fulfils all requirements defined in the technical specification The appendix to the certificate is part of the certificate and consists of 6 pages.



Similar documents
fulfils all requirements defined in the technical specification The appendix to the certificate is part of the certificate and consists of 6 pages.

SPECIFIC CERTIFICATION POLICIES AND PRACTICES APPLICABLE TO

ETSI TR V1.1.1 ( )

Danske Bank Group Certificate Policy

ETSI TS V1.4.3 ( )

TC TrustCenter GmbH Certification Practice Statement and Certificate Policy for Qualified Certificates

to confirm that its document management- and archiving solution fulfils all applicable audit criteria for document management solutions

Apple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.

INDEPENDENT AUDIT REPORT BASED ON THE REQUIREMENTS OF ETSI TS Aristotle University of Thessaloniki PKI ( WHOM IT MAY CONCERN

Auditor view about ETSI and WebTrust criteria. Christoph SUTTER

fulfils all requirements for very high protection of the criteria catalogue The appendix is part of the certificate and consists of 4 pages.

How To Certify A Security Area Datacenter For A Trustworthy Site Infrastructure

How To Understand And Understand The Certificate Authority (Ca)

CERTIFICATION PRACTICE STATEMENT UPDATE

Neutralus Certification Practices Statement

COMMON CERTIFICATE POLICY FOR THE EXTENDED ACCESS CONTROL INFRASTRUCTURE FOR PASSPORTS AND TRAVEL DOCUMENTS ISSUED BY EU MEMBER STATES

Certification Practice Statement

TELSTRA RSS CA Subscriber Agreement (SA)

fulfils all requirements for extended protection of the criteria catalogue The appendix is part of the certificate and consists of 4 pages.

fufils all requirements for high protection of the criteria catalogue The appendix is part of the certificate and consists of 4 pages.

Getronics Certification Certificate of Authentic Trustworthy

ETSI TS : Electronic Signatures and Infrastructures (ESI): Policy

Land Registry. Version /09/2009. Certificate Policy

fulfils all requirements of the SIG/TÜViT Evaluation Criteria

DigiCert Certification Practice Statement

Protection Profiles for TSP cryptographic modules Part 1: Overview

Certipost Trust Services. Certificate Policy. for Lightweight Certificates for EUROCONTROL. Version 1.2. Effective date 03 May 2012

apple WWDR Certification Practice Statement Version 1.8 June 11, 2012 Apple Inc.

Real Casa de la Moneda. Fábrica Nacional de Moneda y Timbre

Ericsson Group Certificate Value Statement

e-tuğra CERTIFICATE POLICY E-Tuğra EBG Bilişim Teknolojileri ve Hizmetleri A.Ş. Version: 3.1 Validity Date: September, 2013 Update Date: 30/08/2013

Version 2.4 of April 25, 2008

SSL CERTIFICATE POLICY AND CERTIFICATION PRACTICE STATEMENT

TC TrustCenter GmbH Time-Stamp Practice and Disclosure Statement

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.14 Effective Date: September 9, 2015

TC TrustCenter GmbH. Certification Practice Statement

EuropeanSSL Secure Certification Practice Statement

CERTIFICATE POLICIES (CP) Legal Person Certificate ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. CP

CERTIFICATE POLICY (CP) (For SSL, EV SSL, OSC and similar electronic certificates)

Certification Service Provider of the Ministry of Employment and Social Security. Profile for Electronic Office certificate

CERTIFICATE POLICIES (CP) Natural Person Certificate ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. CP

Certificate Policy for VoIP

EMA esignature capabilities: frequently asked questions relating to practical and technical aspects of the implementation

CERTIFICATE POLICIES (CP) Public Functionary Certificate ICE SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. CP

PUBLIC. Version 1.0 Date Policy Identifier:

Globe Hosting Certification Authority Globe Hosting, Inc. 501 Silverside Road, Suite 105, Wilmington, DE 19809, County of New Castle, United States

Certification Service Provider of the Ministry of Employment and Social Security. Profile for Public Employee certificates

INFORMATION TECHNOLOGY CERES DEPARTMENT

fulfils all requirements of the SIG/TÜViT Evaluation Criteria

THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc.

Certification Service Provider of the Ministry of Employment and Social Securityp. Profile for Electronic seal certificate

- X.509 PKI SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1

VeriSign Trust Network Certificate Policies

TTP.NL Guidance ETSI TS

CERTIFICATION PRACTICE STATEMENT (CPS) SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A. Version 2.0

Equens Certificate Policy

TTP.NL Scheme. for management system certification. of Trust Service Providers issuing. Qualified Certificates for Electronic Signatures,

Gandi CA Certification Practice Statement

Certificate Policy for OCES Employee Certificates (Public Certificates for Electronic Services) Version 5

GlobalSign CA Certificate Policy

Fraunhofer Corporate PKI. Certification Practice Statement

TC TrustCenter GmbH Time-Stamp Policy

E-TUGRA INFORMATIC TECHNOLOGIES AND SERVICES CORP (E-TUGRA)

Symantec Trust Network (STN) Certificate Policy

SSL.com Certification Practice Statement

Certification Practice Statement

SECOM Trust.net Root1 CA

fulfils all requirements for medium protection of the criteria catalogue The appendix is part of the certificate and consists of 4 pages.

ODETTE CA Subscriber Agreement for Certificates

CMS Illinois Department of Central Management Services

Government CA Government AA. Certification Practice Statement

Class 3 Registration Authority Charter

SSLPost Electronic Document Signing

X.509 Certificate Policy for the Australian Department of Defence Root Certificate Authority and Subordinate Certificate Authorities

PEXA Public Key Infrastructure (PKI) Certification Authority Certificate Policy

BUYPASS CLASS 3 SSL CERTIFICATES Effective date:

Comparing Cost of Ownership: Symantec Managed PKI Service vs. On- Premise Software

Certificate Policy. SWIFT Qualified Certificates SWIFT

TeliaSonera Server Certificate Policy and Certification Practice Statement

Advantage Security Certification Practice Statement

phicert Direct Certificate Policy and Certification Practices Statement

ETSI TS V2.4.1 ( )

Certificate Policy and Certification Practice Statement

Certificate Policy of the. Public Key Infrastructure in the. Deutsche Forschungsnetz. - Grid -

Ford Motor Company CA Certification Practice Statement

Certum QCA PKI Disclosure Statement

Consiglio Nazionale del Notariato

Security framework. Guidelines for trust services providers Part 1. Version 1.0 December 2013

ETSI EN V1.1.1 ( )

SwissSign Certificate Policy and Certification Practice Statement for Gold Certificates

Transnet Registration Authority Charter

CERTIFICATE. certifies that the. Info&AA v1.0 Attribute Service Provider Software. developed by InfoScope Ltd.

TREND MICRO SSL CERTIFICATION PRACTICE STATEMENT. Version 2.0

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, Page 1

Citizen CA Certification Practice statement

How To Assess Risk On A Trust Service Provider

ETSI TS V1.1.1 ( ) Technical Specification

REGISTRATION AUTHORITY (RA) POLICY. Registration Authority (RA) Fulfillment Characteristics SECURITY DATA SEGURIDAD EN DATOS Y FIRMA DIGITAL, S.A.

How To Protect Your Computer From Being Hacked In European Security Policy

Bangladesh Bank Certification Authority (BBCA) Certification Practice Statement (CPS)

Transcription:

The certification body of TÜV Informationstechnik GmbH hereby awards this certificate to the company Fabrica Nacional de Moneda y Timbre. Real Casa de la Moneda C/Jorge Juan, 106 28009 Madrid, Spain to confirm that its certification service AC Public Administration fulfils all requirements defined in the technical specification ETSI TS 101 456 V1.4.3 (2007-05), policy QCP public. The appendix to the certificate is part of the certificate and consists of 6 pages. The certificate is valid only in conjunction with the respective evaluation report until 2016-07-31. ETSI TS 101 456 CA6747.15 16 Certificate-Registration-No.: TUVIT-CA6747.15 Essen, 2015-07-30 Dr. Christoph Sutter Head of Certification Body TÜV Informationstechnik GmbH Langemarckstr. 20 45141 Essen, Germany www.tuvit.de

Appendix to the certificate TUVIT-CA6747.15 page 1 of 6 Certification System The certification body of TÜV Informationstechnik GmbH is accredited by DAkkS Deutsche Akkreditierungsstelle GmbH according to DIN EN ISO/IEC 17065 for the scopes IT security and security technology product certification. The certification body performs its certification on the basis of the following accredited product certification scheme: German document Zertifizierungsprogramm (akkreditierter Bereich) der Zertifizierungsstelle der TÜV Informationstechnik GmbH, Version 1.4 vom 28.11.2014, TÜV Informationstechnik GmbH Evaluation Report Evaluation Report Initial Certification ETSI TS 101 456, Version 2.0 as of 2015-07-23, TÜV Informationstechnik GmbH Evaluation Requirements The evaluation requirements are defined in the technical specification ETSI TS 101 456: ETSI TS 101 456 V1.4.3 (2007-05): Electronic Signatures and Infrastructures (ESI); Policy Requirements for certification authorities issuing qualified certificates, Version 1.4.3, 2007-05, European Telecommunications Standards Institute The applicable ETSI Certificate Policy is: QCP public: Qualified Certificate Policy for qualified certificates issued to the public

Appendix to the certificate TUVIT-CA6747.15 page 2 of 6 Evaluation Target The target of evaluation is characterized by the certificate information of the inspected certification service: AC Public Administration: Issuer of CA certificate (Root CA or intermediate CA): OU = AC RAIZ FNMT-RCM Certificate Serial Number: 5d 93 8d 30 67 36 c8 06 1d 1a c7 54 84 69 07 Name of CA (as in certificate) CN = AC Administración Pública 02 serial number of certificate together with the Certificate Policy (CP) of the operator: PA Specific Certification Policies and Practices, Version 2.2 as of preparation date 2015-07-13, Real Casa de la Moneda FNMT and with the Certification Practice Statement (CPS) of the operator: General Certification Practice Statement, Version 4.2 as of preparation date 2015-07-08, Real Casa de la Moneda FNMT Evaluation Result The target of evaluation fulfills all applicable evaluation requirements. The certification requirements defined in the certification system are fulfilled.

Appendix to the certificate TUVIT-CA6747.15 page 3 of 6 Summary of the Evaluation Requirements The ETSI specification ETSI TS 101 456 contains the following requirements: 1 Certification Practice Statement (CPS) The CA shall ensure that it demonstrates the reliability necessary for providing certification services (see the Directive 1999/98/EC, annex II (a)). 2 Public key infrastructure Key management life cycle The CA shall ensure that CA keys are generated in controlled circumstances (see the Directive 1999/93/EC, annex II (g) and annex II (f)). The CA shall ensure that CA private keys remain confidential and maintain their integrity (see the Directive 1999/93/EC, annex II (g) and annex II (f)). The CA shall ensure that the integrity and authenticity of the CA signature verification (public) key and any associated parameters are maintained during its distribution to relying parties (see the Directive 1999/93/EC, annex II (g) and annex II (f)). Subject private signing keys shall not be held in a way which provides a backup decryption capability, allowing authorized entities under certain conditions to decrypt data using information supplied by one or more parties (commonly called key escrow) (see the Directive 1999/93/EC, annex II (j)). The CA shall ensure that CA private signing keys are not used inappropriately.

Appendix to the certificate TUVIT-CA6747.15 page 4 of 6 The CA shall ensure that CA private signing keys are not used beyond the end of their life cycle (see the Directive 1999/93/EC, annex II (g) and annex II (f)). The CA shall ensure the security of cryptographic hardware throughout its lifecycle (see the Directive 1999/93/EC, annex II (f)). The CA shall ensure that any subject keys, that it generates, are generated securely and the secrecy of the subject's private key is assured (see the Directive 1999/93/EC, annex II (f) and annex II (j)). The CA shall ensure that if it issues SSCD this is carried out securely (see the Directive 1999/93/EC, annex III). 3 Public key infrastructure Certificate Management life cycle The CA shall ensure that subjects are properly identified and authenticated; and that subject certificate requests are complete, accurate and duly authorized (see the Directive 1999/93/EC, annex II (d)). The CA shall ensure that requests for certificates issued to a subject who has already previously been registered are complete, accurate and duly authorized. This includes certificate renewals, rekey following revocation or prior to expiration, or update due to change to the subject's attributes (see the Directive 1999/93/EC, annex II (g)). The CA shall ensure that it issues certificates securely to maintain their authenticity (see the Directive 1999/93/EC, annex II (g)).

Appendix to the certificate TUVIT-CA6747.15 page 5 of 6 The CA shall ensure that the terms and conditions are made available to subscribers and relying parties (see the Directive 1999/93/EC, annex II (k)). The CA shall ensure that certificates are made available as necessary to subscribers, subjects and relying parties (see the Directive 1999/93/EC, annex II (l)). The CA shall ensure that certificates are revoked in a timely manner based on authorized and validated certificate revocation requests (see the Directive 1999/93/EC, annex II (b)). 4 CA management and operation The CA shall ensure that administrative and management procedures are applied which are adequate and correspond to recognized standards (see the Directive 1999/93/EC, annex II (e), 2nd part). The CA shall ensure that its assets and information receive an appropriate level of protection (see the Directive 1999/93/EC, annex II (e)). The CA shall ensure that personnel and hiring practices enhance and support the trustworthiness of the CA's operations (see Directive 1999/93/EC, annex II (e) 1st part). The CA shall ensure that physical access to critical services is controlled and physical risks to its assets minimized (see Directive 1999/93/EC, annex II (f)). The CA shall ensure that the CA systems are secure and correctly operated, with minimal risk of failure (see the Directive 1999/93/EC, annex II (e)).

Appendix to the certificate TUVIT-CA6747.15 page 6 of 6 The CA shall ensure that CA system access is limited to properly authorized individuals (see the Directive 1999/93/EC, annex II (f)). The CA shall use trustworthy systems and products that are protected against modification (see the Directive 1999/93/EC, annex II (f)). The CA shall ensure in the event of a disaster, including compromise of the CA's private signing key, operations are restored as soon as possible (see the Directive 1999/93/EC, annex II (a)). The CA shall ensure that potential disruptions to subscribers and relying parties are minimized as a result of the cessation of the CA's services as covered by the certificate policy, and ensure continued maintenance of records required to provide evidence of certification for the purposes of legal proceedings (see the Directive 1999/93/EC, annex II (i)). The CA shall ensure compliance with legal requirements (see the Directive 1999/93/EC, article 8). The CA shall ensure that all relevant information concerning a qualified certificate is recorded for an appropriate period of time, in particular for the purpose of providing evidence of certification for the purposes of legal proceedings (see the Directive 1999/93/EC, annex II (i)). 5 Organizational The CA shall ensure that its organization is reliable (see Directive 1999/93/EC, annex II (a)).

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information