SPECIFIC DOCUMENTATION FOR WEBSITE CERTIFICATES
|
|
- Kathleen Elliott
- 5 years ago
- Views:
Transcription
1 SPECIFIC DOCUMENTATION FOR WEBSITE CERTIFICATES June 2015 Version 1.0 IZENPE This document is the property of IZENPE and may only be reproduced in its entirety.
2 ÍNDICE 1 INTRODUCTION DESCRIPTION OF CERTIFICATES IDENTIFICATION COMMUNITY AND SCOPE OF USE GENERAL PROVISIONS OPERATIONAL REQUIREMENTS LIST OF REQUIRED DOCUMENTATION APPLICATION PROCEDURE ISSUE AND DELIVERY OF THE CERTIFICATE FEE VERIFICATION OF CERTIFICATE REVOCATION OF CERTIFICATES RENEWAL OF THE CERTIFICATE AUDITS AND INCIDENTS MANAGEMENT OF CHANGES CERTIFICATE PROFILES AND REVOKED CERTIFICATE LISTS DV SSL CERTIFICATE OV SSL CERTIFICATE SITE CERTIFICATE SITE EV CERTIFICATE EV SSL CERTIFICATE CHANGE CONTROL FROM VERSION 0 TO VERSION Additional requirements Clarifications Editorial changes Requirements eliminated YEAR ELIMINATED ON COVER June 2015 Page 2 of 19 Version 1.0
3 1 Introduction This document includes the Specific Documentation for certificates issued by Ziurtapen eta Zerbitzu Enpresa-Empresa de Certificación y Servicios, Izenpe, S.A. (henceforth Izenpe) for different types of websites. The purpose of this document is to detail and complete for this type of certificates the information provided in a more generic form in the Izenpe Certification Practice Statement, in the specific documents of the CA/Browser Forum (Baseline Requirements and EV guidelines for issuing certificates for websites) and in the ETSI specifications ( Thus, Izenpe adheres to the following certification policies established by ETSI: DVCP (Domain Validation Certificates Policy): in the DV SSL certificates. OVCP (Organizational Validation Certificates Policy): in the OV SSL and Site certificates. EVCP (Extended Validation Certificates Policy): in the Site EV and EV SSL certificates. In the scope of the Google Certificate Transparency project, the EV SSL and Site EV certificates issued will be published in the Izenpe CT Log service and that of other log server providers with which Izenpe has signed agreements in order to comply with Google requirements. 1.1 Description of certificates Izenpe issues these certificates to enable subscribers to offer added security to their web services. As for the type of certificate issued by Izenpe, SSL DV SSL OV SSL EV SSL ELECTRONIC SITE Site Site EV The purpose of this type of certificate is to establish data communications in web servers with SSL/TLS. They enable the exchange of encrypted communication between the user and website, facilitating the keys needed to encrypt the information sent over the Internet. SSL CERTIFICATES, Depending on the validation the certificate can be, DOMAIN VALIDATED SSL (DV SSL), This certificate, considered a non-qualified certificate, is used to verify the ownership of the domain that hosts the website, providing a reasonable guarantee to the Internet browser user. These certificates remain valid for 1, 2, or 3 years. ORGANIZATION VALIDATED SSL (OV SSL), June 2015 Page 3 of 19 Version 1.0
4 This certificate, considered non-qualified, is used to validate the domain ownership and the organization, providing the Internet browser user with a reasonable guarantee that the website being accessed belongs to the organization identified in the certificate. These certificates remain valid for 1, 2, or 3 years. VALIDATION EXTENDED SSL (EV SSL), This certificate, considered non-qualified, is used to validate the domain ownership and the organization, providing the Internet browser user with a robust guarantee that the website being accessed belongs to the organization identified in the certificate. These certificates remain valid for 1 or 2 years. ELECTRONIC SITE CERTIFICATES IZENPE, in accordance with Act 11/2007, of 22 June, on Electronic Access of Citizens to Public Services, issues the following types of certificates: ELECTRONIC SITE, This is a certificate issued with the authentication identifying the Public Administration, government agency or entity that owns the office. According to the assurance levels defined in the Identification and digital signature scheme, the Electronic Site certificate issued by IZENPE holds an intermediate level. These certificates remain valid for 1, 2, or 3 years ELECTRONIC SITE WITH EXTENDED VALIDATION EV (Site EV), In addition to the characteristics defined in the Electronic Site certificate, extended validation (EV) provides a higher level of authentication for Public Administration, government agency or administrative entity owing to a more exhaustive validation. According to the assurance levels defined in the Identification and digital signature scheme, the Electronic Site certificate issued by IZENPE holds an intermediate level. These certificates remain valid for 1 or 2 years. June 2015 Page 4 of 19 Version 1.0
5 1.2 Identification In order to identify certificates, IZENPE has assigned them the following object identifiers (OID). CERTIFICATE OID DV SSL OV SSL EV SSL Electronic Site EV Electronic Site Community and scope of use The following will be considered users, Certificate applicant, person applying for the certificate in the name of an organization. Certificate subscriber, organization identified in the certificate. Scope of use. The certificates will be used in the scope of the competences of the organization/public Administration, government agency or entity holding the certificate. 1.4 General provisions Identification obligations IZENPE, either directly or through the User Entities with which it has signed the corresponding legal agreement, checks the identity and any other personal information concerning certificate applicants and subscribers. The legal instrument between the parties will include compliance with the indications in the CA/Browser Forum documents. Certificate subscriber obligations The subscriber's obligations are specified in the Certification Practice Statement in the section on Obligations of the Subscriber. June 2015 Page 5 of 19 Version 1.0
6 2 Operational Requirements 2.1 List of required documentation Issue application duly completed and signed with: o o Handwritten signature Electronic signature: with qualified certificate of Izenpe or national ID that identifies the applicant The applicant shall accept the applicable Terms of Use and Subscriber Contract on the date of signing the Application published on Organization tax code TIN. Authentication and validity of the applicant entity (see section 2.2 Application Procedure) Verification of the Applicant s authority to use the name of the entity (see section 2.2 Application Procedure) 2.2 Application procedure The APPLICANT shall submit the Issue Application and required documentation to, o By post to: IZENPE, S.A., C/ BEATO TOMAS DE ZUMARRAGA, 71-1ª PLANTA VITORIA-GASTEIZ. o o By to: certservidor@izenpe.net. Or by completing the application provided for this purpose on the Izenpe website. By signing the Issue Application, the applicant agrees to the Terms of Use and the Subscriber Contract. Validation of documentation, DV SSL OV SSL EV SSL Site Site EV The registrant should coincide with the applicant organization. If not, the applicant must provide proof of the subscriber's right to use the domains. Verification that the applicant is entitled to use the domain or subdomain:.es domains: domains: domains: whois.nic.eus Any other domain: whois.icann.org Verification by the CAA if they are registered and in all cases compliance with RFC 6844 guidelines. In the case of DV SSL, OV SSL and Site certificates wildcards will be allowed in subdomains or host names, provided the applicant entity can prove its legitimate control of the complete domain name. Otherwise the request will be rejected. For example, *.co.uk or *.local cannot be issued, but *.example.com can be issued to the company Example, Inc. June 2015 Page 6 of 19 Version 1.0
7 OV SSL EV SSL Site Site EV Verification of the applicant entity s identity and validity: o Public entity: Name*: Official Gazette, certificate from secretary or o Commercial Registry CIF*: AGPD, Official Gazette or Commercial Registry o Private entity: Name*: original certification from the corresponding registry or simple notice CIF*: AGPD, original certification from the corresponding registry or simple notice Verification of the Applicant s authority to use the name of the entity: o Public entity*: Certification issued by Secretary/Lawyer, simple notice or reference in the Official Gazette withing 13 months prior to application for issuance o Private entity*: original certification from the corresponding registry or simple notice * Not required for valid recognized corporate or entity certificates issued to the applicant by Izenpe, provided the certificate has been issued in the previous 39 months (13 months for EVs) verification of the applicant's knowledge that the certificate is being processed. Verification of postal address at, o Data Protection Agencies. o Telephone operator pages. o Eudel, for towns in the Basque Country. o Commercial Registry In the event of discrepancy between the documentation provided and the check run, Izenpe will verify that the address given on the Application is a stable location of the applicant organization's operations. Verification of country: o Data Protection Agencies, Eudel, Telephone operator pages or Commercial Registry Verification of denial list in Izenpe internal databases. Verification of high-risk requests in Mcafee TrustedSource EV SSL Site EV Check that the landline (not mobile) number is relevant to the applicant entity. Sources of verification: Telephone operator pages, Data Protection Agencies or Eudel for municipalities in the Basque Country. Subsequent verification by phone. Double signature for documentation verification by, The Legal Office and the Technical Department Validation of the verifications made by the Chief Technical Officer. NOTE. June 2015 Page 7 of 19 Version 1.0
8 Izenpe may perform additional verifications such as: confirmation of the request by the organization or authorisation for the applicant to process the certificate in the name of the organization and the annual review of its compliance by means of external audit. In cases where the validation cannot be carried out as determined, this will be justified in the documentation verification document. Once the documentation has been checked, Izenpe will report the verifications it has made by way of a documentation verification document. Only on EV certificates is validation dual. It will not be necessary to make the above verifications if the information has already been validated within the previous 13 months for EVs and 39 months for the rest. Izenpe DOES NOT issue to IP addresses (ex: ) PROCESO DE SOLICITUD Y EMISIÓN DE CERTIFICADOS SSL DV, SSL OV Y SEDE IZENPE Solicitante Solicitud Formulario de solicitud Telemática o presencial Completar formulario solicitud Envío a Izenpe documentación Contacto por Contacto con entidad para subsanación de errores Validaciones Validaciones NO OK? SI Generación petición técnica Solicitud petición técnica Generación y entrega Prueba certificado y envío de hoja de entrega Emisión Envío certificado June 2015 Page 8 of 19 Version 1.0
9 PROCESO DE SOLICITUD Y EMISIÓN DE CERTIFICADOS SSL EV Y SEDE EV Solicitante Formulario Completar Área Jurídica Responsable de Seguridad Responsable de Área Técnica de solicitud formulario Solicitud Telemática o presencial solicitud Envío a Izenpe documentación Necesari Personación en RA SI o identificar Acreditación solicitante? Validación jurídica Contacto con la entidad para la subsanación de errores NO NO Docume ntación OK? SI Acreditación organización Firma acta jurídica Comprobaciones técnicas Validación técnica Contacto con entidad para subsanación de errores NO OK? SI Firma acta técnica Validación expediente completo Generación Sslicitud petición petición técnica técnica Generación y entrega Contacto con entidad para subsanación de errores Prueba certificado y envío de hoja de entrega NO OK? Emisión Envío certificado y contrato SI Archivo hoja entrega 2.3 Issue and delivery of the certificate Izenpe will ask the Technical Manager indicated on the Issue Application to generate the technical request and submit it by to Izenpe. If the Izenpe application is used, the Technical Manager will enter the technical request. Izenpe will send the certificate to the Technical Manager by or via the application. The applicant must sign and return to Izenpe the Delivery and Acceptance Sheet. 2.4 Fee Once the certificate is issued, the applicable fee is due. The applicable fees are posted every year on the Izenpe website at and on the application provided for this purpose. June 2015 Page 9 of 19 Version 1.0
10 2.5 Verification of certificate The signatory will have 15 working days from the date of issuance to make sure the certificate works properly; if operational defects are detected, Izenpe must be notified. Only if operational defects are due to technical reasons, or to errors made by Izenpe in the data contained in the certificate, will Izenpe revoke the certificate and issue a new one at its own expense. 2.6 Revocation of Certificates Revocation request The revocation of a certificate can be requested by: - The subscriber. The following individuals are authorized to request the revocation of a certificate: The legal representative of the subscriber entity, the personnel manager or a third party authorized or either of the two. - The applicant. - Izenpe is authorized to request the revocation of end-entity subscriber certificates for technical reasons, as provided in the CPS. Procedure The person requesting revocation will process the Revocation Application through Izenpe. The certificate can be revoked at any time. The applicant can revoke the certificate through the following channels: - In person: o o After scheduling an appointment with Izenpe at Or at the subscriber organization with whom Izenpe has subscribed the relevant legal instrument. - Over the phone, by calling The following are required for identification: o Applicant ID o Technical contact ID o Applicant o Fully qualified domain name (FQDN) June 2015 Page 10 of 19 Version 1.0
11 - Online at - Or by post, submitting a signed and notarized revocation request. Causes for revocation Causes can be found in the Certification Practice Statement available at In addition, in the case of certificates regulated in this specific documentation Izenpe, 1. Will present the subscriber, third parties and Internet browsers with clear instructions on how to report complaints or suspicions of private key compromise, certificate misuse or other kinds of fraud, compromise, misuse or improper behaviour related to certificates. 2. Will investigate problem reports within the 24 hours of their receipt and will decide whether or not to revoke them, considering at least the following criteria: - The nature of the case at hand; - The number of problem reports received for a certificate or web page. - The identity of those making the complaint. - Current legislation. 2.7 Renewal of the Certificate To renew a certificate the applicant must follow the certificate issuance process established, taking into account that the verifications are valid for 13 months. 2.8 Audits and incidents Criteria referring to audits and analysis of incidents, Ways in which to present complaints or suggestions, - By phone: info@izenpe.com - A complaint and suggestion form is available atwww.izenpe.com - Completing the complaints or claims forms available at the registration points. June 2015 Page 11 of 19 Version 1.0
12 Internal registry of incidents. Security incidents are managed by the Izenpe Security Committee. The annual auditing plan is performed in accordance with ETSI criteria. IZENPE reports cases it considers as incidents (cases of fraud, phishing, etc.) on the Anti- PhisingWorkGroup website ( and makes sure prior to issuance that the applicant or representative does not appear in the Izenpe internal security incident database. In any case, Izenpe reserves the right to deny issuance of certificates in suspicious situations. June 2015 Page 12 of 19 Version 1.0
13 3 Management of Changes The modifications made to this document will be approved by the IZENPE Security Committee. These modifications will be included in a Specific Documentation Update Document whose maintenance is guaranteed by Izenpe. The updated versions of the specific documentation can be consulted at June 2015 Page 13 of 19 Version 1.0
14 4 Certificate profiles and revoked certificate lists 4.1 DV SSL certificate June 2015 Page 14 of 19 Version 1.0
15 4.2 OV SSL certificate June 2015 Page 15 of 19 Version 1.0
16 4.3 Site certificate June 2015 Page 16 of 19 Version 1.0
17 4.4 Site EV certificate June 2015 Page 17 of 19 Version 1.0
18 4.5 EV SSL certificate June 2015 Page 18 of 19 Version 1.0
19 5 Change control 5.1 From version 0 to version 1.0 Additional requirements Requirements added in section 2.2 Updated requirements Requirements updated in sections 2.1 and 2.2 Clarifications Requirements updated in section 2.2 Editorial changes Index added Footnoted added Requirements eliminated Requirements eliminated in sections 2.1 and 2.2 Year eliminated on cover June 2015 Page 19 of 19 Version 1.0
CERTIFICATE POLICY ENTITY STAMP
CERTIFICATE POLICY ENTITY STAMP Reference: Entity Stamp certificate policy Version no.: v 1.1 Date: 1 July, 2016 IZENPE 2016 This document is the property of IZENPE. This document may only be wholly reproduced
More informationSPECIFIC DOCUMENTATION FOR THE APPLICATION AND CODE SIGNATURE CERTIFICATE
SPECIFIC DOCUMENTATION FOR THE APPLICATION AND CODE SIGNATURE CERTIFICATE IZENPE 2013 This document is the property of IZENPE and may be reproduced only in its entirety. 1 Introduction This document includes
More informationServidor Seguro SSL, Servidor Seguro SSL con Validación Extendida (SSL EV), Sede Electrónica, and Sede Electrónica con Validación Extendida (Sede EV)
National Register of Associations. Number 171.443. CIF G-63287510. Servidor Seguro SSL, Servidor Seguro SSL con Validación Extendida (SSL EV), Sede Electrónica, and Sede Electrónica con Validación Extendida
More information(1) Jisc (Company Registration Number ) whose registered office is at One Castlepark, Tower Hill, Bristol, BS2 0JA ( JISC ); and
SUB-LRA AGREEMENT BETWEEN: (1) Jisc (Company Registration Number 05747339) whose registered office is at One Castlepark, Tower Hill, Bristol, BS2 0JA ( JISC ); and (2) You, the Organisation using the Jisc
More informationServidor Seguro SSL, Servidor Seguro SSL con Validación Extendida (SSL EV), Sede Electrónica, and Sede Electrónica con Validación Extendida (Sede EV)
National Register of Associations. Number 171.443. CIF G-63287510. Servidor Seguro SSL, Servidor Seguro SSL con Validación Extendida (SSL EV), Sede Electrónica, and Sede Electrónica con Validación Extendida
More informationDisclosure text - PDS (PKI Disclosure Statement) for electronic signature and authentication certificates
Disclosure text - PDS (PKI Disclosure Statement) for electronic signature and authentication certificates Index INDEX... 2 1. DISCLOSURE TEXT APPLICABLE TO NATURAL PERSON CERTIFICATES ISSUED ON QSCD...
More informationTrust Service Provider Technical Best Practices Considering the EU eidas Regulation (910/2014)
Trust Service Provider Technical Best Practices Considering the EU eidas Regulation (910/2014) This document has been developed by representatives of Apple, Google, Microsoft, and Mozilla. Document History
More informationSigne Certification Authority. Certification Policy Degree Certificates
Signe Certification Authority Certification Policy Degree Certificates Versión 1.0 Fecha: 2/11/2010 Table of contents 1 FOREWORD 1.1 GENERAL DESCRIPTION 1.2 DOCUMENT NAME AND IDENTIFICATION 2 PARTICIPATING
More informationCERTIFICATION PRACTICE STATEMENT
CERTIFICATION PRACTICE STATEMENT Reference: IZENPE CPS Version no.: v 5.01 Date: 19 September 2013. IZENPE 2013 This document is the property of IZENPE. It may only be reproduced in its entirety. Table
More informationBugzilla ID: Bugzilla Summary:
Bugzilla ID: Bugzilla Summary: CAs wishing to have their certificates included in Mozilla products must 1) Comply with the requirements of the Mozilla CA certificate policy (http://www.mozilla.org/projects/security/certs/policy/)
More informationCertDigital Certification Services Policy
CertDigital Certification Services Policy Page: 2 ISSUED BY : DEPARTAMENT NAME DATE ELECTRONIC SERVICES COMPARTMENT COMPARTMENT CHIEF 19.03.2011 APPROVED BY : DEPARTMENT NAME DATE MANAGEMENT OF POLICIES
More informationTHE BUSINESS VALUE OF EXTENDED VALIDATION
THE BUSINESS VALUE OF EXTENDED VALIDATION How Internet Browsers Support EV and Display Trusted Websites +1-888-690-2424 entrust.com Table of contents Introduction Page 3 Objectives Page 4 How to bring
More informationdataedge CA Certificate Issuance Policy
Classification of Digital Certificate Digital Certificates are classified upon the purpose for which each class is used and the verification methods underlying the issuance of the certificate. Classification
More informationDRAFT REVISIONS BR DOMAIN VALIDATION
DRAFT REVISIONS BR 3.2.2.4 DOMAIN VALIDATION (Feb. 15, 2016) Summary of changes The primary purpose of this change is to replace Domain Validation item 7 "Using any other method of confirmation which has
More informationSummary of Updates CPS Revision 7 (Amendment from CPS Revision 6) 15 June 2018
Summary of Updates CPS Revision 7 (Amendment from CPS Revision 6) 15 June 2018 Section CPS Revision 6 CPS Revision 7 Reasoning / Notes 1.4.2 Prohibited certificate uses: 1.4.2 Prohibited certificate uses:
More informationCORPME TRUST SERVICE PROVIDER
CORPME TRUST SERVICE PROVIDER QUALIFIED CERTIFICATE OF ADMINISTRATIVE POSITION USE LICENSE In..,.. 20... Mr/Mrs/Ms/Miss.........., with DNI/NIF/National Passport nº., e-mail........., phone number....,
More informationSSL Certificates Certificate Policy (CP)
SSL Certificates Last Revision Date: February 26, 2015 Version 1.0 Revisions Version Date Description of changes Author s Name Draft 17 Jan 2011 Initial Release (Draft) Ivo Vitorino 1.0 26 Feb 2015 Full
More informationTechnical Trust Policy
Technical Trust Policy Version 1.2 Last Updated: May 20, 2016 Introduction Carequality creates a community of trusted exchange partners who rely on each organization s adherence to the terms of the Carequality
More informationTelia CA response to Public WebTrust Audit observations 2018
Approved on August 7, 2018 Approved by Telia Finland Oyj Telia CA Security Board 2018-08-07 1 (5) Creator Pekka Lahtiharju Telia CA response to Public WebTrust Audit observations 2018 Description This
More informationDirectTrust Governmental Trust Anchor Bundle Standard Operating Procedure
DirectTrust Governmental Trust Anchor Bundle Standard Operating Procedure Change Control Date Version Description of changes 15-December- 2016 1-December- 2016 17-March- 2016 4-February- 2016 3-February-
More informationJune 2009 Addendum to the Comodo EV Certification Practice Statement v.1.03
June 2009 Addendum to the Comodo EV Certification Practice Statement v.1.03 Comodo CA, Ltd. Addendum to Comodo EV CPS v. 1.03 8 June 2009 3rd Floor, Office Village, Exchange Quay, Trafford Road Salford,
More informationPAA PKI Mutual Recognition Framework. Copyright PAA, All Rights Reserved 1
PAA PKI Mutual Recognition Framework Copyright PAA, 2009. All Rights Reserved 1 Agenda Overview of the Framework Components of the Framework How It Works Other Considerations Questions and Answers Copyright
More informationCERTIFICATE POLICY CIGNA PKI Certificates
CERTIFICATE POLICY CIGNA PKI Certificates Version: 1.1 Effective Date: August 7, 2001 a Copyright 2001 CIGNA 1. Introduction...3 1.1 Important Note for Relying Parties... 3 1.2 Policy Identification...
More informationCertipost E-Trust Services. Certificate Policy. for Normalized E-Trust Physical and Legal Persons. Version 1.1. Effective date 12 January 2011
Certipost E-Trust Services Version 1.1 Effective date 12 January 2011 Object Identification Number (OID) 0.3.2062.7.1.1.200.1 Certipost NV ALL RIGHTS RESERVED. 2 17 for Normalised E-Trust Certificates
More informationCertification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive
Certification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive Asseco Data Systems S.A. Podolska Street 21 81-321 Gdynia, Poland Certum - Powszechne
More informationEIDAS-2016 CHAMBERS OF COMMERCE ROOT and GLOBAL CHAMBERSIGN ROOT Version 1.2.3
CERTIFICATION PRACTICES STATEMENT DIGITAL CERTIFICATES AC CAMERFIRMA SA EIDAS-2016 CHAMBERS OF COMMERCE ROOT - 2016 and GLOBAL CHAMBERSIGN ROOT - 2016. Version 1.2.3 Author: Juan Ángel Martín: PKI Area.
More informationValidation Working Group: Proposed Revisions to
Validation Working Group: Proposed Revisions to 3.2.2.4 Introduction Current Baseline Requirements For each Fully Qualified Domain Name listed in a Certificate, the CA SHALL confirm that, as of the date
More informationCertification Practice Statement certsign SSL EV CA Class 3. for SSL EV Certificates. Version 1.0. Date: 31 January 2018
Certification Practice Statement certsign SSL EV CA Class 3 for SSL EV Certificates Version 1.0 Date: 31 January 2018 1 Important Notice This document is property of CERTSIGN SA Distribution and reproduction
More informationILNAS/PSCQ/Pr004 Qualification of technical assessors
Version 1.1 21.6.2016 Page 1 of 6 ILNAS/PSCQ/Pr004 Qualification of technical assessors Modifications: review of the document 1, avenue du Swing L-4367 Belvaux Tél.: (+352) 247 743-53 Fax: (+352) 247 943-50
More informationSymantec Trust Network (STN) Certificate Policy
Symantec Trust Network (STN) Certificate Policy Version 2.8.24 September 8, 2017 Symantec Corporation 350 Ellis Street Mountain View, CA 94043 USA +1 650.527.8000 www.symantec.com - i - - ii - Symantec
More informationDIGITALSIGN - CERTIFICADORA DIGITAL, SA.
DIGITALSIGN - CERTIFICADORA DIGITAL, SA. TIMESTAMP POLICY VERSION 1.1 21/12/2017 Page 1 / 18 VERSION HISTORY Date Edition n.º Content 10/04/2013 1.0 Initial drafting 21/12/2017 1.1 Revision AUTHORIZATIONS
More informationDigital Signatures Act 1
Issuer: Riigikogu Type: act In force from: 01.07.2014 In force until: 25.10.2016 Translation published: 08.07.2014 Digital Signatures Act 1 Amended by the following acts Passed 08.03.2000 RT I 2000, 26,
More informationPKI Disclosure Statement Digidentity Certificates
PKI Disclosure Statement Digidentity Certificates Title PKI Disclosure Statement Digidentity Certificates Date 25 March 2019 Author Digidentity Version 2019-v1 Classification Public Digidentity 2019 Revisions
More informationCERTIFICATION PRACTICE STATEMENT OF KIR for TRUSTED NON-QUALIFIED CERTIFICATES
Krajowa Izba Rozliczeniowa S.A. CERTIFICATION PRACTICE STATEMENT OF KIR for TRUSTED NON-QUALIFIED CERTIFICATES Version 1.6 Document history Version number Status Date of issue 1.0 Document approved by
More informationACGISS Public Employee Certificates
ACGISS Public Employee Certificates Certification policy V 2.0.1 (February 2017) Social Security IT Department c/ Doctor Tolosa Latour s/n 28041 Madrid Change control Version Observations Date 1.0 Original
More informationQUICKSIGN Registration Policy
QUICKSIGN Registration Policy Amendment to DOCUSIGN FRANCE s Certificate Policy for using the QUICKSIGN platform as a registration service to identify Subscribers September 27, 2016 QUICKSIGN_Registration_Policy_V1.0
More informationAdministration of PEFC scheme
PEFC GUIDE PEFC Procedure Document PEFC GD 1004:2009 Issue 1 2009-10-05 Administration of PEFC scheme PEFC Council World Trade Center 1, 10 Route de l Aéroport CH-1215 Genève, Switzerland Tel: +41 (0)22
More informationPerson determining CPS suitability for the policy CPS approval procedures 1.6. DEFINITIONS AND ACRONYMS
In this section of a CA s CPS, the CA shall provide a link to a web page or an email address for contacting the person or persons responsible for operation of the CA. 1.5.3. Person determining CPS suitability
More informationDECISION OF THE EUROPEAN CENTRAL BANK
L 74/30 Official Journal of the European Union 16.3.2013 DECISIONS DECISION OF THE EUROPEAN CENTRAL BANK of 11 January 2013 laying down the framework for a public key infrastructure for the European System
More informationGlobalSign Certification Practice Statement
GlobalSign Certification Practice Statement Date: May 12th 2009 Version: v.6.5 Table of Contents DOCUMENT HISTORY... 3 HISTORY... 3 ACKNOWLEDGMENTS... 4 1.0 INTRODUCTION... 5 1.1 OVERVIEW... 6 1.2 GLOBALSIGN
More informationTrust Services Practice Statement
Trust Services Practice Statement TrustWeaver AB V. 1.2 PUBLIC Page 1 IMPORTANT LEGAL NOTICE Copyright 2016, TrustWeaver AB. All rights reserved. This document contains TrustWeaver AB proprietary information,
More informationSAFE-BioPharma RAS Privacy Policy
SAFE-BioPharma RAS Privacy Policy This statement discloses the privacy practices for the SAFE-BioPharma Association ( SAFE- BioPharma ) Registration Authority System ( RAS ) web site and describes: what
More informationECA Trusted Agent Handbook
Revision 8.0 September 4, 2015 Introduction This Trusted Agent Handbook provides instructions for individuals authorized to perform personal presence identity verification of subscribers enrolling for
More informationDigi-Sign Certification Services Limited Certification Practice Statement (OID: )
Digi-Sign Certification Services Limited Certification Practice Statement (OID: 1.3.6.1.4.1.8420.1.3.6) In support of Digi-Sign CA as a Recognized Certification Authority December 2015 Copyright and Patent
More informationSSL.com Certificate Policy and Certification Practice Statement SSL.COM CP/CPS VERSION 1.4
2018 SSL.com Certificate Policy and Certification Practice Statement SSL.COM CP/CPS VERSION 1.4 Table of Contents 1 INTRODUCTION... 1 1.1 Overview - The SSL.com CP/CPS... 1 1.2 Identification Number and
More informationTeliaSonera Gateway Certificate Policy and Certification Practice Statement
TeliaSonera Gateway Certificate Policy and Certification Practice Statement v. 1.2 TeliaSonera Gateway Certificate Policy and Certification Practice Statement TeliaSonera Gateway CA v1 OID 1.3.6.1.4.1.271.2.3.1.1.16
More informationJunio 2015 Version 1.0
WEBSITE CERTIFICATE POLICY Juni 2015 IZENPE This dcument is the prperty f IZENPE and may nly be reprduced in its entirety. INDEX 1 INTRODUCTION............... 3 1.1 1.2 1.3 1.4 1 DESCRIPTION OF CERTIFIC
More informationCertification Practice Statement. for OV SSL. Version 1.2. Date: 6 September 2017
Certification Practice Statement certsign Web CA for OV SSL Version 1.2 Date: 6 September 2017 1 Important Notice This document is property of CERTSIGN SA Distribution and reproduction prohibited without
More informationHF Markets SA (Pty) Ltd Protection of Personal Information Policy
Protection of Personal Information Policy Protection of Personal Information Policy This privacy statement covers the website www.hotforex.co.za, and all its related subdomains that are registered and
More informationON THE PROVISION OF CERTIFICATES FOR WEBSITE AUTHENTICATION BY BORICA AD
POLICY ON THE PROVISION OF CERTIFICATES FOR WEBSITE AUTHENTICATION BY BORICA AD (B-Trust QCP-eIDAS Web SSL) Version 1.0 Effective date: July 1, 2018 Document history Version Author (s) Date Status Comment
More informationETSI TR V1.1.1 ( )
TR 119 400 V1.1.1 (2016-03) TECHNICAL REPORT Electronic Signatures and Infrastructures (ESI); Guidance on the use of standards for trust service providers supporting digital signatures and related services
More informationCandidate Manual Certified Commissioning Firm (CCF) Program
Candidate Manual Certified Commissioning Firm (CCF) Program Building Commissioning Certification Board 1600 NW Compton Drive, Suite 200 Beaverton, OR 97006 Phone: 1-877-666-BCXA (2292) E-mail: certification@bcxa.org
More informationHPE DATA PRIVACY AND SECURITY
ARUBA, a Hewlett Packard Enterprise company, product services ( Services ) This Data Privacy and Security Agreement ("DPSA") Schedule governs the privacy and security of Personal Data by HPE in connection
More informationAUDIT GUIDELINES FOR A GOV TSP TSP OF THE BASQUE ADMINISTRATION
AUDIT GUIDELINES FOR A GOV TSP TSP OF THE BASQUE ADMINISTRATION IZENPE: A GOV TSP Created in 2003. Owners: Basque Government and Regional Governments of the Basque Country ISO 27001, ETSI TS 101 456 and
More informationElectronic signature framework
R E P U B L I C O F S E R B I A Negotation Team for the Accession of Republic of Serbia to the European Union Working Group for Chapter 10 Information society and media Electronic signature framework Contents
More informationPlease the completed POL to the following address:
Hello [Customer], Symantec is unable to verify the order details you have provided in our currently available public resources. To continue processing your code signing certificate for [Organization],
More informationUSER CORPORATE RULES. These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy.
These User Corporate Rules are available to Users at any time via a link accessible in the applicable Service Privacy Policy. I. OBJECTIVE ebay s goal is to apply uniform, adequate and global data protection
More informationthawte Certification Practice Statement Version 3.4
thawte Certification Practice Statement Version 3.4 Effective Date: July, 2007 thawte Certification Practice Statement 2006 thawte, Inc. All rights reserved. Printed in the United States of America. Revision
More informationGlobalSign Certification Practice Statement
GlobalSign Certification Practice Statement Date: May 12th 2010 Version: v.6.7 Table of Contents DOCUMENT HISTORY... 3 HISTORY... 3 ACKNOWLEDGMENTS... 4 1.0 INTRODUCTION... 5 1.1 OVERVIEW... 6 1.2 GLOBALSIGN
More informationGDPR AMC SAAS AND HOSTED MODULES. UK version. AMC Consult A/S June 26, 2018 Version 1.10
GDPR AMC SAAS AND HOSTED MODULES UK version AMC Consult A/S June 26, 2018 Version 1.10 INDEX 1 Signatures...3 2 General...4 3 Definitions...5 4 Scoping...6 4.1 In scope...6 5 Responsibilities of the data
More informationCertification Practice Statement. esfirma
Certification Practice Statement esfirma General information Documentary checks Security classification: Public Target entity: ESFIRMA Version: 1.1 Date of Edition: 02/06/2016 File: esfirma DPC v1r1.docx
More informationCandidate Handbook Certified Commissioning Firm (CCF) Program
Candidate Handbook Certified Commissioning Firm (CCF) Program Building Commissioning Certification Board 1600 NW Compton Drive, Suite 200 Beaverton, OR 97006 Phone: (844) 881-8601 E-mail: certification@bcxa.org
More informationAlphaSSL Certification Practice Statement
AlphaSSL Certification Practice Statement Date: December 16th 2008 Version: v1.2 Table of Contents DOCUMENT HISTORY... 3 ACKNOWLEDGMENTS... 3 1.0 INTRODUCTION... 4 1.1 OVERVIEW... 4 1.2 ALPHASSL CERTIFICATE
More informationSeptember OID: Public Document
THE UNITED KINGDOM S NATIONAL CERTIFICATE POLICY for Extended Access Control Infrastructure for machine readable travel documents and biometric residence permits issued and read within the UK September
More informationSWAMID Person-Proofed Multi-Factor Profile
Document SWAMID Person-Proofed Multi-Factor Profile Identifier http://www.swamid.se/policy/assurance/al2mfa Version V1.0 Last modified 2018-09-12 Pages 10 Status FINAL License Creative Commons BY-SA 3.0
More informationGuidance of NOP Certification system Page 1/8
Page 1/8 I. Introduction A. Regulation Since October 21, 2002, The USDA implemented its organic regulations for the production, labeling, and inspection of organic products: the National Organic Program
More informationDirectTrust Accredited Trust Anchor Bundle Standard Operating Procedure
DirectTrust Accredited Trust Anchor Bundle Standard Operating Procedure Change Control Date Version Description of changes 1-Sept-2016 1.5 Added requirements for post approval testing during initial interop
More informationIT Security Evaluation and Certification Scheme Document
IT Security Evaluation and Certification Scheme Document June 2015 CCS-01 Information-technology Promotion Agency, Japan (IPA) IT Security Evaluation and Certification Scheme (CCS-01) i / ii Table of Contents
More informationCertification Practice Statement
SWIFT SWIFT Qualified Certificates Certification Practice Statement This document applies to SWIFT Qualified Certificates issued by SWIFT. This document is effective from 1 July 2016. 17 June 2016 SWIFT
More informationOrion Registrar, Inc. Certification Regulations Revision J Effective Date January 23, 2018
Introduction This document outlines the process of obtaining and maintaining certification with Orion Registrar Incorporated. Included are the requirements and rights of a Company undergoing certification
More informationeidas Regulation eid and assurance levels Outcome of eias study
eidas Regulation eid and assurance levels Outcome of eias study Dr. Marijke De Soete Security4Biz (Belgium) ETSI eidas Workshop 24 June 2015 Sophia Antipolis eidas Regulation Regulation on electronic identification
More informationBut where'd that extra "s" come from, and what does it mean?
SSL/TLS While browsing Internet, some URLs start with "http://" while others start with "https://"? Perhaps the extra "s" when browsing websites that require giving over sensitive information, like paying
More informationING Public Key Infrastructure Technical Certificate Policy
ING Public Key Infrastructure Technical Certificate Policy Version 5.4 - November 2015 Commissioned by ING PKI Policy Approval Authority (PAA) Additional copies Document version General Of this document
More informationSchedule EHR Access Services
This document (this Schedule") is the Schedule for Services ( EHR Access Services ) related to access to the electronic health records ( EHR ) maintained by ehealth Ontario and the use of information in
More informationSSL/TSL EV Certificates
SSL/TSL EV Certificates CA/Browser Forum Exploratory seminar on e-signatures for e-business in the South Mediterranean region 11-12 November 2013, Amman, Jordan Moudrick DADASHOW CEO, Skaitmeninio Sertifikavimo
More informationRules for LNE Certification of Management Systems
Rules for LNE Certification of Management Systems Application date: March 10 th, 2017 Rev. 040716 RULES FOR LNE CERTIFICATION OF MANAGEMENT SYSTEMS CONTENTS 1. PURPOSE... 3 2. SCOPE... 3 3. DEFINITION
More informationTIME STAMP POLICY (TSA)
TIME STAMP POLICY (TSA) Reference: IZENPE-DPTSA Version Num.: v 1.1 Date: 20 Feb 2018 IZENPE This document is owned by IZENPE. It may only be wholly reproduced Table of Contents Content 1 Introduction
More informationCertificate Policy (ETSI EN ) Version 1.1
Certificate Policy (ETSI EN 319 411-2) Version 1.1 IDnow GmbH Auenstr. 100 80469 Munich 09.06.2017 IDnow Certificate Policy (ETSI EN 319 411-2) Version 1.1 Date 09.06.2017 Author Armin Bauer, IDnow GmbH
More informationStartCom Ltd. (Start Commercial Limited) StartSSL Certificates & Public Key Infrastructure Eilat, Israel
StartCom Certificate Policy & Practice Statements 1 Introduction 1.1 Overview This document describes the Certification Policy (CP) of StartCom Certification Authority and related Certification Practice
More informationFPKIPA CPWG Antecedent, In-Person Task Group
FBCA Supplementary Antecedent, In-Person Definition This supplement provides clarification on the trust relationship between the Trusted Agent and the applicant, which is based on an in-person antecedent
More informationUDRP Pilot Project. 1. Simplified way of sending signed hardcopies of Complaints and/or Responses to the Provider (Par. 3(b), Par. 5(b) of the Rules)
UDRP Pilot Project The Czech Arbitration Court (CAC) proposes that it runs two pilot projects (Pilot) related to its implementation of UDRP. During the Pilot, the following proposed new UDRP-related services
More informationAPPROVAL PROCESS TO BE FOLLOWED FOR PROVISIONAL ACCREDITATION OF CBs UNDER FM CERTIFICATION SCHEME
APPROVAL PROCESS TO BE FOLLOWED FOR PROVISIONAL ACCREDITATION OF CBs UNDER FM CERTIFICATION SCHEME Contents Scope... 3 A. Application for the Notification of the Certification Body... 3 B. Approval from
More informationA Bill Regular Session, 2017 HOUSE BILL 1259
Stricken language would be deleted from and underlined language would be added to present law. 0 State of Arkansas st General Assembly A Bill Regular Session, HOUSE BILL By: Representative Fortner For
More informationLET S ENCRYPT SUBSCRIBER AGREEMENT
Page 1 of 7 LET S ENCRYPT SUBSCRIBER AGREEMENT This Subscriber Agreement ( Agreement ) is a legally binding contract between you and, if applicable, the company, organization or other entity on behalf
More informationSCI QUAL INTERNATIONAL PTY LTD ENQUIRY & APPLICATION/RENEWAL FORM FOR CERTIFICATION
SCI QUAL INTERNATIONAL PTY LTD ENQUIRY & APPLICATION/RENEWAL FORM FOR CERTIFICATION Enquiry Application Renewal COMPANY DETAILS COMPANY NAME TRADING NAME ABN WEBSITE POSTAL ADDRESS LOCATION ADDRESS ORGANISATION
More informationMohammed Ahmed Al Amer Chairman of the Board of Directors. Issued on: 16 Rabi' al-awwal 1437 (Arabic calendar) Corresponding to: 27 December 2015
The Telecommunications Regulatory Authority s Board of Directors Resolution No. (13) of 2015 Promulgating the SIM-Card Enabled Telecommunications Services Registration Regulation Chairman of the Telecommunications
More informationVolvo Group Certificate Practice Statement
Volvo Group PKI Documentation Volvo Group Certificate Practice Statement Document name: Volvo Group Certificate Policy Statement Document Owner: Volvo Group AB Corporate Process & IT Issued by: Volvo Group
More informationACCV Certification Practice Statement (CPS)
(CPS) Date: 20/05/2017 Version: 4.0.1 Estado: APPROVED No. of pages: 56 OID: 1.3.6.1.4.1.8149.2.4.0 Classification: PUBLIC File: ACCV-CPS-V4.0-EN-2017.doc Prepared by: Agencia de Tecnología y Certificación
More informationPRODUCT CERTIFICATION SCHEME FOR ENERGY DRINKS
Ref No: RACS/PCS/11 Page 1 of 6 1. Objective: This procedure describes the criteria implemented by RACS as Notified Body of Emirates Authority of Standardization and Metrology (ESMA) that Energy Drinks
More informationVeriSign Trust Network European Directive Supplemental Policies
VeriSign Trust Network European Directive Supplemental Policies Version 1.0 Effective Date: September 19, 2001 VeriSign, Inc. 487 East Middlefield Road Mountain View, CA 94043 USA +1 650.961.7500 http//:www.verisign.com
More informationHYDRANTID SSL ISSUING CA CERTIFICATE POLICY/CERTIFICATION PRACTICE STATEMENT
HYDRANTID SSL ISSUING CA CERTIFICATE POLICY/CERTIFICATION PRACTICE STATEMENT September 15, 2017 Version: 1.1 Copyright HydrantID 2013-2017. All rights reserved. This document shall not be duplicated, used,
More informationELECTRIC RULE NO. 25 Sheet 1 RELEASE OF CUSTOMER DATA TO THIRD PARTIES
Original 34333-E ELECTRC RULE NO. 25 Sheet 1 RELEASE OF CUSTOMER DATA TO THRD PARTES. APPLCABLTY. The following rules apply to PG&E s automated, ongoing provisioning of electric SmartMeter TM interval
More informatione-authentication guidelines for esign- Online Electronic Signature Service
e-authentication guidelines for esign- Online Electronic Signature Service (Issued under Electronic Signature or Electronic Authentication Technique and Procedure Rules, 2015) Version 1.3 April 2017 Controller
More informationOISTE-WISeKey Global Trust Model
OISTE-WISeKey Global Trust Model Certification Practices Statement (CPS) Date: 18/04/2018 Version: 2.10 Status: FINAL No. of Pages: 103 OID: 2.16.756.5.14.7.1 Classification: PUBLIC File: WKPKI.DE001 -
More informationCERTIFICATION BODY (CB) APPROVAL REQUIREMENTS FOR THE IFFO RESPONSIBLE SUPPLY (IFFO RS) AUDITS AND CERTIFICATION
CERTIFICATION BODY (CB) APPROVAL REQUIREMENTS FOR THE IFFO RESPONSIBLE SUPPLY (IFFO RS) AUDITS AND CERTIFICATION Introduction The IFFO RS Certification Programme is a third party, independent and accredited
More informationUnisys Corporation April 28, 2017
Unisys Internal PKI v1 14.docx Unisys Internal PKI Unisys Corporation April 28, 2017 Page 1 of 79 Content: Name: Version / Last Revision: Classification: Unisys Internal PKI v1 14.docx This document contains
More informationCertification Policy & Practice Statement
Certification Policy & Practice Statement StartCom CA Version 3.4 Date: October 24, 2017 Contents 1 Introduction... 8 1.1 Overview... 8 1.1.1 Philosophy... 8 1.1.2 Copyright, reserved rights... 8 1.2 Document
More informationInspection and Certification for Individual Farms, Smallholder Group Certification S S R A N A S R S C I E N T I S T
Inspection and Certification for Individual Farms, Smallholder Group Certification S S R A N A S R S C I E N T I S T What is Certification? Organic certification system is a quality assurance initiative,
More informationCertificados Empleado Público
Registro Nacional de Asociaciones. Número 171.443. CIF G-63287510 ANF Autoridad de Certificación Gran vía de les Corts Catalanes 996. 08018 Barcelona (Spain) Telephone: +34 902 902 172 Fax: +34 933 031
More informationSERVICE DESCRIPTION. Population Register Centre s online services
SERVICE DESCRIPTION Population Register Centre s online services SERVICE DESCRIPTION [Number] 2 (12) DOCUMENT MANAGEMENT Owner Author Checked by Approved by Pauli Pekkanen Project Working Group Reko-Aleksi
More information