BT Managed Secure Messaging. Non-Repudiation Policy
|
|
- Edward Carson
- 5 years ago
- Views:
Transcription
1 BT Managed Secure Messaging Non-Repudiation Policy
2 Contents Page 1 Introduction Scope Terms and Definitions 4 2 Non-Repudiation Categories Non-Repudiation of Origin Non-Repudiation of Receipt 5 3 Non-Repudiation Evidence Types of Evidence Evidence Generation Originator NR Evidence Generation Recipient NR Evidence Generation BT NR Evidence Generation Evidence Retention Evidence Verification Evidence Validity 7 4 Obligations Originator and Recipient Certification Obligations Originator Obligations Recipient Obligations BT Obligations Trusted Third Party Obligations 9 5 Applicable Law and Liability Applicable Law Liabilities 10 6 Dispute Resolution Initiating NR Claim Dispute Resolution 11 7 References 13 8 Glossary of Terms 14 Page 2 of 16
3 9 Authorisation 15 Page 3 of 16
4 1 Introduction The aim of this document is to define the Non-Repudiation Policy for BT Managed Secure Messaging that is operated and managed by BT. It is intended to specify the criteria for the provision of non-repudiation as part of the service. BT owns and operates a secure infrastructure through which services are delivered to BT Managed Secure Messaging customers. The services delivered through BT Managed Secure Messaging benefit from security features based upon a Public Key Infrastructure (PKI). The PKI delivers electronic trust services to members of the BT Managed Secure Messaging community. 1.1 Scope This document describes the Non-Repudiation Policy elements of the PKI for the delivery of services to customers. The document does not provide details of the design or implementation of the PKI capability, but identifies key elements which are relevant to the non-repudiation of services under the BT Managed Secure Messaging. 1.2 Terms and Definitions Term Recipient Originator Trusted Third-Party Gateway BT Managed Secure Messaging Message Usage in this Document Refers to an organisation with which BT has a contract to deliver secure messages from Originators. BT is also a Recipient when it receives messages on behalf of an Originator from a third-party service provider. Refers to an organisation with which BT has a contract to deliver secure messages to Recipients. BT is also an Originator when it sends messages on behalf of a third-party service provider to a Recipient. BT shall act as a Trusted Third-Party between the Originators and the Recipients, as the Certificate Authority (CA). The BT supplied equipment located at Originator and Recipient sites for secure messaging between Originators and Recipients. There are two types of gateways, a soft gateway application or a hardware gateway The totality of all functions provided by BT as an organisation for delivery of the BT Managed Secure Messaging service and includes Certificates that are used by the Originators and Recipients. Information transmitted between an Originator and a Recipient Page 4 of 16
5 2 Non-Repudiation Categories Non-repudiation is the concept of ensuring that a party to a communication cannot later deny having taken part in all or part of a communication. Nonrepudiation helps in settling possible disputes over whether a particular event or action has taken place in a communication by collecting, maintaining, making available and validating irrefutable evidence concerning a claimed event or action to resolve disputes about occurrence or non-occurrence of an event or action. This section defines the Non-Repudiation categories supported by the BT Managed Secure Messaging PKI. In the BT Managed Secure Messaging PKI, an originator submits messages to the originator gateway for secure delivery to the recipient gateway. The recipient gateway delivers received messages to the recipient. The following NR categories shall be supported: Non-repudiation of Origin (NRO) Non-repudiation of Receipt (NRR) 2.1 Non-Repudiation of Origin Non-repudiation of origin shall provide evidence that the originator gateway is indeed the genuine originator of a message delivered to the recipient. Originator gateways shall generate evidence of origin in the form of digitally signed messages. Evidence of origin of messages shall be retained by recipients. 2.2 Non-Repudiation of Receipt Non-repudiation of receipt shall provide evidence that the recipient gateway received a message that was submitted by the originator. Recipient gateways shall generate evidence of receipts in the form of digitally signed receipts. Evidence of receipt of messages shall be retained by originators. Page 5 of 16
6 3 Non-Repudiation Evidence For any non-repudiation, evidence is a crucial focus and this is discussed in the sub-sections below. 3.1 Types of Evidence NR evidence shall include the following: Registration Authority information Certificates all signing certificates issued by the CA Certificate Revocation List (CRL) containing all revoked certificates issued by BT Managed Secure Messaging CA hierarchy and all CRL history (i.e. a revoked certificate may be removed from the live CRL once it has expired) Message data Digital Signatures (digitally signed messages, MDNs, Screen SOAP over https requests and responses) Security context information to identify the message: Date and Time of generation or processing Gateway identification Certificate Identification Message Type (File transfer, Screen SOAP over http(s) etc) 3.2 Evidence Generation Originator NR Evidence Generation Originators shall generate and retain NR evidence relating to all messages transmitted. These shall include: Message data Digital Signatures (digitally signed messages, MDNs, Screen SOAP over https requests and responses) Recipient NR Evidence Generation Recipients shall generate and retain NR evidence relating to all messages it received. These shall include: Message data Digital Signatures (digitally signed messages, MDNs, Screen SOAP over https requests and responses) BT NR Evidence Generation BT shall generate and retain the following NR evidence: Page 6 of 16
7 Registration Authority information Certificates all signing certificates issued by the CA Certificate Revocation List (CRL) containing all revoked certificates and all CRL history 3.3 Evidence Retention BT shall provide a re-verification service for up to 13 years past the end of the provision of the BT MSM Service. Each party (BT, Originators and Recipients) may securely retain their respective NR evidences for re-verification up to a period of 13 years after the evidence generation. 3.4 Evidence Verification BT shall provide a tool for the digital signature verifications. Originators or recipients shall provide the original message and evidence to be verified. Verification shall be performed as documented in [Ref: 3]. 3.5 Evidence Validity The evidence shall be deemed valid if the output of the validation shows that the signature of the message is valid and that the certificate was not revoked or expired at the time of signing. Page 7 of 16
8 4 Obligations 4.1 Originator and Recipient Certification Obligations The originators and Recipients shall notify BT promptly as documented in the CP [Ref: 1] when they require their Certificate to be revoked. The originators and recipients shall notify BT promptly of the following changes to their organisation: Change to the organisation name; Merger resulting in change to the organisation name; De-merger resulting in change to the organisation name; Company going bankrupt or entering into administration; Company ceasing operation; Change of Nominators; Change of Gateway Security Officers (GSOs). 4.2 Originator Obligations The originators shall securely store the evidence of receipt of messages sent to the recipients. The originators shall make available when requested the evidence of receipts of messages that is held by them. 4.3 Recipient Obligations The recipient shall securely store the evidence of origin of messages received from the originators. The recipient shall make available when requested the evidence of origin of messages that is held by them. 4.4 BT Obligations BT shall ensure that Certificates are revoked promptly when a revocation request is received as documented in the CP [Ref: 1]. BT shall ensure that Certificate related evidence is generated and retained: Registration Authority information Certificates all signing certificates issued by the CA Certificate Revocation List (CRL) containing all revoked certificates, and complete history of all CRLs BT shall promptly perform non-repudiation verification when requested by either the originator or recipient. Page 8 of 16
9 4.5 Trusted Third Party Obligations BT shall act as a Trusted Third Party to provide non-repudiation evidence verification in disputes between originators and recipients of BT Managed Secure Messaging. Page 9 of 16
10 5 Applicable Law and Liability 5.1 Applicable Law The law in England shall apply. 5.2 Liabilities Liabilities shall be as agreed in the contracts between BT and each of the parties. BT shall not be liable for any aspect of a dispute between parties, other than for the provision of the non-repudiation service on request from either or both of the parties in dispute. Page 10 of 16
11 6 Dispute Resolution The essence of non-repudiation is the provision of irrefutable evidence to support dispute resolution and BT will endeavour to resolve any potential dispute arising from use of BT Managed Secure Messaging. 6.1 Initiating NR Claim Any originator or recipient who has contracted to use BT Managed Secure Messaging shall initiate a Non-Repudiation claim by contacting BT in writing detailing the circumstances to the following address: Project Manager BT Managed Secure Messaging (MSM) BT Guidion House Harvest Crescent Ancells Business Park Fleet Hampshire GU51 2QP Tel: Fax: msm.support@bt.com 6.2 Dispute Resolution BT shall act as a Trusted Third Party in disputes involving an originator and the recipient. BT shall provide the non-repudiation verification process through validation of evidence using applicable cryptographic key material. This validation will confirm that the evidence is genuine of origin, or of receipt. An originator or recipient may request that BT perform the verification process in respect of specific evidence relating to a dispute or potential dispute. In these circumstances, the requestor shall identify archived evidence in their possession and provide that evidence to BT for the purposes of the verification process. BT shall perform the requested verification process and notify the outcome of that process to the requesting party - see [Ref: 3] for details of verification procedures. If either or both of the originator or recipient fails to fulfil their obligation in respect of the long term archive of evidence and cannot provide the evidence then BT shall not be obliged to perform a non-repudiation verification process and shall not be responsible for any aspect of dispute resolution between the parties. Page 11 of 16
12 If either or both of the originator or recipient does not accept the verified evidence provided by BT, then BT shall not be responsible for any further aspect of disputes resolution between the parties. Page 12 of 16
13 7 References 1. Certificate Policy 2. S3 PKI Design 3. Non-Repudiation Procedures Page 13 of 16
14 8 Glossary of Terms Term PKI NR NRO NRR CA CRL TTP SOAP STP HTTPS GSO MDNs Description Public Key Infrastructure Non-Repudiation Non-repudiation of Origin Non-repudiation of Receipt Certificate Authority Certificate Revocation List Trusted Third Party Simple Object Access Protocol Straight Through Processing Secure Hyper Text Transfer Protocol Gateway Security Officer Message Disposition Notifications Page 14 of 16
15 9 Authorisation Owner Jasper Lanek Issue and Date Issue 1.2 : Dated July 2010 Location of electronic copy P:\ISC\Documents\tScheme\Approved Change Authority Andy Travell Distribution BT Managed Secure Messaging Programme Author Jasper Lanek Audience BT Staff and BT MSM Subscribers Issue Author Date Details of Change 1.0, 1st Draft Jasper Lanek Draft issued for review 1.0 Jasper Lanek 26/02/08 Comments following QA Review 1.1 Jasper Lanek 20/05/08 Replaced BT Secure Messaging Service with new name BT Managed Secure Messaging and removed references to IFM. 1.2 Jasper Lanek July 2010 Minor update to referenced document location and contact Approvals This document requires the following approvals. Signed approval forms are filed in the project files. Name Signature Title Date of Version Issue Andy Travell IFM Project Manager 09/07/ All information in this document is provided in confidence for the sole purpose of adjudication of the document and shall not be used for any other purpose and shall not be published or disclosed wholly or in part to any other party without BT s prior permission in writing and shall be held in safe custody. These obligations shall not apply to information which is published or becomes known legitimately from some source other than BT. Many of the product, service and company names referred to in this document are trademarks or registered trademarks. They are all hereby acknowledged. British Telecommunications plc 2010 Registered Office: 81 Newgate Street, London EC1A 7AJ Page 15 of 16
16 Offices worldwide British Telecommunications plc 2010 Registered office: 81 Newgate Street, London EC1A 7AJ Registered in England No:
ING Public Key Infrastructure Technical Certificate Policy
ING Public Key Infrastructure Technical Certificate Policy Version 5.4 - November 2015 Commissioned by ING PKI Policy Approval Authority (PAA) Additional copies Document version General Of this document
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.3 Effective
More informationApple Inc. Certification Authority Certification Practice Statement
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Apple Application Integration - G3 Sub-CA Version 6.2 Effective
More information(1) Jisc (Company Registration Number ) whose registered office is at One Castlepark, Tower Hill, Bristol, BS2 0JA ( JISC ); and
SUB-LRA AGREEMENT BETWEEN: (1) Jisc (Company Registration Number 05747339) whose registered office is at One Castlepark, Tower Hill, Bristol, BS2 0JA ( JISC ); and (2) You, the Organisation using the Jisc
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013 Table of Contents 1. Introduction... 5 1.1. Trademarks... 5
More informationApple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations
Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.18 Effective Date: August 16, 2017 Table of Contents 1. Introduction... 5 1.1. Trademarks...
More informationCERTIFICATE POLICY CIGNA PKI Certificates
CERTIFICATE POLICY CIGNA PKI Certificates Version: 1.1 Effective Date: August 7, 2001 a Copyright 2001 CIGNA 1. Introduction...3 1.1 Important Note for Relying Parties... 3 1.2 Policy Identification...
More informationApple Inc. Certification Authority Certification Practice Statement. Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA
Apple Inc. Certification Authority Certification Practice Statement Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA Version 4.0 Effective Date: September 18, 2013 Table of Contents
More informationDisclosure text - PDS (PKI Disclosure Statement) for electronic signature and authentication certificates
Disclosure text - PDS (PKI Disclosure Statement) for electronic signature and authentication certificates Index INDEX... 2 1. DISCLOSURE TEXT APPLICABLE TO NATURAL PERSON CERTIFICATES ISSUED ON QSCD...
More informationISO/IEC TR Information technology Security techniques Guidelines for the use and management of Trusted Third Party services
This is a preview - click here to buy the full publication TECHNICAL REPORT ISO/IEC TR 14516 First edition 2002-06-15 Information technology Security techniques Guidelines for the use and management of
More informationMailbox Rental Terms and Conditions
Mailbox Rental Terms and Conditions (valid from 26th September 2018) Subject to the customer ("the Customer") observing the Terms and Conditions set out below, Mail Boxes Etc. ("the Company") agrees to
More informationApple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.
Apple Inc. Certificate Policy and Certification Practice Statement Version 1.0 Effective Date: March 12, 2015 Table of Contents 1. Introduction... 4 1.1. Trademarks... 4 1.2. Table of acronyms... 4 1.3.
More informationSAFE-BioPharma RAS Privacy Policy
SAFE-BioPharma RAS Privacy Policy This statement discloses the privacy practices for the SAFE-BioPharma Association ( SAFE- BioPharma ) Registration Authority System ( RAS ) web site and describes: what
More informationSSL Certificates Certificate Policy (CP)
SSL Certificates Last Revision Date: February 26, 2015 Version 1.0 Revisions Version Date Description of changes Author s Name Draft 17 Jan 2011 Initial Release (Draft) Ivo Vitorino 1.0 26 Feb 2015 Full
More informationDIGITALSIGN - CERTIFICADORA DIGITAL, SA.
DIGITALSIGN - CERTIFICADORA DIGITAL, SA. TIMESTAMP POLICY VERSION 1.1 21/12/2017 Page 1 / 18 VERSION HISTORY Date Edition n.º Content 10/04/2013 1.0 Initial drafting 21/12/2017 1.1 Revision AUTHORIZATIONS
More informationWISeKey SA ADVANCED SERVICES ISSUING CERTIFICATION AUTHORITY CERTIFICATION PRACTICE STATEMENT
WISeKey SA ADVANCED SERVICES ISSUING CERTIFICATION AUTHORITY CERTIFICATION PRACTICE STATEMENT Version 1.1 Effective Date: 05 December 2008 WISeKey S.A. 2000-2008 WISeKey hereby grants non-exclusive permission
More informationAdministration of PEFC scheme
PEFC GUIDE PEFC Procedure Document PEFC GD 1004:2009 Issue 1 2009-10-05 Administration of PEFC scheme PEFC Council World Trade Center 1, 10 Route de l Aéroport CH-1215 Genève, Switzerland Tel: +41 (0)22
More informationING Corporate PKI G3 Internal Certificate Policy
ING Corporate PKI G3 Internal Certificate Policy Version 1.0 March 2018 ING Corporate PKI Service Centre Final Version 1.0 Document information Commissioned by Additional copies of this document ING Corporate
More informationSmart Meters Programme Schedule 2.1
Smart Meters Programme Schedule 2.1 (DCC Requirements) (SMKI version) V1.2 1 Schedule 2.1 (DCC Requirements) This Schedule 2.1 (DCC Requirements) is formed of the following parts: Part A Introduction...3
More informationCertification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure
Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure 1.0 INTRODUCTION 1.1 Overview The Federal Reserve Banks operate a public key infrastructure (PKI) that manages
More informationCertification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive
Certification Policy of CERTUM s Certification Services Version 4.0 Effective date: 11 August 2017 Status: archive Asseco Data Systems S.A. Podolska Street 21 81-321 Gdynia, Poland Certum - Powszechne
More informationVolvo Group Certificate Practice Statement
Volvo Group PKI Documentation Volvo Group Certificate Practice Statement Document name: Volvo Group Certificate Policy Statement Document Owner: Volvo Group AB Corporate Process & IT Issued by: Volvo Group
More informationTerms and Conditions of Mobile Phone Service (Pre-Paid) Between Operator and Subscriber
Terms and Conditions of Mobile Phone Service (Pre-Paid) Between Operator and Subscriber Section 1 General 1.1 This Terms and Conditions of Mobile Phone Service shall be effective between Advanced Wireless
More informationAPPROVAL PROCESS TO BE FOLLOWED FOR PROVISIONAL ACCREDITATION OF CBs UNDER FM CERTIFICATION SCHEME
APPROVAL PROCESS TO BE FOLLOWED FOR PROVISIONAL ACCREDITATION OF CBs UNDER FM CERTIFICATION SCHEME Contents Scope... 3 A. Application for the Notification of the Certification Body... 3 B. Approval from
More informationAlphaSSL Certification Practice Statement
AlphaSSL Certification Practice Statement Date: December 16th 2008 Version: v1.2 Table of Contents DOCUMENT HISTORY... 3 ACKNOWLEDGMENTS... 3 1.0 INTRODUCTION... 4 1.1 OVERVIEW... 4 1.2 ALPHASSL CERTIFICATE
More informationTimber Products Inspection, Inc.
Timber Products Inspection, Inc. Product Certification Public Document Timber Products Inspection, Inc. P.O. Box 919 Conyers, GA 30012 Phone: (770) 922-8000 Fax: (770) 922-1290 TP Product Certification
More informationSchedule Identity Services
This document (this Schedule") is the Schedule for Services related to the identity management ( Identity Services ) made pursuant to the ehealth Ontario Services Agreement (the Agreement ) between ehealth
More informationDigi-CPS. Certificate Practice Statement v3.6. Certificate Practice Statement from Digi-Sign Limited.
Certificate Practice Statement v3.6 Certificate Practice Statement from Digi-Sign Limited. Digi-CPS Version 3.6. Produced by the Legal & Technical Departments For further information, please contact: CONTACT:
More informationPrivacy Policy. Data Controller - the entity that determines the purposes, conditions and means of the processing of personal data
Privacy Policy Datacenter.com (referred to as we, us, our, Datacenter or the Company ) is committed to protecting your privacy and handling your data in an open and transparent manner. The personal data
More informationSERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY Secure applications and services Security protocols
I n t e r n a t i o n a l T e l e c o m m u n i c a t i o n U n i o n ITU-T X.1159 TELECOMMUNICATION STANDARDIZATION SECTOR OF ITU (11/2014) SERIES X: DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY
More informationPAA PKI Mutual Recognition Framework. Copyright PAA, All Rights Reserved 1
PAA PKI Mutual Recognition Framework Copyright PAA, 2009. All Rights Reserved 1 Agenda Overview of the Framework Components of the Framework How It Works Other Considerations Questions and Answers Copyright
More informationCertipost E-Trust Services. Certificate Policy. for Normalized E-Trust Physical and Legal Persons. Version 1.1. Effective date 12 January 2011
Certipost E-Trust Services Version 1.1 Effective date 12 January 2011 Object Identification Number (OID) 0.3.2062.7.1.1.200.1 Certipost NV ALL RIGHTS RESERVED. 2 17 for Normalised E-Trust Certificates
More informationBCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding)
BCDC 2E, 2012 (On-line Bidding Document for Stipulated Price Bidding) CLAUSE 13 ON-LINE BIDDING 13.1 ON-LINE BIDDING.1 Definitions: Owner means the party and/or their agent designated to receive on-line
More informationData Subject Access Request Procedure. Page 1 KubeNet Data Subject Access Request Procedure KN-SOP
Data Subject Access Request Procedure Page 1 Table of contents 1. Scope, Purpose and Users... 3 2. Reference Documents... 3 3. Data Subject Access Request ( DSAR )... 3 4. The Rights of a Data Subject...
More informationGeneral Data Protection Regulation BT s amendments to the proposed Regulation on the protection of individuals with regard to the processing of
General Data Protection Regulation BT s amendments to the proposed Regulation on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General
More informationFPKIPA CPWG Antecedent, In-Person Task Group
FBCA Supplementary Antecedent, In-Person Definition This supplement provides clarification on the trust relationship between the Trusted Agent and the applicant, which is based on an in-person antecedent
More informationCALSTRS ONLINE AGREEMENT TERMS AND CONDITIONS
CALSTRS ONLINE AGREEMENT TERMS AND CONDITIONS INTRODUCTION: Before the California State Teachers Retirement System (hereinafter "CalSTRS," "We," or "Us") will provide services found at mycalstrs.com (the
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD ISO/IEC 15945 First edition 2002-02-01 Information technology Security techniques Specification of TTP services to support the application of digital signatures Technologies de l'information
More informationAGREEMENT FOR USE OF NORTHERN POWERGRID ELECTRONIC MAINS RECORDS
AGREEMENT FOR USE OF NORTHERN POWERGRID ELECTRONIC MAINS RECORDS This Agreement is entered into on [insert date, including year] between (1) [Northern Powergrid (Northeast) Limited (company number: 02906593)/Northern
More informationDigital Signatures Act 1
Issuer: Riigikogu Type: act In force from: 01.07.2014 In force until: 25.10.2016 Translation published: 08.07.2014 Digital Signatures Act 1 Amended by the following acts Passed 08.03.2000 RT I 2000, 26,
More informationBT Assure Cloud Identity Annex to the General Service Schedule
1 Defined Terms The following definitions apply, in addition to those in the General Terms and Conditions and the General Service Schedule of the Agreement. Administrator means a Customer-authorised person
More informationVersion 2.3 Final. TMDB System User Manual (Registrar)
Version 2.3 Final TMDB System User Manual (Registrar) Table of contents 1. INTRODUCTION... 4 1.1. OVERVIEW OF THE TMDB SYSTEM... 4 1.2. THE INTENDED AUDIENCE FOR THIS DOCUMENT... 4 1.3. OVERVIEW OF THIS
More informationIDENTITY ASSURANCE PRINCIPLES
IDENTITY ASSURANCE PRINCIPLES PRIVACY AND CONSUMER ADVISORY GROUP (PCAG) V3.1 17 th July 2014 CONTENTS 1. Introduction 3 2. The Context of the Principles 4 3. Definitions 6 4. The Nine Identity Assurance
More informationAvira Certification Authority Policy
Avira Certification Authority Policy Version: 1.0 Status: Draft Updated: 2010-03-09 Copyright: Avira GmbH Author: omas Merkel Introduction is document describes the Certification Policy (CP) of Avira Certification
More informationVSC-PCTS2003 TEST SUITE TIME-LIMITED LICENSE AGREEMENT
VSC-PCTS2003 TEST SUITE TIME-LIMITED LICENSE AGREEMENT Notes These notes are intended to help prospective licensees complete the attached Test Suite Time-Limited License Agreement. If you wish to execute
More informationCERTIFICATION PRACTICE STATEMENT OF KIR for TRUSTED NON-QUALIFIED CERTIFICATES
Krajowa Izba Rozliczeniowa S.A. CERTIFICATION PRACTICE STATEMENT OF KIR for TRUSTED NON-QUALIFIED CERTIFICATES Version 1.6 Document history Version number Status Date of issue 1.0 Document approved by
More informationRPost's Registered services and Evidence issues within the United Kingdom Legal System
RPost's Registered E-mail services and Evidence issues within the United Kingdom Legal System By Alan Shipman, Author, British Standards Institute Legal admissibility Code of Practice BIP 0008 London,
More informationData Subject Access Request
Data Subject Access Request DATA PROTECTION ACT 1998 Version: 10.0 Approval Status: Approved Document Owner: Graham Feek Classification: Internal Review Date: 03/07/2017 Effective from: 1 July 2015 Table
More informationDigi-Sign Certification Services Limited Certification Practice Statement (OID: )
Digi-Sign Certification Services Limited Certification Practice Statement (OID: 1.3.6.1.4.1.8420.1.3.6) In support of Digi-Sign CA as a Recognized Certification Authority December 2015 Copyright and Patent
More informationCertDigital Certification Services Policy
CertDigital Certification Services Policy Page: 2 ISSUED BY : DEPARTAMENT NAME DATE ELECTRONIC SERVICES COMPARTMENT COMPARTMENT CHIEF 19.03.2011 APPROVED BY : DEPARTMENT NAME DATE MANAGEMENT OF POLICIES
More informationAn error will be returned by the services when invalid electronic requests are received.
Standard Life s Commercial and Technical Agreement These terms and conditions (the Commercial and Technical Agreement ) are in addition to, and are incorporated into The Origo Legal Framework Electronic
More informationWHC Toolbar. Application User guide. Wholesale Hosted Communications (WHC 3.0)
WHC Toolbar Application User guide Wholesale Hosted Communications (WHC 3.0) July 2017 Confidentiality All information in this document is provided in confidence as per the terms and conditions of Wholesale
More informationPKI Disclosure Statement Digidentity Certificates
PKI Disclosure Statement Digidentity Certificates Title PKI Disclosure Statement Digidentity Certificates Date 25 March 2019 Author Digidentity Version 2019-v1 Classification Public Digidentity 2019 Revisions
More informationUnisys Corporation April 28, 2017
Unisys Internal PKI v1 14.docx Unisys Internal PKI Unisys Corporation April 28, 2017 Page 1 of 79 Content: Name: Version / Last Revision: Classification: Unisys Internal PKI v1 14.docx This document contains
More informationUser Terms of Service
User Terms of Service PT User Terms of Service 1v2.docx Page 1 of 6 Version 1v2 of 27-04-2017 Pervasive Telemetry Pty Limited atf Pertel Unit Trust ABN 90 042 341 785 User Terms of Service Effective: 27
More informationError Handling Strategy. DCC Guidance Document
Error DCC Guidance Document Date: June 2016 Classification: DCC Public Table of Contents 1 Introduction... 3 1.1 Purpose... 3 1.2 Scope... 3 1.3 General Provisions... 3 2 Error Management... 4 2.1 Error
More informationWP24 CFD Settlement: Required Information
WP24 Settlement: Required Information Working Practice Public Version: 3.0 Date: 16 May 2018 Table of Contents Change Amendment Record 3 1. Introduction 4 1.1 Scope and Purpose 4 1.2 Main Users and Responsibilities
More informationLET S ENCRYPT SUBSCRIBER AGREEMENT
Page 1 of 7 LET S ENCRYPT SUBSCRIBER AGREEMENT This Subscriber Agreement ( Agreement ) is a legally binding contract between you and, if applicable, the company, organization or other entity on behalf
More informationDECISION OF THE EUROPEAN CENTRAL BANK
L 74/30 Official Journal of the European Union 16.3.2013 DECISIONS DECISION OF THE EUROPEAN CENTRAL BANK of 11 January 2013 laying down the framework for a public key infrastructure for the European System
More informationETSI TR V1.1.2 ( )
TR 101 053-3 V1.1.2 (2006-01) Technical Report Security Algorithms Group of Experts (SAGE); Rules for the management of the TETRA standard encryption algorithms; Part 3: TEA3 2 TR 101 053-3 V1.1.2 (2006-01)
More informationSchedule EHR Access Services
This document (this Schedule") is the Schedule for Services ( EHR Access Services ) related to access to the electronic health records ( EHR ) maintained by ehealth Ontario and the use of information in
More informationVersion 2.4 Final. TMDB System User Manual (Registry)
Version 2.4 Final TMDB System User Manual (Registry) Table of contents 1. INTRODUCTION... 5 1.1. OVERVIEW OF THE TMDB SYSTEM... 5 1.2. THE INTENDED AUDIENCE FOR THIS DOCUMENT... 5 1.3. OVERVIEW OF THIS
More informationSmile IT Ltd Privacy Policy. Hello, we re Smile IT Ltd. We offer computer and network support to businesses and home computer users.
Smile IT Ltd Privacy Policy Hello, we re Smile IT Ltd. We offer computer and network support to businesses and home computer users. At Smile IT we value our clients and we re committed to protecting your
More informationThe Open Group Certification for People. Training Course Accreditation Policy
The Open Group Certification for People Training Course Accreditation Policy Version 1.1 February 2014 Copyright 2013-2014, The Open Group All rights reserved. No part of this publication may be reproduced,
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD ISO/IEC 9594-8 Fifth edition 2005-12-15 Information technology Open Systems Interconnection The Directory: Publickey and attribute certificate frameworks Technologies de l'information
More informationSIN 508 Issue 1.2 August 2016
SIN 508 Issue 1.2 August 2016 Suppliers' Information Note For The BT Network OPENREACH TIME DIVISION MULTIPLEX ACCESS BEARER SERVICES (TDM ACCESS) Service Description Each SIN is the copyright of British
More informationTerms and Conditions of Mobile Phone Service (Post-Paid) Between Operator and Subscriber
Terms and Conditions of Mobile Phone Service (Post-Paid) Between Operator and Subscriber Section 1 General 1.1 This Terms and Conditions of Mobile Phone Service shall be effective between Advanced Wireless
More informationECA Trusted Agent Handbook
Revision 8.0 September 4, 2015 Introduction This Trusted Agent Handbook provides instructions for individuals authorized to perform personal presence identity verification of subscribers enrolling for
More informationError Handling Strategy
Handling Strategy Draft DCC Guidance Document June 2016 Page 1 of 13 Contents 1. Introduction 3 1.1. Purpose 3 1.2. Scope 3 1.3. General Provisions 3 2. Management 5 2.1. Classification 5 2.2. Handling
More informationEco Web Hosting Security and Data Processing Agreement
1 of 7 24-May-18, 11:50 AM Eco Web Hosting Security and Data Processing Agreement Updated 19th May 2018 1. Introduction 1.1 The customer agreeing to these terms ( The Customer ), and Eco Web Hosting, have
More informationX.509 Certificate Policy for the New Zealand Government PKI RSA Individual - Software Certificates (Medium Assurance)
X.509 Certificate Policy for the New Zealand Government PKI RSA Individual - Software Certificates (Medium Assurance) Version 0.7 Mar-17 Notice to all parties seeking to rely Reliance on a Certificate
More informationGRCA FULL MEMBER GRADE (GRC Manufacturer) Regulations, Membership Procedure and Assessment
GRCA FULL MEMBER GRADE (GRC Manufacturer) Regulations, Membership Procedure and Assessment The International Glassfibre Reinforced Concrete Association (GRCA) October 2017 The International Glassfibre
More informationROYAL MAIL GROUP ADDRESS MANAGEMENT UNIT PAF DATA END USER TERMS ( End User Terms )
ROYAL MAIL GROUP ADDRESS MANAGEMENT UNIT PAF DATA END USER TERMS ( End User Terms ) Introduction These End User Terms permit the use of PAF Data in Solutions by End Users. These terms are not applicable
More informationLAWtrust AeSign CA Certification Practice Statement (LAWtrust AeSign CA CPS)
INFORMATION SECURITY POLICY ISSUE SPECIFIC POLICY VERSION: V003 2017-05-11 EFFECTIVE DATE: 2017-05-11 LAWtrust AeSign CA Certification Practice Statement (LAWtrust AeSign CA CPS) Law Trusted Third Party
More informationTeliaSonera Gateway Certificate Policy and Certification Practice Statement
TeliaSonera Gateway Certificate Policy and Certification Practice Statement v. 1.2 TeliaSonera Gateway Certificate Policy and Certification Practice Statement TeliaSonera Gateway CA v1 OID 1.3.6.1.4.1.271.2.3.1.1.16
More informationValidation Policy r tra is g e R ANF AC MALTA, LTD
Maltese Registrar of Companies Number C75870 and VAT number MT ANF AC MALTA, LTD B2 Industry Street, Qormi, QRM 3000 Malta Telephone: (+356) 2299 3100 Fax:(+356) 2299 3101 Web: www.anfacmalta.com Security
More informationWonde may collect personal information directly from You when You:
Privacy Policy Updated: 17th April 2018 1. Scope At Wonde, we take privacy very seriously. We ve updated our privacy policy ( Policy ) to ensure that we communicate to You, in the clearest way possible,
More information1. Right of access. Last Approval Date: May 2018
Page 1 of 5 I. PURPOSE The European Union s General Data Protection Regulation (GDPR) provides greater data protection for individuals in the European Union (EU). This comprehensive regulation, effective
More informationETSY.COM - PRIVACY POLICY
At Etsy, we value our community. You trust us with your information, and we re serious about that responsibility. We believe in transparency, and we re committed to being upfront about our privacy practices,
More informationSuppliers' Information Note. BT LAN Extension Service Service Description
SIN 430 Issue 1.2 May 2009 Suppliers' Information Note For The BT Network BT LAN Extension Service 2500 Service Description Each SIN is the copyright of British Telecommunications plc. Reproduction of
More informationSigne Certification Authority. Certification Policy Degree Certificates
Signe Certification Authority Certification Policy Degree Certificates Versión 1.0 Fecha: 2/11/2010 Table of contents 1 FOREWORD 1.1 GENERAL DESCRIPTION 1.2 DOCUMENT NAME AND IDENTIFICATION 2 PARTICIPATING
More informationACCEPTANCE OF ELECTRONIC MAINTENANCE RECORDS
BAC-AW-04 Issue: 1 Effective: 9-Jan-17 ACCEPTANCE OF ELECTRONIC MAINTENANCE RECORDS GENERAL Bermuda Advisory Circulars are issued to provide advice, guidance and information on standards, practices and
More informationReference Offer for Leased Line and Ethernet Services
Reference Offer for Leased Line and Ethernet Services Service Operations Manual Contents 1. Background... 2 2. Service Request Process... 2 2.1. Clean Order Process... 2 2.2. Order Delivery Process...
More informationQUICKSIGN Registration Policy
QUICKSIGN Registration Policy Amendment to DOCUSIGN FRANCE s Certificate Policy for using the QUICKSIGN platform as a registration service to identify Subscribers September 27, 2016 QUICKSIGN_Registration_Policy_V1.0
More informationCORPME TRUST SERVICE PROVIDER
CORPME TRUST SERVICE PROVIDER QUALIFIED CERTIFICATE OF ADMINISTRATIVE POSITION USE LICENSE In..,.. 20... Mr/Mrs/Ms/Miss.........., with DNI/NIF/National Passport nº., e-mail........., phone number....,
More informationEntrust SSL Web Server Certificate Subscription Agreement
Entrust SSL Web Server Certificate Subscription Agreement ATTENTION - READ CAREFULLY: THIS SUBSCRIPTION AGREEMENT (THIS "AGREEMENT") IS A LEGAL CONTRACT BETWEEN THE PERSON, ENTITY, OR ORGANIZATION NAMED
More informationTELECOMMUNICATIONS AND DATA CABLING BUSINESSES
DRAFT for RCWS, ADTIA & ICAA INDUSTRY CODE for TELECOMMUNICATIONS AND DATA CABLING BUSINESSES Registered by the ACMA on XX XXXXX 2016 TABLE OF CONTENTS TABLE OF CONTENTS 2 1. SCOPE AND OBJECTIVES 3 1.1
More informationPRIVACY NOTICE (TIER 4)
Page: 1 of 6 1. Scope All data subjects whose personal data is collected, in line with the requirements of the GDPR. 2. Responsibilities 2.1 The Data Protection Officer / GDPR Owner is responsible for
More informationISO/IEC INTERNATIONAL STANDARD
INTERNATIONAL STANDARD ISO/IEC 9594-8 Sixth edition 2008-12-15 Information technology Open Systems Interconnection The Directory: Publickey and attribute certificate frameworks Technologies de l'information
More informationDirector s Requirements No (Issued initially as Practice Bulletin 204)
Director s Requirements No. 02-11 (Issued initially as Practice Bulletin 204) DOCUMENT TITLE: Director s Requirements for a Certification Authority ISSUER: Director of Land Titles APPLICATION: All Land
More informationOTA 2 Scheme Memorandum of Understanding
Memorandum of Understanding 26 March 2007 Contents OTA 2 Scheme Memorandum of Understanding 1 Annex 1. Definitions 4 Annex 2. OTA 2 Appointment Rules 6 Annex 3. Terms of Reference for the OTA 2 Scheme
More informationImplementation Guide for Delivery Notification in Direct
Implementation Guide for Delivery Notification in Direct Contents Change Control... 2 Status of this Guide... 3 Introduction... 3 Overview... 3 Requirements... 3 1.0 Delivery Notification Messages... 4
More informationFramework for a Better Ads Experience Program
Framework for a Better Ads Experience Program The Coalition for Better Ads ( CBA ) will launch a Better Ads Experience Program ( Program ) to improve the online advertising experience for consumers and
More informationTIA. Privacy Policy and Cookie Policy 5/25/18
TIA Privacy Policy and Cookie Policy 5/25/18 Background: TIA understands that your privacy is important to you and that you care about how your information is used and shared online. We respect and value
More informationLevel 1 Certificate in Reception Services ( )
Level 1 Certificate in Reception Services (8067-01) Assessment pack www.cityandguilds.com January 2012 Version 1.01 About City & Guilds City & Guilds is the UK s leading provider of vocational qualifications,
More informationWireless Innovation Forum Contribution
[WINNF-IN-00] 0 0 Wireless Innovation Forum Contribution Committee: SSC WG CBSD Task Group Title: WInnForum CBSD/DP UUT Security Test Cases Tutorial Short Title: WInnForum CBSD/DP UUT Security Test Cases
More informationStandard. Use of Cryptography. Information Security Manager. Page 1 of 12
Standard Use of Cryptography Information Security Manager Page 1 of 12 Document control Distribution list Name Title Department Adrian Ellison Assistant Director, Infrastructure IT Services Services Amber
More informationDraft ETSI EN V1.0.0 ( )
Draft EN 319 522-4-3 V1.0.0 (2018-05) Electronic Signatures and Infrastructures (ESI); Electronic Registered Delivery Services; Part 4: Bindings; Sub-part 3: Capability/requirements bindings 2 Draft EN
More informationNotification of Certification Bodies for assessing sustainable forest management in Romania
Romanian Forest Certification Scheme 2017 Annex 13 PEFC-RO DST 8013:2017 Notification of Certification Bodies for assessing sustainable forest management in Romania March 2017 Copyright notice PEFC Romania
More informationCertification Practices Statement (CPS) For Use With ARIN Internet Resource Registration Systems
Certification Practices Statement (CPS) For Use With ARIN Internet Resource Registration Systems OID 1.3.6.1.4.1.18428.1.1.1 Published April 18, 2004 1. Introduction ARIN CPS Published April 18, 2004 OID
More information