification Authority

StartCom Certification Authority StartCom Certification Authority Intermediate Certification Authority Policy Appendix Version: 1.5 Status: Final Updated: 05/04/11 Copyright: Start Commercial (StartCom) Ltd. Author: Eddy Nigg Introduction

More information

[COMPANY CA] Certification Practice Statement

[COMPANY CA] Certification Practice Statement Certification Practice Statement Date: [PUBLICATION DATE] Version: v. X.X Table of Contents Document History...1 Acknowledgments...2 1. Introduction...3 1.1 Overview...3 1.2

More information

Cisco SSCA Certificate Policy and Practice Statements. Corporate Security Programs Office Version 1.0 October 21, 2010

Cisco SSCA Certificate Policy and Practice Statements. Corporate Security Programs Office Version 1.0 October 21, 2010 Cisco SSCA Certificate Policy and Practice Statements Corporate Security Programs Office Version 1.0 October 21, 2010 Table of Contents Cisco SSCA Certificate Policy and Practice Statements Version Information:

More information

CERTIFICATION PRACTICE STATEMENT UPDATE

CERTIFICATION PRACTICE STATEMENT UPDATE CERTIFICATION PRACTICE STATEMENT UPDATE Reference: IZENPE-CPS UPDATE Version no: v 5.03 Date: 10th March 2015 IZENPE 2015 This document is the property of Izenpe. It may only be reproduced in its entirety.

More information

Polish Grid Certification Authority Certificate Policy and Certification Practice Statement

Polish Grid Certification Authority Certificate Policy and Certification Practice Statement Polish Grid Certification Authority Certificate Policy and Certification Practice Statement version 0.4 (DRAFT ) September 2, 2002 1 1 Introduction 1.1 Overview This document is written according to the

More information

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Table of Contents 1. Introduction... 5 1.1. Trademarks...

More information

Public Key Certification Infrastructure

Public Key Certification Infrastructure Public Key Certification Infrastructure Petr Hanácek hanacek@dcse.fee.vutbr.cz Faculty of Electrical Engineering and Computer Science Brno University of Technology Abstract Jan Staudek staudek@fi.muni.cz

More information

Vodafone Group CA Web Server Certificate Policy

Vodafone Group CA Web Server Certificate Policy Vodafone Group CA Web Server Certificate Policy Publication Date: 06/09/10 Copyright 2010 Vodafone Group Table of Contents Acknowledgments... 1 1. INTRODUCTION... 2 1.1 Overview... 3 1.2 Document Name

More information

Certification Practice Statement (ANZ PKI)

Certification Practice Statement (ANZ PKI) Certification Practice Statement March 2009 1. Overview 1.1 What is a Certification Practice Statement? A certification practice statement is a statement of the practices that a Certification Authority

More information

ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0

ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 June 30, 2004 Table of Contents Table of Contents...2 1 Introduction...3 1.1 Overview...3 1.1.1 General Definitions...4

More information

The Contract Signer (as hereinafter defined) is duly authorized by the Applicant to bind the Applicant to this Agreement is (as stated above).

The Contract Signer (as hereinafter defined) is duly authorized by the Applicant to bind the Applicant to this Agreement is (as stated above). Subscriber Agreement for Certificates PLEASE READ THIS AGREEMENT AND MICROS CERTIFICATION PRACTICES STATEMENTS ("CPS") CAREFULLY BEFORE USING THE CERTIFICATE ISSUED TO YOUR ORGANIZATION. BY USING THE CERTIFICATE,

More information

Certificate Policy. SWIFT Qualified Certificates SWIFT

Certificate Policy. SWIFT Qualified Certificates SWIFT SWIFT SWIFT Qualified Certificates Certificate Policy This Certificate Policy applies to Qualified Certificates issued by SWIFT. It indicates the requirements and procedures to be followed, and the responsibilities

More information

Cisco SSL CA EV Certificate Policy and Practice Statements. Corporate Security Programs Office Version 1.0 July 28, 2010

Cisco SSL CA EV Certificate Policy and Practice Statements. Corporate Security Programs Office Version 1.0 July 28, 2010 Cisco SSL CA EV Certificate Policy and Practice Statements Corporate Security Programs Office Version 1.0 July 28, 2010 Table of Contents Cisco SSL CA EV Certificate Policy and Practice Statements Version

More information

CMS Illinois Department of Central Management Services

CMS Illinois Department of Central Management Services CMS Illinois Department of Central Management Services State of Illinois Public Key Infrastructure Certification Practices Statement For Digital Signature And Encryption Applications Version 3.3 (IETF

More information

TeliaSonera Root CA v1 Certificate Practice Statement. Published by: TeliaSonera AB

TeliaSonera Root CA v1 Certificate Practice Statement. Published by: TeliaSonera AB 2007-10-18 1 (46) TeliaSonera Root CA v1 Certificate Practice Statement Published by: TeliaSonera AB Company Information Created Modified Approved Valid from 2007-10-12 Reg. office: Printed Coverage Business

More information

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1 PKI Tutorial Jim Kleinsteiber February 6, 2002 Page 1 Outline Public Key Cryptography Refresher Course Public / Private Key Pair Public-Key Is it really yours? Digital Certificate Certificate Authority

More information

CA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT

CA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT CA Certificate Policy SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT This page is intentionally left blank. 2 ODETTE CA Certificate Policy Version Number Issue Date Changed By 1.0 1 st April 2009 Original

More information

Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr

Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr Version 0.3 August 2002 Online : http://www.urec.cnrs.fr/igc/doc/datagrid-fr.policy.pdf Old versions Version 0.2 :

More information

HKUST CA. Certification Practice Statement

HKUST CA. Certification Practice Statement HKUST CA Certification Practice Statement IN SUPPORT OF HKUST CA CERTIFICATION SERVICES Version : 2.1 Date : 12 November 2003 Prepared by : Information Technology Services Center Hong Kong University of

More information

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11)

Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Meeting the FDA s Requirements for Electronic Records and Electronic Signatures (21 CFR Part 11) Executive Summary...3 Background...4 Internet Growth in the Pharmaceutical Industries...4 The Need for Security...4

More information

Ford Motor Company CA Certification Practice Statement

Ford Motor Company CA Certification Practice Statement Certification Practice Statement Date: February 21, 2008 Version: 1.0.1 Table of Contents Document History... 1 Acknowledgments... 1 1. Introduction... 2 1.1 Overview... 3 1.2 Ford Motor Company Certificate

More information

TACC ROOT CA CERTIFICATE POLICY

TACC ROOT CA CERTIFICATE POLICY TACC ROOT CA CERTIFICATE POLICY AND CERTIFICATE PRACTICES STATEMENT (In RFC 3647 format) January 20, 2009 OID: 1.3.6.1.4.1.17940.5.1.1.1 Version 1.2 1 INTRODUCTION... 3 1.1 Overview...3 1.2 Document Name

More information

L@Wtrust Class 3 Registration Authority Charter

L@Wtrust Class 3 Registration Authority Charter Class 3 Registration Authority Charter Version 1.0 applicable from 09 November 2010 Building A, Cambridge Park, 5 Bauhinia Street, Highveld Park, South Africa, 0046 Phone +27 (0)12 676 9240 Fax +27 (0)12

More information

Certification Practice Statement For Non-Qualified Certificates

Certification Practice Statement For Non-Qualified Certificates Malta Electronic Certification Services Ltd For Non-Qualified Certificates Government of Malta Certification Authority Date: 14/09/2012 Version: 1.3 Unclassified Malta Electronic Certification Services

More information

DigiCert Certification Practice Statement

DigiCert Certification Practice Statement DigiCert Certification Practice Statement DigiCert, Inc. Version 2.22 June 01, 2005 333 South 520 West Orem, UT 84042 USA Tel: 1-801-805-1620 Fax: 1-801-705-0481 www.digicert.com 1 General...7 1.1 DigiCert,

More information

THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc.

THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc. THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Last Revision Date: June 28, 2007 Version: 3.0 Published By: RSA Security Inc. Copyright 2002-2007 by

More information

Comodo Certification Practice Statement

Comodo Certification Practice Statement Comodo Certification Practice Statement Notice: This CPS should be read in conjunction with the following documents:- * LiteSSL addendum to the Certificate Practice Statement * Proposed Amendments to the

More information

Gandi CA Certification Practice Statement

Gandi CA Certification Practice Statement Gandi CA Certification Practice Statement Gandi SAS 15 Place de la Nation Paris 75011 France Version 1.0 TABLE OF CONTENTS 1.INTRODUCTION...10 1.1.Overview...10 1.2.Document Name and Identification...10

More information

Vodafone Group CA Automated Code- Signing Certificate Policy

Vodafone Group CA Automated Code- Signing Certificate Policy Vodafone Group CA Automated Code- Signing Certificate Policy Publication Date: 05/05/09 Copyright 2009 Vodafone Group Table of Contents Acknowledgments...1 1. INTRODUCTION...2 1.1 Overview...3 1.2 Document

More information

Land Registry. Version 4.0 10/09/2009. Certificate Policy

Land Registry. Version 4.0 10/09/2009. Certificate Policy Land Registry Version 4.0 10/09/2009 Certificate Policy Contents 1 Background 5 2 Scope 6 3 References 6 4 Definitions 7 5 General approach policy and contract responsibilities 9 5.1 Background 9 5.2

More information

GlobalSign Subscriber Agreement for DomainSSL Certificates

GlobalSign Subscriber Agreement for DomainSSL Certificates GlobalSign Subscriber Agreement for DomainSSL Certificates Version 1.3 PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE DIGITAL CERTIFICATE ISSUED TO YOU OR YOUR ORGANISATION. BY USING THE DIGITAL

More information

California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority. Version 3.

California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority. Version 3. California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority Version 3.4 April 2015 Table of Contents 1.0 INTRODUCTION... 8 1.1 OVERVIEW... 8 1.2

More information

3.Practices and procedures. v 1.1 05.12.2014

3.Practices and procedures. v 1.1 05.12.2014 v 1.1 05.12.2014 3.Practices and procedures DOMENY.PL Ltd / DOMENY.PL sp. z o.o. Marcika 27 30-443 Krakow, Poland tel.: (+48) 12 296 36 63 fax: (+48) 12 395 33 65 hotline / infolinia: (+48) 501 DOMENY

More information

Certification Practice Statement

Certification Practice Statement Certification Practice Statement Revision R1 2013-01-09 1 Copyright Printed: January 9, 2013 This work is the intellectual property of Salzburger Banken Software. Reproduction and distribution require

More information

NCDC GOVERNMENT-CA PKI DISCLOSURE STATEMENT

NCDC GOVERNMENT-CA PKI DISCLOSURE STATEMENT NCDC GOVERNMENT-CA PKI DISCLOSURE STATEMENT Document Classification: Public Version Number: 1.5 Issue Date: June 11, 2015 Copyright 2015 National Center for Digital Certification, Kingdom of Saudi Arabia.

More information

SECOM Trust.net Root1 CA

SECOM Trust.net Root1 CA CERTIFICATE POLICY/ CERTIFICATION PRACTICE STATEMENT May 22, 2006 Version 2.00 SECOM Trust Systems Co.,Ltd. Revision History Version Date Description V1.00 2003.08.01 Initial Draft (Translated from Japanese

More information

epki Root Certification Authority Certification Practice Statement Version 1.2

epki Root Certification Authority Certification Practice Statement Version 1.2 epki Root Certification Authority Certification Practice Statement Version 1.2 Chunghwa Telecom Co., Ltd. August 21, 2015 Contents 1. INTRODUCTION... 1 1.1 OVERVIEW... 1 1.1.1 Certification Practice Statement...

More information

Dexia Root CA Certification Practice Statement. Version 1.0

Dexia Root CA Certification Practice Statement. Version 1.0 Dexia Root CA Certification Practice Statement Version 1.0 Version History Version Description Date Author 0.1 Initial Draft 17 September 2001 Jan Raes 0.2 Minor adaptation after review PA 16 October 2001

More information

TrustAssured Service Policy (PKI) Disclosure Statement Version 1.1

TrustAssured Service Policy (PKI) Disclosure Statement Version 1.1 TrustAssured Service Policy (PKI) Disclosure Statement Version 1.1 1. Contact Information Enquiries or other communications about this statement should be addressed to: The Royal Bank of Scotland TrustAssured

More information

TR-GRID CERTIFICATION AUTHORITY

TR-GRID CERTIFICATION AUTHORITY TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.1 January, 2009 Table of Contents: TABLE OF CONTENTS:...2 1. INTRODUCTION...7 1.1 OVERVIEW...7 1.2 DOCUMENT

More information

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016 National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy Version 1.1 February 2, 2016 Copyright 2016, Georgia Tech Research Institute Table of Contents TABLE OF CONTENTS I 1 INTRODUCTION

More information

REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS

REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS To the Management of Internet Security Research Group: We have examined the assertion by the management of the Internet Security Research Group ( ISRG

More information

X.509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA)

X.509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA) .509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA) June 11, 2007 FINAL Version 1.6.1 FOR OFFICIAL USE ONLY SIGNATURE PAGE U.S. Government

More information

SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates

SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates Version March 2004 Version 2004-03 SwissSign Gold CP/CPS Page 1 of 66 Table of Contents 1. INTRODUCTION...9 1.1 Overview...

More information

TR-GRID CERTIFICATION AUTHORITY

TR-GRID CERTIFICATION AUTHORITY TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.3 May 15, 2014 Table of Contents TABLE OF CONTENTS:... 2 1. INTRODUCTION... 7 1.1 OVERVIEW... 7 1.2 DOCUMENT

More information

Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States

Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States www.globessl.com TABLE OF CONTENTS 1. INTRODUCTION...

More information

ENTRUST CERTIFICATE SERVICES

ENTRUST CERTIFICATE SERVICES ENTRUST CERTIFICATE SERVICES Certification Practice Statement Version: 2.13 February 12, 2016 2016 Entrust Limited. All rights reserved. Revision History Issue Date Changes in this Revision 1.0 May 26,

More information

TeliaSonera Public Root CA. Certification Practice Statement. Revision Date: 2006-11-17. Version: Rev A. Published by: TeliaSonera Sverige AB

TeliaSonera Public Root CA. Certification Practice Statement. Revision Date: 2006-11-17. Version: Rev A. Published by: TeliaSonera Sverige AB Document no 1/011 01-AZDA 102 213 TeliaSonera Sverige AB Certification Practice Statement Rev A TeliaSonera Public Root CA Certification Practice Statement Revision Date: 2006-11-17 Version: Rev A Published

More information

EuropeanSSL Secure Certification Practice Statement

EuropeanSSL Secure Certification Practice Statement EuropeanSSL Secure Certification Practice Statement Eunetic GmbH Version 1.0 14 July 2008 Wagnerstrasse 25 76448 Durmersheim Tel: +49 (0) 180 / 386 384 2 Fax: +49 (0) 180 / 329 329 329 www.eunetic.eu TABLE

More information

Certification Practice Statement

Certification Practice Statement INFORMATION SECURITY POLICY ISSUE SPECIFIC POLICY VERSION: 13-03-2007 EFFECTIVE DATE: 01-03-2007 Certification Practice Statement Law Trusted Third Party Services (Pty) Ltd registration number 2001/004386/07

More information

RapidSSL(tm) Subscriber Agreement

RapidSSL(tm) Subscriber Agreement RapidSSL(tm) Subscriber Agreement Please read the following agreement carefully. By submitting an enrollment form to obtain a RapidSSL Digital Certificate (the Certificate ) and accepting and using such

More information

LET S ENCRYPT SUBSCRIBER AGREEMENT

LET S ENCRYPT SUBSCRIBER AGREEMENT Page 1 of 7 LET S ENCRYPT SUBSCRIBER AGREEMENT This Subscriber Agreement ( Agreement ) is a legally binding contract between you and, if applicable, the company, organization or other entity on behalf

More information

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software WHITE PAPER: COMPARING TCO: SYMANTEC MANAGED PKI SERVICE........ VS..... ON-PREMISE........... SOFTWARE................. Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

More information

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria

Gatekeeper PKI Framework. February 2009. Registration Authority Operations Manual Review Criteria Gatekeeper PKI Framework ISBN 1 921182 24 5 Department of Finance and Deregulation Australian Government Information Management Office Commonwealth of Australia 2009 This work is copyright. Apart from

More information

- X.509 PKI EMAIL SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1

- X.509 PKI EMAIL SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1 - X.509 PKI EMAIL SECURITY GATEWAY Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1 Commerzbank AG - Page 1 Document control: Title: Description : RFC Schema: Authors: Commerzbank

More information

GlobalSign Subscriber Agreement for PersonalSign and DocumentSign for Adobe CDS Certificates Combined Agreement for epki (US)

GlobalSign Subscriber Agreement for PersonalSign and DocumentSign for Adobe CDS Certificates Combined Agreement for epki (US) GlobalSign Subscriber Agreement for PersonalSign and DocumentSign for Adobe CDS Certificates Combined Agreement for epki (US) Version 1.1 PLEASE READ THIS AGREEMENT CAREFULLY BEFORE USING THE DIGITAL CERTIFICATE

More information

Transnet Registration Authority Charter

Transnet Registration Authority Charter Registration Authority Charter Version 3.0 is applicable from Effective Date Inyanda House 21 Wellington Road Parktown, 2193 Phone +27 (0)11 544 9368 Fax +27 (0)11 544 9599 Website: http://www.transnet.co.za/

More information

FREESSL SUBSCRIBER AGREEMENT

FREESSL SUBSCRIBER AGREEMENT FREESSL SUBSCRIBER AGREEMENT PLEASE READ THE FOLLOWING AGREEMENT CAREFULLY. BY SUBMITTING AN ENROLLMENT FORM TO OBTAIN A FREESSL DIGITAL CERTIFICATE (THE CERTIFICATE ) AND ACCEPTING AND USING SUCH CERTIFICATE,

More information

Lecture VII : Public Key Infrastructure (PKI)

Lecture VII : Public Key Infrastructure (PKI) Lecture VII : Public Key Infrastructure (PKI) Internet Security: Principles & Practices John K. Zao, PhD (Harvard) SMIEEE Computer Science Department, National Chiao Tung University 2 Problems with Public

More information

InCommon Certification Practices Statement. Server Certificates

InCommon Certification Practices Statement. Server Certificates InCommon Certification Practices Statement for Server Certificates 16 August 2010 Version 1.0 Latest version: https://www.incommon.org/cert/repository/cps_ssl.pdf This version: https://www.incommon.org/cert/repository/cps_ssl_20100816.pdf

More information

SECTION.0100 - GENERAL ADMINISTRATION

SECTION.0100 - GENERAL ADMINISTRATION 1 1 1 1 1 1 0 1 0 1 SECTION.00 - GENERAL ADMINISTRATION.01 HOW TO CONTACT THE ELECTRONIC COMMERCE SECTION The North Carolina Department of the Secretary of State administers the Electronic Commerce Act.

More information

Eskom Registration Authority Charter

Eskom Registration Authority Charter REGISTRATION WWW..CO.ZA Eskom Registration Authority Charter Version 2.0 applicable from 20 November 2009 Megawatt Park Maxwell Drive Sunninghill, SOUTH AFRICA, 2157 Phone +27 (0)11 800 8111 Fax +27 (0)11

More information

GEOSURE PROTECTION PLAN

GEOSURE PROTECTION PLAN GEOSURE PROTECTION PLAN I. SCOPE/INTRODUCTION The GeoSure Protection Plan is designed to provide protection against economic loss resulting from specific types of risks associated with certain SSL Certificates

More information

TAIWAN-CA INC. Public Key Infrastructure Certificate Policy (Version 2.0)

TAIWAN-CA INC. Public Key Infrastructure Certificate Policy (Version 2.0) TAIWAN-CA INC. Public Key Infrastructure Certificate Policy (Version 2.0) Effective Date: 23 November 2012 1 Revision Record Rev Effective Date Issuer Note 1.0 1 Apr 2001 TaiCA PMA CP first issue 1.1 1

More information

PUBLIC KEY INFRASTRUCTURE

PUBLIC KEY INFRASTRUCTURE PUBLIC KEY INFRASTRUCTURE http://www.tutorialspoint.com/cryptography/public_key_infrastructure.htm Copyright tutorialspoint.com The most distinct feature of Public Key Infrastructure PKC is that it uses

More information

Equens Certificate Policy

Equens Certificate Policy Equens Certificate Policy WebServices and Connectivity Final H.C. van der Wijck 11 March 2015 Classification: Open Version 3.0 Version history Version no. Version date Status Edited by Most important edit(s)

More information

GENERAL PROVISIONS...6

GENERAL PROVISIONS...6 Preface This Key Recovery Policy (KRP) is provided as a requirements document to the External Certification Authorities (ECA). An ECA must implement key recovery policies, procedures, and mechanisms that

More information

phicert Direct Certificate Policy and Certification Practices Statement

phicert Direct Certificate Policy and Certification Practices Statement phicert Direct Certificate Policy and Certification Practices Statement Version 1. 1 Effective Date: March 31, 2014 Copyright 2013-2014 EMR Direct. All rights reserved. [Trademark Notices] phicert is a

More information

Registration Practices Statement. Grid Registration Authority Approved December, 2011 Version 1.00

Registration Practices Statement. Grid Registration Authority Approved December, 2011 Version 1.00 Registration Practices Statement Grid Registration Authority Approved December, 2011 Version 1.00 i TABLE OF CONTENTS 1. Introduction... 1 1.1. Overview... 1 1.2. Document name and Identification... 1

More information

INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456. Aristotle University of Thessaloniki PKI (www.pki.auth.gr) WHOM IT MAY CONCERN

INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456. Aristotle University of Thessaloniki PKI (www.pki.auth.gr) WHOM IT MAY CONCERN Title INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS 101 456 Customer Aristotle University of Thessaloniki PKI (www.pki.auth.gr) To WHOM IT MAY CONCERN Date 18 March 2011 Independent Audit

More information

SSL.com Certification Practice Statement

SSL.com Certification Practice Statement SSL.com Certification Practice Statement SSL.com Version 1.0 February 15, 2012 2260 W Holcombe Blvd Ste 700 Houston, Texas, 77019 US Tel: +1 SSL-CERTIFICATE (+1-775-237-8434) Fax: +1 832-201-7706 www.ssl.com

More information

Certipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012

Certipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012 Certipost Trust Services Version 1.2 Effective date 03 May 2012 Certipost NV ALL RIGHTS RESERVED. 2 13 Definitions : Activation Data Certificate Certificate Holder Certificate Public Registry Certificate

More information

The name of the Contract Signer (as hereinafter defined) duly authorized by the Applicant to bind the Applicant to this Agreement is.

The name of the Contract Signer (as hereinafter defined) duly authorized by the Applicant to bind the Applicant to this Agreement is. Trustwave Subscriber Agreement for Digital Certificates Ver. 11JUL14 PLEASE READ THIS AGREEMENT AND THE TRUSTWAVE CERTIFICATION PRACTICES STATEMENTS ( CPS ) CAREFULLY BEFORE USING THE CERTIFICATE ISSUED

More information

ING Public Key Infrastructure Certificate Practice Statement. Version 5.3 - June 2015

ING Public Key Infrastructure Certificate Practice Statement. Version 5.3 - June 2015 ING Public Key Infrastructure Certificate Practice Statement Version 5.3 - June 2015 Colophon Commissioned by Additional copies ING Corporate PKI Policy Approval Authority Additional copies of this document

More information

KIBS Certification Practice Statement for non-qualified Certificates

KIBS Certification Practice Statement for non-qualified Certificates KIBS Certification Practice Statement for non-qualified Certificates Version 1.0 Effective Date: September, 2012 KIBS AD Skopje Kuzman Josifovski Pitu 1 1000, Skopje, Republic of Macedonia Phone number:

More information

SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY

SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY Document Classification: Public Version Number: 2.5 Issue Date: June 25, 2015 National Center for Digital Certification Policies and Regulations Department Digitally

More information

Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement

Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement Version 2.2 Document OID: 1.3.6.1.4.1.36355.2.1.2.2 February 2012 Contents

More information

Trustis FPS PKI Glossary of Terms

Trustis FPS PKI Glossary of Terms Trustis FPS PKI Glossary of Terms The following terminology shall have the definitions as given below: Activation Data Asymmetric Cryptosystem Authentication Certificate Certificate Authority (CA) Certificate

More information

InCommon Certification Practices Statement. Client Certificates

InCommon Certification Practices Statement. Client Certificates InCommon Certification Practices Statement for Client Certificates 14 February 2011 Version 1.0 Latest version: 14 February 2011 This version: 14 February 2011 Table of Contents 1 INTRODUCTION... 4 1.1

More information

Metropolitan Police Service Enterprise PKI. Root Certificate Authority, Certificate Policy. Version 6.1 10 th February 2012 NOT PROTECTIVELY MARKED

Metropolitan Police Service Enterprise PKI. Root Certificate Authority, Certificate Policy. Version 6.1 10 th February 2012 NOT PROTECTIVELY MARKED Metropolitan Police Service Enterprise PKI Root Certificate Authority, Certificate Policy Version 6.1 10 th February 2012 Version Control Issue Release Date Comments A 02/11/07 First draft release of CP

More information

"Certification Authority" means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates.

Certification Authority means an entity which issues Certificates and performs all of the functions associated with issuing such Certificates. QUICKSSL PREMIUM(tm) SUBSCRIBER AGREEMENT Please read the following agreement carefully. By submitting an application to obtain a QuickSSL Premium(tm) Certificate and accepting and using such certificate,

More information

New York State Electronic Signatures and Records Act

New York State Electronic Signatures and Records Act PIANY Doc. No. 31174 New York State Electronic Signatures and Records Act The information contained within this Resource kit was made available by the New York State Department of State Division of Administrative

More information

Post.Trust Certificate Authority

Post.Trust Certificate Authority Post.Trust Certificate Authority Certification Practice Statement CA Policy and Procedures Document Issue date: 03 April 2014 Version: 2.7.2.1 Release Contents DEFINITIONS... 6 LIST OF ABBREVIATIONS...

More information

THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY. July 2011 Version 2.0. Copyright 2006-2011, The Walt Disney Company

THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY. July 2011 Version 2.0. Copyright 2006-2011, The Walt Disney Company THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY July 2011 Version 2.0 Copyright 2006-2011, The Walt Disney Company Version Control Version Revision Date Revision Description Revised

More information

Symantec Trust Network (STN) Certificate Policy

Symantec Trust Network (STN) Certificate Policy Symantec Trust Network (STN) Certificate Policy Version 2.8.5 Effective Date: September 8, 2011 Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA +1 650.527.8000 http//:www.symantec.com

More information