ECA Trusted Agent Handbook

Similar documents
ORC ECA Subscriber Instructions for Individual Identity and Encryption Certificates

Apple Inc. Certification Authority Certification Practice Statement

ORC ACES Subscriber Instructions. Component/Server Certificates

Apple Inc. Certification Authority Certification Practice Statement

SAFE-BioPharma RAS Privacy Policy

VeriSign External Certification Authority Certification Practice Statement

Apple Corporate Certificates Certificate Policy and Certification Practice Statement. Apple Inc.

Apple Inc. Certification Authority Certification Practice Statement. Apple Application Integration Sub-CA Apple Application Integration 2 Sub-CA

CERTIFICATE POLICY CIGNA PKI Certificates

Escapees Temporary Mail Service Agreement 101 Rainbow Drive, Livingston, TX

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations

dataedge CA Certificate Issuance Policy

Privacy Policy. How we handle your information you provide to us. Updated: 14 March 2016

CCST Examination Application

ETSY.COM - PRIVACY POLICY

Special requirements for CITSS users who have been approved by other jurisdictions and are representing a participant in Nova Scotia

PPR TOKENS SALE PRIVACY POLICY. Last updated:

APPLICATION DEADLINE Postmarked by January 12, 2018

ID Theft Information Form - Instructions

Apple Inc. Certification Authority Certification Practice Statement Worldwide Developer Relations Version 1.10 Effective Date: June 10, 2013

Recognition as an Account Agent (User Registration) in the Compliance Instrument Tracking System Service (CITSS)

Terms and Conditions between Easy Time Clock, Inc. And Easy Time Clock Client

SSL Certificates Certificate Policy (CP)

QNB Bank-ONLINE AGREEMENT

Emsi Privacy Shield Policy

Electronic Authentication Steps for Accessing EvaluationWeb

Entrust SSL Web Server Certificate Subscription Agreement

APPLICATION DEADLINE Postmarked by May 4, 2018

INSTRUCTIONS. What are the steps to apply? What is this? Who can apply? How does it work? What does the test cover?

CHAPTER 10 - ELECTRONIC COMMERCE SECTION SECTION GENERAL ADMINISTRATION

LET S ENCRYPT SUBSCRIBER AGREEMENT

TRUSTIS FPS. Enrolment Requirements: Acceptable Evidence in Support of an Application for a Digital Certificate

Website Privacy Policy

Copyright 2017 Exostar LLC. All rights reserved. Phone One-Time Password User Guide October 2017

APPLICATION DEADLINE Postmarked by January 12, 2018

Change Healthcare CLAIMS Provider Information Form *This form is to ensure accuracy in updating the appropriate account

CertDigital Certification Services Policy

TEXAS MEDICARE (TRAILBLAZERS) CHANGE FORM MR085

CONNECT TRANSIT CARD Pilot Program - Privacy Policy Effective Date: April 18, 2014

Certification Practice Statement of the Federal Reserve Banks Services Public Key Infrastructure

2. What is Personal Information and Non-Personally Identifiable Information?

3 Months 6 Months 12 Months. Step 1 Choose a mailbox size. Check the box by the box size you would like to sign up for.

CAP Examination Application

Operational Research Consultants, Inc. (ORC) Access Certificates For Electronic Services (ACES) Certificate Practice Statement Summary. Version 3.3.

Identity Theft Victim s Complaint and Affidavit

Website Privacy Policy

CERTIFIED MAIL LABELS TERMS OF USE and PRIVACY POLICY Agreement

PAYMENT FORM. Name of Cardholder: Service Selected: (please select one below) Signature: Domestic

Business Banking Online application

Digital Signatures Act 1

Important Information

Red Flags/Identity Theft Prevention Policy: Purpose

BCN Telecom, Inc. Customer Proprietary Network Information Certification Accompanying Statement

Requirements for NCOWCICB certification with Business Succession Exemption Please read and follow carefully.

United States Department of Defense External Certification Authority X.509 Certificate Policy

We collect information from you when You register for an Traders account to use the Services or Exchange and when You use such Services. V.

Mississippi Medicaid. Mississippi Medicaid Program Provider Enrollment P.O. Box Jackson, Mississippi Complete form and mail original to:

Change Healthcare ERA Provider Information Form *This form is to ensure accuracy in updating the appropriate account

MEDICARE Texas (TRAILBLAZERS) PRE-ENROLLMENT INSTRUCTIONS 00900

NATIONAL REGISTRY OF CERTIFIED CHEMISTS 125 Rose Ann Lane, West Grove, PA (phone) / (fax) /

BUZCOIN TOKENS SALE PRIVACY POLICY. Last updated:

By accessing your Congressional Federal Credit Union account(s) electronically with the use of Online Banking through a personal computer or any other

These rights are known as 'subject access' rights and they are limited to information held by QAA about yourself.

Optional Practical Training (OPT) STEM Extension Packet

Data Subject Access Request Form (GDPR)

ELECTRONIC RECORDING MEMORANDUM OF UNDERSTANDING

Application and Instructions for Firms

Overview. IHCP Provider Name and Address Maintenance. indianamedicaid.com

Certipost E-Trust Services. Certificate Policy. for Normalized E-Trust Physical and Legal Persons. Version 1.1. Effective date 12 January 2011

SANMINA CORPORATION PRIVACY POLICY. Effective date: May 25, 2018

DROPBOX.COM - PRIVACY POLICY

Appendix B: Certified Technology Specialist Design (CTS-D) - Exam Application

AVMA LIFE Agency FAQ

UT HEALTH SAN ANTONIO HANDBOOK OF OPERATING PROCEDURES

Hong Kong Access Federation (HKAF) Identity Management Practice Statement (IMPS)

Certified Assessor. Application for COBIT Certified Assessor

Online Filing Guide for Charities and Professional Fundraisers

AGREEMENT FOR RECEIPT AND USE OF MARKET DATA: ADDITIONAL PROVISIONS

DATA PROTECTION ACT 1998

Technical Trust Policy

Annex 2 to the Agreement on Cooperation in the Area of Trade Finance & Cash Management Terms and Conditions for Remote Data Transmission

Consent to Electronic Delivery of Periodic Statements, Disclosures and Notices

OKLAHOMA HORSE RACING COMMISSION 2800 N. LINCOLN BLVD., SUITE 220 OKLAHOMA CITY, OK (405)

First Federal Savings Bank of Mascoutah, IL Agreement and Disclosures

Appendix B: Certified Technology Specialist - Installation (CTS-I) Exam Application

Participant Agreement. Updated December 1, 2016 and approved by the OK-First Advisory Committee

Certified Hospitality Supervisor

GROUPON.COM - PRIVACY POLICY

TATA CONSULTANCY SERVICES LIMITED CERTIFYING AUTHORITY REQUEST FORM FOR CLASS-2 CERTIFICATE / / Version Class-2 Certificate (Company)

FinFit will request and collect information in order to determine whether you qualify for FinFit Loans*.

ecare Vault, Inc. Privacy Policy

Secure Messaging Mobile App Privacy Policy. Privacy Policy Highlights

LightGig Communications, LLC Privacy Policy

FACTS WHAT DOES FARMERS STATE BANK DO WITH YOUR PERSONAL INFORMATION? WHY? WHAT? HOW? L QUESTIONS?

Railroad Medicare Electronic Data Interchange Application

Law Enforcement. Handbook

ONE ID Identity and Access Management System

HOW TO OBTAIN A QUALIFYING PARTY CERTIFICATE

Add or remove a digital signature in Office files

Enterprise Income Verification (EIV) System User Access Authorization Form

Transcription:

Revision 8.0 September 4, 2015

Introduction This Trusted Agent Handbook provides instructions for individuals authorized to perform personal presence identity verification of subscribers enrolling for Symantec External Certificate Authority (ECA) digital certificates. Symantec is a U.S. Government-approved Certification Authority (CA) authorized to issue ECA certificates to entities needing to conduct business with government organizations. Subscribers of ECA certificates include government (federal, state and local) contractors, government (state and local) employees and other entities doing electronic transactions with government agencies. ECA certificates enable secure electronic communication and transactions with government entities and departments. Symantec ECA certificates can be used for authentication at government Web sites and to digitally sign and encrypt email, documents, and electronic forms. A digital certificate is an electronic credential that uses public key cryptography. Each holder of a digital certificate has a public/private key pair. The private key, which is held securely by the holder, is used for creating digital signatures. The public key, which may be widely distributed, is used to enable other users to encrypt messages to the holder of the private key. In order to rely on a public key, it is necessary that it be certified by an entity called a CA. The CA binds a user s public key to their identity, certifies the public key, and creates the electronic credential called a digital certificate. Government policy requires that before an individual can be issued an ECA certificate, the subscriber s identity must be verified by appearing before a notary, a Trusted Agent, a U.S. consular officer or an authorized DoD employee. For verification purposes, government policy permits the use of an authorized Trusted Agent to perform in-person identity verification of your organization s certificate subscribers. As a Trusted Agent for your organization, you will be performing a key role in the validation of the identity of subscribers enrolling for Symantec ECA certificates. Your responsibilities include: Verifying subscriber identity and country of citizenship Electronically submitting enrollment, revocation, and key recovery requests to Symantec Archiving subscriber enrollment, revocation, and key recovery forms 2

Enrolling as a Trusted Agent The following instructions define the procedures and policies for becoming a Trusted Agent and executing the duties of a Trusted Agent. To become a Trusted Agent (repeat for each new Trusted Agent in your organization): 1) Complete the Trusted Agent Authorization Form The Trusted Agent Authorization From (found in Exhibit 1 at the end of this handbook) identifies you to Symantec as a designated representative of your organization. It verifies that you are authorized to perform the role of Trusted Agent for certificate subscribers at your organization. 2) Enroll for your own Symantec ECA Certificate Enroll for an ECA Certificate at https://eca2048.pki.symantec.com/enrollintro.htm. For the Enrollment Method, select Subscriber Enrollment Using Notary. Note: When you enroll for your ECA Certificate, you are required to appear before a notary to verify your identity. After you become a Trusted Agent, you are authorized to perform the function of the notary for your organization s ECA Certificate subscribers. 3) Send the completed forms to Symantec Mail the Trusted Agent Authorization Form, the Subscriber Enrollment Form, and your company documentation (if applicable) to Symantec at the address specified on the Subscriber Enrollment Form. Note: If you already have an ECA Certificate, you only need to fax the Trusted Agent Authorization Form to the authentication team of Symantec at 650-429-7355. 4) Install your ECA Certificate and configure your email client After Symantec approves your application, you will receive an email with instructions for downloading and installing your ECA Certificate. Install your ECA Certificate and set up your email client (for example, Microsoft Outlook) to sign and encrypt messages. You are now ready to function as your organization s Trusted Agent. Note: For details on configuring your email client to sign and encrypt messages with your ECA Certificate, go to https://knowledge.symantec.com/support/ecasupport/index?page=content&id=so6063 3

Trusted Agent Procedures 1) Send the ECA Certificate enrollment instructions to each subscriber Before you can validate a subscriber s identity, the subscriber must enroll on the Symantec ECA Web site and select Subscriber Enrollment Using Trusted Agent. Provide your subscribers with the following enrollment information: ECA enrollment and installation instructions Follow the forms found on https://eca2048.pki.symantec.com/enrollintro.htm ECA enrollment form https://eca2048.pki.symantec.com/client/userenrolldualns.htm Your Symantec ECA Sales Order Number If you do not have your ECA sales order number, contact Symantec at eca_sales@symantec.com or 1-866-202-5570 (option 3). Also ensure your subscribers know your organization s legal name, exactly as it should be entered in the enrollment form. All subscribers must have their identity verified in person, either by appearing before a Trusted Agent (preferred method), a notary, or a U.S. consular officer. 2) Verify the subscriber s identity Your responsibilities include ensuring that the subscriber s identity is verified according to the ECA policy. You can meet directly with the subscriber or review the subscriber s notarized documentation: 2.1) If you meet face-to-face with the subscriber: a) The subscriber must present the enrollment form generated and printed during certificate enrollment. Review the form and make sure the form contains the subscriber s name, email address, and your organization name. Section 1, Subscriber Information, must not contain any changes or modifications. b) Examine the following forms of identification presented by the subscriber. Acceptable forms of identification are: One government-issued photograph ID for proof of identity, such as a driver's license or military ID. One document for proof of citizenship, such as a passport, certified birth certificate, or certificate of naturalization or citizenship. **One document for proof of organizational affiliation, such as an employee ID that includes a photograph and which identifies the organization name. **Important: If the subscriber does not present an employee ID, you are responsible for verifying that the subscriber is a current member of the organization. Make sure there are no signs of forgery or modification of the IDs. c) On the Subscriber Enrollment Form, record the type, serial number, and expiration date for each ID presented by the subscriber. d) Have the subscriber sign the Subscriber Enrollment Form in Section 1, acknowledging 4

that he or she has read the Symantec ECA Subscriber Agreement and understands and accepts the responsibilities, including protection of the private key and using the ECA Certificate according to the terms and conditions set forth in the External Certificate Authority Certificate Practices Statement (CPS). e) Complete and sign Section 2 of the Subscriber Enrollment Form. f) Make a copy of the Subscriber Enrollment Form for the subscriber. g) File the original Subscriber Enrollment Form. h) Advise the subscriber that the encryption key will be escrowed at Symantec and may be recovered by the organization or a duly authorized law enforcement agent. 2.2) If you do not meet face-to-face with the subscriber: a) The subscriber must visit a public notary or a U.S. consular officer to present all forms of identification (as described above in section 2.1, step b), and have the Subscriber Enrollment Form notarized. b) The subscriber then sends you the notarized form he or she presented to the public notary or U.S. consular officer. c) Carefully examine the Subscriber Enrollment Form for accuracy, completeness, and to ensure that the form was properly signed and notarized. Make sure there are no signs of forgery or modification of the IDs. Important: If the subscriber does not use an employee ID for the second form of identification, you are responsible for ensuring the subscriber is a current member of the organization. 3) Enter subscriber enrollment information in the Bulk Enrollment Data Form Upon the approval of your application for enrolling as a Trusted Agent, you should have received the Bulk Enrollment Form Excel workbook. If you do not have this document, contact Symantec at eca-authentication@symantec.com. The Bulk Enrollment Form is an Excel workbook used to submit your subscribers enrollment data to Symantec. It includes the Bulk Enrollment Data Form and the Bulk Transmittal Form. The Bulk Enrollment Data Form contains one line for each subscriber. Insert additional lines as necessary for the total number of subscribers you are entering in the form. Important: Carefully enter the first name, last name, email address, and country of citizenship for each subscriber exactly as shown on the Subscriber Enrollment Form. It is very important that this data is correct and current, as it will be used to approve the subscriber s ECA Certificate. 4) Complete the Bulk Transmittal Form The Bulk Transmittal Form is also located in the Bulk Enrollment Form Excel workbook. It contains the Trusted Agent (submitter) information, your corporate information, and your Sales Order Number. If you do not have your Sales Order Number, get it from your purchasing department or contact Symantec at eca_sales@symantec.com or 1-866-202-5570, option 3. You must include your Dun and Bradstreet (D&B) number, as Symantec is required to verify the legitimacy of your organization. Also read the submitter acknowledgement to confirm that you have followed the required procedures for the Bulk Enrollment Form. 5

5) Securely send the Bulk Enrollment Form to Symantec Compose an email and send the Bulk Enrollment Form Excel workbook to ecatrustedagent@symantec.com. Digitally sign and encrypt this email to protect the privacy of the subscriber data and enable Symantec to verify that the form was submitted by an authorized Trusted Agent (you). Important: Symantec will not open or respond to an email that has not been signed and encrypted. If you send an unsigned, unencrypted email, you will need to re-submit the form. Therefore, we recommend that you send a test email before submitting actual subscriber data for the first time. To test the security of the bulk submittal process: a) Access the Symantec ECA repository at https://eca2048.pki.symantec.com/client/ search.htm to download the encryption certificate for. i. In the Search by E-mail address section, enter ecatrustedagent@symantec.com and click Search. ii. Click the link for ECA TRUSTED AGENT 2014-2017 (Valid). The Digital ID Information page appears. iii. Click Download. The Select Format page appears. iv. For ID Format, select Someone Else s ID for Microsoft IE/Outlook Express/Outlook and click Submit. The File Download window appears. v. Click Save. b) Create an entry in your mail client address book or contacts list for Symantec ECA using for the e-mail address. Associate the public key certificate with this entry. c) Compose a message with the subject Test ECA Submission. d) Address the message to. e) In the Bulk Enrollment Form, complete the Bulk Transmittal Sheet, but do not enter any subscriber data in the Bulk Enrollment Data Form. f) Attach a Bulk Enrollment Form to the email. g) Select the options to sign and encrypt the message. If you have multiple certificates on your computer, make sure you use your ECA Certificate. h) Send the message and wait for an email reply from Symantec indicating that the message was received. i) After you have successfully processed a test message, submit the actual Bulk Enrollment Form. 6) Archive the Subscriber Enrollment Forms For each subscriber entered on the Bulk Enrollment Form, archive the original copy of the completed Subscriber Enrollment Form, signed either by the pubic notary, U.S. consular officer, or you. You may need to reference these forms in the event of a problem with subscriber enrollment data. Also, ECA policy requires that these forms are archived and retrievable upon request for a period of at least ten years and six months. 7) Revoke a Subscriber s ECA Certificate Send the Revocation Notice Forms to your HR Department 6

Complete the Revocation Notice Forms and send them to the appropriate Human Resource Department(s) (or equivalent) in your organization to ensure that Symantec is notified of events requiring certificate revocation, such as termination of a subscriber from your organization. Revoke an ECA Certificate Important: You must immediately notify Symantec and request that a certificate be revoked if: (1) any information or fact material to the reliability of the certificate is no longer accurate, current, complete, or becomes misleading; or (2) you or your organization suspects any loss, disclosure, or other compromise of the subscriber's private key; or (3) the subscriber is no longer employed by, associated with, authorized by, or affiliated with the organization. To request revocation of a subscriber certificate, send a digitally signed and encrypted email with the subject Certificate Revocation Request by TA to. The email must contain the first and last name and email address of the subscriber whose certificate is to be revoked. The email must also indicate the reason for the revocation request. 8) Recover a Subscriber s Encryption Key A copy of the private key associated with the subscriber s ECA Encryption Certificate is securely escrowed at Symantec. If a subscriber loses access to the encryption private key, he or she can request the recovery of the escrowed copy of the key. Other than the subscriber, only an organization s legal officer, security officer, or human resources representative, or a law enforcement official (with a court-authorized order) may request recovery. The person requesting the key recovery (Key Requestor) must complete the Key Recovery Request Form and sign it in the presence of a notary or the Trusted Agent. If you cannot meet face-to-face with the Key Requestor (because the person works at a different facility or branch office), you can instruct the requestor to complete the Key Recovery Request Form, gather the necessary documentation, and go to a notary public to have the form notarized. The Key Requestor should send you the notarized form. After you verify that the previous steps have been completed successfully, send a digitally signed and encrypted email with the subject Key Recovery Request by TA to ecatrustedagent@symantec.com. The email must contain: The first and last name and email address of the subscriber whose key is to be recovered. The reason for the recovery request. The Requestor Information as entered in Section A of the Key Recovery Request Form. When Symantec processes the key recovery request, the original ECA Certificate key pair will be revoked. Symantec then emails the encrypted private key, and faxes the password needed to decrypt it, to the Key Requestor. 7

Exhibit 1 Trusted Agent Authorization Form I,, am an employee, partner, member, agent, or other associate [Insert Name} of ( Organization ) and I am authorized by the Organization [Insert Organization Name] to act as a Trusted Agent to validate the identity of employees and other authorized representatives of Organization ( Subscribers ) who are eligible to receive ECA digital certificates ( Certificates ) in accordance with the ECA Certificate Policy and Symantec s ECA Certificate Practices Statement. I acknowledge and agree that: (a) I am authorized to act on behalf of the Organization to perform the responsibilities as set forth in the Symantec ; (b) I have reviewed and I am familiar with the, the Symantec ECA CPS, and can carry out the responsibilities of a Trusted Agent accordingly; (c) All information I provide to Symantec will be accurate, current, complete, and not misleading, and Symantec is authorized to rely on the information submitted by me in identifying Subscribers as being employed, associated, affiliated with and/or authorized by Organization to receive Certificates; (d) I will immediately notify Symantec and request that a Subscriber(s) Certificate be revoked if: (1) any information or fact material to the reliability of the Certificate becomes misleading or is no longer accurate, current, or complete, (2) I, or the Organization, suspects any loss, disclosure, or other compromise of a Subscriber's Private Key, or (3) a Subscriber is no longer employed by, associated with, authorized by, or affiliated with the Organization. (e) I will immediately notify Symantec and request that a Subscriber(s) Encryption Private Key be recovered if: (1) the Subscriber formally acknowledge he/she lost access to his/her Encryption Private Key (2) or an authorized Organization official (other than me) or Law Enforcement Agent with Court Order requests the recovery of a Subscriber's Private Key (Signature) (Printed Name) (Title) (Date) 8

Exhibit 2 Revocation Notice Form (PUT IN EMPLOYEE S HR FILE) Employee s Name: The employee named in this file is a Subscriber of a Symantec ECA Certificate. This certificate was authorized by your organization and as such it may be revoked at the organization s sole discretion at any time and for any reason. In the event that this Subscriber is no longer employed, associated, affiliated with, or authorized by this organization to hold this certificate, the certificate should be revoked. Symantec, the issuer of the certificate, will revoke the Certificate promptly upon confirming that the person making the revocation request is authorized to do so or upon otherwise determining that the Certificate should be revoked To revoke the certificate, contact the subscriber s ECA Trusted Agent at your organization: Trusted Agent: Phone Number: In the event that the Trusted Agent is no longer available, contact Symantec promptly by sending a notice on company letterhead identifying the name and email address of the employee whose certificate is to be revoked and the reason for the revocation request. Please FAX the revocation request to Symantec ECA Authentication at 650-429-7355. 9

Instructions to Requestor: Exhibit 3 ECA Key Recovery Request Form 1. Print out this form. 2. Complete Sections A & B of the form. Do not sign the form yet. This form can only be signed by the certificate Subscriber or the company representative (e.g. organization s legal officer, security officer, or human resources representative) in the presence of your corporate notary or other notary public. You are responsible for all fees (if any) charged by the notary. 3. Bring two forms of identification with you to the notary as follows: One widely recognized, government-issued Photo ID such as a Driver s License or Passport; and, One other type of identification (photo not required) such as a valid national credit card, an employee ID, a utility or tax bill, or insurance card. 4. Instruct the notary to read the instructions below and complete the Acknowledgement. 5. Sign your name (section A) in the presence of the notary. 6. Make and retain a copy of this form and the Subscriber Agreement for your records. 7. Provide the fee: The price of a key recovery is $119.00. In the case that the requestor is also the subscriber, it is possible to request a replacement ECA certificate pair for no additional charge (as indicated in section A below). The fee is payable by check or your organization's valid sales order number (if applicable). If paying by check, indicate "ECA Key Recovery" in the Memo section of your check and mail payment separately to: ECA Key Recovery Processing & Fulfillment Symantec Corporation PO Box 846013 Dallas, TX 75284-6013 Send the completed (original) notarized form along with a copy of the Photo ID presented to the notary by First Class Postal Mail, Federal Express, or other equivalent means to: Symantec Corporation Attn: Symantec ECA Authentication Support 350 Ellis Street Mountain View, California 94043 A. Requestor Information: Fields with a * must match the information in the ECA subscriber certificate. Ensure that the entries in these fields are accurate and legible. Check the appropriate box below: I am the subscriber of an ECA certificate associated with the encryption private key to be recovered. I want to revoke my existing ECA certificate pair and get a new ECA certificate pair as part of the recovery process. recovery process. OR I do not want a new ECA certificate pair as part of the I am not the subscriber of an ECA certificate to be recovered [Note: Other than the Subscriber, only an organization s legal officer, security officer, or human resources representative, or a law enforcement official (with a Court authorized order) may request recovery] B. Information about the ECA Certificate associated with the encryption key being recovered: - *First Name - *Last Name 10

- *Email Address - Valid From - Valid To - Serial Number - Status (Valid, Revoked, Expired) Payment Information: (select payment type): Check: Name on check Check # Organization s Valid Sales Order: Sales Order Number: Payment Amount: C. Declaration (to be signed in the presence of a notary) I do hereby make oath and/or affirm that all the information contained in this document is true and correct and that I am duly authorized to recover the encryption key for the certificate described in Section B. As a condition of receiving the recovered key, I hereby agree to comply with all laws and the subscriber s organization policies relating to protection and release of the recovered key. Your signature, made in the presence of a notary - First Name - Last Name - Organization - Postal Address - Email Address - Phone Number - Fax Number - Job Title Instructions to Notary: The document you are notarizing is part of the Key Recovery Request process for a Symantec Digital ID used in conjunction with programs authorized by the U.S. Department of Defense (DoD). The DoD requires that the personal identity of the applicant be validated. If you would like more information about Digital IDs or the enrollment process, visit Symantec at http://go.symantec.com/eca or contact Symantec Sales at 1-866-202-5570, option 3. 1. Modify this form where necessary to assure compliance with the laws of your jurisdiction. Use the back side of this form if necessary. 2. Complete the Acknowledgement below. 3. Request and examine at least two pieces of Subscriber identification as follows: One government-issued photograph ID such as a driver s license, passport, or military ID, One valid employee ID that must include a photograph and identify organizational affiliation. 4. You must check the Subscriber s forms of identification even if you are acquainted with the Subscriber. C. Acknowledgement This section is to be completed by Notary Public State/Commonwealth/Province of ), County of ), Country ) 11

On (date), before me, (notary) personally appeared (subscriber), and proved to me on the basis of the presentation of the two forms of identification listed below, to be the person whose name is subscribed to the instrument, and acknowledged to me that he/she executed the same, and that by his/her signature on the instrument the person executed the instrument in my presence. ID# Type of ID Identifying Number Expiration Date 1* 2 * ID #1 must be accompanied by photo. - Notary Phone - Notary Email Address (optional) - My Commission Expires on 12

Instructions for Installing the Renewed ECA Trusted Agent Encryption Certificate In order to continue submitting bulk enrollments once the encryption certificate expires or upon notification from ECA Support, you will need to follow these steps. Step 1: Download the new Trusted Agent Certificate 1. Go to https://eca2048.pki.symantec.com/client/search.htm and enter ecatrustedagent@symantec.com in the email address. 2. Select the Valid checkbox and click Search. 3. The search results will return two (1) certificates. Click the link for ECA TRUSTED AGENT 2014-2017. 4. On the next page, click Download at the bottom of the page. 5. In the ID Format list, select Someone Else s ID for Microsoft IE/Outlook Express/Outlook. If you are not using Microsoft Office Outlook, select the appropriate email format for your email application. Click the green Submit button. 6. A dialog box appears asking you if you want to open or safe this file. Select Save and save the certificate to your desktop (we recommend renaming it if you have any other certificates stored to your desktop). Step 2: Install the new Trusted Agent Certificate 1. Open Microsoft Office Outlook. 2. Select Go and click Contacts from the menu bar. 3. Double-click on the mail account for the ECA Trusted Agent. 4. Click the Certificates tab. 5. Click the Import button. 6. Select the new certificate you downloaded to your desktop and click on the Open button. A message will appear to confirm that you have successfully imported the certificate. 7. In the list, you will have two certificates listed. To set the new certificate you just imported as your default, select the new certificate and then click the Set as Default b utton. 8. Click Save and Close to save your changes 9. You can now submit your bulk enrollment requests encrypted to ecatrustedagent@symantec.com as you have done so in the past. 13

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback