CERITIFICATE POLICY CONCERNING PERSONAL DIGITAL CERTIFICATES OF BANK OF FINLAND AND FINANCIAL SUPERVISORY AUTHORITY EMPLOYEES
|
|
- Meredith Mason
- 7 years ago
- Views:
Transcription
1 Certificate Policy 1 (18) CERITIFICATE POLICY CONCERNING PERSONAL DIGITAL CERTIFICATES OF BANK OF FINLAND AND FINANCIAL SUPERVISORY AUTHORITY EMPLOYEES 1 INTRODUCTION Overview Document name and identification PKI participants Certificate usage Policy administration Definitions and acronyms PUBLICATION AND REPOSITORY RESPONSIBILITIES Repositories Publication of certification information Time or frequency of publication Access controls on repositories IDENTIFICATION AND AUTHENTICATION Naming Initial identity validation Identification and authentication for re-key requests Identification and authentication for revocation request CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS Certificate Application Certificate application processing Certificate issuance Certificate acceptance Key pair and certificate usage Certificate renewal Certificate re-key Certificate modification Certificate revocation and suspension Certificate status services End of subscription Key escrow and recovery FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS Physical controls Procedural controls Personnel controls... 12
2 Certificate Policy 2 (18) 5.4 Audit logging procedures Records archival Key changeover Compromise and disaster recovery CA or RA termination TECHNICAL SECURITY CONTROLS Key pair generation and installation Private Key Protection and Cryptographic Module Engineering Controls Other aspects of key pair management Activation data Computer security controls Life cycle technical controls Network security controls Time-stamping CERTIFICATE, CRL, AND OCSP PROFILES Certificate profile CRL profile OCSP profile COMPLIANCE AUDIT AND OTHER ASSESSMENTS Frequency or circumstances of assessment Identity/qualifications of assessor Assessor's relationship to assessed entity Topics covered by assessment Actions taken as a result of deficiency Communication of results OTHER BUSINESS AND LEGAL MATTERS Fees Financial responsibility Confidentiality of business information Privacy of personal information Intellectual property rights Representations and warranties Disclaimers of warranties Limitations of liability Indemnities Term and termination Individual notices and communications with participants Amendments... 18
3 Certificate Policy 3 (18) 9.13 Dispute resolution provisions Governing law Compliance with applicable law Miscellaneous provisions Other provisions... 18
4 Level 0 Level 1 Level 2 Certificate Policy 4 (18) 1 INTRODUCTION This document defines the Certificate Policy (CP) of the Certification Authority (CA) of Bank of Finland (BOF). The Certification Authority of Bank of Finland issues personal digital certificates for the employees of the Bank of Finland and Financial Supervisory Authority (FIN-FSA). This Certificate Policy document is not a legal contract or legal document but it is rather a description of factors affecting the reliability of certificates issued by Bank of Finland s Certificate Authority. The security procedures and technical specifications presented in this document regarding digital certificate production are implemented in accordance with the European System of Central Banks (ESCB) Certificate Acceptance Framework (CAF) and best practices of Bank of Finland. The practices observed within Bank of Finland s Certificate Authority in the process of producing digital certificates are described in a separate Certification Practice Statement (CPS) document. 1.1 Overview The overview of CA infrastructure in Bank of Finland is presented in picture 1. Picture 1: CA infrastructure of Bank of Finland Certificate Holder BOF CA Root CA The CA infrastructure of Bank of Finland consists of two hierarchically deployed CA servers: Root CA and BOF CA.
5 Certificate Policy 5 (18) Root CA is the absolute base of the hierarchy. It only issues digital certificates to subordinate CAs. BOF CA is a subordinate CA server which is used to issue personal digital certificates for Bank of Finland and FIN-FSA personnel. Management of the CA infrastructure is handled by the Information Technology department of Bank of Finland. 1.2 Document name and identification 1.3 PKI participants The complete name of this document is Certificate policy concerning personal digital certificates of Bank of Finland and Financial supervisory authority employees. The object identifier for this Certificate policy is The certification entities and operations covered by this certificate policy are presented in following table: PKI participant Certification authority Role Certification authority produces the certificate services under the terms referred to in this certificate policy provided by Bank of Finland. Certification authority has the following tasks: Fulfilling its responsibility for providing certificate and directory services as well as revocation services. Monitoring to ensure that this CP as well as the CPS of Bank of Finland is followed when granting certificates. Maintaining the CP and CPS documents. Ensuring such human resources for the certification so that the process has every chance of succeeding. Ensuring that only reliable IT systems are used for the certification.
6 Certificate Policy 6 (18) Registration authority Certificate holder Revocation service Monitoring to ensure that the IT systems used for certification are used appropriately and preventing other use. Certificates as referred in this CP are registered by the BoF security unit. Registration authority has the following tasks: Ensuring the identity of the applicant as provided in this CP before the certificate is granted. Ensuring the handling, retaining and progress of the application to certificate production in a way that leaves no room for failure. On application, Bank of Finland and FIN-FSA employees obtain a personal smart card containing personal digital certificates. The revocation of digital certificates is handled by the security unit in Bank of Finland. 1.4 Certificate usage Certificates as referred to in this CP are to be used with the personal smart cards granted to BOF and FIN-FSA employees. Each certificate holder has two digital certificates corresponding to individual key pairs of private and public keys generated for each certificate. The following uses are available for the certificates: Certificate for authentication, encryption and signature The certificate holder can use the keys of the certificate for authentication in BOF computer systems as well as other systems which recognize this certificate issued by BOF CA. The public key of this certificate can be used to encrypt messages. The certificate holder can use the corresponding private key to decrypt message encrypted with the public key. The certificate holder can use the private key of the certificate for digital signature of data. The public key can be used to verify the digital signature made with a private key. Certificate for undisputed signature
7 Certificate Policy 7 (18) The certificate holder can use the private key for undisputed signature of data. The key pair of this certificate is generated so that the private key will at no stage be disclosed or become available outside of the smart card. 1.5 Policy administration Bank of Finland maintains and is responsible for this Certificate Policy. The validity of this document is periodically verified by Bank of Finland. The CA reserves itself the right to change this CP through a notification provided 2 weeks in advance of the entry into force of the changes. If there is only a slight change that does not affect any CA reliability factors, the change may be carried out without notification. Contact information concerning this CP: pki@bof.fi Postal address: Suomen Pankki Snellmaninaukio PO Box Helsinki, Finland 1.6 Definitions and acronyms BOF CA CAF CP CPS CRL ESCB FIN-FSA RA Bank of Finland Certificate Authority Certificate Acceptance Framework Certificate Policy Certification Practice Statement Certificate Revocation List European System of Central Banks Finnish Financial Supervisory Authority Registration Authority
8 Certificate Policy 8 (18) 2 PUBLICATION AND REPOSITORY RESPONSIBILITIES 2.1 Repositories 2.2 Publication of certification information 2.3 Time or frequency of publication 2.4 Access controls on repositories The certificate authority publishes the publicly available data on its website at URL These data include this certificate policy, public key data of the CA servers (Root CA and BOF CA) and other information that the certification authority deems necessary. The BOF CA server certificate revocation list is also publicly available at the certificates CRL distribution point at URL The Certification Practice Statement and the documents not listed above are considered non-public information and are available only for a limited audience. All publically available information may be freely used for reading purposes. The certificate authority of Bank of Finland is responsible for informing its digital certificate holders and relying parties about changes in the certificate policy or Certification Practice Statement that might affect the credibility of the certificate. The CA reserves the right to change the certificate policy or Certification Practice Statement with a notification period of two weeks. Publishing of the certificate revocation list is carried out as stated in section 7.2 of this certificate policy. All publicly available data are published on the CA website. Data with restricted audience are kept within the BOF intranet and are available only to the appropriate personnel.
9 Certificate Policy 9 (18) 3 IDENTIFICATION AND AUTHENTICATION 3.1 Naming 3.2 Initial identity validation Before a certificate is granted the identity of applicant is validated. Before the BOF smart card containing the certificates is given to its holder the identity is verified. A certificate as referred to in this CP complies with X.509 standard. Naming defines the identification data of the certificate holder and the CA used in the certificate. The issuing CA is named in the Issuer field of the certificate and the holder is named in the Subject field of the certificate. BOF smart cards containing the issued certificates are only given to employees of Bank of Finland or FIN-FSA and third party personnel currently working for either organization. The initial identity validation for each certificate holder is done as stated in CPS. 3.3 Identification and authentication for re-key requests 3.4 Identification and authentication for revocation request The holder of a BOF smart card containing certificates is obligated to personally inform the revocation service about any disappeared, broken or compromised smart card so that the certificates on it can be revoked.
10 Certificate Policy 10 (18) 4 CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS 4.1 Certificate Application 4.2 Certificate application processing 4.3 Certificate issuance 4.4 Certificate acceptance 4.5 Key pair and certificate usage 4.6 Certificate renewal 4.7 Certificate re-key 4.8 Certificate modification The certification authority of Bank of Finland only issues digital certificates based on written requests received by the registration authority of Bank of Finland. The certificate application is processed by the registration authority of Bank of Finland. The related process is described in CPS. The certificate is issued by CA server if the registration authority of Bank of Finland approves the processed certificate application. The related process is described in CPS. The applicant becomes a digital certificate holder once he/she receives the BOF smart card containing the certificates. The related process is described in CPS. Digital certificate holders may use the key pair and certificate only for purposes described in section 1.4 of this certificate policy.
11 Certificate Policy 11 (18) 4.9 Certificate revocation and suspension 4.10 Certificate status services 4.11 End of subscription 4.12 Key escrow and recovery Upon receiving a BOF smart card the digital certificate holder agrees to be obligated to personally inform the registration authority of Bank of Finland about disappeared, broken or compromised smart cards so that the certificates on them can be revoked. The revocation of a certificate is a process of terminating the usage of a certificate prior to its expiration date. Information concerning revoked certificates issued by CA at Bank of Finland is published in a certificate revocation list (CRL). The related process is described in CPS. The CRL is published and is accessible as stated in section 7.2. The CRL distribution point is specified in each digital certificate issued by the CA. Usage of digital certificates is terminated in two separate cases: 1. Normal expiration of a certificate. The CA does not support re-key option at the moment so that a new certificate is required once the previous one expires. 2. Revocation of a certificate. Revocation is handled by the revocation service as stated in section 1.3 of CPS. Private keys are stored only in BOF smart cards. Therefore the key archive or recovery options are not available to these keys.
12 Certificate Policy 12 (18) 5 FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS 5.1 Physical controls All premises used by the certificate service are secure, well protected, efficiently monitored and alarmed. The physical security at the BoF is at a good central bank level. 5.2 Procedural controls 5.3 Personnel controls 5.4 Audit logging procedures 5.5 Records archival 5.6 Key changeover No stipulation (basically all critical operations are logged, log is protected by encryption and signing etc.) 5.7 Compromise and disaster recovery 5.8 CA or RA termination The operations of the certification authority according to this CP may have to be terminated as a result of a CA decision, disclosure of a private key provided by the CA or questions raised about the technical basis of the system. The CA informs the certificate holders and agreed certificate users about such discontinuation. When the certification operations have been discontinued, the certificates shall no longer be trusted.
13 Certificate Policy 13 (18) 6 TECHNICAL SECURITY CONTROLS 6.1 Key pair generation and installation The key pair used for undisputed signature is generated as an internal personal smart card operation so that the private key will at no stage be disclosed or become available outside of the card. The key used for encryption and identification is generated in the certification system. A back-up copy of the encryption key is retained in the certification system in case the card should break or disappear. The related process is described in CPS. 6.2 Private Key Protection and Cryptographic Module Engineering Controls 6.3 Other aspects of key pair management 6.4 Activation data 6.5 Computer security controls Security controls are implemented to protect the module and to prevent anyone from managing the module single-handedly. Computer security controls are implemented to increase the information security of the CA system and to ensure continuation of the certification process. The controls are focused on following topics: Data backups Access control (system, databases and applications) Access rights (system, databases and applications) Archive and log files Authentication
14 Certificate Policy 14 (18) 6.6 Life cycle technical controls 6.7 Network security controls 6.8 Time-stamping No Stipulation.
15 Certificate Policy 15 (18) 7 CERTIFICATE, CRL, AND OCSP PROFILES 7.1 Certificate profile 7.2 CRL profile 7.3 OCSP profile A certificate as referred to in this certificate policy document complies with standard X.509. As a rule, the certificates are valid for three years. All personal digital certificates issued by the CA include the following information: Version Serial number Algorithm info Issuer + OID Validity Subject Scope of usage Public key A certificate revocation list (CRL) as referred to in this certificate policy document complies with standard X.509. BOF CA publishes its certificate revocation list every hour, and the list is valid for 72 hours. The list is available at CRL distribution point at URL Certificate revocation lists published by BOF CA include the following information: Version Issuer Effective date Next update Algorithm info List of revocated certificates
16 Certificate Policy 16 (18) 8 COMPLIANCE AUDIT AND OTHER ASSESSMENTS 8.1 Frequency or circumstances of assessment 8.2 Identity/qualifications of assessor 8.3 Assessor's relationship to assessed entity 8.4 Topics covered by assessment 8.5 Actions taken as a result of deficiency 8.6 Communication of results
17 Certificate Policy 17 (18) 9 OTHER BUSINESS AND LEGAL MATTERS 9.1 Fees 9.2 Financial responsibility 9.3 Confidentiality of business information As the personal digital certificates issued by BOF CA are intended only for internal use in the Bank of Finland and the Financial Supervisory Authority, the CA is not responsible for possible damages caused to other parties that have relied on the certificates. 9.4 Privacy of personal information 9.5 Intellectual property rights 9.6 Representations and warranties 9.7 Disclaimers of warranties 9.8 Limitations of liability 9.9 Indemnities 9.10 Term and termination No stipulation Bank of Finland maintains and is responsible for this CP. The CA reserves the right to change this CP with a notification period of two weeks. Validity of the older version of the CP is terminated as soon as the new one enters
18 Certificate Policy 18 (18) into force. This CP and the corresponding CPS will remain valid until further notice Individual notices and communications with participants 9.12 Amendments 9.13 Dispute resolution provisions 9.14 Governing law 9.15 Compliance with applicable law 9.16 Miscellaneous provisions 9.17 Other provisions The CA is responsible for the information published in the relevant directory to the extent specified in the national legislation.
Apple Corporate Email Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 2.0 Effective Date: April 10, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
More informationTACC ROOT CA CERTIFICATE POLICY
TACC ROOT CA CERTIFICATE POLICY AND CERTIFICATE PRACTICES STATEMENT (In RFC 3647 format) January 20, 2009 OID: 1.3.6.1.4.1.17940.5.1.1.1 Version 1.2 1 INTRODUCTION... 3 1.1 Overview...3 1.2 Document Name
More informationNeutralus Certification Practices Statement
Neutralus Certification Practices Statement Version 2.8 April, 2013 INDEX INDEX...1 1.0 INTRODUCTION...3 1.1 Overview...3 1.2 Policy Identification...3 1.3 Community & Applicability...3 1.4 Contact Details...3
More informationTeliaSonera Public Root CA. Certification Practice Statement. Revision Date: 2006-11-17. Version: Rev A. Published by: TeliaSonera Sverige AB
Document no 1/011 01-AZDA 102 213 TeliaSonera Sverige AB Certification Practice Statement Rev A TeliaSonera Public Root CA Certification Practice Statement Revision Date: 2006-11-17 Version: Rev A Published
More informationapple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc.
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.8 Effective Date: June 11, 2012 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2.
More informationCertificate Policy. SWIFT Qualified Certificates SWIFT
SWIFT SWIFT Qualified Certificates Certificate Policy This Certificate Policy applies to Qualified Certificates issued by SWIFT. It indicates the requirements and procedures to be followed, and the responsibilities
More informationCMS Illinois Department of Central Management Services
CMS Illinois Department of Central Management Services State of Illinois Public Key Infrastructure Certification Practices Statement For Digital Signature And Encryption Applications Version 3.3 (IETF
More informationTR-GRID CERTIFICATION AUTHORITY
TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.1 January, 2009 Table of Contents: TABLE OF CONTENTS:...2 1. INTRODUCTION...7 1.1 OVERVIEW...7 1.2 DOCUMENT
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015 Table of Contents 1. Introduction... 5 1.1. Trademarks...
More informationTHE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc.
THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Last Revision Date: June 28, 2007 Version: 3.0 Published By: RSA Security Inc. Copyright 2002-2007 by
More informationTR-GRID CERTIFICATION AUTHORITY
TR-GRID CERTIFICATION AUTHORITY CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Version 2.3 May 15, 2014 Table of Contents TABLE OF CONTENTS:... 2 1. INTRODUCTION... 7 1.1 OVERVIEW... 7 1.2 DOCUMENT
More informationInCommon Certification Practices Statement. Server Certificates
InCommon Certification Practices Statement for Server Certificates 16 August 2010 Version 1.0 Latest version: https://www.incommon.org/cert/repository/cps_ssl.pdf This version: https://www.incommon.org/cert/repository/cps_ssl_20100816.pdf
More informationInCommon Certification Practices Statement. Client Certificates
InCommon Certification Practices Statement for Client Certificates 14 February 2011 Version 1.0 Latest version: 14 February 2011 This version: 14 February 2011 Table of Contents 1 INTRODUCTION... 4 1.1
More informationVeriSign Trust Network Certificate Policies
VeriSign Trust Network Certificate Policies Version 2.8.1 Effective Date: February 1, 2009 VeriSign, Inc. 487 E. Middlefield Road Mountain View, CA 94043 USA +1 650.961.7500 http//:www.verisign.com - 1-
More informationVodafone Group CA Web Server Certificate Policy
Vodafone Group CA Web Server Certificate Policy Publication Date: 06/09/10 Copyright 2010 Vodafone Group Table of Contents Acknowledgments... 1 1. INTRODUCTION... 2 1.1 Overview... 3 1.2 Document Name
More informationSymantec Trust Network (STN) Certificate Policy
Symantec Trust Network (STN) Certificate Policy Version 2.8.5 Effective Date: September 8, 2011 Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA +1 650.527.8000 http//:www.symantec.com
More informationTelia hardware based e-legitimation v2. Certification Practice Statement. Revision Date: 10 th June 2009. Version: 1.0
Document no 4/011 01-AZDA 102 213 TeliaSonera Sverige AB Certification Practice Statement Rev. 1.0 Telia hardware based e-legitimation v2 Certification Practice Statement Revision Date: 10 th June 2009
More informationMetropolitan Police Service Enterprise PKI. Root Certificate Authority, Certificate Policy. Version 6.1 10 th February 2012 NOT PROTECTIVELY MARKED
Metropolitan Police Service Enterprise PKI Root Certificate Authority, Certificate Policy Version 6.1 10 th February 2012 Version Control Issue Release Date Comments A 02/11/07 First draft release of CP
More informationCertification Practice Statement
Certification Practice Statement Version 2.0 Effective Date: October 1, 2006 Continovation Services Inc. (CSI) Certification Practice Statement 2006 Continovation Services Inc. All rights reserved. Trademark
More informationKIBS Certification Practice Statement for non-qualified Certificates
KIBS Certification Practice Statement for non-qualified Certificates Version 1.0 Effective Date: September, 2012 KIBS AD Skopje Kuzman Josifovski Pitu 1 1000, Skopje, Republic of Macedonia Phone number:
More informationGandi CA Certification Practice Statement
Gandi CA Certification Practice Statement Gandi SAS 15 Place de la Nation Paris 75011 France Version 1.0 TABLE OF CONTENTS 1.INTRODUCTION...10 1.1.Overview...10 1.2.Document Name and Identification...10
More informationREVENUE ON-LINE SERVICE CERTIFICATE POLICY. Document Version 1.2 Date: 15 September 2007. OID for this CP: 1.2.372.980003.1.1.1.1.
REVENUE ON-LINE SERVICE CERTIFICATE POLICY Document Version 1.2 Date: 15 September 2007 OID for this CP: 1.2.372.980003.1.1.1.1.1 No part of this document may be copied, reproduced, translated, or reduced
More informationThe Boeing Company. Boeing Commercial Airline PKI. Basic Assurance CERTIFICATE POLICY
The Boeing Company Boeing Commercial Airline PKI Basic Assurance CERTIFICATE POLICY Version 1.4 PA Board Approved: 7-19-2013 via e-mal PKI-233 BCA PKI Basic Assurance Certificate Policy Page 1 of 69 Signature
More informationTeliaSonera Server Certificate Policy and Certification Practice Statement
TeliaSonera Server Certificate Policy and Certification Practice Statement v.1.4 TeliaSonera Server Certificate Policy and Certification Practice Statement CA name Validation OID TeliaSonera Server CA
More informationENTRUST CERTIFICATE SERVICES
ENTRUST CERTIFICATE SERVICES Certification Practice Statement Version: 2.13 February 12, 2016 2016 Entrust Limited. All rights reserved. Revision History Issue Date Changes in this Revision 1.0 May 26,
More informationTHE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY. July 2011 Version 2.0. Copyright 2006-2011, The Walt Disney Company
THE WALT DISNEY COMPANY PUBLIC KEY INFRASTRUCTURE CERTIFICATE POLICY July 2011 Version 2.0 Copyright 2006-2011, The Walt Disney Company Version Control Version Revision Date Revision Description Revised
More informationEquens Certificate Policy
Equens Certificate Policy WebServices and Connectivity Final H.C. van der Wijck 11 March 2015 Classification: Open Version 3.0 Version history Version no. Version date Status Edited by Most important edit(s)
More informationSwissSign Certificate Policy and Certification Practice Statement for Gold Certificates
SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates Version March 2004 Version 2004-03 SwissSign Gold CP/CPS Page 1 of 66 Table of Contents 1. INTRODUCTION...9 1.1 Overview...
More informationGARR Certification Authority Certificate Policy and Certification Practice Statement. Version 1.0
GARR Certification Authority Certificate Policy and Certification Practice Statement Version 1.0 November 2006 The PDF version of this document has been signed with following PGP key: pub 1024R/5BA9D271
More informationSAUDI NATIONAL ROOT-CA CERTIFICATE POLICY
SAUDI NATIONAL ROOT-CA CERTIFICATE POLICY Document Classification: Public Version Number: 2.5 Issue Date: June 25, 2015 National Center for Digital Certification Policies and Regulations Department Digitally
More informationFraunhofer Corporate PKI. Certification Practice Statement
Fraunhofer Corporate PKI Certification Practice Statement Version 1.1 Published in June 2012 Object Identifier of this Document: 1.3.6.1.4.1.778.80.3.2.1 Contact: Fraunhofer Competence Center PKI Fraunhofer
More informationBangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS)
[Draft] Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS) Version: 1.00 August, 2015 Bangladesh Bank Page 2 of 42 Document Reference Title Document Type Bangladesh Bank
More informationFord Motor Company CA Certification Practice Statement
Certification Practice Statement Date: February 21, 2008 Version: 1.0.1 Table of Contents Document History... 1 Acknowledgments... 1 1. Introduction... 2 1.1 Overview... 3 1.2 Ford Motor Company Certificate
More informationX.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities
X.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities Version 5.1 May 2014 Notice to all parties seeking to rely Reliance
More informationCERTIFICATE POLICY (CP) (For SSL, EV SSL, OSC and similar electronic certificates)
(CP) (For SSL, EV SSL, OSC and similar electronic certificates) VERSION : 09 DATE : 01.12.2014 1. INTRODUCTION... 10 1.1. Overview... 10 1.2. Document Name and Identification... 11 1.3. Participants...
More informationAdvantage Security Certification Practice Statement
Advantage Security Certification Practice Statement Version 3.8.5 Effective Date: 01/01/2012 Advantage Security S. de R.L. de C.V. Prol. Paseo de la Reforma # 625 Int 402, Col Paseo de las Lomas. Del Alvaro
More informationCalifornia Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority. Version 3.
California Independent System Operator Certification Practice Statement for Basic Assurance Certification Authority Version 3.4 April 2015 Table of Contents 1.0 INTRODUCTION... 8 1.1 OVERVIEW... 8 1.2
More informationRegistration Practices Statement. Grid Registration Authority Approved December, 2011 Version 1.00
Registration Practices Statement Grid Registration Authority Approved December, 2011 Version 1.00 i TABLE OF CONTENTS 1. Introduction... 1 1.1. Overview... 1 1.2. Document name and Identification... 1
More informationGlobe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States
Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States www.globessl.com TABLE OF CONTENTS 1. INTRODUCTION...
More informationEuropeanSSL Secure Certification Practice Statement
EuropeanSSL Secure Certification Practice Statement Eunetic GmbH Version 1.0 14 July 2008 Wagnerstrasse 25 76448 Durmersheim Tel: +49 (0) 180 / 386 384 2 Fax: +49 (0) 180 / 329 329 329 www.eunetic.eu TABLE
More informationTeliaSonera Root CA v1 Certificate Practice Statement. Published by: TeliaSonera AB
2007-10-18 1 (46) TeliaSonera Root CA v1 Certificate Practice Statement Published by: TeliaSonera AB Company Information Created Modified Approved Valid from 2007-10-12 Reg. office: Printed Coverage Business
More informationSWITCHaai Metadata CA. Certificate Policy and Certification Practice Statement
SWITCHaai Metadata CA Certificate Policy and Certification Practice Statement Version 1.0, OID 2.16.756.1.2.6.7.1.0 July 15, 2008 Table of Contents 1. INTRODUCTION...6 1.1 Overview...6 1.2 Document name
More informationDanske Bank Group Certificate Policy
Document history Version Date Remarks 1.0 19-05-2011 finalized 1.01 15-11-2012 URL updated after web page restructuring. 2 Table of Contents 1. Introduction... 4 2. Policy administration... 4 2.1 Overview...
More informationGetronics Certification Certificate of Authentic Trustworthy
Getronics Version 3.0 Effective Date: 15 october, 2008 Getronics Nederland B.V. Fauststraat 1 P.O. Box 9105 7300 HN Apeldoorn The Netherlands Phone: +31 (0)20 570 4511 http://www.pki.getronicspinkroccade.nl
More informationStarfield Technologies, Inc. Certificate Policy and Certification Practice Statement (CP/CPS)
Starfield Technologies, Inc. Certificate Policy and Certification Practice Statement (CP/CPS) Version 2.4 June 15, 2009 i Starfield CP-CPS V2.4 Table of Contents 1 Introduction... 1 1.1 Overview... 1 1.2
More informationMalaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement
Malaysian Identity Federation and Access Management Certification Authority Certificate Policy and Certification Practice Statement Version 2.2 Document OID: 1.3.6.1.4.1.36355.2.1.2.2 February 2012 Contents
More informationBrocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, 2002. Page 1
PKI Tutorial Jim Kleinsteiber February 6, 2002 Page 1 Outline Public Key Cryptography Refresher Course Public / Private Key Pair Public-Key Is it really yours? Digital Certificate Certificate Authority
More informationepki Root Certification Authority Certification Practice Statement Version 1.2
epki Root Certification Authority Certification Practice Statement Version 1.2 Chunghwa Telecom Co., Ltd. August 21, 2015 Contents 1. INTRODUCTION... 1 1.1 OVERVIEW... 1 1.1.1 Certification Practice Statement...
More informationphicert Direct Certificate Policy and Certification Practices Statement
phicert Direct Certificate Policy and Certification Practices Statement Version 1. 1 Effective Date: March 31, 2014 Copyright 2013-2014 EMR Direct. All rights reserved. [Trademark Notices] phicert is a
More informationTREND MICRO SSL CERTIFICATION PRACTICE STATEMENT. Version 2.0
TREND MICRO SSL CERTIFICATION PRACTICE STATEMENT Version 2.0 Effective Date: 14 April 2015 TABLE OF CONTENTS 1. INTRODUCTION 1.1 Overview 1.2 Document name and identification 1.3 PKI participants 1.3.1
More informationCertification Practice Statement
FernUniversität in Hagen: Certification Authority (CA) Certification Practice Statement VERSION 1.1 Ralph Knoche 18.12.2009 Contents 1. Introduction... 4 1.1. Overview... 4 1.2. Scope of the Certification
More informationEricsson Group Certificate Value Statement - 2013
COMPANY INFO 1 (23) Ericsson Group Certificate Value Statement - 2013 COMPANY INFO 2 (23) Contents 1 Ericsson Certificate Value Statement... 3 2 Introduction... 3 2.1 Overview... 3 3 Contact information...
More informationSSL.com Certification Practice Statement
SSL.com Certification Practice Statement SSL.com Version 1.0 February 15, 2012 2260 W Holcombe Blvd Ste 700 Houston, Texas, 77019 US Tel: +1 SSL-CERTIFICATE (+1-775-237-8434) Fax: +1 832-201-7706 www.ssl.com
More informationCertification Practice Statement (ANZ PKI)
Certification Practice Statement March 2009 1. Overview 1.1 What is a Certification Practice Statement? A certification practice statement is a statement of the practices that a Certification Authority
More informationX.509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA)
.509 Certification Practices Statement for the U.S. Government Printing Office Principal Certification Authority (GPO-PCA) June 11, 2007 FINAL Version 1.6.1 FOR OFFICIAL USE ONLY SIGNATURE PAGE U.S. Government
More informationDigiCert Certification Practice Statement
DigiCert Certification Practice Statement DigiCert, Inc. Version 2.22 June 01, 2005 333 South 520 West Orem, UT 84042 USA Tel: 1-801-805-1620 Fax: 1-801-705-0481 www.digicert.com 1 General...7 1.1 DigiCert,
More information- X.509 PKI EMAIL SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1
- X.509 PKI EMAIL SECURITY GATEWAY Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1 Commerzbank AG - Page 1 Document control: Title: Description : RFC Schema: Authors: Commerzbank
More informationL@Wtrust Class 3 Registration Authority Charter
Class 3 Registration Authority Charter Version 1.0 applicable from 09 November 2010 Building A, Cambridge Park, 5 Bauhinia Street, Highveld Park, South Africa, 0046 Phone +27 (0)12 676 9240 Fax +27 (0)12
More informatione-tuğra CERTIFICATE POLICY E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş. Version: 3.1 Validity Date: September, 2013 Update Date: 30/08/2013
e-tuğra CERTIFICATE POLICY E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş. Version: 3.1 Validity Date: September, 2013 Update Date: 30/08/2013 Ceyhun Atıf Kansu Cad. 130/58 Balgat / ANKARA TURKEY
More informationPKI NBP Certification Policy for ESCB Signature Certificates. OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5
PKI NBP Certification Policy for ESCB Signature Certificates OID: 1.3.6.1.4.1.31995.1.2.2.1 version 1.5 Security Department NBP Warsaw, 2015 Table of Contents 1. Introduction 1 1.1 Overview 1 1.2 Document
More information- X.509 PKI COMMERZBANK PERSONS PKI. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.0
- X.509 PKI COMMERZBANK PERSONS PKI Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.0 Commerzbank AG Page 1 Document Control: Title: Description: RFC Schema: Authors: Commerzbank
More informationCA Certificate Policy. SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT
CA Certificate Policy SCHEDULE 1 to the SERVICE PROVIDER AGREEMENT This page is intentionally left blank. 2 ODETTE CA Certificate Policy Version Number Issue Date Changed By 1.0 1 st April 2009 Original
More informationPEXA Public Key Infrastructure (PKI) Certification Authority Certificate Policy
PEXA Public Key Infrastructure (PKI) Certification Authority Certificate Policy Version: 1.0 Issued: August 2014 Status: Final PEXA Certification Authority Certificate Profile 1. Introduction Property
More informationUniTrust Network Trust Service Hierarchy. Extended Validation Certification Practice Statement
UniTrust Network Trust Service Hierarchy Extended Validation Certification Practice Statement Version 1.2 Valid from: 25-05-2016 Shanghai Electronic Certificate Authority Center Co.Ltd 18/F,JaJie International
More informationSymantec Trust Network (STN) Certificate Policy
Symantec Trust Network (STN) Certificate Policy Version 2.8.20 May 20, 2016 Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA +1 650.527.8000 www.symantec.com - i - Symantec Trust Network
More informationTrusted Certificate Service
TCS Server and Code Signing Personal CA CPS Version 2.0 (rev 15) Page 1/40 Trusted Certificate Service TCS Server CAs, escience Server CA, and Code Signing CA Certificate Practice Statement Version 2.0
More informationVisa Public Key Infrastructure Certificate Policy (CP)
Visa Public Key Infrastructure Certificate Policy (CP) Version 1.7 Effective: 24 January 2013 2010-2013 Visa. All Rights Reserved. Visa Public Important Note on Confidentiality and Copyright The Visa Confidential
More informationComodo Certification Practice Statement
Comodo Certification Practice Statement Comodo CA, Ltd. Version 4.1.4 Effective: August 14, 2015 3rd Floor, Office Village, Exchange Quay, Trafford Road, Salford, Manchester, M5 3EQ, United Kingdom Tel:
More informationComodo Certification Practice Statement
Comodo Certification Practice Statement Notice: This CPS should be read in conjunction with the following documents:- * LiteSSL addendum to the Certificate Practice Statement * Proposed Amendments to the
More informationGovernment CA Government AA. Certification Practice Statement
PKI Belgium Government CA Government AA Certification Practice Statement 2.16.56.1.1.1.3 2.16.56.1.1.1.3.2 2.16.56.1.1.1.3.3 2.16.56.1.1.1.3.4 2.16.56.1.1.1.6 2.16.56.1.1.1.6.2 2.16.56.9.1.1.3 2.16.56.9.1.1.3.2
More informationPostSignum CA Certification Policy applicable to qualified personal certificates
PostSignum CA Certification Policy applicable to qualified personal certificates Version 3.0 7565 Page 1/60 TABLE OF CONTENTS 1 Introduction... 5 1.1 Review... 5 1.2 Name and clear specification of a document...
More informationCertificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr
Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr Version 0.3 August 2002 Online : http://www.urec.cnrs.fr/igc/doc/datagrid-fr.policy.pdf Old versions Version 0.2 :
More information3.Practices and procedures. v 1.1 05.12.2014
v 1.1 05.12.2014 3.Practices and procedures DOMENY.PL Ltd / DOMENY.PL sp. z o.o. Marcika 27 30-443 Krakow, Poland tel.: (+48) 12 296 36 63 fax: (+48) 12 395 33 65 hotline / infolinia: (+48) 501 DOMENY
More informationTELSTRA RSS CA Subscriber Agreement (SA)
TELSTRA RSS CA Subscriber Agreement (SA) Last Revision Date: December 16, 2009 Version: Published By: Telstra Corporation Ltd Copyright 2009 by Telstra Corporation All rights reserved. No part of this
More informationCitizen CA Certification Practice statement
Citizen CA Certification Practice statement OID: 2.16.56.1.1.1.2.2 OID: 2.16.56.1.1.1.2.1 VERSION: 1.1 1/56 Table of Contents 1 INTRODUCTION 5 1.1 PRELIMINARY WARNING 5 1.1.1 Trusted Entities ruled by
More informationCertification Practice Statement
INFORMATION SECURITY POLICY ISSUE SPECIFIC POLICY VERSION: 13-03-2007 EFFECTIVE DATE: 01-03-2007 Certification Practice Statement Law Trusted Third Party Services (Pty) Ltd registration number 2001/004386/07
More informationAdobe Systems Incorporated. Adobe Root CA Certification Practice Statement. Revision #5. Revision History
Adobe Systems Incorporated Adobe Root CA Revision #5 Revision History Rev # Date Author Description of Change(s) 1 4/1/03 Deloitte & Touche First draft 2 4/7/03 Deloitte & Touche Further refinements 3
More informationVeriSign Trust Network Certificate Policies
VeriSign Trust Network Certificate Policies Version 1.3 Effective Date: March 31, 2004 VeriSign, Inc. 487 E. Middlefield Road Mountain View, CA 94043 USA +1 650.961.7500 http//:www.verisign.com VeriSign
More informationPKI NBP Certification Policy for ESCB Encryption Certificates. OID: 1.3.6.1.4.1.31995.1.2.3.1 version 1.2
PKI NBP Certification Policy for ESCB Encryption Certificates OID: 1.3.6.1.4.1.31995.1.2.3.1 version 1.2 Security Department NBP Warsaw, 2015 Table of Contents 1. Introduction 1 1.1 Overview 1 1.2 Document
More informationQUOVADIS ROOT CERTIFICATION AUTHORITY CERTIFICATE POLICY/ CERTIFICATION PRACTICE STATEMENT. OIDs: 1.3.6.1.4.1.8024.0.1 1.3.6.1.4.1.8024.0.
QUOVADIS ROOT CERTIFICATION AUTHORITY CERTIFICATE POLICY/ CERTIFICATION PRACTICE STATEMENT OIDs: 1.3.6.1.4.1.8024.0.1 1.3.6.1.4.1.8024.0.3 Effective Date: 03 April 2007 Version: 4.3 Copyright QuoVadis
More informationCERTIFICATE POLICY KEYNECTIS SSL CA
CERTIFICATE POLICY KEYNECTIS SSL CA Date: 05/02/2009 KEYNECTIS SSL CA CERTIFICATE POLICY Subject: KEYNECTIS SSL CA Certificate Policy Version number: 1.1 Number of pages: 49 Status of the Project Final
More informationTC TrustCenter GmbH. Certification Practice Statement
TC TrustCenter GmbH Certification Practice Statement NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certification Practice Statement is published in conformance
More informationStarfield Technologies, LLC. Certificate Policy and Certification Practice Statement (CP/CPS)
Starfield Technologies, LLC Certificate Policy and Certification Practice Statement (CP/CPS) Version 3.8 April 15, 2016 i Starfield CP-CPS V3.8 Table of Contents 1 Introduction... 1 1.1 Overview... 1 1.2
More informationSwiss Government Root CA II. Document OID: 2.16.756.1.17.3.21.1
Swiss Government Root CA II CP/CPS End-user Certificates Swiss Government PKI - Root CA II Certificate Policy and Certification Practice Statement (CP/CPS) Document OID: 2.16.756.1.17.3.21.1 Project Name:
More informationCertification Practice Statement
Certification Practice Statement Revision R1 2013-01-09 1 Copyright Printed: January 9, 2013 This work is the intellectual property of Salzburger Banken Software. Reproduction and distribution require
More informationX.509 Certification Practice Statement for the Australian Department of Defence
X.509 Certification Practice Statement for the Australian Department of Defence Version 5.1 December 2014 Document Management This document is controlled by: Changes are authorised by: Defence Public Key
More informationCertum QCA PKI Disclosure Statement
CERTUM QCA PKI Disclosure Statement v1.1 1 Certum QCA PKI Disclosure Statement Version 1.1 Effective date: 1 st of April, 2016 Status: valid Asseco Data Systems S.A. ul. Żwirki i Wigury 15 81-387 Gdynia
More informationTrusted Certificate Service (TCS)
TCS Personal and escience Personal CA CPS Version 2.0 (rev 15) Page 1/40 Trusted Certificate Service (TCS) TCS Personal CA, escience Personal CA, and Document Signing CA Certificate Practice Statement
More informationVersion 2.4 of April 25, 2008
TC TrustCenter GmbH Certificate Policy for SAFE NOTE: The information contained in this document is the property of TC TrustCenter GmbH. This Certificate Policy is published in conformance with international
More informationCertificate Policy KEYNECTIS SSL CA CP. Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2
Certificate Policy KEYNECTIS SSL CA CP Emmanuel Montacutelli 12/11/2014 DMS_CP_KEYNECTIS SSL CA CP_1.2 KEYNECTIS SSL CA CP Version 1.2 Pages 51 Status Draft Final Author Emmanuel Montacutelli OpenTrust
More informationSSL CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT
SSL CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT Kamu Sertifikasyon Merkezi TÜBİTAK Yerleşkesi, P.K. 74 Gebze 41470 Kocaeli, TURKEY Tel: +90 (0) 262 648 18 18 Fax: +90 (0) 262 648 18 00 www.kamusm.gov.tr
More informationSECOM Trust.net Root1 CA
CERTIFICATE POLICY/ CERTIFICATION PRACTICE STATEMENT May 22, 2006 Version 2.00 SECOM Trust Systems Co.,Ltd. Revision History Version Date Description V1.00 2003.08.01 Initial Draft (Translated from Japanese
More informationPublic Certification Authority Certification Practice Statement of Chunghwa Telecom (PublicCA CPS) Version 1.5
Public Certification Authority Certification Practice Statement of Chunghwa Telecom (PublicCA CPS) Version 1.5 Chunghwa Telecom Co., Ltd. August 21, 2015 Contents 1. INTRODUCTION... 1 1.1 OVERVIEW... 1
More informationING Public Key Infrastructure Technical Certificate Policy
ING Public Key Infrastructure Technical Certificate Policy Version 5.1 - May 2010 Commissioned by ING PKI Policy Approval Authority (PAA) Additional copies Of this document can be obtained via the ING
More informationING Public Key Infrastructure Certificate Practice Statement. Version 5.3 - June 2015
ING Public Key Infrastructure Certificate Practice Statement Version 5.3 - June 2015 Colophon Commissioned by Additional copies ING Corporate PKI Policy Approval Authority Additional copies of this document
More informationX.509 Certificate Policy for India PKI
X.509 Certificate Policy for India PKI Version 1.4 May 2015 Controller of Certifying Authorities Department of Information Technology Ministry of Communications and Information Technology Document Control
More informationESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0
ESnet SSL CA service Certificate Policy And Certification Practice Statement Version 1.0 June 30, 2004 Table of Contents Table of Contents...2 1 Introduction...3 1.1 Overview...3 1.1.1 General Definitions...4
More informationREPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS
REPORT OF INDEPENDENT CERTIFIED PUBLIC ACCOUNTANTS To the Management of Internet Security Research Group: We have examined the assertion by the management of the Internet Security Research Group ( ISRG
More informationInternet Security Research Group (ISRG)
Internet Security Research Group (ISRG) Certificate Policy Version 1.0 Updated May 5, 2015 Approved by ISRG Policy Management Authority ISRG Web Site: https://letsencrypt.org Page 1 of 83 Copyright Notice
More informationComparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software
WHITE PAPER: COMPARING TCO: SYMANTEC MANAGED PKI SERVICE........ VS..... ON-PREMISE........... SOFTWARE................. Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software
More information