Audit Attestation for CERTSIGN

Transcription

1 Audit Attestation for CERTSIGN Headquarter : Bulevardul Timisoara 5A - Bucharest - Romania Reference: LSTI n AL-V2.0 To whom it may concern, This is to confirm, that LSTI 1 has successfully audited the CAs of CERTSIGN registered under R.C.S. RO N J40/484/2006. The audit was performed as an initial full audit and will be documented in a specific report(s). This audit confirms the validity of the certificate of conformity N issued on 27 June 2017 and valid until 26 June The whole PKI hierarchy has been documented and assessed during the audit see Appendix 1 to this audit attestation. The next assessment has to be successfully finalized before 26 June 2019 in order to maintain the validity as stated in the corresponding certificates issued by LSTI. The assessment performed covered all relevant CAs, including their roots as described in the aforementioned certificates that have been issued to CERTSIGN. CERTSIGN may publish this audit attestation in a publicly-accessible location, as required. In case of any question, please contact LSTI - Ms Armelle Trotin atrotin@lsti.eu phone With best regards, Armelle Trotin Head of Certification Body 1 LSTI SAS has been accredited pursuant to the accreditation certificate of French Accreditation Body COFRAC with registration number rév. 3 dated 21 April 2017 in accordance with EN ISO/IEC 17065:2013 as a certification body for products, processes, and services in accordance with the Annex of the accreditation certificate and in accordance with the eidas EU Regulation art. 3 (18) and the ETSI EN Detailed scope at

2 CERTSIGN Issuer of the conformity assessment report LSTI Group 10 Avenue Anita Conti Saint-Malo France Armelle Trotin - Head of certification atrotin@lsti.eu phone: Camille Gerbert Administrative and commercial manager Camille.gerbert@lsti.eu Phone : +353 (87) Accreditation body COFRAC 52 Rue Jacques Hillairet Paris France information@cofrac.fr Phone: See accreditation attestation Certification documentation The certification documentation (Conformity Assessment Report CAR) comprises: 1. the declaration of conformity (DOC) N V2.0, 2. the certificate of conformity (CER) N S-V1.0 for creation of certificates for electronic signatures, seals, tima-stamp and website authentication; as defined in the eidas EU Regulation Art. 3 No the assessment(s) report(s): LSTI N V1 initial certification EN & LSTI N V1 initial certification EN which contain detailed statements and description of the physical, logical and functional architecture of the TSP, list of the products and details regarding the electronic certificates. Trust service provider and trust services 1 Designation of the trust service provider CERTSIGN Siège : Bulevardul Timisoara 5A Bucharest - Romania RO CERTSIGN is a trust service provider 2 according to eidas EU Regulation Art. 3 No Description of trust services CERTSIGN provides the following services, which have been defined in the eidas EU Regulation Art. 3 No. 16, the conformity of which has been assessed with the present report: 2 Hereinafter referred to as: TSP Page 2 of 4 pages

3 CERTSIGN - Creation of certificates for electronic signatures - Creation of certificates for electronic seals - Creation of certificates for Website authentication - Creation of Qualified Electronic Time Stamps Other services (not defined in eidas regulation): - The creation of certificates for electronic authentication 3 Audit organization Stage 1 audit The audit has been carried out from to on the TSP site by Lead Auditor: Philippe BOUCHET, Technical Expert: Nicolas PRIGENT. Stage 2 audit Audit of the correct implementation of the TSP operations during the onsite inspection at TSP s locations. This audit has been carried out from to by the Audit team (Lead Auditor: Philippe BOUCHET, Technical Expert: Nicolas PRIGENT) accompanied on the part of the TSP - certsign by: Cristian Garabet. 4 Fulfilment of the requirements The following standards are relevant in auditing the TSP: EN V2.2.2: Electronic Signatures and infrastructures (ESI) - Trust Service Providers conformity assessment - Requirements for conformity assessment bodies assessing Trust Service Providers EN V2.1.1: Electronic Signatures and Infrastructures (ESI) General Policy requirements for trust service providers EN V1.1.1: Electronic signatures and infrastructures (ESI) - Policy and security requirements applicable to trust service providers issuing certificates - Part 1: General requirements EN V2.1.1: Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 2: Requirements for trust service providers issuing EU qualified certificates And all the standards mentioned by them, And Certification scheme: LSTI-Q055-V5.1: Certification rules for Trust Service providers Page 3 of 4 pages

4 Certsign CA NAME Standard Level (EN ) serial number (root) OID (end users) Service EKU Audited Validity/Policy certsign ROOT CA G2 Root yes certsign Qualified CA NCP Sub CA yes certsign Qualified CA EN QCP-n-QSCD Signature KS certsign Qualified CA EN QCP-n-QSCD Signature KC certsign Qualified CA EN QCP-l Seal KS certsign Qualified CA EN QCP-l Seal KC Not After 6-Feb 2042 yes yes yes yes certsign Qualified CA EN QCP-l Seal KC Timestamping Time stamping yes certsign Qualified CA EN NCP OCSP OCSP Signing yes certsign Public CA EN NCP Sub CA yes certsign Public CA EN LCP Signature-Authentication KS certsign Public CA EN LCP Signature-Authentication TKS certsign Public CA EN LCP Signature-Authentication TKC certsign Public CA EN LCP Signature-Authentication KC certsign Public CA EN LCP Encryption KS certsign Public CA EN LCP Encryption TKS Page 4 sur 5 pages

5 Certsign CA NAME Standard Level (EN ) serial number (root) OID (end users) Service EKU Audited Validity/Policy certsign Public CA EN LCP Encryption TKC certsign Public CA EN LCP Encryption KC certsign Public CA EN LCP Seal KS certsign Public CA EN LCP Seal TKS certsign Public CA EN LCP Seal TKC certsign Public CA EN LCP Seal KC certsign Public CA EN NCP OCSP OCSP Signing yes certsign Web CA NCP Sub CA yes certsign Web CA EN QCP-w EVCP Server-Authentication certsign Web CA EN OVCP Server-Authentication Server Authentication (EV) and Client Authentication only Server Authentication (non EV) and Client Authentication only yes yes certsign Web CA EN NCP OCSP OCSP Signing yes End of the attestation Page 4 sur 5 pages