CA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT

Transcription

1 CA Certificate Policy SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT

2 This page is intentionally left blank. 2 ODETTE CA Certificate Policy

3 Version Number Issue Date Changed By st April 2009 Original issue th March 2013 Jörg Walther 3 ODETTE CA Certificate Policy

4 Table of Contents 1 Introduction Overview PKI Participants Certification Authority (CA) Registration Authority (RA) Certificate Users Relying Parties Certificate use Appropriate certificate usage Prohibited certificate usage Certificate extensions Definitions and Abbreviations Publication and Repository Responsibilities Access control on repositories Identification and Authentication Naming Initial Identity Validation Subscriber registration process Documents used for subscriber registration Data needed for subscriber registration Records for subscriber registration Certificate Life-Cycle Operational Requirements Certificate Application Processing Certificate Issuance Certificate generation Key Pair and Certificate Usage Subscriber Subscriber duties Certificate Life-Cycle Operational Requirements Reliance at Own Risk ODETTE CA Repository and Web site Conditions Certificate Renewal Certificate Revocation and Suspension Certificate Status Services End of Subscription Management, Operational, And Physical Controls Physical Security Controls Procedural Controls Personnel Security Controls Qualifications, Experience, Clearances Training Requirements and Procedures Sanctions against Personnel Audit Logging Procedures Records Archival Types of records Retention period Protection of archive ODETTE CA Certificate Policy

5 5.12 Compromise and Disaster Recovery Technical Security Controls Key Pair Generation and Installation ODETTE CA Private Key Generation Process ODETTE CA Key Generation Key Pair re-generation and re-installation ODETTE CA Key Generation Devices ODETTE CA Private Key Storage ODETTE CA Key Storage Controls ODETTE CA Public Key Distribution ODETTE CA Private Key Destruction Private Key Protection and Cryptographic Module Engineering Controls Other Aspects of Key Pair Management Computing resources, software, and/or data are corrupted CA private key is compromised Activation Data Computer Security Controls Network Security Controls Certificate and CRL Profiles Certificate Profile Certificate Extensions Key Usage Subject CRL Profile Other Business and Legal Matters Fees Refund policy Financial Responsibility Confidentiality of Business Information Intellectual Property Rights Representations and Warranties Subscriber Obligations ODETTE CA Repository and Web site Conditions Reliance at Own Risk Accuracy of Information ODETTE CA Obligations Disclaimers of Warranties Limitation for Other Warranties Exclusion of Certain Elements of Damages Limitations of Liability Indemnities Indemnity Term and Termination Individual notices and communications with participants Amendments Dispute Resolution Procedures Governing Law Miscellaneous Provisions Survival Severability ODETTE CA Certificate Policy 5

6 This page is intentionally left blank. 6 ODETTE CA Certificate Policy

7 1 Introduction 1.1 Overview This Certificate Policy (CP) of the ODETTE Certification Authority (hereinafter, ODETTE CA) applies to the services of the ODETTE CA that are associated with the issuance of and management of digital certificates. Digital certificates can be used to create or rely upon electronic signatures. This CP can be found on the ODETTE CA repository at This CP may be updated from time to time. A certificate policy is a "named set of rules that indicates the applicability of a certificate to a particular community and/or class of application with common security requirements". This CP is a certificate policy in a broad sense and meets the formal requirements of Internet Engineering Task Force (IETF) RFC 3647, dated November 2003, with regard to content, layout and format (RFC 3647 obsoletes RFC 2527). RFC 3647 is an authoritative source of guidance with regard to standard practices in the area of electronic signatures and certificate management. While certain section titles are included in this policy according to the structure of RFC 3647, the topic may not necessarily apply in the implementation of the certificate management services of the ODETTE CA. In this case, these sections have been omitted. Where necessary, additional information is presented as subsections added to the standard structure. Meeting the format requirements of RFC 3647 enhances and facilitates the mapping and interoperability of the ODETTE CA with other third party CAs and provides relying parties with more information on the practices and procedures of the ODETTE CA. This CP addresses the technical, procedural and personnel policies and practices of the CA in certain services and during the complete life cycle of certificate solutions that are issued by the ODETTE CA. This CP applies to the specific domain of the ODETTE CA that address the management of certificates issued under ODETTE s own procedures. The purpose of this CP is to present the ODETTE CA practices and procedures in managing certificates and to demonstrate compliance with requirements pertaining to the issuance of certificates according to ODETTE CA s own procedures as they are audited in the framework of formal accreditations that ODETTE CA currently pursues. This CP applies to the above-stated domain to the exclusion of any other. This CP aims at facilitating the ODETTE CA in delivering certification services. This CP identifies the roles, responsibilities and practices of all entities involved in the life cycle, use, reliance upon and management of certificates of ODETTE CA. This CP describes the policy requirements to issue, manage and use certificates of ODETTE CA. As a top root CA, ODETTE CA manages a hierarchy of certificates according to publicised practices to be found under A CP states what is to be adhered to and, therefore, sets out an operational rule framework for the ODETTE CA service. The CP addresses the requirements of the entire application domain of ODETTE CA ODETTE CA Certificate Policy 7

8 certificates focusing on top root certificates and not just the end entity area. An ODETTE CA Certificate Practice Statement complements this CP and states how the Certification Authority adheres to the Certificate Policy. The Certificate Practice Statement provides the end user with a summary of the processes, procedures and overall prevailing conditions that the Certification Authority will use in creating and maintaining digital certificates it manages. ODETTE CA maintains a Certification Practice Statement for general types of entity certificates. A subscriber or relying party of an ODETTE CA certificate must refer to the ODETTE CA CP in order to establish trust on a certificate issued by the ODETTE Root CA as well as for notices with regard to the prevailing practices thereof. It is also essential to establish the trustworthiness of the entire certificate chain of the ODETTE CA certificate hierarchy, including the Top Root CA and operational roots, which can be established on the basis of the assertions of this CP. Digital certificates allow entities that participate in an electronic transaction to prove their identity towards other participants or to sign data electronically. By means of a digital certificate, ODETTE CA provides confirmation of the relationship between a named entity (subscriber) and its public key. The process to obtain a digital certificate includes the identification, naming, authentication and registration of the subscriber as well as aspects of certificate management such as the issuance, revocation and expiration of the digital certificate. By means of this procedure to issue digital certificates, ODETTE CA provides adequate and positive confirmation about the identity of the user of a certificate and a positive link to the public key that such an entity uses. An entity in this instance might include an end-user or another certification authority, as might be required under the circumstances. ODETTE CA makes available general-purpose digital certificates that can be used for non-repudiation and authentication. The use of these certificates can be further limited to a specific business or contractual context or transaction level according to a warranty policy or other limitations imposed by the applications that certificates are used in. This CP is maintained by the ODETTE CA, which is the issuing authority of certificates in the ODETTE Public Key Infrastructure. In a certificate management environment based on Public Key Infrastructure (PKI), an Issuing Authority is the entity that manages a Trust hierarchy from which all end user certificates inherit Trust. 1.2 PKI Participants The ODETTE CA makes its services available to subscribers. These subscribers include without limitation entities that use certificates for the purposes of: Authentication (digital signature) Electronic signature (non-repudiation) Encryption 8 ODETTE CA Certificate Policy

9 1.2.1 Certification Authority (CA) Certification Authorities (CA) issue certificates and Certificate Revocation Lists. The Odette CA issues the following types of certificates: Person certificates for natural or legal persons (end user certificates) Group certificates for groups of persons, functions and IT processes (end user certificates) Certification instances (subordinated CA certificates of the CSP) The Odette CA Root issues only certificates with the extension basicconstraints: ca=true (CA-certificates). Subordinate CAs issue end user certificates or additional CA certificates. The Certification Authority is named in the certificates and CRLs as issuer Registration Authority (RA) The RA identifies and authenticates the person applying for a certificate, registers and validates the requests for various certification services. The CA provides appropriate software and documented procedures, which are binding for the work of the RAs. The documented procedures contain strict specifications to meet the requirements of an RA Certificate Users Certificate subscribers are natural persons who request certificates for themselves (subscriber is identical with certificate user) or for other certificate users. Certificate users are natural or legal persons, who hold end user certificates. The certificate user does not have to be identical with the subject mentioned in the certificate. End users (subjects) use the private end user key. The subject does not have to be identical with the certificate user. Applicable end users are: Natural persons Organisations (legal persons - private, public or governmental bodies) Person groups Functions, which are fulfilled by employees of an organisation IT processes (e.g. SSL-server) ODETTE CA CERTIFICATE POLICY 9

10 1.2.4 Relying Parties Relying parties are natural or legal persons who use the certificates of the Odette CA to access services of the CA 1.3 Certificate use Certain limitations apply to the use of ODETTE CA certificates Appropriate certificate usage Certificates issued under the ODETTE CA can be used for public domain transactions that require: Non-repudiation Authentication Confidentiality Additional uses are specifically designated once they become available to end entities. Unauthorised use of ODETTE certificates may result in an annulment of warranties offered by the ODETTE CA to subscribers and relying parties of ODETTE certificates Prohibited certificate usage End entity certificate use is restricted by using certificate extensions on key usage and extended key usage. Any usage of the certificate inconsistent with these extensions is not permitted Certificate extensions ODETTE CA root certificate extensions are defined by the X.509 v.3 standard, other standards, as well as any other formats including those used by Microsoft and Netscape. The ODETTE CA uses certain constraints and extensions for its public PKI services as per the definition of the International Standards Organisation (ISO). Such constraints and extensions may limit the role and position of a subscriber certificate so that such subscribers can be identified under varying roles. As key usage extension limits the technical purposes for which a public key listed in a certificate may be used. ODETTE CA s own certificates may contain a key usage extension that limits the functionality of a key to only signing certificates, certificate revocation lists, and other data. A certificate policy extension limits the usage of a certificate to the requirements of a business or a legal context. 1.4 Definitions and Abbreviations CA Certificate a certificate issued for a CA Certification Authority instance of the Root PKI see ODETTE CA CERTIFICATE POLICY

11 Certification Service Provider provider of certification services. Certificate users natural or legal persons, who hold certificates. Distinguished Name a technical name, which consists of several name components. It describes uniquely the issuing CA and/or the certificate user within the boundaries of the Root PKI. The distinguished name is defined in standard [X.501 ITU-T RECOMMENDATION X.501, Information technology Open Systems Interconnection The Directory: Models, Version August 2005] End user subject, end users use the private end user key End User Certificate a certificate, which cannot be used to sign other certificates or CRLs Registration Authority (RA) part of the PKI that carries out the identification of subscribers see Relying Party natural or legal persons who use certificates. Signature card processor chip card, which can be used for the generation of electronic signatures and other PKI applications. Subscriber natural persons who requests certificates for themselves or for other certificate users. Abbreviations CA Certification Authority CN Common Name CP Certificate Policy CPS Certification Practice Statement CRL Certificate Revocation List CSP Certification Service Provider FIPS Federal Information Processing Standard HSM Hardware Security Module ISO International Organization for Standardization LDAP Lightweight Directory Access Protocol OID Object Identifier PIN Personal Identification Number PKI Public Key Infrastructure PUK Personal Unblocking Key RA Registration Authority RFC Request for Comment SSCD Secure Signature Creation Device SUD Secure User Device ODETTE CA CERTIFICATE POLICY 11

12 URL UTF8 Uniform Resource Locator Unicode Transformation Format-8 12 ODETTE CA CERTIFICATE POLICY

13 2 Publication and Repository Responsibilities ODETTE publishes information about the digital certificates that it issues in an online publicly accessible repository. ODETTE reserves its right to publish certificate status information on third party repositories. ODETTE retains an online repository of documents where it makes certain disclosures about its practices, procedures and the content of certain policies including this CP. ODETTE reserves its right to make available and publish information on its policies by any appropriate means within the ODETTE repository. All parties who are associated with the issuance, use or management of ODETTE certificates are hereby notified that ODETTE may publish submitted information on publicly accessible directories in association with the provision of electronic certificate status information. ODETTE refrains from making publicly available certain elements of documents including security controls, procedures, internal security polices etc. 2.1 Access control on repositories While ODETTE strives to keep access to its public repository and access to its policies (e.g. CP, CPS etc.) free of charge, it might charge for services such as the publication of status information on third party databases, private directories, etc. ODETTE CA CERTIFICATE POLICY 13

14

15 3 Identification and Authentication 3.1 Naming ODETTE maintains documented practices and procedures to authenticate the identity and/or other attributes of an end-user certificate subscriber to an ODETTE CA or ODETTE RA prior to issuing a certificate. ODETTE authenticates the requests of parties wishing the revocation of certificates under this policy. To identify a subscriber ODETTE follows certain naming and identification rules that include types of names assigned to the subject, such as X.500 distinguished names RFC-822 names and X.400 names. ODETTE issues certificates to end users submitting a documented application containing a verifiable name. ODETTE does not accept trademarks, logos or otherwise copyrighted graphic or text material for inclusion in its certificates. 3.2 Initial Identity Validation The identification of the subscriber for ODETTE services is carried out according to a documented procedure that is implemented by the ODETTE RAs. The subscriber identified in the subject field must prove possession of the private key corresponding to the public key being registered with ODETTE. Such a relationship can be proved by, for example, a digital signature in the certificate request message. 3.3 Subscriber registration process ODETTE ensures that: Subscribers are properly identified and authenticated Subscriber certificate requests are complete, accurate and duly authorized. 3.4 Documents used for subscriber registration ODETTE or an authorized ODETTE RA verifies by appropriate means and on the basis of a documented procedure, the identity and, if applicable, all specific attributes thereof of subscribers of a certificate. 3.5 Data needed for subscriber registration For CA chaining services, evidence required might include: Full name (including surname and given names) of the subscriber. Date and place of birth, a nationally recognized identity number, or other attributes of the subscriber which may be used to, as far as possible, distinguish the person from others with the same name (only for individual applications). ODETTE CA CERTIFICATE POLICY 15

16 Full name and legal status of the associated legal person or other organisational entity. Any relevant existing registration information (e.g. company registration) of the associated legal person or other organisational entity. Evidence that the subscriber is associated with that organisational entity. 3.6 Records for subscriber registration ODETTE records all information used to verify the subscriber identity, including any reference number on the documentation used for verification, and any limitations on the validity thereof. 16 ODETTE CA CERTIFICATE POLICY

17 4 Certificate Life-Cycle Operational Requirements All entities within the ODETTE domain including RAs and subscribers or other participants, have a continuous duty to inform the ODETTE CA of all changes in the information featured in a certificate during the operational period of such certificate and until it expires or gets revoked. The ODETTE CA issues and revokes certificates following an authenticated and duly signed request issued by an ODETTE RA. 4.1 Certificate Application Processing For all certificate types, an ODETTE RA acts upon a certificate application to validate an subscriber s identity. Subsequently, an RA either approves or rejects a certificate application. Such approval or rejection does not necessarily have to be justified to the subscriber or any other party. The RA uses documented procedures and adopts its own practices. 4.2 Certificate Issuance Further to validation and approval of a certificate application, the ODETTE RA sends a certificate issuance request to the ODETTE CA. Requests from the RA are granted approval provided that they are validly made and they contain valid subscriber data, formatted according to the ODETTE CA specifications. Issued certificates are delivered to the subject. 4.3 Certificate generation With reference to the issuance and renewal of certificates ODETTE represents towards all parties that certificates are issued securely according to the conditions set out below: The procedure to issue a certificate including a root certificate is securely linked to the associated registration and certificate renewal, including the provision of any subscriber generated public key. ODETTE ensures the uniqueness of the distinguished name assigned to the subscriber within its own domain. The confidentiality and integrity of registration data is ensured at all times through appropriate means. Certificate requests and generation are also supported by robust and tested procedures. 4.4 Key Pair and Certificate Usage The responsibilities relating to the use of keys and certificates include the ones addressed below: ODETTE CA CERTIFICATE POLICY 17

18 4.5 Subscriber The obligations of the subscriber include the following: Subscriber duties The duties of subscribers include the following: 1. Accepting all applicable terms and conditions in the CP of ODETTE published in the ODETTE Repository. 2. Notifying the ODETTE CA or an ODETTE RA of any changes in the information submitted that might materially affect the trustworthiness of that certificate. 3. Ceasing to use an ODETTE CA certificate when it becomes invalid. 4. Using an ODETTE CA certificate, as it may be reasonable under the circumstances. 5. Preventing the compromise, loss, disclosure, modification, or otherwise unauthorised use of their private key. 6. Taking responsibility for any acts and omissions of partners and subscribers agents in relation to generating, retaining, escrowing, or destroying any private keys. 7. Refraining from submitting to ODETTE or any ODETTE directory any material that contains statements that violate any law or the rights of any party. 8. Requesting the revocation of a CA certificate in case of an occurrence that materially affects the integrity of an ODETTE CA certificate. 9. Refraining from tampering with a certificate. 10. Only using certificates for legal and authorised purposes in accordance with the CP. The Subscriber has all above stated duties towards the CA at all times. When the subscriber applies on behalf of a different named Subject certain duties can be mitigated to the Subject, which in return shall have to inform the Subscriber of any eventualities affecting the life cycle of a certificate. In such case of mitigation, duties 2, 3, 4, 5, 6, 8, 9, 10 above apply to the Subject and not to the Subscriber Certificate Life-Cycle Operational Requirements Subscribers have a continuous duty to inform directly an ODETTE RA of any and all changes in the information featured in a CA certificate during the validity period of such CA certificate or any other fact that materially affects the validity of a certificate. This duty can be exercised either directly by the subscriber or through an agent Reliance at Own Risk It is the sole responsibility of the parties accessing information featured in the ODETTE CA Repositories and web site to assess and rely on information featured therein. 18 ODETTE CA CERTIFICATE POLICY

19 4.5.4 ODETTE CA Repository and Web site Conditions Parties, including subscribers and relying parties, accessing the ODETTE CA Repository and web site agree with the provisions of this CP and any other conditions of use that the ODETTE CA may make available. Parties demonstrate acceptance of the conditions of usage of the CP by submitting a query with regard to the status of a digital certificate or by anyway using or relying upon any such information or services provided. ODETTE CA Repositories can be used for: Obtaining information as a result of the search for a CA certificate. Verifying the status of digital signatures created with a private key corresponding to a public key included in a certificate. Obtaining information published on the ODETTE CA web site. 4.6 Certificate Renewal The ODETTE CA application generates new private and public keys during the process called certificate renewal. 4.7 Certificate Revocation and Suspension Suspension of ODETTE CA certificates is not supported. The identification of the subscriber who applies for a revocation is carried out according to an internal procedure. Upon request from an authorised user or an RA, the ODETTE CA revokes the CA certificate if: There has been loss, theft, modification, unauthorised disclosure, or other compromise of the private key of the certificate s subject. The certificate s subject or their appointed subscriber has breached a material obligation under this CP or the CA chaining agreement. The performance of a person s obligations under this CP is delayed or prevented by a natural disaster, computer or communications failure, or other cause beyond the person's reasonable control, and as a result, another person s information is materially threatened or compromised. There has been a modification of the information contained in the certificate of the certificate s subject. The ODETTE RA requests the revocation of a certificate promptly upon verifying the identity of the requesting party and confirming that the revocation request has been issued in accordance with the procedures required by this CP. Verification of the identity can be done through information elements featured in the identification data that the subscriber has submitted to the ODETTE RA. Upon request by an authorised user or an ODETTE RA, the ODETTE CA takes prompt action to revoke the certificate. ODETTE CA CERTIFICATE POLICY 19

20 4.8 Certificate Status Services The ODETTE CA makes available certificate status checking services including CRLs and appropriate Web interfaces. 4.9 End of Subscription Subscriber subscription ends when a CA certificate is revoked, expired or the service is terminated. 20 ODETTE CA CERTIFICATE POLICY

21 5 Management, Operational, And Physical Controls This section describes non-technical security controls used by ODETTE CA to perform the functions of key generation, subject authentication, certificate issuance, certificate revocation, audit, and archival. 5.1 Physical Security Controls The ODETTE CA implements physical controls on its own premises. The ODETTE CA secure premises are located in an area appropriate for high-security operations. Physical access is restricted by implementing mechanisms to control access from one area of the facility to another or access into high-security zones, such as locating CA operations in a secure computer room physically monitored and supported by security alarms and requiring movement from zone to zone to be accomplished using a token and access control lists. The ODETTE CA implements prevention and protection as well as measures against fire exposures. Media are stored securely. Backup media are also stored in a separate location that is physically secure and protected from fire and water damages. The ODETTE CA implements a partial off-site backup. 5.2 Procedural Controls The ODETTE CA follows personnel and management practices that provide reasonable assurance of the trustworthiness and competence of the members of the staff and of the satisfactory performance of their duties in the fields of the electronic signature-related technologies. The ODETTE CA takes measures regarding confidentiality and protecting personal data. All members of the staff operating the key management operations, administrators, security officers, and system auditors or any other operators that materially affect such operations are considered as serving in a trusted position. ODETTE may exercise vetting of personnel in trusted positions. ODETTE pursues the accountability of all actors for actions performed. 5.3 Personnel Security Controls 5.4 Qualifications, Experience, Clearances The ODETTE CA carries out checks to establish the background, qualifications, and experience needed to perform within the competence context of the specific job. ODETTE CA CERTIFICATE POLICY 21

22 5.5 Training Requirements and Procedures The ODETTE CA makes available training for their personnel to carry out CA and RA functions. 5.6 Sanctions against Personnel ODETTE CA sanctions personnel for unauthorized actions, unauthorized use of authority, and unauthorized use of systems for the purpose of imposing accountability on a participant's personnel, as it might be appropriate under the circumstances. 5.7 Audit Logging Procedures Audit logging procedures include event logging and audit systems, implemented for the purpose of maintaining a secure environment. ODETTE CA implements the following controls: ODETTE CA audit records events that include but are not limited to Issuance of a certificate Revocation of a certificate Publication of CRL s Audit trail records contain: The identification of the operation The data and time of the operation The identification of the certificate, involved in the operation The identification of the person that performed the operation Log files and audit trails are archived for inspection by the authorized personnel of ODETTE CA, the RA and designated auditors. The log files are properly protected by an access control mechanism. Log files and audit trails are backed up. 5.8 Records Archival ODETTE CA keeps internal records of the following items: CA certificates for a period of 5 years after the expiration of the certificate. Audit trails on the issuance of CA certificates for a period of 5 years after issuance of a certificate. Audit trail of the revocation of a CA certificate for a period of 5 years after revocation of a certificate. CRLs for a minimum of 5 years after expiration or revocation of a CA certificate. Support documents on the issuance of CA certificates for a period of 5 years after expiration of a certificate. ODETTE CA keeps archives in a retrievable format. 22 ODETTE CA CERTIFICATE POLICY

23 5.9 Types of records ODETTE CA retains in a trustworthy manner records of ODETTE CA digital certificates, audit data, certificate application information, log files and documentation supporting certificate applications Retention period ODETTE CA retains in a trustworthy manner records of CA certificates for 5 years following expiration or revocation Protection of archive Only the records administrator (member of staff assigned with the records retention duty) may view the archive. Conditions for the protection of archives include: Protection against modification of archive, such as storing the data on a write once medium. Protection against deletion of archive. Protection against deterioration of the media on which the archive is stored, such as a requirement for data to be migrated periodically to fresh media Compromise and Disaster Recovery In a separate internal document, ODETTE CA documents applicable incident, compromise reporting and handling procedures. ODETTE CA documents the recovery procedures used if computing resources, software, and/or data are corrupted or suspected of being corrupted. ODETTE CA establishes the necessary measures to ensure recovery of the service in case of a disaster, corrupted servers, software or data. ODETTE CA CERTIFICATE POLICY 23

24

25 6 Technical Security Controls This section sets out the security measures taken by ODETTE CA to protect its cryptographic keys and activation data (e.g., PINs, passwords, or manually-held key shares). 6.1 Key Pair Generation and Installation ODETTE CA protects its private key(s) in accordance with this CP. For specific types of certificates ODETTE CA uses private signing keys only for signing CRLs in accordance with the designated use of each of these keys. ODETTE CA will refrain from using its private keys used within ODETTE CA in any way outside the scope of ODETTE CA ODETTE CA Private Key Generation Process The ODETTE CA uses a trustworthy process for the generation of its root private key according to a documented procedure. The ODETTE CA distributes the secret shares of its private key(s) ODETTE CA Private Key Usage The private keys of the ODETTE CA are used to sign ODETTE CA issued certificates and ODETTE CA certification revocation lists. Other usages are restricted ODETTE CA Private Key Type For the CA Root key it uses, the ODETTE CA makes use of the RSA algorithm with a key length of 4096 bits and a validity period of at least 14 years. For the operational CA keys it uses the ODETTE CA makes use of the RSA algorithm with a key length of 4096 bits and a validity period of up to 14 years ODETTE CA Key Generation The ODETTE CA securely generates and protects its own private keys, using a trustworthy system, and takes necessary precautions to prevent the compromise or unauthorised usage of them. The ODETTE CA implements key generation procedures, in line with this CP. The key generation is carried out using an algorithm recognized as being fit for the purposes of issuing certificates. ODETTE uses RSA SHA-1. The selected key length and algorithm for CA signing key is recognized as being fit for the purposes of issuing certificates as issued by the CA. 6.2 Key Pair re-generation and re-installation The ODETTE CA decommissions and destroys keys used in the past as well as the active tamper-resistant devices and all backup or escrowed copies of its private keys. ODETTE CA CERTIFICATE POLICY 25

26 6.2.1 ODETTE CA Key Generation Devices The generation of the private keys of the ODETTE CA occurs within a secure cryptographic device ODETTE CA Key Generation Controls The generation of the private key of the ODETTE CA requires the control of more than one appropriately authorised member of staff serving in trustworthy positions. This action entails dual control ODETTE CA Private Key Storage The ODETTE CA uses a secure cryptographic device to store its private keys meeting the appropriate requirements of ISO. When outside the signature-creation device the ODETTE private signing key for a certificate is encrypted at all times ODETTE CA Key Storage Controls The storage of the private key of the ODETTE CA requires multiple controls by appropriately authorised members of staff serving in trustworthy positions. This action entails dual control ODETTE CA Key Back Up The ODETTE CA s private keys are backed up, stored and recovered by multiple and appropriately authorised members of staff serving in trustworthy positions. This action entails dual control Secret Sharing The ODETTE CA secret shares use multiple authorised holders, to safeguard and improve the trustworthiness of private keys and provide for key recovery. The ODETTE CA stores its own private keys in several tamper-resistant devices. This action entails dual control Acceptance of Secret Shares Before secret shareholders accept a secret share they must personally have observed the creation, re-creation, and distribution of the share or its subsequent chain of custody. A secret shareholder receives the secret share within a physical medium, such as an ODETTE CA approved hardware cryptographic module. The ODETTE CA keeps written records of secret share distribution ODETTE CA Public Key Distribution Public key distribution of ODETTE s own public key takes place according to ODETTE s own practices. The ODETTE CA documents its own private key distribution and has the ability to alter the distribution of tokens in case token custodians need to be replaced in their role of token custodians. 26 ODETTE CA CERTIFICATE POLICY

27 6.2.5 ODETTE CA Private Key Destruction ODETTE CA private keys are destroyed by at least two trusted operatives present at the end of their lifetime in order to guarantee that they cannot ever be retrieved and used again. Key destruction process is documented and associated records are archived. 6.3 Private Key Protection and Cryptographic Module Engineering Controls The ODETTE CA uses appropriate cryptographic devices to perform CA key management tasks. Those cryptographic devices are known as Hardware Security Modules (HSMs). Such devices meet formal requirements, which guarantee, amongst other things, that device tampering is immediately detected; and private keys cannot leave devices unencrypted Hardware and software mechanisms that protect CA private keys are documented. The document demonstrates that CA key protection mechanisms are of at least equivalent strength to the CA keys they are protecting. ODETTE CA custodians are assigned with the task to activate and deactivate the private key. The key is then active for a defined time period. The ODETTE CA private keys can be destroyed at the end of their lifetimes. 6.4 Other Aspects of Key Pair Management The ODETTE CA archives its own public keys. The ODETTE CA issues subscriber certificates with usage periods as indicated on such certificates Computing resources, software, and/or data are corrupted The ODETTE CA establishes the necessary measures to ensure full recovery of the service in case of a disaster, corrupted servers, software or data. If resources or services are not retained under the control of the ODETTE CA, the CA ensures that any agreement with the resource owner or services provider is compliant with the requirements for disaster recovery CA private key is compromised If the private key of the ODETTE CA is compromised, the corresponding certificate will immediately be revoked. Additional measures will be taken including the revocation of all end user certificates. 6.5 Activation Data The ODETTE CA securely stores and archives activation data associated with its own private key and operations. 6.6 Computer Security Controls The ODETTE CA implements computer security controls. ODETTE CA CERTIFICATE POLICY 27

28 6.7 Network Security Controls The ODETTE CA maintains a high-level network of systems security including firewalls. 28 ODETTE CA CERTIFICATE POLICY

29 7 Certificate and CRL Profiles This section specifies the ODETTE subscriber certificate format. 7.1 Certificate Profile ODETTE Certificates generally conform to (a) ITU-T Recommendation X.509 (1997): Information Technology - Open Systems Interconnection - The Directory: Authentication Framework, June 1997 and (b) RFC 5280: Internet X.509 Public Key Infrastructure Certificate and CRL Profile, April 2002 ( RFC 5280 ). ODETTE certificates are also fully conformant to the ODETTE OFTP2 Certificate Policy. At a minimum, X.509 ODETTE Certificates shall contain the basic fields and indicated prescribed values or value constraints in the below: Field Value Version Version 3 Serial Signature algorithm Issuer Valid From Valid To Subject Assigned by the signer, unique value per Issuer DN Sha1WithRSAEncryption Identity of the signer Universal Coordinate Time base Universal Coordinate Time base See below Subject Public Key Encoded in accordance with RFC 5280 Signature Generated and encoded in accordance with RFC Certificate Extensions Authority Key Identifier = hash CRL Distribution Point = "http URL" ODETTE CA CERTIFICATE POLICY 29

30 7.1.2 Key Usage Name Key Usage Enhanced Key Usage Secure Session (SSL/TLS) Encryption Signing Key Encipherment Digital Signature Digital Signature Key Encipherment Key Encipherment Digital Signature Server Authentication Client Authentication Protection 30 ODETTE CA CERTIFICATE POLICY

31 7.1.3 Subject Type Subject Alternative Subject End User TLS Common Name (CN) (E) Organisation (O) Organisation Unit (OU) Location (L) Country (C) FQDN (dnsname) IP* (ipaddress) SSID* (URI) Company No Company Name Company Company Company Location Country N/A N/A ssid://odette ID Name Name Company Yes FQDN Location Country FQDN IP ssid://odette ID Department No Company Name Department Company Department Location Country N/A N/A ssid://odette ID Name Name Department Yes FQDN Location Country FQDN IP ssid://odette ID Individual N/A Individual Name Individual Company Name Department Name Location Country N/A N/A ssid://odette ID * Optional Fields ODETTE CA CERTIFICATE POLICY 31

32 7.2 CRL Profile CRLs conform to RFC 5280 and contain the basic fields and contents specified in the table below: Field Value Version X.509 version 3 Signature Algorithm Issuer Effective Date Next Update Revoked Certificates Algorithm used to sign the CRL. ODETTE CRLs are signed using sha1withrsaencryption (OID: ) Entity who has signed and issued the CRL. Issue date of the CRL. CRLs are effective upon issuance. Date by which the next CRL will be issued. The full CRL is published every 72 hours, the delta CRL is published every 24 hours. Listing of revoked certificates, including the Serial Number of the revoked Certificate and the Revocation Date. 32 ODETTE CA CERTIFICATE POLICY

33 8 Other Business and Legal Matters 8.1 Fees Certain legal conditions apply to the issuance of the ODETTE CA certificates under this CP as described in this section. The issuance and management of ODETTE CA certificates is subject to fees which can be quoted on request. 8.2 Refund policy ODETTE accepts requests for refund in writing. Refund requests must be duly justified and addressed to ODETTE. ODETTE reserves its right to endorse or grant and refunds unless they are requested in the framework of a warranty offered by ODETTE. 8.3 Financial Responsibility ODETTE maintains sufficient resources to meet its perceived obligations under this CP. The ODETTE CA makes this service available on an as is basis. 8.4 Confidentiality of Business Information The ODETTE CA observes personal data privacy rules and confidentiality rules as described in the ODETTE CP. Confidential information includes: Any personal identifiable information on subscribers, other than that contained in a certificate. Reason for the revocation of a CA certificate, other than that contained in published certificate status information. Audit trails. Correspondence regarding CA services. CA Private key(s). 8.5 Intellectual Property Rights ODETTE owns and reserves all intellectual property rights associated with its databases, web sites, ODETTE CA digital certificates and any other publication whatsoever originating from ODETTE CA including this CP. The Distinguished names of all CAs of ODETTE CA, remain the sole property of ODETTE, which enforces these rights. Certificates are and remain property of the ODETTE CA or the rightful owner that licenses certificate management over to ODETTE. The ODETTE CA permits the reproduction and distribution of certificates on a non-exclusive, royalty-free basis, provided that they are reproduced and distributed in full, except that certificates are not published in any publicly accessible repository or directory without the express written permission of the ODETTE CA. ODETTE CA CERTIFICATE POLICY 33

34 The scope of this restriction is also intended to protect subscribers against the unauthorised re-publication of their personal data featured on a certificate. The ODETTE CA owns and reserves all intellectual property rights associated with its own products and services that it has not explicitly transferred or released to another party. 8.6 Representations and Warranties The ODETTE CA uses this CP, the CPS and a Subscriber Agreement to convey legal conditions of usage of ODETTE CA certificates to subscribers and relying parties. Participants that may make representations and warranties include ODETTE CA, RAs, subscribers, relying parties, and any other participants as might become necessary. All parties of the ODETTE domain, including the ODETTE CA, RAs and subscribers warrant the integrity of their respective private key(s). If any such party suspects that a private key has been compromised they will immediately notify the appropriate RA. 8.7 Subscriber Obligations In addition to those obligations listed in and unless otherwise stated in this CP, subscribers are responsible for: Having knowledge and, if necessary, seeking training on using digital certificates. Generating securely their private-public key pair, using a trustworthy system. Providing correct and accurate information in their communications with the ODETTE CA. Ensuring that the public key submitted to the ODETTE CA correctly corresponds to the private key used. Accepting all terms and conditions in the ODETTE CA CP and associated policies published in the ODETTE CA Repository. Using ODETTE CA certificates for legal and authorised purposes in accordance with this CP. Notifying ODETTE CA or an ODETTE RA of any changes in the information submitted. Ceasing to use an ODETTE CA certificate if any featured information becomes invalid. Ceasing to use an ODETTE CA certificate when it becomes invalid. Removing an ODETTE CA certificate when invalid from any applications and/or devices they have been installed on. Using an ODETTE CA certificate, as it may be reasonable under the circumstances. Preventing the compromise, loss, disclosure, modification, or otherwise unauthorised use of their private key. Any acts and omissions of partners and subscribers agents in relation to generating, retaining, escrowing, or destroying any private keys. Refraining from submitting to ODETTE CA or any ODETTE CA directory any material that contains statements that violate any law or the rights of any party. Requesting the revocation of a certificate in case of an occurrence that materially affects the integrity of an ODETTE CA certificate. 34 ODETTE CA CERTIFICATE POLICY

35 Notifying the appropriate RA immediately, if a subscriber becomes aware of or suspects the compromise of a private key. Submitting accurate and complete information to ODETTE in accordance with the requirements of this CP particularly with regards to registration. Only using the key pair for electronic signatures and in accordance with any other limitations notified to the subscriber according to this CP. Exercising absolute care to avoid unauthorized use of its private key. Generate subscriber keys using an algorithm recognized as being fit for the purposes of electronic signatures. Use a key length and algorithm, which is recognized as being fit for the purposes of electronic signatures. Notifying ODETTE without any reasonable delay, if any of the following occur up to the end of the validity period indicated in the certificate: o The subscriber's private key has been lost, stolen, potentially compromised; or o Control over the subscribers private key has been lost due compromise of activation data (e.g. PIN code) or o Inaccuracy or changes to the certificate content, as notified to the subscriber. The subscriber is ultimately liable for the choices he or she makes when applying for a certificate. The subscriber and ODETTE must designate the usage of a trustworthy device as well as the choice of organisational context. 8.8 ODETTE CA Repository and Web site Conditions Parties (including subscribers and relying parties) accessing the ODETTE CA Repository and web site agree with the provisions of this CP and any other conditions of usage that ODETTE may make available. Parties demonstrate acceptance of the conditions of usage of the CP by submitting a query with regard to the status of a CA certificate or by anyway using or relying upon any such information or services provided. The ODETTE CA Repositories include or contain: Information provided as a result of the search for a CA certificate. Information to verify the status of digital signatures created with a private key corresponding to a public key listed in a certificate. Information to verify the status of a digital certificate before encrypting data using the public key included in a certificate Information published on the ODETTE CA web site. Any other services that ODETTE CA might advertise or provide through its web site. The ODETTE CA maintains a certificate repository during the application period and for 5 years after the expiration or revocation of a certificate. To verify its integrity the complete repository will be made available to the ODETTE RAs for queries at any time. Additionally, the ODETTE CA repository is available to relying parties. ODETTE CA CERTIFICATE POLICY 35

36 8.8.1 Reliance at Own Risk It is the sole responsibility of the parties accessing information featured in the ODETTE CA Repositories and web site to assess and rely on information featured therein. Parties acknowledge that they have received adequate information to decide whether to rely upon any information provided in a CA certificate. The ODETTE CA takes all steps necessary to update its records and directories concerning the status of the certificates and issue warnings about. Failure to comply with the conditions of usage of the ODETTE Repositories and web site may result in terminating the relationship between the ODETTE CA and the party Accuracy of Information The ODETTE CA makes every effort to ensure that parties accessing its Repositories receive accurate, updated and correct information. The ODETTE CA, however, cannot accept any liability beyond the limits set in this CP. 8.9 ODETTE CA Obligations To the extent specified in the relevant sections of the CP, the ODETTE CA promises to: Comply with this CP and its amendments as published under Provide infrastructure and certification services, including the establishment and operation of the ODETTE CA Repository and web site for the operation of public certificate management services. Provide Trust mechanisms, including a key generation mechanism, key protection, and secret sharing procedures regarding its own infrastructure. Provide prompt notice in case of compromise of its own private key(s). Provide and validate application procedures for the various types of certificates that it makes publicly available. Issue electronic certificates in accordance with this CP and fulfil its obligations presented herein. Revoke certificates issued according to this CP upon receipt of a valid and authenticated request to revoke a certificate from an RA. Publish accepted certificates in accordance with this CP. Provide support to subscribers and relying parties as described in this CP. Provide for the expiration of certificates according to this CP. Publish CRLs of all revoked certificates on a regular basis in accordance with this CP. Notify relying parties of certificate revocation by publishing CRLs on the ODETTE CA repository. The liability of ODETTE CA under the above stated article for proven damages is limited to 1 Euro for any individual certificate, directly caused by the occurrences listed above. This limit might be reviewed by ODETTE CA. ODETTE CA makes available a 36 ODETTE CA CERTIFICATE POLICY