DigiCert Certificate Policy, v. 44.9. Certificate revocation and suspension ..... 22 4.9.1....
Transcript of DigiCert Certificate Policy, v. 44.9. Certificate revocation and suspension ..... 22 4.9.1....
DigiCert
CertificatePolicy
DigiCert,Inc.Version4.16
October9,20182801N.ThanksgivingWay
Suite500Lehi,UT84043
USATel:1‐801‐877‐2100Fax:1‐801‐705‐0481
www.digicert.com
i
TABLEOFCONTENTS1. Introduction.............................................................................................................................................................................................1
1.1. Overview......................................................................................................................................................................................11.2. DocumentnameandIdentification...................................................................................................................................11.3. PKIParticipants.........................................................................................................................................................................4
1.3.1. DigiCertPolicyAuthorityandCertificationAuthorities....................................................................................41.3.2. RegistrationAuthorities..................................................................................................................................................41.3.3. Subscribers............................................................................................................................................................................41.3.4. RelyingParties.....................................................................................................................................................................51.3.5. OtherParticipants..............................................................................................................................................................5
1.4. CertificateUsage........................................................................................................................................................................51.4.1. AppropriateCertificateUses.........................................................................................................................................51.4.2. ProhibitedCertificateUses.............................................................................................................................................5
1.5. Policyadministration..............................................................................................................................................................51.5.1. OrganizationAdministeringtheDocument............................................................................................................51.5.2. ContactPerson.....................................................................................................................................................................51.5.3. PersonDeterminingCPSSuitabilityforthePolicy...............................................................................................61.5.4. CPApprovalProcedures..................................................................................................................................................6
1.6. Definitionsandacronyms.....................................................................................................................................................61.6.1. Definitions.............................................................................................................................................................................61.6.2. Acronyms...............................................................................................................................................................................71.6.3. References.............................................................................................................................................................................8
2. PUBLICATIONANDREPOSITORYRESPONSIBILITIES..........................................................................................................82.1. Repositories................................................................................................................................................................................82.2. Publicationofcertificationinformation..........................................................................................................................82.3. Timeorfrequencyofpublication.......................................................................................................................................82.4. Accesscontrolsonrepositories..........................................................................................................................................8
3. IDENTIFICATIONANDAUTHENTICATION................................................................................................................................93.1. Naming..........................................................................................................................................................................................9
3.1.1. TypesofNames...................................................................................................................................................................93.1.2. NeedforNamestobeMeaningful...............................................................................................................................93.1.3. AnonymityorPseudonymityofSubscribers..........................................................................................................93.1.4. RulesforInterpretingVariousNameForms..........................................................................................................93.1.5. UniquenessofNames........................................................................................................................................................93.1.6. Recognition,Authentication,andRoleofTrademarks.......................................................................................9
3.2. Initialidentityvalidation.......................................................................................................................................................93.2.1. MethodtoProvePossessionofPrivateKey............................................................................................................93.2.2. AuthenticationofOrganizationandDomain/EmailControl...........................................................................93.2.3. AuthenticationofIndividualIdentity......................................................................................................................103.2.4. Non‐verifiedSubscriberInformation......................................................................................................................163.2.5. ValidationofAuthority..................................................................................................................................................16
3.3. Identificationandauthenticationforre‐keyrequests............................................................................................173.3.1. IdentificationandAuthenticationforRoutineRe‐key......................................................................................173.3.2. IdentificationandAuthenticationforRe‐keyAfterRevocation...................................................................17
3.4. Identificationandauthenticationforrevocationrequest.....................................................................................184. CERTIFICATELIFE‐CYCLEOPERATIONALREQUIREMENTS...........................................................................................18
4.1. CertificateApplication..........................................................................................................................................................184.1.1. WhoCanSubmitaCertificateApplication.............................................................................................................184.1.2. EnrollmentProcessandResponsibilities...............................................................................................................18
4.2. Certificateapplicationprocessing...................................................................................................................................184.2.1. PerformingIdentificationandAuthenticationFunctions...............................................................................184.2.2. ApprovalorRejectionofCertificateApplications..............................................................................................184.2.3. TimetoProcessCertificateApplications................................................................................................................18
4.3. Certificateissuance................................................................................................................................................................194.3.1. CAActionsduringCertificateIssuance...................................................................................................................194.3.2. NotificationtoSubscriberbytheCAofIssuanceofCertificate.....................................................................19
4.4. Certificateacceptance...........................................................................................................................................................194.4.1. ConductConstitutingCertificateAcceptance.......................................................................................................194.4.2. PublicationoftheCertificatebytheCA..................................................................................................................19
ii
4.4.3. NotificationofCertificateIssuancebytheCAtoOtherEntities...................................................................194.5. Keypairandcertificateusage...........................................................................................................................................19
4.5.1. SubscriberPrivateKeyandCertificateUsage......................................................................................................194.5.2. RelyingPartyPublicKeyandCertificateUsage...................................................................................................19
4.6. Certificaterenewal.................................................................................................................................................................204.6.1. CircumstanceforCertificateRenewal.....................................................................................................................204.6.2. WhoMayRequestRenewal..........................................................................................................................................204.6.3. ProcessingCertificateRenewalRequests..............................................................................................................204.6.4. NotificationofNewCertificateIssuancetoSubscriber....................................................................................204.6.5. ConductConstitutingAcceptanceofaRenewalCertificate............................................................................204.6.6. PublicationoftheRenewalCertificatebytheCA................................................................................................204.6.7. NotificationofCertificateIssuancebytheCAtoOtherEntities...................................................................20
4.7. Certificatere‐key.....................................................................................................................................................................204.7.1. CircumstanceforCertificateRekey..........................................................................................................................204.7.2. WhoMayRequestCertificateRekey........................................................................................................................214.7.3. ProcessingCertificateRekeyRequests...................................................................................................................214.7.4. NotificationofCertificateRekeytoSubscriber....................................................................................................214.7.5. ConductConstitutingAcceptanceofaRekeyedCertificate............................................................................214.7.6. PublicationoftheRekeyedCertificatebytheCA................................................................................................214.7.7. NotificationofCertificateIssuancebytheCAtoOtherEntities...................................................................21
4.8. Certificatemodification........................................................................................................................................................214.8.1. CircumstanceforCertificateModification.............................................................................................................214.8.2. WhoMayRequestCertificateModification...........................................................................................................214.8.3. ProcessingCertificateModificationRequests......................................................................................................214.8.4. NotificationofCertificateModificationtoSubscriber......................................................................................214.8.5. ConductConstitutingAcceptanceofaModifiedCertificate...........................................................................214.8.6. PublicationoftheModifiedCertificatebytheCA...............................................................................................214.8.7. NotificationofCertificateModificationbytheCAtoOtherEntities...........................................................22
4.9. Certificaterevocationandsuspension...........................................................................................................................224.9.1. CircumstancesforRevocation....................................................................................................................................224.9.2. WhoCanRequestRevocation.....................................................................................................................................244.9.3. ProcedureforRevocationRequest...........................................................................................................................244.9.4. RevocationRequestGracePeriod.............................................................................................................................244.9.5. TimewithinwhichCAMustProcesstheRevocationRequest......................................................................244.9.6. RevocationCheckingRequirementforRelyingParties...................................................................................254.9.7. CRLIssuanceFrequency................................................................................................................................................254.9.8. MaximumLatencyforCRLs.........................................................................................................................................254.9.9. On‐lineRevocation/StatusCheckingAvailability...............................................................................................264.9.10. On‐lineRevocationCheckingRequirements..................................................................................................264.9.11. OtherFormsofRevocationAdvertisementsAvailable..............................................................................264.9.12. SpecialRequirementsRelatedtoKeyCompromise....................................................................................264.9.13. CircumstancesforSuspension.............................................................................................................................264.9.14. WhoCanRequestSuspension..............................................................................................................................264.9.15. ProcedureforSuspensionRequest....................................................................................................................264.9.16. LimitsonSuspensionPeriod.................................................................................................................................26
4.10. Certificatestatusservices....................................................................................................................................................274.10.1. OperationalCharacteristics...................................................................................................................................274.10.2. ServiceAvailability....................................................................................................................................................274.10.3. OptionalFeatures......................................................................................................................................................27
4.11. Endofsubscription................................................................................................................................................................274.12. Keyescrowandrecovery....................................................................................................................................................27
4.12.1. KeyEscrowandRecoveryPolicyPractices.....................................................................................................274.12.2. SessionKeyEncapsulationandRecoveryPolicyandPractices.............................................................28
5. FACILITY,MANAGEMENT,ANDOPERATIONALCONTROLS...........................................................................................285.1. PhysicalControls.....................................................................................................................................................................28
5.1.1. SiteLocationandConstruction...................................................................................................................................285.1.2. PhysicalAccess..................................................................................................................................................................285.1.3. PowerandAirConditioning........................................................................................................................................295.1.4. WaterExposures..............................................................................................................................................................295.1.5. FirePreventionandProtection..................................................................................................................................295.1.6. MediaStorage....................................................................................................................................................................29
iii
5.1.7. WasteDisposal..................................................................................................................................................................295.1.8. Off‐siteBackup..................................................................................................................................................................295.1.9. CertificateStatusHosting,CMSandExternalRASystems..............................................................................29
5.2. Proceduralcontrols...............................................................................................................................................................295.2.1. TrustedRoles.....................................................................................................................................................................295.2.2. NumberofPersonsRequiredperTask...................................................................................................................305.2.3. IdentificationandAuthenticationforeachRole.................................................................................................305.2.4. RolesRequiringSeparationofDuties......................................................................................................................30
5.3. Personnelcontrols.................................................................................................................................................................305.3.1. Qualifications,Experience,andClearanceRequirements...............................................................................305.3.2. BackgroundCheckProcedures...................................................................................................................................315.3.3. TrainingRequirements..................................................................................................................................................315.3.4. RetrainingFrequencyandRequirements..............................................................................................................315.3.5. JobRotationFrequencyandSequence....................................................................................................................315.3.6. SanctionsforUnauthorizedActions.........................................................................................................................325.3.7. IndependentContractorRequirements..................................................................................................................325.3.8. DocumentationSuppliedtoPersonnel....................................................................................................................32
5.4. Auditloggingprocedures....................................................................................................................................................325.4.1. TypesofEventsRecorded............................................................................................................................................325.4.2. FrequencyofProcessingLog.......................................................................................................................................345.4.3. RetentionPeriodforAuditLog...................................................................................................................................345.4.4. ProtectionofAuditLog..................................................................................................................................................355.4.5. AuditLogBackupProcedures.....................................................................................................................................355.4.6. AuditCollectionSystem(internalvs.external)...................................................................................................355.4.7. NotificationtoEvent‐causingSubject......................................................................................................................355.4.8. VulnerabilityAssessments...........................................................................................................................................35
5.5. Recordsarchival......................................................................................................................................................................355.5.1. TypesofRecordsArchived...........................................................................................................................................355.5.2. RetentionPeriodforArchive.......................................................................................................................................365.5.3. ProtectionofArchive......................................................................................................................................................365.5.4. ArchiveBackupProcedures.........................................................................................................................................365.5.5. RequirementsforTime‐stampingofRecords......................................................................................................365.5.6. ArchiveCollectionSystem(internalorexternal)...............................................................................................365.5.7. ProcedurestoObtainandVerifyArchiveInformation.....................................................................................36
5.6. Keychangeover.......................................................................................................................................................................375.7. Compromiseanddisasterrecovery................................................................................................................................37
5.7.1. IncidentandCompromiseHandlingProcedures................................................................................................375.7.2. ComputingResources,Software,and/orDataAreCorrupted......................................................................375.7.3. EntityPrivateKeyCompromiseProcedures........................................................................................................385.7.4. BusinessContinuityCapabilitiesafteraDisaster...............................................................................................38
5.8. CAorRAtermination............................................................................................................................................................386. TECHNICALSECURITYCONTROLS..............................................................................................................................................38
6.1. Keypairgenerationandinstallation..............................................................................................................................386.1.1. KeyPairGeneration........................................................................................................................................................386.1.2. PrivateKeyDeliverytoSubscriber...........................................................................................................................396.1.3. PublicKeyDeliverytoCertificateIssuer................................................................................................................396.1.4. CAPublicKeyDeliverytoRelyingParties.............................................................................................................396.1.5. KeySizes...............................................................................................................................................................................406.1.6. PublicKeyParametersGenerationandQualityChecking..............................................................................406.1.7. KeyUsagePurposes(asperX.509v3keyusagefield)....................................................................................40
6.2. PrivateKeyProtectionandCryptographicModuleEngineeringControls.....................................................416.2.1. CryptographicModuleStandardsandControls..................................................................................................416.2.2. PrivateKey(noutofm)Multi‐personControl....................................................................................................416.2.3. PrivateKeyEscrow..........................................................................................................................................................426.2.4. PrivateKeyBackup..........................................................................................................................................................426.2.5. PrivateKeyArchival........................................................................................................................................................426.2.6. PrivateKeyTransferintoorfromaCryptographicModule..........................................................................426.2.7. PrivateKeyStorageonCryptographicModule....................................................................................................426.2.8. MethodofActivatingPrivateKey..............................................................................................................................426.2.9. MethodofDeactivatingPrivateKey.........................................................................................................................426.2.10. MethodofDestroyingPrivateKey......................................................................................................................42
iv
6.2.11. CryptographicModuleRating...............................................................................................................................436.3. Otheraspectsofkeypairmanagement.........................................................................................................................43
6.3.1. PublicKeyArchival..........................................................................................................................................................436.3.2. CertificateOperationalPeriodsandKeyPairUsagePeriods.........................................................................43
6.4. Activationdata.........................................................................................................................................................................446.4.1. ActivationDataGenerationandInstallation.........................................................................................................446.4.2. ActivationDataProtection...........................................................................................................................................44
6.5. Computersecuritycontrols................................................................................................................................................446.5.1. SpecificComputerSecurityTechnicalRequirements.......................................................................................446.5.2. ComputerSecurityRating.............................................................................................................................................45
6.6. Lifecycletechnicalcontrols...............................................................................................................................................456.6.1. SystemDevelopmentControls....................................................................................................................................456.6.2. SecurityManagementControls..................................................................................................................................456.6.3. LifeCycleSecurityControls.........................................................................................................................................45
6.7. Networksecuritycontrols..................................................................................................................................................456.8. Time‐stamping.........................................................................................................................................................................46
7. CERTIFICATE,CRL,ANDOCSPPROFILES.................................................................................................................................467.1. Certificateprofile....................................................................................................................................................................46
7.1.1. VersionNumber(s)..........................................................................................................................................................467.1.2. CertificateExtensions.....................................................................................................................................................467.1.3. AlgorithmObjectIdentifiers........................................................................................................................................467.1.4. NameForms.......................................................................................................................................................................477.1.5. NameConstraints.............................................................................................................................................................477.1.6. CertificatePolicyObjectIdentifier............................................................................................................................487.1.7. UsageofPolicyConstraintsExtension....................................................................................................................487.1.8. PolicyQualifiersSyntaxandSemantics..................................................................................................................487.1.9. ProcessingSemanticsfortheCriticalCertificatePoliciesExtension..........................................................48
7.2. CRLprofile.................................................................................................................................................................................497.2.1. Versionnumber(s)...........................................................................................................................................................497.2.2. CRLandCRLEntryExtensions...................................................................................................................................49
7.3. OCSPprofile..............................................................................................................................................................................497.3.1. VersionNumber(s)..........................................................................................................................................................497.3.2. OCSPExtensions...............................................................................................................................................................49
8. COMPLIANCEAUDITANDOTHERASSESSMENTS...............................................................................................................498.1. Frequencyorcircumstancesofassessment................................................................................................................498.2. Identity/qualificationsofassessor..................................................................................................................................498.3. Assessor'srelationshiptoassessedentity...................................................................................................................498.4. Topicscoveredbyassessment..........................................................................................................................................498.5. Actionstakenasaresultofdeficiency...........................................................................................................................498.6. Communicationofresults...................................................................................................................................................508.7. Self‐Audits..................................................................................................................................................................................50
9. OTHERBUSINESSANDLEGALMATTERS.................................................................................................................................509.1. Fees...............................................................................................................................................................................................50
9.1.1. CertificateIssuanceorRenewalFees......................................................................................................................509.1.2. CertificateAccessFees...................................................................................................................................................509.1.3. RevocationorStatusInformationAccessFees....................................................................................................509.1.4. FeesforOtherServices..................................................................................................................................................509.1.5. RefundPolicy.....................................................................................................................................................................50
9.2. Financialresponsibility........................................................................................................................................................509.2.1. InsuranceCoverage.........................................................................................................................................................509.2.2. OtherAssets........................................................................................................................................................................509.2.3. InsuranceorWarrantyCoverageforEnd‐Entities.............................................................................................50
9.3. Confidentialityofbusinessinformation........................................................................................................................519.3.1. ScopeofConfidentialInformation............................................................................................................................519.3.2. InformationNotWithintheScopeofConfidentialInformation...................................................................519.3.3. ResponsibilitytoProtectConfidentialInformation...........................................................................................51
9.4. Privacyofpersonalinformation.......................................................................................................................................519.4.1. PrivacyPlan........................................................................................................................................................................519.4.2. InformationTreatedasPrivate..................................................................................................................................519.4.3. InformationNotDeemedPrivate..............................................................................................................................519.4.4. ResponsibilitytoProtectPrivateInformation.....................................................................................................51
v
9.4.5. NoticeandConsenttoUsePrivateInformation..................................................................................................519.4.6. DisclosurePursuanttoJudicialorAdministrativeProcess............................................................................519.4.7. OtherInformationDisclosureCircumstances......................................................................................................51
9.5. Intellectualpropertyrights................................................................................................................................................519.6. Representationsandwarranties......................................................................................................................................51
9.6.1. CARepresentationsandWarranties........................................................................................................................519.6.2. RARepresentationsandWarranties........................................................................................................................529.6.3. SubscriberRepresentationsandWarranties.......................................................................................................529.6.4. RelyingPartyRepresentationsandWarranties..................................................................................................529.6.5. RepresentationsandWarrantiesofOtherParticipants...................................................................................52
9.7. Disclaimersofwarranties...................................................................................................................................................529.8. Limitationsofliability...........................................................................................................................................................529.9. Indemnities................................................................................................................................................................................52
9.9.1. IndemnificationbyanIssuerCA................................................................................................................................529.9.2. IndemnificationbySubscribers.................................................................................................................................539.9.3. IndemnificationbyRelyingParties...........................................................................................................................53
9.10. Termandtermination..........................................................................................................................................................539.10.1. Term................................................................................................................................................................................539.10.2. Termination..................................................................................................................................................................539.10.3. EffectofTerminationandSurvival.....................................................................................................................53
9.11. Individualnoticesandcommunicationswithparticipants...................................................................................539.12. Amendments.............................................................................................................................................................................53
9.12.1. ProcedureforAmendment....................................................................................................................................539.12.2. NotificationMechanismandPeriod...................................................................................................................539.12.3. CircumstancesunderwhichOIDMustBeChanged....................................................................................54
9.13. Disputeresolutionprovisions...........................................................................................................................................549.14. Governinglaw..........................................................................................................................................................................549.15. Compliancewithapplicablelaw.......................................................................................................................................549.16. Miscellaneousprovisions....................................................................................................................................................54
9.16.1. EntireAgreement.......................................................................................................................................................549.16.2. Assignment...................................................................................................................................................................549.16.3. Severability...................................................................................................................................................................549.16.4. Enforcement(attorneys'feesandwaiverofrights)...................................................................................549.16.5. ForceMajeure..............................................................................................................................................................54
9.17. Otherprovisions......................................................................................................................................................................54
1
1. INTRODUCTION
1.1. OVERVIEWThisCertificatePolicy(CP)definestheproceduralandoperationalrequirementsthatDigiCertrequiresentitiestoadheretowhenissuingandmanagingdigitallysignedobjects(digitalCertificatesandtime‐stamptokens)withinDigiCert’sPKI,excludingparticipantsinDigiCert’sPrivatePKIservices,whicharenotcross‐certifiedorpubliclytrusted.SpecificrequirementsregardingthoseCertificatesaresetforthintheindividualagreementswiththeappropriateDigiCertcustomer.DigiCert’sCertificateandtime‐stamppoliciesarecontrolledbytheDigiCertPolicyAuthority(DCPA)thatdetermineshowthisCPappliestoCertificateAuthorities(CAs),RegistrationAuthorities(RAs),Subscribers,RelyingPartiesandotherPKIentitiesthatinteroperatewithorwithintheDigiCertPKI.ThisdocumentspecifiesthepoliciesDigiCertadoptstomeetthecurrentversionsofthefollowingpolicies,guidelines,andrequirements:
theFederalBridgeCertificationAuthority(“FBCA”)CertificatePolicy, theCertificationAuthority/BrowserForum("CABForum")BaselineRequirementsforthe
IssuanceandManagementofPublicly‐TrustedCertificates(“BaselineRequirements”)locatedathttps://cabforum.org/baseline‐requirements‐documents,
theCABForumGuidelinesforExtendedValidationCertificates(“EVGuidelines”)locatedathttps://cabforum.org/extended‐validation,
theCABForumGuidelinesfortheIssuanceandManagementofExtendedValidationCodeSigningCertificates,
MozillaRootStorePolicy,and MinimumRequirementsfortheIssuanceandManagementofPublicly‐TrustedCodeSigning
Certificates(“MinimumRequirementsforCodeSigning”)locatedathttps://aka.ms/csbr.WithregardtoSSL/TLSServerCertificatesorCodeSigningCertificates,ifanyinconsistencyexistsbetweenthisCPandtherequirementsandguidelinesabove,thentheCABForumrequirementsandguidelinesabovetakeprecedence.Time‐stampingpoliciesareinaccordancewithIETFRFC3161,X9.95,ETSI102023,andETSI101861technicalstandards.ThisCPisonlyoneofseveraldocumentsthatgoverntheDigiCertPKI.OtherimportantdocumentsincludeCertificationPracticeStatements,registrationauthorityagreementsandpracticestatements,subscriberagreements,relyingpartyagreements,customeragreements,privacypolicies,andmemorandaofagreement.DigiCertmaypublishadditionalcertificatepoliciesorcertificationpracticestatementsasnecessarytodescribeotherproductandserviceofferings.Thesesupplementalpoliciesandstatementsareavailabletoapplicableusersorrelyingparties.PursuanttotheIETFPKIXRFC3647CP/CPSframework,thisCPisdividedintoninepartsthatcoverthesecuritycontrolsandpracticesandproceduresforcertificateortime‐stampingserviceswithintheDigiCertPKI.TopreservetheoutlinespecifiedbyRFC3647,sectionheadingsthatdonotapplyhavethestatement"Notapplicable"or"Nostipulation."
1.2. DOCUMENTNAMEANDIDENTIFICATIONThisdocumentistheDigiCertCertificatePolicyandwasapprovedforpublicationon2August2010bytheDigiCertPolicyAuthority(DCPA).Thefollowingrevisionshavebeenmadetotheoriginaldocument:
Date Changes Version09‐October‐2018 UpdatesmadetomeetMozillaRootPolicyv.2.6.1
throughoutthedocument.Changestosections4.9.1,4.9.3,and4.9.5toincludenewCABFrequirementsfromBallotSC6forrevocationtimelines.
4.16
2
23‐August‐2018 UpdatesthroughoutforAdobeAATL2.0andFBCACPversions2.29‐2.32,addedClass1‐3OIDs,removedunuseddefinitionsandreferencestoEUQualifiedCertificates,updatedsections3.2.2and3.2.3regardingemailvalidation,addedlanguageinsection6.1.1tospecifythatDigiCertnevercreateskeypairsforpubliclytrustedend‐entityTLSCertificates.
4.15
25‐January‐2018 AddedlanguagebasedontheCABForum’sBaselineRequirements,asindicatedbyMozilla’sSelf‐Assessmentprocess
4.14
8‐November‐2017 MadeeditstoconformCPwithCPSandtoclarifyprovisions.AlsoaddedprovisionconcerningtheprocessingofCAArecords.
4.13
8‐September‐2017 RemovedreferencestoPIV‐Ithroughout,conflictsofinterestinsection5.2.1,auditorqualificationsinsection8.2,andmadeotherminorchanges.
4.12
23‐February‐2017 Updatedaddress,maderevisionsrelatedtotheMinimumRequirementsfortheIssuanceandManagementofPublicly‐TrustedCodeSigningCertificates,andmadeotherchangestoupdatetheCP.
4.11
9‐September‐2016 UpdatedtoclarifyIDdocumentsallowedandforconsistencywithFBCACP2.29,andsec.9.6.3ofBaselineRequirements
4.10
1‐June‐2015 UpdatedforconsistencywithCA/BrowserForumBaselineRequirementsandnewFederalPIV‐IProfilereference
4.09
1‐April‐2015 MadeadditionalchangesbasedonFPKICPWGreview. 4.087‐October‐2014 UpdatedforconsistencywithFBCACPv.2.27 4.0714‐May‐2014 UpdatedtocomplywithchangestoBaselineRequirements
andtheEVGuidelines.4.06
2‐May‐2013 Updatedmailingaddress,removedreferencestoAdobeCDSProgram,revisedexplanationofLevel2identificationrequirements,revisedprivatekeymanagementprovisionsandkeyceremonywitnessrequirements.
4.05
10‐May‐2012 UpdatedtoincludeprovisionssetforthintheBaselineRequirements,toaddEVCodeSigning,improvereadability,andtomodifyrequirementsrelatedtoIGTFCertificates.
4.04
3‐May‐2011 PolicyOIDsrevisedforcertaincertificatetypesandminorupdatesmadetovarioussections.
4.03
29‐October‐2010 ChangesmadeinresponsetocommentsfromtheFPKICPWGregardingcertificatestatusservices,trustedroles,andoff‐sitebackupofarchive.
4.02
26‐August‐2010 Updatedtheprocessusedtoauthenticatethecertificaterequester’sauthorityundersection3.2.5forcodesigningcertificatesissuedtoorganizations
4.01
2‐August‐2010 Thisversion4.0replacestheDigiCertCertificatePolicyandCertificationPracticesStatement,Version3.08,datedMay29,2009.
4.0
TheOIDforDigiCertisjoint‐iso‐ccitt(2)country(16)USA(840)US‐company(1)DigiCert(114412).DigiCertorganizesitsOIDarcsforthevariousCertificatesanddocumentsdescribedinthisCPasfollows:
DigitallySignedObject ObjectIdentifier(OID)PolicyDocuments 2.16.840.1.114412.0 ThisCPDocument 2.16.840.1.114412.0.1.4
3
DigitallySignedObject ObjectIdentifier(OID)CertificatesissuedpursuanttoCPS 2.16.840.1.114412.0.2.4NonEVSSL/TLSServerCertificates 2.16.840.1.114412.1 Organization‐ValidatedSSL/TLSCertificate* 2.16.840.1.114412.1.1Domain‐ValidatedSSL/TLSCertificate* 2.16.840.1.114412.1.2Hotspot2.0OSUServerCertificates 2.16.840.1.114412.1.5 FederatedDeviceCertificate 2.16.840.1.114412.1.11 FederatedDeviceHardwareCertificate 2.16.840.1.114412.1.12ExtendedValidationSSL/TLSCertificates* 2.16.840.1.114412.2.1
1.3.6.1.4.1.6334.1.100.1(originallyregisteredbybeTRUSTed),and/or2.16.840.1.113733.1.7.23.6(originallyregisteredbyVerisign)
ObjectSigningCertificates 2.16.840.1.114412.3 CodeSigning 2.16.840.1.114412.3.1 MinimumRequirementsforCodeSigning 2.16.840.1.114412.3.1.1(mapsto
2.23.140.1.4.1) ExtendedValidationCodeSigning* 2.16.840.1.114412.3.2(mapsto
2.23.140.1.3) WindowsKernelDriverSigning 2.16.840.1.114412.3.11 AdobeSigningCertificates 2.16.840.1.114412.3.21ClientCertificateOIDarc 2.16.840.1.114412.4. Level1Certificates–Personal 2.16.840.1.114412.4.1.1 Level1Certificates–Enterprise 2.16.840.1.114412.4.1.2 Level2Certificates 2.16.840.1.114412.4.2 Level3Certificates–US 2.16.840.1.114412.4.3.1 Level3Certificates–CBP 2.16.840.1.114412.4.3.2 Level4Certificates–US 2.16.840.1.114412.4.4.1 Level4Certificates–CBP 2.16.840.1.114412.4.4.2Class1‐3Certificates 2.16.840.1.114412.5Class1Certificates 2.16.840.1.114412.5.1(mapsto
2.16.840.1.113733.1.7.23.1) Class2Certificates 2.16.840.1.114412.5.2(mapsto
2.16.840.1.113733.1.7.23.2) Class3Certificates
2.16.840.1.114412.5.2(mapsto2.16.840.1.113733.1.7.23.3.2)
GridCertificates 2.16.840.1.114412.4.31or2.16.840.1.114412.31(Grid‐onlyarc)
IGTF‐ComparabletoClassicwithSecuredInfrastructure
2.16.840.1.114412.4.31.1(Clientw/Public)or2.16.840.1.114412.31.4.1.1(ClientGridOnly)
IGTF‐ComparabletoMember‐IntegratedCredentialServiceswithSecuredInfrastructure
2.16.840.1.114412.4.31.5
IGTFGridHost‐PublicTrust 2.16.840.1.114412.1.31.1Grid‐OnlyHostCertificate 2.16.840.1.114412.31.1.1.1
Authentication‐OnlyCertificates 2.16.840.1.114412.6Legacyarc 2.16.840.1.114412.81Testarc 2.16.840.1.114412.99
*AlsogovernedbyguidelinesoftheCA/BrowserForum.
4
ThisCPappliestoanyentityassertingoneormoreoftheDigiCertOIDsidentifiedabove.WhenaCAissuesaCertificatecontainingoneoftheabove‐specifiedpolicyidentifiers,itassertsthattheCertificatewasissuedandismanagedinaccordancewiththerequirementsapplicabletothatrespectivepolicy.AllotherOIDsmentionedabovebelongtotheirrespectiveowners.CommercialBestPractices(“CBP”)differsfrom“US”inthattherearenotrustedrolecitizenshiprequirementsforanIssuerCAissuingunderaCBPpolicy,whereaspoliciesdesignated“US”mustfollowthecitizenshippracticessetforthinSection5.3.1ofthisCP.TheLegacyarcexiststoidentifyCertificatesissuedforpurposeofachievingcompatibilitywithlegacysystemsthatareincapableofprocessingneweralgorithmsthatmightberequiredbycomparableindustrybestpractices.SubsequentrevisionstothisCPmightcontainnewOIDassignmentsforthecertificatetypesidentifiedabove.
1.3. PKIPARTICIPANTS
1.3.1. DigiCertPolicyAuthorityandCertificationAuthoritiesDigiCertRootCertificateAuthoritiesandIntermediateCAsaremanagedbytheDigiCertPolicyAuthority(DCPA)whichiscomposedofmembersofDigiCertmanagementappointedbyDigiCert’sexecutivemanagement.TheDCPAisresponsibleforthisCP,theapprovalofrelatedpracticestatements,andoverseeingtheconformanceofCApracticeswiththisCP.DigiCert’spoliciesaredesignedtoensurethattheDigiCertPKIcomplies,inallmaterialrespects,withU.S.andinternationalstandardsandregulations,includingtheFederalBridgeCertificatePolicy,CA/BrowserForumGuidelines,andrelevantlawonelectronicsignatures.DigiCertmayestablishorrecognizeotherCAs(e.g.subordinateCAs)inaccordancewiththisCP,applicablecross‐certification/federationpoliciesandmemorandaofagreement.Foreaseofreferenceherein,allCAsissuingCertificatesinaccordancewiththisCP(includingDigiCert)arehereafterreferredtoas“IssuerCAs.”DigiCertshallnotifytheU.S.FederalPKIPolicyAuthority(FPKIPA)priortoissuinganyCACertificatetoanexternalIssuerCAthatDigiCertdesirestochaintotheFederalBridgeCA.DigiCertensuresthatnoCAchainingtotheFederalBridgeCAhasmorethanonetrustpathtotheFederalBridgeCA(regardlessofpathvalidationresults).
1.3.2. RegistrationAuthoritiesRegistrationAuthorities(RA)operateidentitymanagementsystems(IdMs)andcollectandverifySubscriberinformationontheIssuerCA’sbehalf.TherequirementsinthisCPapplytoallRAs.AnIssuerCAshallmonitoreachRA’scompliancewiththispolicy,theCPS,andifapplicable,anyRegistrationPracticesStatement(RPS)underwhichtheRAoperates.AnIssuerCAthatreliesonavarietyofRAsorIdMstosupportvariouscommunitiesofinterestmaysubmitanRPSforeachRAorIdMtotheDCPAforapproval.TheRPSmustcontaindetailsnecessaryfortheDCPAtodeterminehowtheRAachievescompliancewiththisPolicy.NecessarydetailsincludehowtheRA’sprocessorIdMestablishestheidentitiesofapplicants,howtheintegrityandauthenticityofsuchidentifyinginformationissecurelymaintainedandmanaged,andhowchangesandupdatestosuchinformationarecommunicatedtotheIssuerCA.
1.3.3. SubscribersSubscribersuseDigiCert’sservicesandPKItosupporttransactionsandcommunications.SubscribersarenotalwaysthepartyidentifiedinaCertificate,suchaswhenCertificatesareissuedtoanorganization’semployees.TheSubjectofaCertificateisthepartynamedintheCertificate.ASubscriber,asusedherein,referstoboththesubjectoftheCertificateandtheentitythatcontractedwiththeIssuerCAfortheCertificate’sissuance.PriortoverificationofidentityandissuanceofaCertificate,aSubscriberisanApplicant.
5
1.3.4. RelyingPartiesRelyingPartiesareentitiesthatactinrelianceonaCertificateand/ordigitalsignatureissuedbytheIssuerCA.RelyingpartiesmustchecktheappropriateCRLorOCSPresponsepriortorelyingoninformationfeaturedinaCertificate.
1.3.5. OtherParticipantsOtherparticipantsincludeBridgeCAsandCAsthatcross‐certifyIssuerCAstoprovidetrustamongotherPKIcommunities.
1.4. CERTIFICATEUSAGEAdigitalCertificate(orCertificate)isformatteddatathatcryptographicallybindsanidentifiedsubscriberwithaPublicKey.AdigitalCertificateallowsanentitytakingpartinanelectronictransactiontoproveitsidentitytootherparticipantsinsuchtransaction.DigitalCertificatesareusedincommercialenvironmentsasadigitalequivalentofanidentificationcard.Atime‐stamptoken(TST)cryptographicallybindsarepresentationofdatatoaparticulartimestamp,thusestablishingevidencethatthedataexistedatacertainpointintime.
1.4.1. AppropriateCertificateUsesCertificatesissuedunderthisCPmaybeusedforthepurposesdesignatedinthekeyusageandextendedkeyusagefieldsfoundintheCertificate.However,thesensitivityoftheinformationprocessedorprotectedbyaCertificatevariesgreatly,andeachRelyingPartymustevaluatetheapplicationenvironmentandassociatedrisksbeforedecidingonwhethertouseaCertificateissuedunderthisCP.
1.4.2. ProhibitedCertificateUsesCertificatesdonotguaranteethattheSubjectistrustworthy,honest,reputableinitsbusinessdealings,safetodobusinesswith,orcompliantwithanylaws.ACertificateonlyestablishesthattheinformationintheCertificatewasverifiedasreasonablycorrectwhentheCertificateissued.CodesigningCertificatesdonotindicatethatthesignedcodeissafetoinstallorisfreefrommalware,bugs,orvulnerabilities.
1.5. POLICYADMINISTRATION
1.5.1. OrganizationAdministeringtheDocumentThisCPandthedocumentsreferencedhereinaremaintainedbytheDCPA,whichcanbecontactedat:
DigiCertPolicyAuthoritySuite5002801N.ThanksgivingWayLehi,UT84043USATel:1‐801‐701‐9600Fax:1‐801‐705‐[email protected]
1.5.2. ContactPersonAttn:LegalCounselDigiCertPolicyAuthoritySuite5002801N.ThanksgivingWayLehi,[email protected]
6
1.5.2.1. RevocationReportingContactPersonAttn:SupportDigiCertTechnicalSupportSuite5002801N.ThanksgivingWayLehi,UT84043USAhttps://www.digicert.com/certificate‐[email protected]
1.5.3. PersonDeterminingCPSSuitabilityforthePolicyTheDCPAdeterminesthesuitabilityandapplicabilityofthisCPandtheconformanceofaCPStothisCPbasedontheresultsandrecommendationsreceivedfromanindependentauditor(seeSection8).TheDCPAisalsoresponsibleforevaluatingandactingupontheresultsofcomplianceaudits.
1.5.4. CPApprovalProceduresTheDCPAapprovestheCPandanyamendments.AmendmentsaremadebyeitherupdatingtheentireCPorbypublishinganaddendum.TheDCPAdetermineswhetheranamendmenttothisCPrequiresnoticeoranOIDchange.SeealsoSection9.10andSection9.12below.
1.6. DEFINITIONSANDACRONYMS
1.6.1. Definitions“AffiliatedOrganization”meansanorganizationthathasanorganizationalaffiliationwithaSubscriberandthatapprovesorotherwiseallowssuchaffiliationtoberepresentedinaCertificate.“Applicant”meansanentityapplyingforacertificate.“BaseDomainName”isasdefinedintheBaselineRequirements.“Certificate”meansanelectronicdocumentthatusesadigitalsignaturetobindaPublicKeyandanidentity.“DomainName”isasdefinedintheBaselineRequirements.“DomainNamespace”isasdefinedintheBaselineRequirements. “EVGuidelines”isdefinedinsection1.1.“KeyPair”meansaPrivateKeyanditsassociatedPublicKey.“OCSPResponder”meansanonlinesoftwareapplicationoperatedundertheauthorityofDigiCertandconnectedtoitsrepositoryforprocessingcertificatestatusrequests.“PrivateKey”meansthekeyofaKeyPairthatiskeptsecretbytheholderoftheKeyPair,andthatisusedtocreatedigitalsignaturesand/ortodecryptelectronicrecordsorfilesthatwereencryptedwiththecorrespondingPublicKey.“PublicKey”meansthekeyofaKeyPairthatmaybepubliclydisclosedbytheholderofthecorrespondingPrivateKeyandthatisusedbyaRelyingPartytoverifydigitalsignaturescreated
7
withtheholder'scorrespondingPrivateKeyand/ortoencryptmessagessothattheycanbedecryptedonlywiththeholder'scorrespondingPrivateKey.“RelyingParty”meansanentitythatreliesuponeithertheinformationcontainedwithinaCertificateoratime‐stamptoken.“RelyingPartyAgreement”meansanagreementwhichmustbereadandacceptedbytheRelyingPartypriortovalidating,relyingonorusingaCertificateoraccessingorusingDigiCert’sRepository.“Subscriber”meanseithertheentityidentifiedasthesubjectintheCertificateortheentityreceivingDigiCert’stime‐stampingservices.“SubscriberAgreement”meansanagreementthatgovernstheissuanceanduseofaCertificatethattheApplicantmustreadandacceptbeforereceivingaCertificate.“WebTrust”meansthecurrentversionofCPACanada’sWebTrustProgram(s)forCertificationAuthorities.
1.6.2. AcronymsCA CertificateAuthorityorCertificationAuthorityCAA CertificationAuthorityAuthorizationCAB CA/Browserasin“CABForum”CBP CommercialBestPracticesCMS CardManagementSystemCP CertificatePolicyCPS CertificationPracticeStatementCRL CertificateRevocationListDCPA DigiCertPolicyAuthorityDV DomainValidatedETSI EuropeanTelecommunicationsStandardsInstituteEU EuropeanUnionEV ExtendedValidationFIPS (USGovernment)FederalInformationProcessingStandardFQDN FullyQualifiedDomainNameHSM HardwareSecurityModuleHTTP HypertextTransferProtocolICANN InternetCorporationforAssignedNamesandNumbersIdM IdentityManagementSystemIETF InternetEngineeringTaskForceIGTF InternationalGridTrustFederationITU InternationalTelecommunicationUnionITU‐T ITUTelecommunicationStandardizationSectorNIST NationalInstituteofStandardsandTechnologyOCSP OnlineCertificateStatusProtocolOID ObjectIdentifierOV OrganizationValidatedPIN PersonalIdentificationNumber(e.g.asecretaccesscode)PKI PublicKeyInfrastructurePKIX IETFWorkingGrouponPublicKeyInfrastructurePKCS PublicKeyCryptographyStandardRA RegistrationAuthorityRFC RequestforComments(atIETF.org)SHA SecureHashingAlgorithmSSL SecureSocketsLayer
8
TLD Top‐LevelDomainTLS TransportLayerSecurityUTC CoordinatedUniversalTimeX.509 TheITU‐TstandardforCertificatesandtheircorrespondingauthentication
framework
1.6.3. References
CA/BrowserForumBaselineRequirementsCertificatePolicyfortheIssuanceandManagementofPublicly‐TrustedCertificates(“BaselineRequirements”)CA/BrowserForumGuidelinesfortheIssuanceandManagementofExtendedValidationCertificates(“EVGuidelines”)FBCASupplementaryAntecedent,In‐PersonDefinition
Wi‐FiAllianceHotspot2.0Release2OnlineSignupCertificatePolicySpecification(Hotspot2.0CP)
X.509CertificatePolicyfortheFederalBridgeCertificationAuthority,v.2.32
MozillaRootStorePolicy,v.2.6.1
2. PUBLICATIONANDREPOSITORYRESPONSIBILITIES
2.1. REPOSITORIESIssuerCAsshallpublishallpubliclytrustedCACertificatesandcross‐Certificates,issuedtoandfromtheIssuerCA,revocationdataforissueddigitalCertificates,CP,CPS,andstandardRelyingPartyAgreementsandSubscriberAgreementsinonlinerepositories.TheIssuerCAshallensurethatitsrootCertificateandtherevocationdataforissuedCertificatesareavailablethrougharepository24hoursaday,7daysaweekwithaminimumof99%availabilityoverallperyearwithascheduleddowntimethatdoesnotexceed0.5%annually.TheIssuerCAshalldevelop,implement,enforce,andannuallyupdatetheCPand/orCPStomeetthecompliancestandardsofthedocumentslistedinSection1.6.3.TheseupdatesalsodescribeindetailhowtheCAimplementsthelatestversionoftheBaselineRequirements.
2.2. PUBLICATIONOFCERTIFICATIONINFORMATIONIssuerCAsshallmakethefollowinginformationpubliclyaccessibleontheweb:allpubliclytrustedrootCertificates,crossCertificates,CRLs,CPsandCPSs.PointerstorepositoryinformationinCAandendentityCertificatesshallonlycontainvalidUniformResourceIdentifiers(URIs)thatareaccessiblebyrelyingparties.
2.3. TIMEORFREQUENCYOFPUBLICATIONIssuerCAsshallpublishCACertificatesandrevocationdataassoonaspossibleafterissuance.IssuerCAsshallpublishnewormodifiedversionsCPSswithinsevendaysoftheirapproval.
2.4. ACCESSCONTROLSONREPOSITORIESInformationpublishedinarepositoryispublicinformation.TheIssuerCAshallprovideunrestrictedreadaccesstoitsrepositoriesandshallimplementlogicalandphysicalcontrolstopreventunauthorizedwriteaccesstosuchrepositories.
9
3. IDENTIFICATIONANDAUTHENTICATION
3.1. NAMING
3.1.1. TypesofNamesIssuerCAsshallissueCertificateswithanon‐nullsubjectDistinguishedName(DN)thatcomplieswithITUX.500standards.Level1CertificatesmayincludeanullsubjectDNiftheyincludeatleastonealternativenameformthatismarkedcritical.SubjectAlternateNameformsmaybeincludedinCertificatesiftheyaremarkednon‐critical.WhenDNsareused,commonnamesmustrespectnamespaceuniquenessandmustnotbemisleading.
3.1.2. NeedforNamestobeMeaningfulWhenapplicable,IssuerCAsshallusedistinguishednamestoidentifyboththeentity(i.e.person,organization,device,orobject)thatisthesubjectoftheCertificateandtheentitythatistheissueroftheCertificate.Directoryinformationtreesshallaccuratelyreflectorganizationalstructures.Whenapplicable,IssuerCAsshallensurethateachUserPrincipalName(UPN)isuniqueandaccuratelyreflectsorganizationalstructures.
3.1.3. AnonymityorPseudonymityofSubscribersIssuerCAsmayissueend‐entityanonymousorpseudonymousCertificatesprovidedthat(i)suchCertificatesarenotprohibitedbyapplicablepolicy(e.g.forcertificatetype,assurancelevel,orcertificateprofile)and(ii)namespaceuniquenessispreserved.
3.1.4. RulesforInterpretingVariousNameFormsDistinguishedNamesinCertificatesareinterpretedusingX.500standardsandASN.1syntax.SeeRFC2253andRFC2616forfurtherinformationonhowX.500distinguishednamesinCertificatesareinterpretedasUniformResourceIdentifiersandHTTPreferences.
3.1.5. UniquenessofNamesNameuniquenessisrequiredineachCertificateissuedbyeachCA.TheDCPAmayenforcenameuniquenessbyrequiringthateachCertificateincludeauniqueserialnumberthatisincorporatedaspartofthesubjectname.
3.1.6. Recognition,Authentication,andRoleofTrademarksSubscribersmaynotrequestCertificateswithanycontentthatinfringestheintellectualpropertyrightsofanotherentity.Unlessotherwisespecificallystated,thisCPdoesnotrequireanIssuerCAtoverifyanApplicant’srighttouseatrademark.IssuerCAsmayrejectanyapplicationorrequirerevocationofanyCertificatethatispartofatrademarkdispute.
3.2. INITIALIDENTITYVALIDATIONAnIssuerCAmayuseanylegalmeansofcommunicationorinvestigationtoascertaintheidentityofanorganizationalorindividualApplicant.TheIssuerCAmayrefusetoissueaCertificateinitssolediscretion.
3.2.1. MethodtoProvePossessionofPrivateKeyTheIssuerCAshallverifythattheApplicantpossessesthePrivateKeycorrespondingtothePublicKeyinthecertificaterequest.
3.2.2. AuthenticationofOrganizationandDomain/EmailControlAnIssuerCAmusttakereasonablemeasurestoverifythattheentitysubmittingtherequestforaCertificatetobeusedtosignorencryptemailcontrolstheemailaccountassociatedwiththeemailaddressreferencedintheCertificateorhasbeenauthorizedbytheemailaccountholdertoactontheaccountholder’sbehalf.
10
DomainnamesincludedinapubliclytrustedSSL/TLSCertificatemustbeverifiedinaccordancewithSection3.2.2.4oftheBaselineRequirements.Ifapublicly‐trustedSSL/TLSCertificatewillcontainanorganization’sname,thentheIssuerCA(oranRA)shallverifytheinformationabouttheorganizationanditslegalexistenceinaccordancewithSection3.2.2.1oftheBaselineRequirementsusingreliablethirdpartyandgovernmentdatabasesorthroughotherdirectmeansofcommunicationwiththeentityorjurisdictiongoverningtheorganization’slegalcreation,existence,orrecognition.IftherequestisforaCertificatethatassertsanorganizationalaffiliationbetweenahumansubscriberandanorganization,theIssuerCAshallobtaindocumentationfromtheorganizationthatrecognizestheaffiliationandobligatestheorganizationtorequestrevocationoftheCertificateifthataffiliationends.SeeSections3.2.5,4.9.1and9.6.1.IftheFQDNcontainsawildcardcharacter,thentheIssuerCAmustremoveallwildcardlabelsfromtheleftmostportionofrequestedFQDN.TheCAmayprunezeroormorelabelsfromlefttorightuntilencounteringaBaseDomainNameandmayuseanyoneoftheintermediatevaluesforthepurposeofdomainvalidation.BeforeissuingacertificatewithawildcardcharacterinaCNorsubjectAltNameofatypeDNS‐ID,theCAmustfollowadocumentedprocedurethatdeterminesifthewildcardcharacteroccursinthefirstlabelpositiontotheleftofa“registry‐controlled”labelor“publicsuffix”(e.g.“*.com”,“*.co.uk”,seeRFC6454Section8.2forfurtherexplanation).Ifawildcardwouldfallwithinthelabelimmediatelytotheleftofaregistry‐controlledorpublicsuffix,theIssuerCAmustrefuseissuanceunlesstheapplicantprovesitsrightfulcontroloftheentireDomainNamespace.IssuerCAsmustcompleteallDomain/IPAddressvalidationprocedures—suchvalidationproceduresmustnotbecompletedbythirdparties.ForaCertificateissuedtoaDomainNamewith.onionintheright‐mostlabeloftheDomainName,theIssuerCAconfirms,asofthedatetheCertificatewasissued,theApplicant’scontroloverthe.onionDomainNameinaccordancewithAppendixFoftheEVGuidelines.IssuerCAsandRAsshallidentifyhigh‐riskcertificaterequestsandshallconductadditionalverificationactivityandtakeadditionalprecautionsasarereasonablynecessarytoensurethathigh‐riskrequestsareproperlyverified.AllrequestsforIssuerCACertificatesorCertificateswithanorganization’snamethatarecross‐certifiedwiththeFBCAshallincludetheorganizationname,address,anddocumentationoftheexistenceoftheorganization.ForIssuerCACertificatesandCAcross‐Certificates,representativesoftheDCPAverifytheinformation,inadditiontotheauthenticityoftherequestingrepresentativeandtherepresentative’sauthorizationfortheCertificate.
3.2.3. AuthenticationofIndividualIdentityTheIssuerCAoranRAshallverifyanindividual’sidentityinaccordancewiththeprocessestablishedinitsCPSorRPSthatmeetsthefollowingminimumrequirements:
Certificate IdentityVerificationSSL/TLSServerCertificatesandObjectSigningCertificates(issuedtoanIndividual)
TheApplicantshallsubmitalegiblecopy,whichdiscerniblyshowstheApplicant’sface,ofatleastonecurrentlyvalidgovernment‐issuedphotoID(passport,driverslicense,militaryID,nationalID,orequivalentdocumenttype).Thecopyofthedocumentshallbe
11
inspectedforanyindicationofalterationorfalsification.ForObjectSigningCertificates,theIssuerCAorRAshallobtainaface‐to‐faceidentificationoftheApplicant(i.e.aDeclarationofIdentity),whichmaybeperformedviaavideoconferencecall.IftheIssuerCAorRArequiresfurtherassurance,theApplicantshallprovideadditionalformsofidentification,includingnon‐photoandnon‐governmentalformsofidentificationsuchasrecentutilitybills,financialaccountstatements,Applicantcreditcard,additionalIDcredential,orequivalentdocumenttype.TheIssuerCAorRAshallconfirmthattheApplicantisabletoreceivecommunicationbytelephone,postalmail/courier,orfax.IftheIssuerCAorRAcannotverifytheApplicant’sidentityusingtheproceduresdescribedabove,thentheIssuerCAorRAshallobtainaDeclarationofIdentity*witnessedandsignedbyaRegistrationAuthority,TrustedAgent,notary,lawyer,accountant,postalcarrier,oranyentitycertifiedbyaStateorNationalGovernmentasauthorizedtoconfirmidentities.
DeviceCertificateSponsors
Seesection3.2.3.3
EVSSL/TLSCertificatesissuedtoaBusinessEntity
AsspecifiedintheEVGuidelines
Authentication‐OnlyCertificates
Theentitycontrollingthesecurelocationrepresentsthatthecertificateholderhasauthorizationtoaccessthelocation.
Grid‐onlyCertificates EithertheRAresponsibleforthegridcommunityoraTrustedAgentmusteitherreviewanidentitydocumentduringaface‐to‐facemeetingwiththeApplicant,oraTrustedAgentmustattestthattheApplicantispersonallyknowntotheTrustedAgent.Ifanidentificationdocumentisused,theRAmustretainsufficientinformationabouttheApplicant’sidentityinordertoverifytheApplicantatalaterdate.
Level1ClientCertificates–Personal(emailcertificates)
Applicant’scontroloveranemailaddress(oranyoftheidentityverificationmethodslistedforahigherlevelclientcertificate).
Level1ClientCertificates‐Enterprise(emailcertificates)
Anyoneofthefollowing:
1.In‐personappearancebeforeanRAorTrustedAgentwithpresentmentofanidentitycredential(e.g.,driver'slicenseorbirthcertificate).
2.Usingproceduressimilartothoseusedwhenapplyingforconsumercreditandauthenticatedthroughinformationinconsumercreditdatabasesorgovernmentrecords,suchas:
‐theabilitytoplaceorreceivecallsfromagivennumber;or‐theabilitytoobtainmailsenttoaknownphysicaladdress.
3.Throughinformationderivedfromanongoingbusinessrelationshipwiththecredentialproviderorapartnercompany(e.g.,afinancialinstitution,airline,employer,orretailcompany).Acceptableinformationincludes:
‐theabilitytoobtainmailatthebillingaddressusedinthebusinessrelationship;or
12
‐verificationofinformationestablishedinprevioustransactions(e.g.,previousordernumber);or‐theabilitytoplacecallsfromorreceivephonecallsataphonenumberusedinpreviousbusinesstransactions.4.AnymethodrequiredtoverifyidentityforissuanceofaLevel2,3,or4ClientCertificate
Level2ClientCertificates
ThislevelofassurancerequiresthattheIssuerCAorRAverifytheApplicant’sidentityusingthepossessionofareliableformofidentification.PersonalidentifyinginformationshallbecomparedwithApplicant‐providedinformationtoconfirmthattheassertednamematches:(a) thenamecontainedinthepresentedidentificationcredential;(b) theindividual’sdateofbirth;and(c) acurrentaddressorpersonaltelephonenumbersufficienttoidentifyauniqueindividual.TheIssuerCAorRAshallverifytheApplicant’sidentityusingoneofthefollowingfour(4)methods:1.In‐personproofingbeforeanRAorTrustedAgent(orentitycertifiedbyaStateorNationalGovernmentasauthorizedtoconfirmidentities)withpresentmentofavalidcurrentgovernment‐issuedidentitydocumentthatcontainstheApplicant’spictureandeitheraddressofrecordornationality(e.g.driver’slicenseorPassport).SuchauthenticationdoesnotrelievetheRAofitsresponsibilitytoverifythepresenteddata.2.RemotelyverifyinginformationprovidedbytheApplicant(verifiedelectronicallybyarecordcheckwiththespecifiedissuingauthorityorthroughsimilardatabasestoestablishtheexistenceofsuchrecordswithmatchingnameandreferencenumbersandtocorroboratedateofbirthandcurrentaddressofrecordortelephonenumber).TheIssuerCAorRAmayconfirmanaddressbyissuingthecredentialsinamannerthatconfirmstheaddressofrecordorverifyingknowledgeofrecentaccountactivityassociatedwiththeApplicant’saddressandmayconfirmatelephonenumberbysendingachallenge‐responseSMStextmessageorbyrecordingtheapplicant’svoiceduringacommunicationafterassociatingthetelephonenumberwiththeapplicantinrecordsthatareavailabletotheIssuerCAorRA.
3.IftheIssuerCAorRAhasacurrent,ongoingrelationshipwiththeApplicant,theIssuerCAorRAmayverifyidentityusinganexchangeofapreviouslyexchangedsharedsecret(e.g.,aPINorpassword)thatmeetsorexceedsNISTSP800‐63Level2entropyrequirements,providedthat:(a)identitywasoriginallyestablishedwiththedegreeofrigorequivalenttothatrequiredin1or2aboveusingagovernment‐issuedphotoID,and(b)theongoingrelationshipexistssufficienttoensuretheApplicant’scontinuedpersonalpossessionofthesharedsecret.4.AnyofthemethodsrequiredtoverifyidentityforissuanceofaDigiCertLevel3or4ClientCertificate.
13
Level3ClientCertificates
In‐personproofingbeforeanRA,TrustedAgent,oranentitycertifiedbyaStateorNationalGovernmentthatisauthorizedtoconfirmidentities(providedthatthecertifiedentityforwardstheinformationcollectedfromtheapplicantdirectlytotheRAinasecuremannerandthattheRAisnotrelievedofitsresponsibilitytoverifythepresenteddata).
TheApplicantshallprovideatleastoneFederalGovernment‐issuedPictureI.D.,aREALID,ortwoNon‐FederalGovernmentI.D.s,oneofwhichmustbeaphotoI.D.AcceptableformsofNon‐FederalGovernmentphotoIDsincludeadriver'slicense,state‐issuedphotoIDcard,passport,nationalidentitycard,permanentresidentcard,trustedtravelercard,tribalID,militaryID,orsimilarphotoidentificationdocument.SeeUSCISFormI‐9.
TheIssuerCAorRAshallexaminethecredentialsanddeterminewhethertheyareauthenticandunexpired.ForeachLevel3orhigherassuranceClientCertificateissued,theIssuerCAortheRAshallreviewandrecordaDeclarationofIdentity*whichshallbesignedbytheapplicantandthepersonperformingthein‐personidentification.TheIssuerCAorRAshallchecktheprovidedinformation(name,dateofbirth,andcurrentaddress)toensurelegitimacyandmayverifyitelectronicallybyarecordcheckasdescribedabove.TheIssuerCAorRAmayemployanin‐personantecedentprocess,definedinFBCASupplementaryAntecedent,In‐PersonDefinition,tomeetthein‐personidentityproofingrequirement.Underthisdefinition,historicalin‐personidentityproofingissufficientif(1)itmeetsthethoroughnessandrigorofin‐personproofingdescribedabove,(2)supportingIDproofingartifactsexisttosubstantiatetheantecedentrelationship,and(3)mechanismsareinplacethatbindtheindividualtotheassertedidentity.Inoneusecase,theApplicant(e.g.anemployee)hasbeenidentifiedpreviouslybyanemployerusingUSCISFormI‐9andisboundtotheassertedidentityremotelythroughtheuseofknownattributesorsharedsecrets.Inanotherusecase,athirdpartyIdentityVerificationProviderconstructsareal‐time,five‐questionprocess,basedonmultiplehistoricantecedentdatabases,andtheapplicantisgiventwominutestoansweratleastfourofthefivequestionscorrectly.SeeFBCASupplementaryAntecedent,In‐PersonDefinition.IfthephotoIDisunexpiredandconfirmstheaddressofrecordfortheApplicant,thenthecertificatemaybeapprovedforissuancewithnoticeofissuancesenttotheaddressofrecord.IfthephotoIDdoesnotconfirmtheApplicant’saddressofrecord,thenthecertificateshallbeissuedinamannerthatconfirmstheaddressofrecord.ForallLevel3orhigherassuranceClientCertificates,theidentityoftheApplicantmustbeestablishednoearlierthan30dayspriortoinitialcertificateissuance.
14
Level4ClientCertificates(MediumHardware)Mustbeissuedtocryptographichardware.
In‐personproofingbeforeanRA,TrustedAgent,oranentitycertifiedbyaStateorNationalGovernmentthatisauthorizedtoconfirmidentities(providedthatthecertifiedentityforwardstheinformationcollectedfromtheapplicantdirectlytotheRAinasecuremannerandthattheRAisnotrelievedofitsresponsibilitytoverifythepresenteddata).TheApplicationshallsupply(i)oneFederalGovernment‐issuedPictureI.D.,aREALID,ortwoNon‐FederalGovernmentI.D.s,oneofwhichmustbeaphotoI.D.and(ii)thecontemporaneouscollectionofatleastonebiometric(e.g.photographorfingerprints)toensurethattheApplicantcannotrepudiatetheapplication.AcceptableformsofNon‐FederalGovernmentphotoIDsincludeadriver'slicense,state‐issuedphotoIDcard,passport,nationalidentitycard,permanentresidentcard,trustedtravelercard,tribalID,militaryID,orsimilarphotoidentificationdocument.SeeUSCISFormI‐9.TheIssuerCAorRAshallexaminethecredentialsanddeterminewhethertheyareauthenticandunexpired.ForeachLevel4ClientCertificateissued,theIssuerCAortheRAshallreviewandrecordaDeclarationofIdentity*thatissignedbytheapplicantandthepersonperformingthein‐personidentification.ForallLevel4ClientCertificatestheuseofanin‐personantecedentisnotapplicableandtheApplicantshallestablishhisorheridentitynomorethan30dayspriortoinitialcertificateissuance.IssuerCAsandRAsshallissueLevel4ClientCertificatesinamannerthatconfirmstheApplicant’saddressofrecord.
*ADeclarationofIdentityconsistsofthefollowing:
a. theidentityofthepersonperformingtheverification;b. asigneddeclarationbytheverifyingpersonstatingthattheyverifiedtheidentityofthe
Subscriberasrequiredusingtheformatsetforthat28U.S.C.1746(declarationunderpenaltyofperjury)orcomparableprocedureunderlocallaw;thesignatureonthedeclarationmaybeeitherahandwrittenordigitalsignatureusingacertificatethatisofequalorhigherlevelofassuranceasthecredentialbeingissued;
c. uniqueidentifyingnumber(s)fromtheApplicant’sidentificationdocument(s),orafacsimileoftheID(s);
d. thedateoftheverification;ande. adeclarationofidentitybytheApplicantthatissigned(inhandwritingorthroughuseofa
digitalsignaturethatisofequivalentorhigherassurancethanthecredentialbeingissued)inthepresenceofthepersonperformingtheverificationusingtheformatsetforthat28U.S.C.1746(declarationunderpenaltyofperjury)orcomparableprocedureunderlocallaw.
Wherein‐personidentityverificationisrequiredandtheApplicantcannotparticipateinface‐to‐faceregistrationalone(e.g.becauseApplicantisanetworkdevice,minor,orpersonnotlegallycompetent),thentheApplicantmaybeaccompaniedbyapersonalreadycertifiedbythePKIorwhohastherequiredidentitycredentialsforaCertificateatthesameorhigherlevelofassuranceappliedforbytheApplicant.ThepersonaccompanyingtheApplicant(i.e.the“Sponsor”)willpresentinformationsufficientforregistrationatthelevelofthecertificatebeingrequested,forhimselforherself,andfortheApplicant.Forin‐personidentityproofingatLevels3and4,anentitycertifiedbyaStateorNationalGovernmentasauthorizedtoconfirmidentitiesmayperformin‐personauthenticationonbehalfoftheRA.Theinformationcollectedfromtheapplicantshouldbereliablycollectedfromthecertified
15
entity.Packagessecuredinatamper‐evidentmannerbythecertifiedentitysatisfythisrequirement;othersecuremethodsarealsoacceptable.SuchauthenticationdoesnotrelievetheRAofitsresponsibilitytoverifythepresenteddata.
3.2.3.1. Authentication for Role‐based Client Certificates AnIssuerCAmayissueCertificatesthatidentifyaspecificrolethattheSubscriberholds,providedthattheroleidentifiesaspecificindividualwithinanorganization(e.g.,ChiefInformationOfficerisauniqueindividualwhereasProgramAnalystisnot).Theserole‐basedCertificatesareusedwhennon‐repudiationisdesired.TheIssuerCAmayonlyissuerole‐basedcertificatestoSubscriberswhofirstobtainanindividualSubscriberCertificatethatisatthesameorhigherassurancelevelastherequestedrole‐basedCertificate.AnIssuerCAmayissueCertificateswiththesameroletomultipleSubscribers.However,theIssuerCAshallrequirethateachCertificatehaveauniqueKeyPair.Individualsmaynotsharetheirissuedrole‐basedCertificatesandarerequiredtoprotecttherole‐basedCertificateinthesamemannerasindividualCertificates.TheIssuerCAoranRAshallverifytheidentityoftheindividualrequestingarole‐basedCertificate(i.e.thesponsor)inaccordancewithSection3.2.3andrecordtheinformationidentifiedinSection3.2.3forasponsorassociatedwiththerolebeforeissuingarole‐basedCertificate.ThesponsormustholdanindividualCertificateinhis/herownnameissuedbythesameCAatthesameorhigherassurancelevelastherole‐basedCertificate.Proceduresandpoliciesforissuingrole‐basedCertificatesshallcomplywithallprovisionsofthisCP(e.g.,keygeneration,privatekeyprotection,andSubscriberobligations).IGTFCertificatesarenotissuedasrole‐basedCertificates.IftheCertificateisapseudonymouscertificatecross‐certifiedwiththeFBCAthatidentifiessubjectsbytheirorganizationalroles,thentheIssuerCAorRAshallverifythattheindividualeitherholdsthatroleorhastheauthoritytosignonbehalfoftherole.
3.2.3.2. Authentication for Group Client Certificates Ifseveralentitiesareactinginonecapacityandnon‐repudiationisnotnecessary,theIssuerCAmayissueaCertificatecorrespondingtoaPrivateKeysharedbymultipleSubscribers.TheIssuerCAorRAshallrecordtheinformationidentifiedinSection3.2.3forasponsorfromtheInformationSystemsSecurityOfficeorequivalentbeforeissuingagroupCertificate.Inaddition,theIssuerCAortheRAshall:
1. RequirethattheInformationSystemsSecurityOffice,orequivalent,beresponsibleforensuringcontrolofthePrivateKey,includingmaintainingalistofSubscriberswhohaveaccesstothePrivateKey,andaccountforthetimeperiodduringwhicheachSubscriberhadcontrolofthekey,
2. NotincludeasubjectNameDNinthecertificateinawaythatcouldimplythatthesubjectisasingleindividual,
3. RequirethatthesponsorprovideandcontinuouslyupdatealistofindividualswhoholdthesharedPrivateKey,and
4. EnsurethattheproceduresforissuinggroupcertificatescomplywithallotherstipulationsofthisCP(e.g.,keygeneration,privatekeyprotection,andSubscriberobligations).
IGTFCertificatesarenotissuedasgroupCertificates.
3.2.3.3. Authentication of Devices with Human Sponsors AnIssuerCAmayissueaLevel1,2,3or4ClientorFederatedDeviceCertificateforuseonacomputingornetworkdevice,providedthattheentityowningthedeviceislistedasthesubject.Insuchcases,thedevicemusthaveahumansponsorwhoprovides:
16
1. Equipmentidentification(e.g.,serialnumber)orservicename(e.g.,DNSname),2. EquipmentPublicKeys,3. Equipmentauthorizationsandattributes(ifanyaretobeincludedinthecertificate),and4. Contactinformation.
IftheCertificate’ssponsorchanges,thenewsponsorshallreviewthestatusofeachdevicetoensureitisstillauthorizedtoreceiveCertificates.TheCPSshalldescribeprocedurestoensurethatcertificateaccountabilityismaintained.TheIssuerCAshallverifyallregistrationinformationcommensuratewiththerequestedcertificatetype.Acceptablemethodsforperformingthisauthenticationandintegritycheckinginclude:
1. Verificationofdigitallysignedmessagessentfromthesponsor(usingCertificatesofequivalentorgreaterassurancethanthatbeingrequested)
2. Inpersonregistrationbythesponsor,withtheidentityofthesponsorconfirmedinaccordancewiththerequirementsofSection3.2.3.
3.2.4. Non‐verifiedSubscriberInformationIssuerCAsarenotrequiredtoconfirmthatthecommonnameinaLevel1‐PersonalClientCertificateisthelegalnameoftheSubscriber.Anyothernon‐verifiedinformationincludedinaCertificateshallbedesignatedassuchintheCertificate.NounverifiedinformationshallbeincludedinanyLevel2,Level,3,Level4,ObjectSigning,EV,orFederatedDeviceCertificate.
3.2.5. ValidationofAuthorityTheIssuerCAorRAshallverifytheauthorizationofacertificaterequestasfollows:
Certificate VerificationDVSSL/TLSCertificates,OVSSL/TLSCertificates,andFederatedDeviceCertificates
AnauthorizedcontactlistedwiththeDomainNameRegistrar,apersonwithcontroloverthedomainname,orthroughcommunicationwiththeapplicantusingaReliableMethodofCommunication,asdefinedintheBaselineRequirements.
EVCertificates InaccordancewiththeEVGuidelines.ObjectSigningCertificates(includingEVCodeSigningCertificates)
IfaCertificatenamesanorganization,anauthoritativesourcewithintheorganization(e.g.corporate,legal,IT,HR,orotherappropriateorganizationalsources)usingaReliableMethodofCommunication.
Level1ClientCertificates‐PersonalorEnterprise(emailcertificates)issuedthroughthenativeDigiCertinfrastructure
AnindividualwithcontrolovertheemailaddresslistedintheCertificateorwithapersonwhohastechnicaloradministrativecontroloverthedomainortheemailaddresstobelistedintheCertificate.
IGTFCertificates Pursuanttotherelevantrequirementsbytheaccreditationauthority.
ClientCertificatesLevels2,3and4
Individualsaffiliatedwiththeorganizationwhoconfirmtheapplicant’sauthoritytoobtainaCertificateindicatingtheaffiliationandwhoagreetorequestrevocationoftheCertificatewhenthataffiliationends.
Class1‐3CertificatesissuedthroughtheacquiredSymantecinfrastructure
IndividualsorIndividualsaffiliatedwiththeorganizationwhoconfirmtheapplicant’sauthoritytoobtainaCertificateindicatingtheaffiliationandwhoagreetorequestrevocationoftheCertificatewhenthataffiliationends.
TheIssuerCAshallimplementaprocesswherebyanApplicantmaylimitthenumberofindividualsauthorizedtorequestCertificates.TheIssuerCAshallprovidealistofauthorizedcertificaterequestersafterreceivingaverifiedrequestforsuchinformationfromanindividualauthorizedtomakesuchrequest.
17
3.3. IDENTIFICATIONANDAUTHENTICATIONFORRE‐KEYREQUESTS
3.3.1. IdentificationandAuthenticationforRoutineRe‐keyAnIssuerCAmayallowSubscribersofSSL/TLSServerandCodeSigningCertificatestoauthenticatethemselvesoveraTLS/SSLsessionwithusernameandpassword.EachSubscribershallreestablishitsidentityusingtheinitialregistrationprocessesofsection3.2accordingtothefollowingtable:
Certificate RoutineRe‐KeyAuthentication Re‐VerificationRequiredDVandOVSSL/TLSCertificates Usernameandpassword AccordingtotheBaseline
RequirementsEVSSL/TLSCertificates Usernameandpassword AccordingtotheEV
GuidelinesSubscriberCodeSigningCertificates(MinimumRequirementsandEV)
Usernameandpassword Atleastevery39months
SigningAuthorityEVCodeSigningCertificates
Usernameandpassword Atleastevery123months
TimestampEVCodeSigningCertificates
Usernameandpassword Atleastevery123months
ObjectSigningCertificates Usernameandpassword AtleasteverysixyearsLevel1ClientCertificatesissuedthroughthenativeDigiCertinfrastructure
Usernameandpassword Atleasteverynineyears
Level2ClientCertificatesissuedthroughthenativeDigiCertinfrastructure
Currentsignaturekeyormulti‐factorauthenticationmeetingNISTSP800‐63Level3
Atleasteverynineyears
Level3and4ClientCertificatesissuedthroughthenativeDigiCertinfrastructure
Currentsignaturekeyormulti‐factorauthenticationmeetingNISTSP800‐63Level3
Atleasteverynineyears
Class1‐3ClientCertificatesissuedthroughtheacquiredSymantecinfrastructure
Challengephrase Atleasteverysixyears
FederatedDeviceandFederatedDevice‐hardware
Currentsignaturekeyormulti‐factorauthenticationmeetingNIST‐800‐63Level3
Atleasteverynineyears
IGTFCertificates Usernameandpassword,RAattestationaftercomparisonofidentitydocuments,re‐authenticatethroughanapprovedIdM,orthroughassociatedPrivateKey
Atleastevery13months.However,certificatesassociatedwithaPrivateKeyrestrictedsolelytoahardwaretokenmayberekeyedorrenewedforaperiodofupto5years
Authentication‐OnlyCertificates UsernameandpasswordorwithassociatedPrivateKey
None
TheIssuerCAshallnotre‐keyaCertificatewithoutadditionalauthenticationifdoingsowouldallowtheSubscribertousetheCertificatebeyondthelimitsdescribedabove.
3.3.2. IdentificationandAuthenticationforRe‐keyAfterRevocationTheIssuerCAshallrequiresubscribersofCertificatesthathavebeenrevokedforreasonsotherthanastheresultofaroutinecertificaterenewal,update,ormodificationactiontoundergotheinitialregistrationprocess(describedinSection3.2)toobtainanewCertificate.
18
3.4. IDENTIFICATIONANDAUTHENTICATIONFORREVOCATIONREQUESTTheIssuerCAortheRAthatapprovedtheCertificate’sissuanceshallauthenticateallrevocationrequests.TheIssuerCAorRAmayauthenticatearevocationrequestusingtheCertificate’sPublicKey,regardlessofwhethertheassociatedPrivateKeyiscompromised.
4. CERTIFICATELIFE‐CYCLEOPERATIONALREQUIREMENTS
4.1. CERTIFICATEAPPLICATION
4.1.1. WhoCanSubmitaCertificateApplicationNoindividualorentitylistedonagovernmentdeniedlist,listofprohibitedpersons,orotherlistthatprohibitsdoingbusinesswithsuchorganizationorpersonunderthelawsoftheUnitedStatesmaysubmitanapplicationforaCertificate.ApplicantsorindividualsauthorizedtorequestCertificates,whoarenotincludedinanyofthepreviouslists,mayapplyforaCertificate.
4.1.2. EnrollmentProcessandResponsibilitiesTheIssuerCAisresponsibleforensuringthattheidentityofeachCertificateApplicantisverifiedinaccordancewiththisCPandtheapplicableCPSpriortotheissuanceofaCertificate.ApplicantsareresponsibleforsubmittingsufficientinformationanddocumentationfortheIssuerCAortheRAtoperformtherequiredverificationofidentitypriortoissuingaCertificate.
4.2. CERTIFICATEAPPLICATIONPROCESSING
4.2.1. PerformingIdentificationandAuthenticationFunctionsTheIssuerCAortheRAshallidentifyandverifyeachApplicantinaccordancewiththeapplicableCertificationPracticesStatementsandRegistrationPracticesStatements.AnIssuerCAissuingpubliclytrustedSSL/TLSservercertificatesshallstateinitsCPSitspracticesonprocessingCAARecordsforFullyQualifiedDomainNames.TheIssuerCAshallensurethatallcommunicationbetweentheIssuerCAandanRAregardingcertificateissuanceorchangesinthestatusofaCertificatearemadeusingsecureandauditablemethods.Ifdatabasesorothersourcesareusedtoconfirmsensitiveorconfidentialattributesofanindividualsubscriber,thenthatsensitiveinformationshallbeprotectedandsecurelyexchangedinaconfidentialandtamper‐evidentmanner,protectedfromunauthorizedaccess,andtrackedusinganauditablechainofcustody.
4.2.2. ApprovalorRejectionofCertificateApplicationsTheIssuerCAshallrejectanycertificateapplicationthatcannotbeverified.TheIssuerCAshallnotissueCertificatescontaininganewgTLDunderconsiderationbutnotyetapprovedbyICANN.TheIssuerCAmayalsorejectacertificateapplicationonanyreasonablebasis,includingiftheCertificatecoulddamagetheIssuerCA’sbusinessorreputation.IssuerCAsarenotrequiredtoprovideareasonforrejectingacertificateapplication.IssuerCAsandRAsshallfollowindustrystandardswhenapprovingandissuingCertificates.TheIssuerCAorRAshallcontractuallyrequiresubscriberstoverifytheinformationinaCertificatepriortousingtheCertificate.
4.2.3. TimetoProcessCertificateApplicationsAllpartiesinvolvedincertificateapplicationprocessingshallusereasonableeffortstoensurethatcertificateapplicationsareprocessedinatimelymanner.Identityshallbeestablishednomorethan30daysbeforeinitialissuanceofLevel3and4Certificates.
19
4.3. CERTIFICATEISSUANCE
4.3.1. CAActionsduringCertificateIssuanceIssuerCAsshallverifythesourceofacertificaterequestbeforeissuance.TheIssuerCAandanyRAshallprotectdatabasesundertheircontrolandthatareusedtoconfirmSubscriberidentityinformationfromunauthorizedmodificationoruse.TheIssuerCAshallperformitsactionsduringthecertificateissuanceprocessinasecuremanner.CertificateissuancebytheRootCArequiresanindividualauthorizedbytheIssuerCA(i.e.theCAsystemoperator,systemofficer,orPKIadministrator)todeliberatelyissueadirectcommandinorderfortheRootCAtoperformacertificatesigningoperation.
4.3.2. NotificationtoSubscriberbytheCAofIssuanceofCertificateTheIssuerCAorRAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.
4.4. CERTIFICATEACCEPTANCE
4.4.1. ConductConstitutingCertificateAcceptanceThepassageoftimeafterdeliveryornoticeofissuanceofaCertificatetotheSubscriberortheactualuseofaCertificateconstitutestheSubscriber’sacceptanceoftheCertificate.
4.4.2. PublicationoftheCertificatebytheCATheIssuerCAshallpublishallCACertificatestotheIssuerCA’srepository.
4.4.3. NotificationofCertificateIssuancebytheCAtoOtherEntitiesTheFPKIPAshallbenotifiedatleasttwoweekspriortotheissuanceofanewCAcertificateorissuanceofnewinter‐organizationalCAcross‐certificates.ThenotificationshallassertthatthenewCAcross‐certificationdoesnotintroducemultiplepathstoaCAalreadyparticipatingintheFPKI.Inaddition,allnewartifacts(CAcertificates,CRLDP,AIAand/orSIAURLs,etc.)producedasaresultoftheCAcertificateissuanceshallbeprovidedtotheFPKIPAwithin24hoursfollowingissuance.
4.5. KEYPAIRANDCERTIFICATEUSAGE
4.5.1. SubscriberPrivateKeyandCertificateUsageAllSubscribersshallprotecttheirPrivateKeysfromunauthorizeduseordisclosurebythirdpartiesandshallusetheirPrivateKeysonlyfortheirintendedpurpose.
4.5.2. RelyingPartyPublicKeyandCertificateUsageRelyingPartiesshallusesoftwarethatiscompliantwithX.509andapplicableIETFPKIXstandards.TheIssuerCAshallspecifyrestrictionsontheuseofaCertificatethroughcertificateextensionsandshallspecifythemechanism(s)todeterminecertificatevalidity(CRLsandOCSP).RelyingPartiesmustprocessandcomplywiththisinformationinaccordancewiththeirobligationsasRelyingParties.ARelyingPartyshouldusediscretionwhenrelyingonaCertificateandshouldconsiderthetotalityofthecircumstancesandriskoflosspriortorelyingonaCertificate.RelyingonadigitalsignatureorCertificatethathasnotbeenprocessedinaccordancewithapplicablestandardsmayresultinriskstotheRelyingParty.TheRelyingPartyissolelyresponsibleforsuchrisks.Ifthecircumstancesindicatethatadditionalassurancesarerequired,theRelyingPartymustobtainsuchassurancesbeforeusingtheCertificate.
20
4.6. CERTIFICATERENEWAL
4.6.1. CircumstanceforCertificateRenewalAnIssuerCAmayrenewaCertificateif:
1. theassociatedPublicKeyhasnotreachedtheendofitsvalidityperiod,2. theassociatedPrivateKeyhasnotbeencompromised,3. theSubscriberandattributesremainconsistent,and4. re‐verificationofsubscriberidentityisnotrequiredbySection3.3.1.
AnIssuerCAmayalsorenewaCertificateifaCACertificateisre‐keyedorasotherwisenecessarytoprovideservices.AfterrenewingaclientCertificate,theIssuerCAmaynotre‐key,renew,ormodifytheoldCertificate.
4.6.2. WhoMayRequestRenewalOnlythecertificatesubjectoranauthorizedrepresentativeofthecertificatesubjectmayrequestrenewaloftheSubscriber’sCertificates.ForCertificatescross‐certifiedwiththeFBCA,renewalrequestsareonlyacceptedfromcertificatesubjects,PKIsponsorsorRAs.AnIssuerCAmayperformrenewalofitssubscriberCertificateswithoutacorrespondingrequest,suchaswhentheCAre‐keys.
4.6.3. ProcessingCertificateRenewalRequestsTheIssuerCAmayrequirereconfirmationorverificationoftheinformationinaCertificatepriortorenewal.
4.6.4. NotificationofNewCertificateIssuancetoSubscriberTheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.
4.6.5. ConductConstitutingAcceptanceofaRenewalCertificateThepassageoftimeafterdeliveryornoticeofissuanceoftheCertificatetotheSubscriber,oractualuseoftheCertificate,constitutestheSubscriber’sacceptanceofit.
4.6.6. PublicationoftheRenewalCertificatebytheCATheIssuerCAshallpublishallrenewedCACertificatestotheIssuerCA’srepository.
4.6.7. NotificationofCertificateIssuancebytheCAtoOtherEntitiesNostipulation.
4.7. CERTIFICATERE‐KEY
4.7.1. CircumstanceforCertificateRekeyRe‐keyingaCertificateconsistsofcreatinganewCertificatewithadifferentPublicKey(andserialnumber)whileretainingtheremainingcontentsoftheoldCertificatethatdescribethesubject.ThenewCertificatemayhaveadifferentvalidityperiod,keyidentifiers,specifydifferentCRLandOCSPdistributionpoints,and/orbesignedwithadifferentkey.Subscribersrequestingre‐keyshouldidentifyandauthenticatethemselvesaspermittedbySection3.3.1.Afterre‐keyingaClientCertificateorafederateddeviceCertificate,theIssuerCAmaynotre‐key,renew,ormodifythepreviousCertificate.
21
4.7.2. WhoMayRequestCertificateRekeyOnlythesubjectoftheCertificateorthePKIsponsormayrequestre‐key.TheIssuerCAoranRAmayinitiatecertificatere‐keyattherequestofthecertificatesubjectorinitsowndiscretion.
4.7.3. ProcessingCertificateRekeyRequestsRe‐keyrequestsareonlyacceptedfromthesubjectoftheCertificateorthePKIsponsor.Ataminimum,theIssuerCAshallcomplywithsection3.3.1inidentifyingandauthenticatingtheSubscriberorPKIsponsorpriortorekeyingtheCertificate.
4.7.4. NotificationofCertificateRekeytoSubscriberTheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.
4.7.5. ConductConstitutingAcceptanceofaRekeyedCertificateThepassageoftimeafterdeliveryornoticeofissuanceoftheCertificatetotheSubscriberortheactualuseoftheCertificateconstitutestheSubscriber’sacceptanceofit.
4.7.6. PublicationoftheRekeyedCertificatebytheCATheIssuerCAshallpublishrekeyedCACertificatestotheIssuerCA’srepository.
4.7.7. NotificationofCertificateIssuancebytheCAtoOtherEntitiesNostipulation.
4.8. CERTIFICATEMODIFICATION
4.8.1. CircumstanceforCertificateModificationModifyingaCertificatemeanscreatinganewCertificateforthesamesubjectwithauthenticatedinformationthatdiffersslightlyfromtheoldCertificate(e.g.,changestoemailaddressornon‐essentialpartsofnamesorattributes)providedthatthemodificationotherwisecomplieswiththisCP.ThenewCertificatemayhavethesameoradifferentsubjectPublicKey.AftermodifyingaCertificatethatiscross‐certifiedwiththeFBCA,theIssuerCAmaynotre‐key,renew,ormodifytheoldCertificate.
4.8.2. WhoMayRequestCertificateModificationTheIssuerCAmaymodifyaCertificateattherequestofthecertificatesubjectorinitsowndiscretion.
4.8.3. ProcessingCertificateModificationRequestsAfterreceivingarequestformodification,theIssuerCAshallverifyanyinformationthatwillchangeinthemodifiedCertificate.TheIssuerCAmayissuethemodifiedCertificateonlyaftercompletingtheverificationprocessonallmodifiedinformation.ThevalidityperiodofamodifiedCertificatemustnotextendbeyondtheapplicabletimelimitsfoundinsection3.3.1or6.3.2.
4.8.4. NotificationofCertificateModificationtoSubscriberTheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.
4.8.5. ConductConstitutingAcceptanceofaModifiedCertificateThepassageoftimeafterdeliveryornoticeofissuanceoftheCertificatetotheSubscriberoractualuseoftheCertificateconstitutestheSubscriber’sacceptanceofit.
4.8.6. PublicationoftheModifiedCertificatebytheCATheIssuerCAshallpublishmodifiedCACertificatestotheIssuerCA’srepository.
22
4.8.7. NotificationofCertificateModificationbytheCAtoOtherEntitiesNostipulation.
4.9. CERTIFICATEREVOCATIONANDSUSPENSION
4.9.1. CircumstancesforRevocationRevocationofaCertificatepermanentlyendstheoperationalperiodoftheCertificatepriortotheCertificatereachingtheendofitsstatedvalidityperiod.PriortorevokingaCertificate,theIssuerCAshallverifythattherevocationrequestwasmadebyeithertheorganizationorindividualthatmadethecertificateapplicationorbyanentitywiththelegaljurisdictionandauthoritytorequestrevocation. TheIssuerCAshallrevokeaCertificatewithin24hoursifoneormoreofthefollowingoccurs:
1. TheSubscriberrequestsinwritingthattheIssuerCArevoketheCertificate;
2. TheSubscribernotifiestheIssuerCAthattheoriginalCertificaterequestwasnotauthorizedanddoesnotretroactivelygrantauthorization;
3. TheIssuerCAobtainsevidencethattheSubscriber’sPrivateKeycorrespondingtothePublicKeyintheCertificatesufferedaKeyCompromise;or
4. TheIssuerCAobtainsevidencethatthevalidationofdomainauthorizationorcontrolforanyFQDNorIPaddressintheCertificateshouldnotbereliedupon.
TheIssuerCAshouldrevokeacertificatewithin24hoursandmustrevokeaCertificatewithin5daysifoneormoreofthefollowingoccurs:
1. TheCertificatenolongercomplieswiththerequirementsofSections6.1.5and6.1.6oftheCA/Bforumbaselinerequirements;
2. TheIssuerCAobtainsevidencethattheCertificatewasmisused;
3. TheSubscriberorthecross‐certifiedCAbreachedamaterialobligationunderthisCP,theCPS,ortherelevantagreement;
4. TheIssuerCAconfirmsofanycircumstanceindicatingthatuseofaFQDNorIPaddressintheCertificateisnolongerlegallypermitted(e.g.acourtorarbitratorhasrevokedaDomainNameregistrant’srighttousetheDomainName,arelevantlicensingorservicesagreementbetweentheDomainNameRegistrantandtheApplicanthasterminated,ortheDomainNameregistranthasfailedtorenewtheDomainName);
5. TheIssuerCAconfirmsthataWildcardCertificatehasbeenusedtoauthenticateafraudulentlymisleadingsubordinateFQDN;
6. TheIssuerCAconfirmsamaterialchangeintheinformationcontainedintheCertificate;
7. TheIssuerCAconfirmsthattheCertificatewasnotissuedinaccordancewiththeCA/BforumbaselinerequirementsorthisCPortheCPS;
8. TheIssuerCAdeterminesorconfirmsthatanyoftheinformationappearingintheCertificateisinaccurate;
9. TheIssuerCA’srighttoissueCertificatesundertheCA/Bforumbaselinerequirementsexpiresorisrevokedorterminated,unlesstheIssuerCAhasmadearrangementstocontinuemaintainingtheCRL/OCSPRepository;
10. RevocationisrequiredbythisCPand/ortheCPS;or
11. TheIssuerCAconfirmsademonstratedorprovenmethodthatexposestheSubscriber’sPrivateKeytocompromise,methodshavebeendevelopedthatcaneasilycalculateitbasedonthePublicKey(suchasadebianweakkey,seehttp://wiki.debian.org/SSLkeys),orifthereisclearevidencethatthespecificmethodusedtogeneratethePrivateKeywasflawed.
23
TheIssuerCAshouldrevokeaCertificateiftheIssuerCAisawarethat:1. EithertheSubscriber’sortheIssuerCA’sobligationsundertheCPorCPSaredelayedor
preventedbycircumstancesbeyondtheparty’sreasonablecontrol,includingcomputerorcommunicationfailure,and,asaresult,anotherentity’sinformationismateriallythreatenedorcompromised;
2. TheIssuerCAreceivedalawfulandbindingorderfromagovernmentorregulatorybodytorevoketheCertificate;
3. TheIssuerCAceasedoperationsanddidnotarrangeforanotherCAtoproviderevocationsupportfortheCertificate;
4. ThetechnicalcontentorformatoftheCertificatepresentsanunacceptablesecurityrisktoapplicationsoftwarevendors,RelyingParties,orothers;
5. TheSubscriberwasaddedasadeniedpartyorprohibitedpersontoablacklist,orisoperatingfromadestinationprohibitedunderU.S.law;or
6. Forcode‐signingCertificates,theCertificatewasusedtosign,publish,ordistributemalwareorotherharmfulcontent,includinganycodethatisdownloadedontoauser’ssystemwithouttheirconsent.
TheIssuerCAshallrevokeaCertificateifthebindingbetweenthesubjectandthesubject’sPublicKeyintheCertificateisnolongervalidorifanassociatedPrivateKeyiscompromised.TheIssuerCAwillrevokeaSubordinateCACertificatewithinseven(7)daysifoneormoreofthefollowingoccurs:
1. TheSubordinateCArequestsrevocationinwriting;2. TheSubordinateCAnotifiestheIssuerCAthattheoriginalCertificaterequestwasnot
authorizedanddoesnotretroactivelygrantauthorization;3. TheIssuerCAobtainsevidencethattheSubordinateCA’sPrivateKeycorrespondingtothe
PublicKeyintheCertificatesufferedaKeyCompromiseornolongercomplieswiththerequirementsofSections6.1.5and6.1.6oftheCA/Bforumbaselinerequirements;
4. TheIssuerCAobtainsevidencethattheCACertificatewasmisused;5. TheIssuerCAconfirmsthattheCACertificatewasnotissuedinaccordancewithorthat
SubordinateCAhasnotcompliedwiththeCA/BforumbaselinerequirementsortheapplicableCertificatePolicyorCertificationPracticeStatement;
6. TheIssuerCAdeterminesthatanyoftheinformationappearingintheCACertificateisinaccurateormisleading;
7. TheIssuerCAortheSubordinateCAceasesoperationsforanyreasonandhasnotmadearrangementsforanotherCAtoproviderevocationsupportfortheCACertificate;
8. TheIssuerCA’sortheSubordinateCA'srighttoissueCertificatesunderthebaselinerequirementsexpiresorisrevokedorterminated,unlesstheIssuerCAhasmadearrangementstocontinuemaintainingtheCRL/OCSPRepository;
9. RevocationisrequiredbytheIssuerCA’sCertificatePolicyand/orCertificationPracticeStatement;or
10.ThetechnicalcontentorformatoftheCACertificatepresentsanunacceptablerisktoApplicationSoftwareSuppliersorRelyingParties.
IfaCertificateexpressesanorganizationalaffiliation,theIssuerCAortheRAshallrequiretheAffiliatedOrganizationtoinformitifthesubscriberaffiliationchanges.IftheAffiliatedOrganizationnolongerauthorizestheaffiliationofaSubscriber,thentheIssuerCAshallrevokeanyCertificatesissuedtothatSubscribercontainingtheorganizationalaffiliation.IfanAffiliatedOrganizationterminatesitsrelationshipwiththeIssuerCAorRAsuchthatitnolongerprovidesaffiliationinformation,theIssuerCAshallrevokeallCertificatesaffiliatedwiththatAffiliatedOrganization.
24
AnIssuerCAorcross‐certifiedentityshallrequestrevocationofitsDigiCert‐issuedcross‐CertificateifitnolongermeetsthestipulationsofDigiCert’spolicies,asindicatedbyDigiCert’spolicyOIDsinCertificatesorthoselistedinthepolicymappingextensionofthecross‐Certificate.
4.9.2. WhoCanRequestRevocationTheIssuerCAorRAshallacceptrevocationrequestsfromauthenticatedandauthorizedparties,suchasthecertificateSubscriberortheAffiliatedOrganizationnamedinaCertificate.TheIssuerCAorRAmayestablishproceduresthatallowotherentitiestorequestCertificaterevocationforfraudormisuse.TheIssuerCAshallrevokeaCertificateifitreceivessufficientevidenceofcompromiseoflossofthePrivateKey.TheIssuerCAmayrevokeaCertificateofitsownvolitionwithoutreason,evenifnootherentityhasrequestedrevocation.
4.9.3. ProcedureforRevocationRequestTheIssuingCAshallprovideaprocessforSubscriberstorequestrevocationoftheirownCertificates.TheprocessmustbedescribedintheIssuingCA’sCPS.TheIssuingCAshallprovideSubscribers,RelyingParties,applicationsoftwaresuppliers,andotherthirdpartieswithclearinstructionsforreportingsuspectedPrivateKeyCompromise,Certificatemisuse,orothertypesoffraud,compromise,misuse,inappropriateconduct,oranyothermatterrelatedtoCertificates.TheIssuingCAshallpubliclydisclosetheinstructionsthroughareadilyaccessibleonlinemeansandinsection1.5.2oftheirCPS.TheIssuerCAshallmaintainacontinuous24/7abilitytointernallyrespondtoanyhighpriorityCertificateproblemreports.Ifappropriate,theIssuerCAortheRAmayforwardcomplaintstolawenforcement.Entitiessubmittingcertificaterevocationrequestsmustlisttheiridentityandexplainthereasonforrequestingrevocation.TheIssuerCAorRAshallauthenticateandlogeachrevocationrequest.TheIssuerCAwillalwaysrevokeaCertificateiftherequestisauthenticatedasoriginatingfromtheSubscriberortheAffiliatedOrganizationlistedintheCertificate.IfrevocationisrequestedbysomeoneotherthananauthorizedrepresentativeoftheSubscriberorAffiliatedOrganization,theIssuerCAorRAshallinvestigatetheallegedbasisfortherevocationrequest.TheFPKIPAshallbenotifiedatleasttwoweekspriortotherevocationofaCACertificate,wheneverpossible.Foremergencyrevocation,CAsshallfollowthenotificationproceduresinSection5.7.
4.9.4. RevocationRequestGracePeriodTherevocationrequestgraceperiodisthetimeavailabletothesubscriberwithinwhichthesubscribermustmakearevocationrequestafterreasonsforrevocationhavebeenidentified.IssuerCAsandRAsarerequiredtoreportthesuspectedcompromiseoftheirCAorRAPrivateKeyandrequestrevocationtoboththepolicyauthorityandoperatingauthorityofthesuperiorissuingCA(e.g.,theFPKIPA/FBCAOA,DCPA,cross‐signingCA,RootCA,etc.)withinonehourofdiscovery.SubscribersshallrequestrevocationassoonaspossibleifthePrivateKeycorrespondingtotheCertificateislostorcompromisedorifthecertificatedataisnolongervalid.TheIssuerCAmayextendrevocationgraceperiodsonacase‐by‐casebasis.
4.9.5. TimewithinwhichCAMustProcesstheRevocationRequestAnIssuerCAshallrevokeaCertificatewithinonehourofreceivingappropriateinstructionfromtheDCPA.AnIssuerCAshallrevoketheCACertificateofasubordinateorcross‐signedCAassoonaspracticalafterreceivingpropernoticethatthesubordinateorcross‐signedCAhasbeencompromised.Exceptasotherwisesetforthinsection4.9.1.2oftheBaselineRequirements,ifanIssuerCAortheDCPAdeterminesthatimmediaterevocationisnotpractical,becausethepotentialrisksofrevocationoutweightheriskscausedbythecompromise,thentheIssuerCAandtheDCPAshalljointlydeterminetheappropriateprocesstofollowinordertopromptlyrevokethesubordinateorcross‐signedCACertificate.
25
Within24hoursafterreceivingaCertificateproblemreport,theIssuingCAshallinvestigatethefactsandcircumstancesrelatedtoaCertificateproblemreportandprovideapreliminaryreportonitsfindingstoboththeSubscriberandtheentitywhofiledtheCertificateProblemReport.Afterreviewingthefactsandcircumstances,theIssuingCAshallworkwiththeSubscriberandanyentityreportingtheCertificateproblemreportorotherrevocation‐relatednoticetoestablishwhetherornotthecertificatewillberevoked,andifso,adatewhichtheCAwillrevokethecertificate.TheperiodfromreceiptoftheCertificateproblemreportorrevocation‐relatednoticetopublishedrevocationmustnotexceedthetimeframesetforthinSection4.9.1.ThedateselectedbytheIssuingCAshouldconsiderthefollowingcriteria:
1. Thenatureoftheallegedproblem(scope,context,severity,magnitude,riskofharm);
2. Theconsequencesofrevocation(directandcollateralimpactstoSubscribersandRelyingParties);
3. ThenumberofCertificateproblemreportsreceivedaboutaparticularCertificateorSubscriber;
4. Theentitymakingthecomplaint(forexample,acomplaintfromalawenforcementofficialthatawebsiteisengagedinillegalactivitiesshouldcarrymoreweightthanacomplaintfromaconsumerallegingthatshedidn’treceivethegoodssheordered);and
5. Relevantlegislation.
TheIssuerCAshallrevokeotherCertificatesasquicklyaspracticalaftervalidatingtherevocationrequest.TheIssuerCAshallprocessrevocationrequestsasfollows:
1. BeforethenextCRLispublished,iftherequestisreceivedtwoormorehoursbeforeregularperiodicCRLissuance,
2. BypublishingitintheCRLfollowingthenextCRL,iftherequestisreceivedwithintwohoursoftheregularlyschedulednextCRLissuance,and
3. Regardless,within18hoursafterreceipt.
4.9.6. RevocationCheckingRequirementforRelyingPartiesPriortorelyingontheinformationlistedinaCertificate,aRelyingPartyshallconfirmthevalidityofeachCertificateinthecertificatepathinaccordancewithIETFPKIXstandards,includingchecksforcertificatevalidity,issuer‐to‐subjectnamechaining,policyandkeyuseconstraints,andrevocationstatusthroughCRLsorOCSPrespondersidentifiedineachCertificateinthechain.
4.9.7. CRLIssuanceFrequencyCRLissuanceiscomprisedofCRLgenerationandpublication.ForIssuerCAsandonlineintermediateCAs,theintervalbetweenCRLissuanceshallnotexceed24hours.ForRootCAsandIntermediateCAsthatareoperatedinanoff‐linemanner,routineCRLsmaybeissuedlessfrequentlythanspecifiedabove,providedthattheCAonlyissuesCACertificates,certificate‐status‐checkingCertificates,andinternaladministrativeCertificates.CRLissuanceintervalsforsuchofflineCAsarenogreaterthan6months.However,theintervalbetweenroutineCRLissuanceforofflineCAschainingtotheFederalBridgeCAshallnotexceed31days,andsuchCAsmustmeettherequirementsspecifiedinsection4.9.12forissuingEmergencyCRLsandarerequiredtonotifytheDCPAuponEmergencyCRLissuance.
4.9.8. MaximumLatencyforCRLsAllCRLsforCAschainingtotheFederalBridgeshallbepublishedwithinfourhoursofgeneration.Furthermore,eachCRLshallbepublishednolaterthanthetimespecifiedinthenextUpdatefieldofthepreviouslyissuedCRLforsamescope.
26
4.9.9. On‐lineRevocation/StatusCheckingAvailabilityTheIssuerCAshallensurethatthecertificatestatusinformationdistributedbyiton‐linemeetsorexceedstherequirementsforCRLissuanceandlatencystatedinsections4.9.5,4.9.7and4.9.8.Whereoffered,OCSPresponsetimesshallbenolongerthansixseconds.OCSPresponsesmustconformtoRFC6960and/orRFC5019.OCSPresponsesmusteither:1.BesignedbytheCAthatissuedtheCertificateswhoserevocationstatusisbeingchecked,or2.BesignedbyanOCSPResponderwhoseCertificateissignedbytheCAthatissuedtheCertificatewhoserevocationstatusisbeingchecked.Inthelattercase,theOCSPsigningCertificatemustcontainanextensionoftypeid‐pkix‐ocsp‐nocheck,asdefinedbyRFC6960and/orRFC5019.
4.9.10. On‐lineRevocationCheckingRequirementsArelyingpartyshallconfirmthevalidityofaCertificateviaCRLorOCSPinaccordancewithsection4.9.6priortorelyingontheCertificate.IssuerCAsshallsupportanOCSPcapabilityusingtheGETmethodforCertificatesissuedinaccordancewiththeBaselineRequirements.IftheOCSPresponderreceivesarequestforstatusofacertificatethathasnotbeenissued,thentherespondershallnotrespondwitha"good"status.
4.9.11. OtherFormsofRevocationAdvertisementsAvailableAnIssuerCAmayuseothermethodstopublicizerevokedCertificates,providedthat:
1. thealternativemethodisdescribedinitsCPS,2. thealternativemethodprovidesauthenticationandintegrityservicescommensuratewith
theassuranceleveloftheCertificatebeingverified,and3. thealternativemethodmeetstheissuanceandlatencyrequirementsforCRLsstatedin
sections4.9.5,4.9.7,and4.9.8.
4.9.12. SpecialRequirementsRelatedtoKeyCompromiseTheIssuerCAortheRAshallusecommerciallyreasonableeffortstonotifypotentialRelyingPartiesifitdiscoversorsuspectsthatitsPrivateKeyhasbeencompromised.TheIssuerCAmusthavetheabilitytotransitionanyrevocationreasontocodeto“keycompromise”.IfaCertificateisrevokedbecauseofcompromiseorsuspectedcompromise,theIssuerCAshallissueaCRLwithin18hoursafteritreceivesnoticeofthecompromiseorsuspectedcompromise.
4.9.13. CircumstancesforSuspensionNotapplicable.
4.9.14. WhoCanRequestSuspensionNotapplicable.
4.9.15. ProcedureforSuspensionRequestNotapplicable.
4.9.16. LimitsonSuspensionPeriodNotapplicable.
27
4.10. CERTIFICATESTATUSSERVICES
4.10.1. OperationalCharacteristicsIssuerCAsshallmakecertificatestatusinformationavailableviaCRLorOCSP.TheIssuerCAshalllistrevokedCertificatesontheappropriateCRLwheretheyremainuntiloneadditionalCRLispublishedaftertheendoftheCertificate’svalidityperiod,exceptforCodeSigningCertificatesandEVCodeSigningCertificates,whichshallremainontheCRLforatleast10yearsfollowingtheCertificate’svalidityperiod.
4.10.2. ServiceAvailabilityIssuerCAsshallprovidecertificatestatusservices24x7withoutinterruption.ThisincludestheonlinerepositorythatapplicationsoftwarecanusetoautomaticallycheckthecurrentstatusofallunexpiredCertificatesissuedbytheIssuingCA.TheIssuingCAoperatesandmaintainsitsCRLandOCSPcapabilitywithresourcessufficienttoprovidearesponsetimeoftensecondsorlessundernormaloperatingconditions.TheIssuingCAshallmaintainacontinuous24x7abilitytorespondinternallytoahigh‐priorityCertificateProblemReport,andwhereappropriate,forwardsuchacomplainttolawenforcementauthorities,and/orrevokeaCertificatethatisthesubjectofsuchacomplaint.
4.10.3. OptionalFeaturesNostipulation.
4.11. ENDOFSUBSCRIPTIONTheIssuerCAshallallowSubscriberstoendtheirsubscriptiontocertificateservicesbyhavingtheirCertificaterevokedorbyallowingtheCertificateorapplicableSubscriberAgreementtoexpirewithoutrenewal.
4.12. KEYESCROWANDRECOVERY
4.12.1. KeyEscrowandRecoveryPolicyPracticesIssuerCAsshallnotescrowCAPrivateKeys.IssuerCAsmayescrowSubscriberkeymanagementkeystoprovidekeyrecoveryservices.IssuerCAsshallencryptandprotectescrowedPrivateKeyswithatleastthelevelofsecurityusedtogenerateanddeliverthePrivateKey.ForCertificatescross‐certifiedwiththeFBCA,thirdpartiesarenotpermittedtoholdtheSubscribersignaturekeysintrust.Subscribersandotherauthorizedentitiesmayrequestrecoveryofanescrowed(decryption)PrivateKey.EntitiesescrowingPrivateKeysshallhavepersonnelcontrolsinplacethatpreventunauthorizedaccesstoPrivateKeys.Keyrecoveryrequestscanonlybemadeforoneofthefollowingreasons:
1. TheSubscriberhaslostordamagedtheprivate‐keytoken,2. TheSubscriberisnotavailableorisnolongerpartoftheorganizationthatcontractedwith
theIssuerCAforPrivateKeyescrow,3. ThePrivateKeyispartofarequiredinvestigationoraudit,4. Therequesterhasauthorizationfromacompetentlegalauthoritytoaccessthe
communicationthatisencryptedusingthekey,5. Ifkeyrecoveryisrequiredbylaworgovernmentalregulation,or6. IftheentitycontractingwiththeIssuerCAforescrowofthePrivateKeyindicatesthatkey
recoveryismissioncriticalormissionessential.
AnentityreceivingPrivateKeyescrowservicesshall:
28
1. NotifySubscribersthattheirPrivateKeysareescrowed,2. Protectescrowedkeysfromunauthorizeddisclosure,3. ProtectanyauthenticationmechanismsthatcouldbeusedtorecoverescrowedPrivateKeys,4. Releaseescrowedkeysonlyforproperlyauthenticatedandauthorizedrequestsfor
recovery,and5. Complywithanylegalobligationstodiscloseorkeepconfidentialescrowedkeys,escrowed
key‐relatedinformation,orthefactsconcerninganykeyrecoveryrequestorprocess.
4.12.2. SessionKeyEncapsulationandRecoveryPolicyandPracticesIssuerCAsthatsupportsessionkeyencapsulationandrecoveryshalldescribetheirpracticesintheirCPS.
5. FACILITY,MANAGEMENT,ANDOPERATIONALCONTROLS
5.1. PHYSICALCONTROLS
5.1.1. SiteLocationandConstructionTheIssuerCAshallperformitsCAoperationsfromasecuredatacenterequippedwithlogicalandphysicalcontrolsthatmaketheCAoperationsinaccessibletonon‐trustedpersonnel.Thesitelocationandconstruction,whencombinedwithotherphysicalsecurityprotectionmechanismssuchasguards,doorlocks,andintrusionsensors,shallproviderobustprotectionagainstunauthorizedaccesstoCAequipmentandrecords.RAsmustprotecttheirequipmentfromunauthorizedaccessinamannerthatisappropriatetothelevelofthreattotheRA,includingprotectingequipmentfromunauthorizedaccesswhilethecryptographicmoduleisinstalledandactivatedandimplementingphysicalaccesscontrolstoreducetheriskofequipmenttampering,evenwhenthecryptographicmoduleisnotinstalledandactivated.
5.1.2. PhysicalAccessEachIssuerCAandeachRAshallprotectitsequipment(includingcertificatestatusservers)fromunauthorizedaccessandshallimplementphysicalcontrolstoreducetheriskofequipmenttampering.TheIssuerCAandallRAsshallstoreallremovablemediaandpapercontainingsensitiveplain‐textinformationrelatedtoCAorRAoperationsinsecurecontainers.Thesecuritymechanismsshouldbecommensuratewiththelevelofthreattotheequipmentanddata.TheIssuerCAshallmanuallyorelectronicallymonitoritssystemsforunauthorizedaccessatalltimes,maintainanaccesslogthatisinspectedperiodically,andrequiretwo‐personphysicalaccesstotheCAhardwareandsystems.AnIssuerCAshalldeactivateandsecurelystoreitsCAequipmentwhennotinuse.ActivationdatamusteitherbememorizedorrecordedandstoredinamannercommensuratewiththesecurityaffordedthecryptographicmoduleandmustnotbestoredwiththecryptographicmoduleorremovablehardwareassociatedwithremoteworkstationsusedtoadministertheCAequipmentorPrivateKeys.IfthefacilityhousingtheCAequipmentiseverleftunattended,theIssuerCA’sadministratorsshallverifythat:
1. theCAisinastateappropriatetothecurrentmodeofoperation,2. thesecuritycontainersareproperlysecured3. physicalsecuritysystems(e.g.,doorlocks,ventcovers)arefunctioningproperly,and4. theareaissecuredagainstunauthorizedaccess.
TheIssuerCAshallmakeapersonorgroupofpersonsexplicitlyresponsibleformakingsecuritychecks.Ifagroupofpersonsisresponsible,theIssuerCAshallmaintainalogthatidentifieswhoperformedthesecuritycheck.Ifthefacilityisnotcontinuouslyattended,thelastpersontodepartshallinitialasign‐outsheetthatindicatesthedateandtimeandassertsthatallnecessaryphysicalprotectionmechanismsareinplaceandactivated.
29
5.1.3. PowerandAirConditioningTheIssuerCAshallmaintainabackuppowersupplyandsufficientenvironmentalcontrolstoprotecttheCAsystemsandallowtheCAtoautomaticallyfinishpendingoperationsandrecordthestateofequipmentbeforealackofpowerorairconditioningcausesashutdown.
5.1.4. WaterExposuresTheIssuerCAshallprotectitsCAequipmentfromwaterexposure.
5.1.5. FirePreventionandProtectionTheIssuerCAshallusefacilitiesequippedwithfiresuppressionmechanisms.
5.1.6. MediaStorageIssuerCAsandRAsshallprotectallmediafromaccidentaldamageandunauthorizedphysicalaccess.EachIssuerCAandeachRAshallduplicateandstoreitsauditandarchiveinformationinabackuplocationthatisseparatefromitsprimaryoperationsfacility.
5.1.7. WasteDisposalPaperwastecontainingsensitivedatashallbeshreddedbeforedisposal.Sensitivedataonmagneticorotherdigitalmediamustbepermanentlyerasedbeforedisposal.
5.1.8. Off‐siteBackupTheIssuerCAorRAshallmakeweeklysystembackupssufficienttorecoverfromsystemfailureandshallstorethebackups,includingatleastonefullbackupcopy,atanoffsitelocationthathasproceduralandphysicalcontrolsthatarecommensuratewithitsoperationallocation.
5.1.9. CertificateStatusHosting,CMSandExternalRASystemsAllphysicalcontrolrequirementsunderthisSection5.1applyequallytoanyCertificateStatusHosting,CMSorexternalRAsystem.
5.2. PROCEDURALCONTROLS
5.2.1. TrustedRolesCAandRApersonnelactingintrustedrolesincludeCAandRAsystemadministrationpersonnelandpersonnelinvolvedwithidentityvettingandtheissuanceandrevocationofCertificates.IssuerCAsandRAsshalldistributethefunctionsanddutiesperformedbypersonsintrustedrolesinawaythatpreventsonepersonfromcircumventingsecuritymeasuresorsubvertingthesecurityandtrustworthinessofthePKI.SeniormanagementoftheIssuerCAortheRAshallberesponsibleforappointingindividualstotrustedroles.Alistofsuchpersonnelshallbemaintainedandreviewedannually.ThefollowingfivetrustedrolesaredefinedbythisCP,althoughanIssuerCAorRAmaydefineadditionalones:
5.2.1.1. CA Administrators TheCAAdministratorisresponsiblefortheinstallationandconfigurationoftheCAsoftware,includingkeygeneration,userandCAaccounts,auditparameters,keybackup,andkeymanagement.TheCAAdministratorisresponsibleforperformingandsecurelystoringregularsystembackupsoftheCAsystem.AdministratorsmaynotissuecertificatestoSubscribers.
5.2.1.2. Registration Officers – CMS, RA, Validation and Vetting Personnel TheRegistrationOfficerroleisresponsibleforissuingandrevokingCertificates,includingenrollment,identityverification,andcompliancewithrequiredissuanceandrevocationstepssuchasmanagingthecertificaterequestqueueandcompletingcertificateapprovalchecklistsasidentityvettingtasksaresuccessfullycompleted.
30
5.2.1.3. System Administrator/ System Engineer (Operator) TheSystemAdministrator,SystemEngineerorCAOperatorisresponsibleforinstallingandconfiguringCAsystemhardware,includingservers,routers,firewalls,andnetworkconfigurations.TheSystemAdministrator/Engineerisalsoresponsibleforkeepingsystemsupdatedwithsoftwarepatchesandothermaintenanceneededforsystemstabilityandrecoverability.
5.2.1.4. Internal Auditor Role TheInternalAuditorRoleisresponsibleforreviewing,maintaining,andarchivingauditlogsandperformingoroverseeinginternalcomplianceauditstodetermineiftheIssuerCAorRAisoperatinginaccordancewiththisCP.
5.2.1.5. RA Administrators RAAdministratorsinstall,configureandmanagetheRAsoftware,includingtheassignmentofIssuingCAsandcertificateprofilestocustomeraccounts.
5.2.2. NumberofPersonsRequiredperTaskEachIssuerCAshallrequirethatatleasttwopeopleactinginatrustedrole(oneshallbeaCAAdministratorandtheothercannotbeanInternalAuditor)takeactionrequiringatrustedrole,suchasactivatingtheIssuerCA’sPrivateKeys,generatingaCAKeyPair,orcreatingabackupofaCAPrivateKey.TheInternalAuditormayservetofulfilltherequirementofmultipartycontrolforphysicalaccesstotheCAsystem,butlogicalaccessshallnotbeachievedusingpersonnelthatserveintheInternalAuditorrole.
5.2.3. IdentificationandAuthenticationforeachRoleIssuerCApersonnelshallauthenticatethemselvestothecertificatemanagementsystembeforetheyareallowedaccesstothesystemsnecessarytoperformtheirtrustedroles.
5.2.4. RolesRequiringSeparationofDutiesIndividualpersonnelshallbespecificallydesignatedtothefourrolesdefinedinSection5.2.1above.AnindividualmayassumeonlyoneoftheRegistrationOfficer,Administrator,orInternalAuditorroles.IndividualsdesignatedasRegistrationOfficerorAdministratormayalsoassumetheOperatorrole.AnInternalAuditormaynotassumeanyotherrole.TheIssuerCAandRAmayenforceseparationofdutiesusingCAequipment,procedurally,orbybothmeans.TheCAandRAsoftwareandhardwareshallidentifyandauthenticateitsusersandshallensurethatnouseridentitycanassumebothanAdministratorandaRegistrationOfficerrole,assumeboththeAdministratorandInternalAuditorroles,orassumeboththeInternalAuditorandRegistrationOfficerroles.Anindividualmaynothavemorethanoneidentity.
5.3. PERSONNELCONTROLS
5.3.1. Qualifications,Experience,andClearanceRequirementsTheDCPAisresponsibleandaccountablefortheoperationoftheDigiCertPKIandcompliancewiththisCP.IssuerCAandRApersonnelandmanagementwhopurporttoactwithinthescopeofthisdocumentshallbeselectedonthebasisofloyalty,trustworthiness,andintegrity.AlltrustedrolesforIssuerCAsissuingFederatedDeviceCertificates,ClientCertificatesatLevels3‐USand4‐US(whichareintendedforinteroperabilitythroughtheFederalBridgeCAatid‐fpki‐certpcy‐mediumAssuranceandid‐fpki‐certpcy‐mediumHardware)shallbeheldbycitizensoftheUnitedStatesorthecountrywheretheIssuerCAislocated.Inadditiontotheabove,anindividualperformingatrustedroleforanRAmaybeacitizenofthecountrywheretheRAislocated.ThereisnocitizenshiprequirementforIssuerCAorRApersonnelperformingtrustedrolesassociatedwiththeissuanceofSSL/TLSServer,CodeSigningorClientCertificatesatLevels1,2,3‐CBP,and4‐CBP.
31
Managerialpersonnelinvolvedintime‐stampingoperationsmustpossessexperiencewithinformationsecurityandriskassessmentandknowledgeoftime‐stampingtechnology,digitalsignaturetechnology,mechanismsforcalibrationoftimestampingclockswithUTC,andsecurityprocedures.TheIssuerCAortheRAshallensurethatallindividualsassignedtotrustedroleshavetheexperience,qualifications,andtrustworthinessrequiredtoperformtheirdutiesunderthisCP.
5.3.2. BackgroundCheckProceduresTheIssuerCAandRAshallrequireeachpersonfulfillingatrustedroletoundergoidentityverification,backgroundchecks,andadjudicationpriortoactingintherole,includingverificationoftheindividual’sidentity,employmenthistory,education,characterreferences,socialsecuritynumber,previousresidences,drivingrecords,andcriminalbackground.TheIssuerCAorRAshallrequireeachindividualtoappearin‐personbeforeatrustedagentwhoseresponsibilityitisverifyidentity.Thetrustedagentshallverifytheidentityoftheindividualusingatleastoneformofgovernment‐issuedphotoidentification.Checksofpreviousresidencesareoverthepastthreeyears.Allotherchecksareforthepriorfiveyears.TheIssuerCAorRAshallverifythehighesteducationdegreeobtainedregardlessofthedateawardedandshallrefreshallbackgroundchecksatleasteverytenyears.Basedupontheinformationobtained,acompetentadjudicationauthoritywithintheIssuerCAorRAshalladjudicatewhethertheindividualissuitableforthepositiontowhichtheywillbeassigned.
5.3.3. TrainingRequirementsTheIssuerCAshallprovideskillstrainingtoallpersonnelinvolvedintheIssuerCA’sPKIoperations.Thetrainingmustrelatetotheperson’sjobfunctionsandcover:
1. basicPublicKeyInfrastructure(PKI)knowledge,2. softwareversionsusedbytheIssuerCA,3. authenticationandverificationpoliciesandprocedures,4. CA/RAsecurityprinciplesandmechanisms,5. disasterrecoveryandbusinesscontinuityprocedures,6. commonthreatstothevalidationprocess,includingphishingandothersocialengineering
tactics,and7. CA/BrowserForumGuidelinesandotherapplicableindustryandgovernmentguidelines.
IssuerCAsshallmaintainarecordofwhoreceivedtrainingandwhatleveloftrainingwascompleted.IssuerCAsandRAsshallensurethatRegistrationOfficershavetheminimumskillsnecessarytosatisfactorilyperformvalidationdutiesbeforetheyaregrantedvalidationprivileges.Wherecompetencewasdemonstratedinlieuoftraining,theIssuerCAorRAmustmaintainsupportingdocumentation.IssuerCAsshallrequireallRegistrationOfficerstopassanexaminationprovidedbytheIssuerCAontheinformationverificationrequirementsoutlinedintheBaselineRequirements.IssuerCAsandRAsinvolvedwiththeoperationofCMSshallensurethatallpersonnelwhoperformdutiesinvolvingtheCMSreceivecomprehensivetraining.IssuerCAsandRAsshallcreateatraining(awareness)plantoaddressanysignificantchangetoCMSoperationsandshalldocumenttheexecutionoftheplan.
5.3.4. RetrainingFrequencyandRequirementsPersonnelmustmaintainskilllevelsthatareconsistentwithindustry‐relevanttrainingandperformanceprogramsinordertocontinueactingintrustedroles.TheIssuerCAorRAshallmakeindividualsactingintrustedrolesawareofanychangestotheIssuerCA’sorRA’soperations.Ifsuchoperationschange,theIssuerCAorRAshallprovidedocumentedtraining,inaccordancewithanexecutedtrainingplan,toalltrustedroles.
5.3.5. JobRotationFrequencyandSequenceNostipulation.
32
5.3.6. SanctionsforUnauthorizedActionsIssuerCAorRAemployeesandagentsfailingtocomplywiththisCP,whetherthroughnegligenceormaliciousintent,shallbesubjecttoadministrativeordisciplinaryactions,includingterminationofemploymentoragencyandcriminalsanctions.Ifapersoninatrustedroleiscitedbymanagementforunauthorizedorinappropriateactions,thepersonwillbeimmediatelyremovedfromthetrustedrolependingmanagementreview.Aftermanagementreviewsanddiscussestheincidentwiththetrustedpersonnel,managementmayreassigntheemployeetoanon‐trustedroleordismisstheindividualfromemploymentasappropriate.
5.3.7. IndependentContractorRequirementsAnyIssuerCAorRAallowingindependentcontractorstobeassignedtoperformtrustedrolesshallrequirethattheyagreetotheobligationsunderthisSection5(Facility,Management,andOperationalControls)andthesanctionsstatedaboveinSection5.3.6.
5.3.8. DocumentationSuppliedtoPersonnelIssuerCAsandRAsshallprovidepersonnelintrustedroleswiththedocumentationnecessarytoperformtheirduties.
5.4. AUDITLOGGINGPROCEDURES
5.4.1. TypesofEventsRecordedIssuerCAandRAsystems(includinganyCMS)shallrequireidentificationandauthenticationatsystemlogon.Importantsystemactionsshallbeloggedtoestablishtheaccountabilityoftheoperatorswhoinitiatesuchactions.IssuerCAsandRAsshallenableallessentialeventauditingcapabilitiesofitsCAorRAapplicationsinordertorecordalleventsrelatedtothesecurityoftheCAorRA,includingthoselistedbelow.AmessagefromanysourcereceivedbytheIssuerCArequestinganactionrelatedtotheoperationalstateoftheCAisanauditableevent.IftheIssuerCA’sapplicationscannotautomaticallyrecordanevent,theIssuerCAshallimplementmanualprocedurestosatisfytherequirements.Foreachevent,theIssuerCAshallrecordtherelevant(i)dateandtime,(ii)typeofevent,(iii)successorfailure,and(iv)userorsystemthatcausedtheeventorinitiatedtheaction.TheIssuerCAshallmakealleventrecordsavailabletoitsauditorsasproofoftheIssuerCA’spractices.
AuditableEventSECURITYAUDITAnychangestotheauditparameters,e.g.,auditfrequency,typeofeventauditedAnyattempttodeleteormodifytheauditlogsAUTHENTICATIONTOSYSTEMSSuccessfulandunsuccessfulattemptstoassumearoleThevalueofmaximumnumberofauthenticationattemptsischangedMaximumnumberofauthenticationattemptsoccurduringuserloginAnadministratorunlocksanaccountthathasbeenlockedasaresultofunsuccessfulauthenticationattemptsAnadministratorchangesthetypeofauthenticator,e.g.,fromapasswordtoabiometricLOCALDATAENTRYAllsecurity‐relevantdatathatisenteredinthesystemREMOTEDATAENTRYAllsecurity‐relevantmessagesthatarereceivedbythesystemDATAEXPORTANDOUTPUTAllsuccessfulandunsuccessfulrequestsforconfidentialandsecurity‐relevantinformationKEYGENERATIONWheneveraCAgeneratesakey(notmandatoryforsinglesessionorone‐timeusesymmetrickeys)
33
AuditableEventCAKEYLIFECYCLEMANAGEMENTKeygeneration,backup,storage,recovery,archival,anddestructionCryptographicdevicelifecyclemanagementeventsCAANDSUBSCRIBERCERTIFICATELIFECYCLEMANAGEMENTAllverificationactivitiesstipulatedintheBaselineRequirementsandthisCPSDate,time,phonenumberused,personsspokento,andendresultsofverificationtelephonecallsAcceptanceandrejectionofcertificaterequestsIssuanceofCertificatesGenerationofCertificateRevocationListsandOCSPentries.PRIVATEKEYLOADANDSTORAGETheloadingofComponentPrivateKeysAllaccesstocertificatesubjectPrivateKeysretainedwithintheCAforkeyrecoverypurposesTRUSTEDPUBLICKEYENTRY,DELETIONANDSTORAGESECRETKEYSTORAGEThemanualentryofsecretkeysusedforauthenticationPRIVATEANDSECRETKEYEXPORTTheexportofprivateandsecretkeys(keysusedforasinglesessionormessageareexcluded)CERTIFICATEREGISTRATIONAllcertificaterequests,includingissuance,re‐key,renewal,andrevocationCertificateissuanceVerificationactivitiesCERTIFICATEREVOCATIONAllcertificaterevocationrequestsCERTIFICATESTATUSCHANGEAPPROVALORREJECTIONCACONFIGURATIONAnysecurity‐relevantchangestotheconfigurationofaCAsystemcomponentACCOUNTADMINISTRATIONRolesandusersareaddedordeletedTheaccesscontrolprivilegesofauseraccountorarolearemodifiedCERTIFICATEPROFILEMANAGEMENTAllchangestothecertificateprofileREVOCATIONPROFILEMANAGEMENTAllchangestotherevocationprofileCERTIFICATEREVOCATIONLISTPROFILEMANAGEMENTAllchangestothecertificaterevocationlistprofileGenerationofCRLsandOCSPentriesTIMESTAMPINGClocksynchronizationMISCELLANEOUSAppointmentofanindividualtoaTrustedRoleDesignationofpersonnelformultipartycontrolInstallationofanOperatingSystemInstallationofaPKIApplicationInstallationofaHardwareSecurityModulesRemovalofHSMsDestructionofHSMsSystemStartupLogonattemptstoPKIApplicationReceiptofhardware/software
34
AuditableEventAttemptstosetpasswordsAttemptstomodifypasswordsBackupoftheinternalCAdatabaseRestorationfrombackupoftheinternalCAdatabaseFilemanipulation(e.g.,creation,renaming,moving)PostingofanymaterialtoarepositoryAccesstotheinternalCAdatabaseAllcertificatecompromisenotificationrequestsLoadingHSMswithCertificatesShipmentofHSMsZeroizingHSMsRe‐keyoftheComponentCONFIGURATIONCHANGESHardwareSoftwareOperatingSystemPatchesSecurityProfilesPHYSICALACCESS/SITESECURITYPersonnelaccesstosecureareahousingCAcomponentsAccesstoaCAcomponentKnownorsuspectedviolationsofphysicalsecurityFirewallandrouteractivitiesEntriestoandexitsfromtheCAfacility,PKIandsecuritysystemactionsperformedANOMALIESSystemcrashesandhardwarefailuresSoftwareerrorconditionsSoftwarecheckintegrityfailuresReceiptofimpropermessagesandmisroutedmessagesNetworkattacks(suspectedorconfirmed)EquipmentfailureElectricalpoweroutagesUninterruptiblePowerSupply(UPS)failureObviousandsignificantnetworkserviceoraccessfailuresViolationsofaCPorCPSResettingOperatingSystemclock
5.4.2. FrequencyofProcessingLogTheIssuerCAorRAshall,atleasteverytwomonths,reviewsystemlogs,makesystemandfileintegritychecks,andmakeavulnerabilityassessment.TheIssuerCAorRAmayuseautomatedtoolstoscanforanomaliesorspecificconditions.Duringitsreview,theIssuerCAorRAshallverifythatthelogshavenotbeentamperedwith,examineanystatisticallysignificantsetofsecurityauditdatageneratedsincethelastreview,andmakeareasonablesearchforanyevidenceofmaliciousactivity.TheIssuerCAorRAshallbrieflyinspectalllogentriesandinvestigateanydetectedanomaliesorirregularities.TheIssuerCAorRAshallmakeasummaryofthereviewavailabletoitsauditorsuponrequest.TheIssuerCAofRAshalldocumentanyactionstakenasaresultofareview.
5.4.3. RetentionPeriodforAuditLogTheIssuerCAandRAshallretainauditlogson‐siteuntilaftertheyarereviewed.AuditlogsrelatedtopubliclytrustedSSL/TLScertificatesshallberetainedforatleastseven(7)years.TheindividualwhoremovesauditlogsfromtheIssuerCA’sorRA’ssystemsmustbedifferentthantheindividualswhocontroltheIssuerCA’ssignaturekeys.
35
5.4.4. ProtectionofAuditLogTheIssuerCAandRAshallimplementproceduresthatprotectarchiveddatafromdestructionpriortotheendoftheauditlogretentionperiod.TheIssuerCAandRAshallconfigureitssystemsandestablishoperationalprocedurestoensurethat(i)onlyauthorizedpeoplehavereadaccesstologs,(ii)onlyauthorizedpeoplemayarchiveauditlogs,and(iii)auditlogsarenotmodified.TheIssuerCA’soff‐sitestoragelocationmustbeasafeandsecurelocationthatisseparatefromthelocationwherethedatawasgenerated.TheIssuerCAandRAshallmakerecordsavailableifrequiredforthepurposeofprovidingevidenceofthecorrectoperationoftime‐stampingservicesforthepurposeoflegalproceedings.TheIssuerCAshallmakeitsauditlogsavailabletoauditorsuponrequest.
5.4.5. AuditLogBackupProceduresOnatleastamonthlybasis,theIssuerCAandRAshallmakebackupsofauditlogsandauditlogsummariesandsaveacopyoftheauditlogtoasecure,off‐sitelocation.
5.4.6. AuditCollectionSystem(internalvs.external)TheIssuerCAorRAmayuseautomaticauditprocesses,providedthattheyareinvokedatsystemstartupandendonlyatsystemshutdown.Ifanautomatedauditsystemfailsandtheintegrityofthesystemorconfidentialityoftheinformationprotectedbythesystemisatrisk,theDCPAshallbenotifiedanddeterminewhethertosuspendtheIssuerCA’sorRA’soperationsuntiltheproblemisremedied.
5.4.7. NotificationtoEvent‐causingSubjectNostipulation.
5.4.8. VulnerabilityAssessmentsTheIssuerCAshallperformroutineriskassessmentsthatidentifyandassessreasonablyforeseeableinternalandexternalthreatsthatcouldresultinunauthorizedaccess,disclosure,misuse,alteration,ordestructionofanycertificatedataorcertificateissuanceprocess.TheIssuerCAshallalsoroutinelyassessthesufficiencyofthepolicies,procedures,informationsystems,technology,andotherarrangementsthattheIssuerCAhasinplacetocontrolsuchrisks.TheIssuerCA’sauditorsshouldreviewthesecurityauditdatachecksforcontinuityandalerttheappropriatepersonnelofanyevents,suchasrepeatedfailedactions,requestsforprivilegedinformation,attemptedaccessofsystemfiles,andunauthenticatedresponses.
5.5. RECORDSARCHIVALTheIssuerCAshallcomplywithanyrecordretentionpoliciesthatapplybylaw.TheIssuerCAshallincludesufficientdetailinarchivedrecordstoshowthataCertificatewasissuedinaccordancewiththeCPS.
5.5.1. TypesofRecordsArchivedTheIssuerCAshallretainthefollowinginformationinitsarchives(assuchinformationpertainstotheIssuerCA’sCAoperations):
1. AnyaccreditationoftheIssuerCA,2. CPandCPSversions,3. ContractualobligationsandotheragreementsconcerningtheoperationoftheCA,4. Systemandequipmentconfigurations,modifications,andupdates,5. Certificateissuance,rekey,renewal,andrevocationrequests,6. Rejectionoracceptanceofacertificaterequest,7. Identityauthenticationdata,8. AnydocumentationrelatedtothereceiptoracceptanceofaCertificateortoken,9. SubscriberAgreements,10. Issuedcertificates,
36
11. Arecordofcertificatere‐keys,12. CRLsforCAscross‐certifiedwiththeFederalBridgeCA,13. Anydataorapplicationsnecessarytoverifyanarchive’scontents,14. Complianceauditorreports,15. AnychangestotheIssuerCA’sauditparameters,16. Anyattempttodeleteormodifyauditlogs,17. CAKeygenerationanddestruction,18. AccesstoPrivateKeysforkeyrecoverypurposes,19. ChangestotrustedPublicKeys,20. ExportofPrivateKeys,21. Approvalorrejectionofarevocationrequest,22. Appointmentofanindividualtoatrustedrole,23. Destructionofacryptographicmodule,24. Certificatecompromisenotifications,25. Remedialactiontakenasaresultofviolationsofphysicalsecurity,and26. ViolationsoftheCPorCPS.
5.5.2. RetentionPeriodforArchiveTheIssuerCAshallretainarchiveddataassociatedwithLevel3,Level4,andfederateddeviceCertificatesfor10.5years.ForallotherCertificates,theIssuerCAshallretainarchiveddataforatleast7.5years.RAssupportingCertificatesthatarenotcross‐certifiedwiththeFBCAmayretainarchiveddataforashorterperiodoftimeifthepracticeisdocumentedinaRPSordocumentretentionpolicy.
5.5.3. ProtectionofArchiveTheIssuerCAshallstoreitsarchivedrecordsatasecureoff‐sitelocationinamannerthatpreventsunauthorizedmodification,substitution,ordestruction.Nounauthorizedusermayaccess,write,ordeletethearchives.Iftheoriginalmediacannotretainthedatafortherequiredperiod,thearchivesitemustdefineamechanismtoperiodicallytransferthearchiveddatatonewmedia.TheIssuerCAshallmaintainanysoftwareapplicationrequiredtoprocessthearchivedatauntilthedataiseitherdestroyedortransferredtoanewermedium.
5.5.4. ArchiveBackupProceduresIfanIssuerCAorRAchoosestobackupitsarchiverecords,thentheIssuerCAorRAshalldescribehowitsrecordsarebackedupandmanagedinitsCPSorareferenceddocument.
5.5.5. RequirementsforTime‐stampingofRecordsTheIssuerCAshallautomaticallytime‐stamparchiverecordsastheyarecreated.Cryptographictime‐stampingofarchiverecordsisnotrequired;however,theIssuerCAshallsynchronizeitssystemtimeatleasteveryeighthoursusingarealtimevaluetraceabletoarecognizedUTC(k)laboratoryorNationalMeasurementInstitute.
5.5.6. ArchiveCollectionSystem(internalorexternal)TheIssuerCAshallcollectarchiveinformationinternally.
5.5.7. ProcedurestoObtainandVerifyArchiveInformationTheIssuerCAmayarchivedatamanuallyorautomatically.Ifautomaticarchivalisimplemented,theIssuerCAshallsynchronizeitsarchiveddataonadailybasis.TheIssuerCAmayallowSubscriberstoobtainacopyoftheirarchivedinformation.Otherwise,theIssuerCAshallrestrictaccesstoarchivedatatoauthorizedpersonnelinaccordancewiththeIssuerCA'sinternalsecuritypolicyandshallnotreleaseanyarchivedinformationexceptasallowedbylaw.CAsshallstateintheirCPSthedetailsofhowtheycreate,verify,package,transmit,andstorearchivedinformation.
37
5.6. KEYCHANGEOVERTheIssuerCAshallperiodicallychangeitsPrivateKeysinamannersetforthintheCPSthatpreventsdowntimeintheIssuerCA’soperation.Afterkeychangeover,theIssuerCAshallsignCertificatesusingonlythenewkey.TheIssuerCAshallstillprotectitsoldPrivateKeysandshallmaketheoldCertificateavailabletoverifysignaturesuntilalloftheCertificatessignedwiththePrivateKeyhaveexpired.IssuerCAscross‐certifiedwiththeFBCAmustbeabletocontinuetointeroperatewiththeFBCAaftertheFBCAperformsakeyrollover,whetherornottheFBCADNischanged.IssuerCAseithermustestablishkeyrolloverCertificatesasdescribedaboveormustobtainanewCACertificateforthenewPublicKeyfromtheissuersoftheircurrentCertificates.
5.7. COMPROMISEANDDISASTERRECOVERY
5.7.1. IncidentandCompromiseHandlingProceduresTheIssuerCAshalldevelopandimplementprocedurestobefollowedintheeventofaserioussecurityincidentorsystemcompromise.Requireddocumentationincludes,butisnotlimitedto,anIncidentResponsePlan,aDisasterRecoveryorBusinessContinuityPlan(DR/BCP),andrelatedresources.TheIssuerCAshallreview,test,andupdateitsIncidentResponsePlanandDR/BCP,andsupportingprocedures,atleastannually.TheIssuerCAshallrequirethatanyCMShavedocumentedincidenthandlingproceduresthatareapprovedbytheheadoftheorganizationresponsibleforoperatingtheCMS.IftheCMSiscompromised,theIssuerCAshallrevokeallCertificatesissuedtotheCMS,ifapplicable.TheIssuerCAanditsRAsshallalsoassessanydamagecausedbytheCMScompromise,revokeallpotentiallycompromisedSubscriberCertificates,notifyaffectedsubscribersoftherevocation,andre‐establishtheoperationoftheCMS.ForCAsthatarecross‐certifiedwiththeFBCA,theCAshallnotifytheFPKIPAwithin24hoursandprovidepreliminaryremediationanalysisofthefollowing:
•suspectedordetectedcompromiseoftheCAsystems;•physicalorelectronicattemptstopenetrateCAsystems;•denialofserviceattacksonCAcomponents;or•anyincidentpreventingtheCAfromissuingaCRLwithin24hoursofthetimespecifiedinthenextupdatefieldofitscurrentlyvalidCRL.
Within10businessdaysofincidentresolution,theCAshallpostanoticeonitspublicwebpageidentifyingtheincidentandprovidenotificationtotheFPKIPA.Thepublicnoticeshallincludethefollowing:
1. WhichCAcomponentswereaffectedbytheincident2. TheCA’sinterpretationoftheincident.3. Whoisimpactedbytheincident4. Whentheincidentwasdiscovered5. Acompletelistofallcertificatesthatwereeitherissuederroneouslyornotcompliantwith
theCP/CPSasaresultoftheincident6. Astatementthattheincidenthasbeenfullyremediated
ThenotificationprovideddirectlytotheFPKIPAshallalsoincludedetailedmeasurestakentoremediatetheincident.
5.7.2. ComputingResources,Software,and/orDataAreCorruptedTheIssuerCAshallmakeregularback‐upcopiesofitsPrivateKeysandstoretheminasecureoff‐sitelocation.TheIssuerCAshallalsomakeregularsystemback‐upsonatleastaweeklybasis.IfadisastercausestheIssuerCA’soperationstobecomeinoperative,theIssuerCAshall,afterensuring
38
theintegrityoftheCAsystems,re‐initiateitsoperationsonreplacementhardwareusingbackupcopiesofitssoftware,data,andPrivateKeysatasecurefacility.TheIssuerCAshallgiveprioritytoreestablishingthegenerationofcertificatestatusinformation.IfthePrivateKeysaredestroyed,theIssuerCAshallreestablishoperationsasquicklyaspossible,givingprioritytogeneratingnewKeyPairs.
5.7.3. EntityPrivateKeyCompromiseProceduresIftheIssuerCAsuspectsthataCAPrivateKeyiscomprisedorlostthentheIssuerCAshallfollowitsIncidentResponsePlanandimmediatelyassessthesituation,determinethedegreeandscopeoftheincident,andtakeappropriateaction.IssuerCApersonnelshallreporttheresultsoftheinvestigation.Thereportmustdetailthecauseofthecompromiseorlossandthemeasuresshouldbetakentopreventareoccurrence.Ifthereisacompromiseorloss,theIssuerCAshallnotifyanyaffiliatedentitiessothattheymayissueCRLsrevokingcross‐CertificatesissuedtotheIssuerCAandshallnotifyinterestedpartiesandmakeinformationavailablethatcanbeusedtoidentifywhichCertificatesandtime‐stamptokensaffected,unlessdoingsowouldbreachtheprivacyoftheIssuerCA’suserorthesecurityoftheIssuerCA’sservices.FollowingrevocationofaCACertificateandimplementationoftheIssuerCA’sIncidentResponsePlan,theIssuerCAshallgenerateanewCAKeyPairandsignanewCACertificateinaccordancewithitsCPS.TheIssuerCAshalldistributethenewself‐signedCertificateinaccordancewithSection6.1.4.TheIssuerCAshallceaseitsCAoperationsuntilappropriatestepsaretakentorecoverfromthecompromiseandrestoresecurity.
5.7.4. BusinessContinuityCapabilitiesafteraDisasterStatedgoalsoftheIssuerCA’sDR/BCPshallincludethatcertificatestatusservicesbeminimallyaffectedbyanydisasterinvolvingtheIssuerCA’sprimaryfacilityandthatotherservicesresumeasquicklyaspossiblefollowingadisaster.TheIssuerCAshallestablishasecurefacilityinatleastonesecondary,geographicallydiverselocationtoensurethatitsdirectoryandon‐linestatusservers,ifany,remainoperationalintheeventofaphysicaldisasterattheIssuerCA’smainsite.TheIssuerCAshallprovidenoticeattheearliestfeasibletimetoallinterestedpartiesifadisasterphysicallydamagestheIssuerCA’sequipmentordestroysallcopiesoftheIssuerCA’ssignaturekeys.
5.8. CAORRATERMINATIONIfanIssuerCA’soperationsareterminated,theIssuerCAshallprovidenoticetointerestedpartiesandshalltransferitsresponsibilitiesandrecordstosuccessorentities.TheIssuerCAmayallowasuccessortore‐issueCertificatesifthesuccessorhasallrelevantpermissionstodosoandhasoperationsthatareatleastassecuretheIssuerCA’s.Ifaqualifiedsuccessordoesnotexist,theIssuerCAshalltransferallrelevantrecordstoagovernmentsupervisoryorlegalbody.Wheneverpossible,theFPKIPAshallbenotifiedatleasttwoweekspriortotheterminationofanyCAcross‐certifiedwiththeFBCA.Foremergencytermination,DigiCertwillfollowthenotificationproceduresinSection5.7.
6. TECHNICALSECURITYCONTROLS
6.1. KEYPAIRGENERATIONANDINSTALLATION
6.1.1. KeyPairGenerationAllkeysmustbegeneratedusingaFIPS‐approvedmethodorequivalentinternationalstandard.IssuerCAsshallgeneratecryptographickeyingmaterialonaFIPS140level3validatedcryptographicmoduleusingmultipleindividualsactingintrustedroles.Whengeneratingkey
39
material,theIssuerCAshallcreateauditableevidencetoshowthattheIssuerCAenforcedroleseparationandfolloweditskeygenerationprocess.AnindependentthirdpartyshallvalidatethateachCAkey,includinganyrootorintermediateCAkeysassociatedwithaCertificatecross‐certifiedwiththeFBCAandeachRootCAKey(forCertificatesnotcross‐certifiedwiththeFBCA),isgeneratedinaccordancewiththisCPeitherbyhavingtheindependentthirdpartywitnessthekeygenerationorbyexaminingasignedanddocumentedrecordofthekeygeneration.SubscriberswhogeneratetheirownkeysshalluseaFIPS‐approvedmethodandeitheravalidatedhardwareorvalidatedsoftwarecryptographicmodule,dependingonthelevelofassurancedesired.IssuerCAsshallnotgeneratekeypairsforpubliclytrustedend‐entityTLSCertificates.KeysforLevel3HardwareorLevel4BiometricCertificatesmustbegeneratedonvalidatedhardwarecryptographicmodulesusingaFIPS‐approvedmethod.
6.1.2. PrivateKeyDeliverytoSubscriberIftheIssuerCA,aCMS,oranRAgenerateskeysonbehalfoftheSubscriber,thentheentitygeneratingthekeyshalldeliverthePrivateKeysecurely(encrypted)totheSubscriber.TheentitymaydeliverPrivateKeystoSubscriberselectronicallyoronahardwarecryptographicmodule.Inallcases:
1. Exceptwhereescrow/backupservicesareprovided,thekeygeneratormaynotretainacopyoftheSubscriber’sPrivateKeyafterdelivery,
2. ThekeygeneratorshallprotectthePrivateKeyfromactivation,compromise,ormodificationduringthedeliveryprocess,
3. TheSubscribershallacknowledgereceiptofthePrivateKey(s),and4. ThekeygeneratorshalldeliverthePrivateKeyinawaythatensuresthatthecorrecttokens
andactivationdataareprovidedtothecorrectSubscribers,including:a. Forhardwaremodules,thekeygeneratormaintainingaccountabilityforthe
locationandstateofthemoduleuntiltheSubscriberacceptspossessionofitandb. ForelectronicdeliveryofPrivateKeys,thekeygeneratorencryptingkeymaterial
usingacryptographicalgorithmandkeysizeatleastasstrongasthePrivateKey.Thekeygeneratorshalldeliveractivationdatausingaseparatesecurechannel.
TheentityassistingwithSubscriberkeygenerationshallmaintainarecordoftheSubscriber’sacknowledgementofreceiptofthedevicecontainingtheSubscriber’sKeyPair.ACMSorRAprovidingkeydeliveryservicesshallprovideacopyofthisrecordtotheIssuerCA.
6.1.3. PublicKeyDeliverytoCertificateIssuerSubscribersshalldelivertheirPublicKeystotheIssuerCAinasecurefashionandinamannerthatbindstheSubscriber’sverifiedidentitytothePublicKey.ThecertificaterequestprocessshallensurethattheApplicantpossessesthePrivateKeyassociatedwiththePublicKeypresentedforcertification.Ifcryptographyisusedtoachievethebinding,thecryptographymustbeatleastasstrongastheCAkeysusedtosigntheCertificate.
6.1.4. CAPublicKeyDeliverytoRelyingPartiesTheIssuerCAshallprovideitsPublicKeystoRelyingPartiesinasecurefashionandinamannerthatprecludessubstitutionattacks.TheIssuerCAmaydeliveritsCAPublicKeystoRelyingPartiesas(i)specifiedinacertificatevalidationorpathdiscoverypolicyfile,(ii)trustanchorsincommercialbrowsersandoperatingsystemrootstores,and/or(iii)rootssignedbyotherCAs.TheIssuerCAmaydistributePublicKeysthatarepartofanupdatedsignatureKeyPairasaself‐signedCertificate,asanewCACertificate,orinakeyroll‐overCertificate.AllaccreditationauthoritiessupportingDigiCertCertificatesandallapplicationsoftwareprovidersarepermittedtoredistributeanyRootCertificatethatisissuedunderthisCP.
40
6.1.5. KeySizesForsigningCertificatesissuedwithinthepolicyOIDarcsof2.16.840.1.114412.1,2.16.840.1.114412.2,or2.16.840.1.114412.4,andforsigningCRLsandcertificatestatusserverresponsesforsuchCertificates,theIssuerCAsshalluseatleasta2048‐bitRSAKeyor384‐bitECDSAKeywithSHA‐256(orahashalgorithmthatisequallyormoreresistanttoacollisionattack).TheIssuerCAshallonlyissueend‐entityCertificatesthatcontainatleast2048‐bitPublicKeysforRSA,DSA,orDiffie‐Hellman,or224bitsforellipticcurvealgorithms.TheIssuerCAmayrequirehigherbitkeysinitssolediscretion.AnyCertificates(exceptRootCACertificates)expiringafter12/31/2030mustbeatleast3072‐bitforRSAand256‐bitforECDSA.TheIssuerCAandSubscribersmayfulfillthetransmissionsecurityrequirementsofthisCPusingTLSoranotherprotocolthatprovidessimilarsecurity,providedtheprotocolrequiresatleastAES128bitsorequivalentforthesymmetrickeyandatleast2048‐bitRSAorequivalentfortheasymmetrickeys(andatleast3072‐bitRSAorequivalentforasymmetrickeysafter12/31/2030).
6.1.6. PublicKeyParametersGenerationandQualityCheckingTheIssuerCAshallgeneratePublicKeyparametersforsignaturealgorithms(thevalueofthispublicexponentshallbeanoddnumberequaltothreeormore)andperformparameterqualitycheckinginaccordancewithFIPS186.
6.1.7. KeyUsagePurposes(asperX.509v3keyusagefield)TheIssuerCAshallincludekeyusageextensionfieldsthatspecifytheintendeduseoftheCertificateandtechnicallylimittheCertificate’sfunctionalityinX.509v3‐compliantsoftware.
TheuseofaspecifickeyisdeterminedbythekeyusageextensionintheX.509Certificate.
PrivateKeyscorrespondingtoRootCACertificatesmustnotbeusedtosignCertificatesexceptinthefollowingcases:1.Self‐signedCertificatestorepresenttheRootCAitself;2.CertificatesforSubordinateCAsandCrossCertificates;3.Certificatesforinfrastructurepurposes(e.g.administrativerolecertificates,internalCAoperationaldevicecertificates;and4.CertificatesforOCSPResponseverificationCACertificatesshallhavetwokeyusagebitsset:keyCertSignandcRLSign,andforsigningOCSPresponses,theCertificateshallalsosetthedigitalSignaturebit.TheIssuerCAshallnotissueLevel4Certificatesthatarecertifiedforbothsigningandencryption.Theuseofasinglekeyforencryptionandsignatureisdiscouraged,andIssuerCAsshouldissueSubscriberstwoKeyPairs—oneforkeymanagementandonefordigitalsignatureandauthentication.However,forsupportoflegacyapplications,otherCertificates,includingthoseatLevels1,2and3,mayincludeasinglekeyforusewithencryptionandsignature.Suchdual‐useCertificatesmust:
1. begeneratedandmanagedinaccordancewiththeirrespectivesignaturecertificaterequirements,exceptwhereotherwisenotedinthisCP,
2. neverassertthenon‐repudiationkeyusagebit,and3. notbeusedforauthenticatingdatathatwillbeverifiedonthebasisofthedual‐use
Certificateatafuturetime.
41
SubscriberCertificatesassertkeyusagesbasedontheintendedapplicationoftheKeyPair.Inparticular,Certificatestobeusedfordigitalsignatures(includingauthentication)setthedigitalSignatureand/ornonRepudiationbits.CertificatestobeusedforkeyordataencryptionshallsetthekeyEnciphermentand/ordataEnciphermentbits.CertificatestobeusedforkeyagreementshallsetthekeyAgreementbit.
6.2. PRIVATEKEYPROTECTIONANDCRYPTOGRAPHICMODULEENGINEERINGCONTROLS
6.2.1. CryptographicModuleStandardsandControlsTheIssuerCAandallsystemsthatsignOCSPresponsesorCRLsinordertoprovidecertificatestatusservicesshallusecryptographichardwaremodulesvalidatedtoFIPS140‐2Level3andInternationalCommonCriteria(CC)InformationTechnologySecurityEvaluationAssuranceLevel(EAL)14169Cryptographicmodulerequirementsforsubscribersandregistrationauthoritiesareshowninthetablebelow.
AssuranceLevel Subscriber RegistrationAuthority
EVCodeSigning FIPS140Level2(Hardware)
FIPS140Level2(Hardware)
AdobeSigningCertificates
FIPS140Level2(Hardware)
FIPS140Level2(Hardware)
Level1‐Rudimentary N/AFIPS140Level1
(HardwareorSoftware)
Level2–BasicFIPS140Level1
(HardwareorSoftware)FIPS140Level1
(HardwareorSoftware)
Level3‐MediumFIPS140Level1(Software)FIPS140Level2(Hardware)
FIPS140Level2(Hardware)
Level4,MediumHardware,Biometric,
FIPS140Level2(Hardware)
FIPS140Level2(Hardware)
ForEVCodeSigningCertificates,theIssuerCAshallensurethatthePrivateKeyisproperlygenerated,stored,andusedinacryptomodulethatmeetsorexceedstherequirementsofFIPS140level2.
6.2.1.1. Custodial Subscriber Key Stores CustodialSubscriberKeyStoresholdkeysforanumberofSubscribercertificatesinonelocation.EffectiveJanuary1,2017,allcryptographicmodulesforCustodialSubscriberKeyStoresforcertificatesissuedatLevels2,3‐US,3‐CBP,4‐US,and4‐CBPshallbenolessthanFIPS140Level2Hardwareandauthenticationtoactivatetheprivatekeyassociatedwithagivencertificateshallrequireauthenticationcommensuratewiththeassurancelevelofthecertificate.
6.2.2. PrivateKey(noutofm)Multi‐personControlTheIssuerCAshallensurethatmultipletrustedpersonnelarerequiredtoactinordertoaccessanduseanIssuerCA’sPrivateKeys,includinganyPrivateKeybackups.
42
6.2.3. PrivateKeyEscrowTheIssuerCAshallnotescrowitssignaturekeys.Subscribersmaynotescrowtheirprivatesignaturekeys.TheIssuerCAmayescrowSubscriberPrivateKeysusedforencryptioninordertoprovidekeyrecoveryasdescribedinsection4.12.1.
6.2.4. PrivateKeyBackupTheIssuerCAshallbackupitsCA,CRL,andcertificatestatusPrivateKeysundermulti‐personcontrolandshallstoreatleastonebackupatasecure,offsitelocation.TheIssuerCAshallprotectallcopiesofitsCA,CRL,andcertificatestatusPrivateKeysinthesamemannerastheoriginals.TheIssuerCAmayprovidebackupservicesforPrivateKeysthatarenotrequiredtobemaintainedincryptographichardware.AccesstoPrivateKeybackupsshallbesecuredinamannerthatonlytheSubscribercancontrolthePrivateKey.TheIssuerCAmaynotbackupLevel4subscriberprivatesignaturekeys.TheIssuerCAmaynotstorebackupkeysinaplaintextformoutsideofthecryptographicmodule.StoragethatcontainsbackupkeysshallprovidesecuritycontrolsthatareconsistentwiththeprotectionprovidedbytheSubscriber’scryptographicmodule.
6.2.5. PrivateKeyArchivalTheIssuerCAshallnotarchiveitsPrivateKeys.
6.2.6. PrivateKeyTransferintoorfromaCryptographicModuleAllkeysmustbegeneratedbyandinacryptographicmodule.TheIssuerCAandRAshallneverallowtheirPrivateKeystoexistinplaintextoutsideofthecryptographicmodule.TheIssuerCAshallonlyexportitsPrivateKeysfromthecryptographicmoduletoperformCAkeybackupprocedures.Whentransportedbetweencryptographicmodules,theIssuerCAshallencryptthePrivateKeyandprotectthekeysusedforencryptionfromdisclosure.IftheIssuerCAbecomesawarethataSubordinateCA’sPrivateKeyhasbeencommunicatedtoanunauthorizedpersonoranorganizationnotaffiliatedwiththeSubordinatedCA,thentheIssuerCAwillrevokeallcertificatesthatincludethePublicKeycorrespondingtothecommunicatedPrivateKey.
6.2.7. PrivateKeyStorageonCryptographicModuleTheIssuerCAshallstoreitsCAPrivateKeysonacryptographicmodulewhichhasbeenevaluatedtoatleastFIPS140Level3andEAL4+.
6.2.8. MethodofActivatingPrivateKeyTheIssuerCAshallactivateitsPrivateKeysinaccordancewiththespecificationsofthecryptographicmodulemanufacturer.SubscribersaresolelyresponsibleforprotectingtheirPrivateKeys.Ataminimum,SubscribersmustauthenticatethemselvestothecryptographicmodulebeforeactivatingtheirPrivateKeys.Entryofactivationdatashallbeprotectedfromdisclosure.
6.2.9. MethodofDeactivatingPrivateKeyTheIssuerCAshalldeactivateitsPrivateKeysandstoreitscryptographicmodulesinsecurecontainerswhennotinuse.TheIssuerCAshallpreventunauthorizedaccesstoanyactivatedcryptographicmodules.
6.2.10. MethodofDestroyingPrivateKeyTheIssuerCAshalluseindividualsintrustedrolestodestroyCA,RA,andstatusserverPrivateKeyswhentheyarenolongerneeded.SubscribersshalldestroytheirPrivateKeyswhenthecorrespondingCertificateisrevokedorexpiredorifthePrivateKeyisnolongerneeded.Forsoftwarecryptographicmodules,theIssuerCAmaydestroythePrivateKeysbyoverwritingthedata.Forhardwarecryptographicmodules,theIssuerCAmaydestroythePrivateKeysbyexecutinga“zeroize”command.Physicaldestructionofhardwareisnotrequired.
43
6.2.11. CryptographicModuleRatingSeeSection6.2.1.
6.3. OTHERASPECTSOFKEYPAIRMANAGEMENT
6.3.1. PublicKeyArchivalTheIssuerCAshallarchiveacopyofeachPublicKey.
6.3.2. CertificateOperationalPeriodsandKeyPairUsagePeriodsAllCertificates,includingrenewedCertificates,havemaximumvalidityperiodsof:
Type PrivateKeyUse CertificateTermRootCA 20years 25yearsSubCA 12years 15yearsFBCA‐Cross‐certifiedSubCAs 6years(periodof
keyuseforsigningcertificates)
10years(keystillsignsCRLs,OCSPresponses,andOCSPresponder
certificates)IGTFCross‐certifiedSubCA* 6years 15yearsCRLandOCSPrespondersigning 3years 31daysOVSSL/TLS Nostipulation 825daysEVSSL/TLS Nostipulation 825daysCodeSigningCertificateissuedtoSubscriberundertheMinimumRequirementsforCodeSigningCertificatesortheEVCodeSigningGuidelines
Nostipulation 39months
EVCodeSigningCertificateissuedtoSigningAuthority
Nostipulation 123months
TimeStampingAuthority 15months 135monthsObjectSigningCertificateandDocumentSigning
Nostipulation‡ 123months
FBCAandIGTFClientusedforsignatures 36months 36monthsFBCAandIGTFClientusedforkeymanagement
36months 36months
Clientforallotherpurposes(FBCAorIGTFcompliant)
36months 36months
Clientforallotherpurposes(nonFBCAandIGTFcerts)
Nostipulation 60months
IGTFonhardware 60months 13months
*IGTFsigningCertificatesmusthavealifetimethatisatleasttwicethemaximumlifetimeofanendentityCertificate.‡Codeandcontentsignerscross‐certifiedwithFBCAmayusetheirPrivateKeysforthreeyears;thelifetimeoftheassociatedPublicKeysshallnotexceedeightyears.RelyingpartiesmaystillvalidatesignaturesgeneratedwiththesekeysafterexpirationoftheCertificate.Privatekeysassociatedwithself‐signedrootCertificatesthataredistributedastrustanchorsareusedforamaximumof20years.TheIssuerCAmayretireitsCAPrivateKeysbeforetheperiodslistedabovetoaccommodatekeychangeoverprocesses.TheIssuerCAshallnotissueaSubscriberCertificatewithanexpirationdate
44
thatispasttheIssuerCA’spublickeyexpirationdateorthatexceedstheroutinere‐keyidentificationrequirementsspecifiedinSection3.1.1.
6.4. ACTIVATIONDATA
6.4.1. ActivationDataGenerationandInstallationTheIssuerCAshallgenerateactivationdatathathassufficientstrengthtoprotectitsPrivateKeys.IftheIssuerCAusespasswordsasactivationdataforasigningkey,theIssuerCAshallchangetheactivationdatauponrekeyoftheCACertificate.TheIssuerCAmayonlytransmitactivationdataviaanappropriatelyprotectedchannelandatatimeandplacethatisdistinctfromthedeliveryoftheassociatedcryptographicmodule.
6.4.2. ActivationDataProtectionTheIssuerCAshallprotectdatausedtounlockPrivateKeysfromdisclosureusingacombinationofcryptographicandphysicalaccesscontrolmechanisms.Activationdatashallbe:
memorized biometricinnature,or recordedandsecuredatthelevelofassuranceassociatedwiththeactivationofthe
cryptographicmodule,andshallnotbestoredwiththecryptographicmodule.
TheIssuerCAshallrequirepersonneltomemorizeandnotwritedowntheirpasswordorsharetheirpasswordswithotherindividuals.TheIssuerCAshallimplementprocessestotemporarilylockaccesstosecureCAprocessesifacertainnumberoffailedlog‐inattemptsoccurassetforthintheapplicableCPS.
6.5. COMPUTERSECURITYCONTROLS
6.5.1. SpecificComputerSecurityTechnicalRequirementsTheIssuerCAshallconfigureitssystems,includinganyremoteworkstations,to:
1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications,2. managetheprivilegesofusersandlimituserstotheirassignedroles,3. generateandarchiveauditrecordsforalltransactions,4. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and5. supportrecoveryfromkeyorsystemfailure.
TheIssuerCAshallauthenticateandprotectallcommunicationsbetweenatrustedroleanditsCAsystem.AllCertificateStatusServersinteroperatingwithcross‐certifiedenvironmentsmust:
1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications,2. manageprivilegestolimituserstotheirassignedroles,3. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and4. supportrecoveryfromkeyorsystemfailure.
ACMSmusthavethefollowingcomputersecurityfunctions:
1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications,2. manageprivilegesofuserstolimituserstotheirassignedroles,3. generateandarchiveauditrecordsforalltransactions,(seeSection5.4)4. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and5. supportrecoveryfromkeyorsystemfailure.
IssuerCAsshallenforcemulti‐factorauthenticationonanyaccountcapableofdirectlycausingCertificateissuance.
45
6.5.2. ComputerSecurityRatingNostipulation.
6.6. LIFECYCLETECHNICALCONTROLS
6.6.1. SystemDevelopmentControlsInoperatingitsCA,theIssuerCAshalluseonly:
1. Commercialoff‐the‐shelfsoftwarethatwasdesignedanddevelopedunderaformalanddocumenteddevelopmentmethodology,
2. HardwareandsoftwaredevelopedspecificallyfortheIssuerCAbyverifiedpersonnel,usingastructureddevelopmentapproachandacontrolleddevelopmentenvironment,
3. Opensourcesoftwarethatmeetssecurityrequirementsthroughsoftwareverification&validationandstructureddevelopment/life‐cyclemanagement,
4. Hardwareandsoftwarepurchasedandshippedinafashionthatreducesthelikelihoodoftampering,and
5. ForCAoperations,hardwareandsoftwarethatisdedicatedonlytoperformingtheCAfunctions.
TheIssuerCAshalltakepropercaretopreventmalicioussoftwarefrombeingloadedontotheCAequipment.TheIssuerCAshallscanallhardwareandsoftwareformaliciouscodeonfirstuseandperiodicallythereafter.TheIssuerCAshallpurchaseordevelopupdatesinthesamemannerasoriginalequipment,andshallusetrustedtrainedpersonneltoinstallthesoftwareandequipment.TheIssuerCAshallnotinstallanysoftwareonitsCAsystemsthatarenotpartoftheCA’soperations.
TheIssuerCAshalluseaformalconfigurationmanagementmethodologyforinstallationandongoingmaintenanceofanyCMS.AnymodificationsandupgradestoaCMSshallbedocumentedandcontrolled.TheIssuerCAshallimplementamechanismfordetectingunauthorizedmodificationtoaCMS.
6.6.2. SecurityManagementControlsTheIssuerCAshallestablishformalmechanismstodocument,control,monitor,andmaintaintheinstallationandconfigurationofitsCAsystems,includinganymodificationsorupgrades.TheIssuerCA’schangecontrolprocessesshallincludeprocedurestodetectunauthorizedmodificationtotheIssuerCA’ssystemsanddataentriesthatareprocessed,loggedandtrackedforanysecurity‐relatedchangestoCAsystems,firewalls,routers,softwareandotheraccesscontrols.WhenloadingsoftwareontoaCAsystem,theIssuerCAshallverifythatthesoftwareisthecorrectversionandissuppliedbythevendorfreeofanymodifications.TheIssuerCAshallverifytheintegrityofsoftwareusedwithitsCAprocessesatleastonceaweek.
6.6.3. LifeCycleSecurityControlsNostipulation.
6.7. NETWORKSECURITYCONTROLSTheIssuerCAshalldocumentandcontroltheconfigurationsofitssystems,includinganyupgradesormodificationsmade.TheIssuerCAshallimplementaprocessfordetectingunauthorizedmodificationstoitshardwareorsoftwareandforinstallingandmaintainingitssystems.TheIssuerCAanditsRAsshallimplementappropriatenetworksecuritycontrols,includingturningoffanyunusednetworkportsandservicesandonlyusingnetworksoftwarethatisnecessaryfortheproperfunctioningoftheCAsystems.TheIssuerCAshallimplementthesamenetworksecuritycontrolstoprotectaCMSasusedtoprotectitsotherCAequipment.
46
6.8. TIME‐STAMPINGIssuerCAsshallensurethattheaccuracyofclocksusedfortime‐stampingarewithinthreeminutes.Electronicormanualproceduresmaybeusedtomaintainsystemtime.Clockadjustmentsareauditableevents,seeSection5.4.1.
7. CERTIFICATE,CRL,ANDOCSPPROFILES
7.1. CERTIFICATEPROFILEIssuerCAsshallgeneratenon‐sequentialCertificateserialnumbersgreaterthanzero(0)containingatleast64bitsofoutputfromaCSPRNG.
7.1.1. VersionNumber(s)IssuerCAsshallissueX.509version3Certificates.
7.1.2. CertificateExtensionsIssuerCAsshallusecertificateextensionsinaccordancewithapplicableindustrystandards,includingRFC3280/5280.IssuerCAsshallnotissueCertificateswithacriticalprivateextension.IGTFCertificatesmustcomplywiththeGridCertificateProfileasdefinedbytheOpenGridForumGFD.125.SubordinateCACertificatescreatedafterJanuary1,2019forpubliclytrustedcertificates,withtheexceptionofcross‐certificatesthatshareaprivatekeywithacorrespondingrootcertificate:mustcontainanEKUextension;andmustnotincludetheanyExtendedKeyUsageKeyPurposeId;and,mustnotincludeboththeid‐kp‐serverAuthandid‐kp‐emailProtectionKeyPurposeIdsinthesame
certificate. TechnicallyConstrainedSubordinateCACertificatesshallincludeanExtendedKeyUsage(EKU)extensionspecifyingallextendedkeyusagesforwhichtheSubordinateCACertificateisauthorizedtoissuecertificates.TheanyExtendedKeyUsageKeyPurposeIdshallnotappearintheEKUextensionofpubliclytrustedcertificates.
7.1.3. AlgorithmObjectIdentifiersIssuerCAsshallsignCertificatesusingoneofthefollowingalgorithms:id‐dsa‐with‐sha1* {iso(1)member‐body(2)us(840)x9‐57(10040)x9cm(4)3}sha‐1WithRSAEncryption* {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)
pkcs‐1(1)5}sha256WithRSAEncryption {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)
pkcs‐1(1)11}id‐RSASSA‐PSS {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)
pkcs‐1(1)10}ecdsa‐with‐SHA1* {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)
signatures(4)1}ecdsa‐with‐SHA224 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)
signatures(4)ecdsa‐with‐SHA2(3)1}ecdsa‐with‐SH256 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)
signatures(4)ecdsa‐with‐SHA2(3)2}ecdsa‐with‐SHA384 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)
signatures(4)ecdsa‐with‐SHA2(3)3}ecdsa‐with‐SHA512 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)
signatures(4)ecdsa‐with‐SHA2(3)4}IfanIssuerCAsignsCertificatesusingRSAwithPSSpadding,theIssuerCAmayuseanRSAsignaturewithPSSpaddingwiththefollowingalgorithmsandOIDs:
47
id‐sha256 {joint‐iso‐itu‐t(2)country(16)us(840)organization(1)gov(101)csor(3)nistalgorithm(4)hashalgs(2)1}
id‐sha512 {joint‐iso‐itu‐t(2)country(16)us(840)organization(1)gov(101)csor(3)nistalgorithm(4)hashalgs(2)3}
IssuerCAsandSubscribersmaygenerateKeyPairsusingthefollowing:id‐dsa {iso(1)member‐body(2)us(840)x9‐57(10040)x9cm(4)1}
RsaEncryption{iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)pkcs‐1(1)1}
Dhpublicnumber {iso(1)member‐body(2)us(840)ansi‐x942(10046)number‐type(2)1}
id‐ecPublicKey {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)id‐publicKeyType(2)1}
id‐keyExchangeAlgorithm [joint‐iso‐ccitt(2)country(16)us(840)organization(1)gov(101)dod(2)infosec(1)algorithms(1)22]
IfanIssuerCAissuesanon‐CACertificateforafederalagencyandtheCertificatecontainsanellipticcurvePublicKey,theIssuerCAshallspecifyoneofthefollowingnamedcurves:ansip192r1 {iso(1)member‐body(2)us(840)10045curves(3)prime(1)1}ansit163k1 {iso(1)identified‐organization(3)certicom(132)curve(0)1}ansit163r2 {iso(1)identified‐organization(3)certicom(132)curve(0)15}ansip224r1 {iso(1)identified‐organization(3)certicom(132)curve(0)33}ansit233k1 {iso(1)identified‐organization(3)certicom(132)curve(0)26}ansit233r1 {iso(1)identified‐organization(3)certicom(132)curve(0)27}ansip256r1 {iso(1)member‐body(2)us(840)10045curves(3)prime(1)7}ansit283k1 {iso(1)identified‐organization(3)certicom(132)curve(0)16}ansit283r1 {iso(1)identified‐organization(3)certicom(132)curve(0)17}ansip384r1 {iso(1)identified‐organization(3)certicom(132)curve(0)34}ansit409k1 {iso(1)identified‐organization(3)certicom(132)curve(0)36}ansit409r1 {iso(1)identified‐organization(3)certicom(132)curve(0)37}ansip521r1 {iso(1)identified‐organization(3)certicom(132)curve(0)35}ansit571k1 {iso(1)identified‐organization(3)certicom(132)curve(0)38}ansit571r1 {iso(1)identified‐organization(3)certicom(132)curve(0)39}IssuerCAsshallnotissueSSLCertificateswithaReservedIPAddressorInternalName.*IssuerCAsshallnotissueSubCA,OCSP,orSubscriberSSLCertificatesutilizingtheSHA‐1algorithm.
7.1.4. NameFormsIssuerCAsshallusedistinguishednamesthatarecomposedofstandardattributetypes,suchasthoseidentifiedinRFC3280/5280.IssuerCAsshallincludeauniqueserialnumberineachCertificate.ThecontentoftheCertificateIssuerDistinguishedNamefieldmustmatchtheSubjectDNoftheIssuerCAtosupportnamechainingasspecifiedinRFC5280,section4.1.2.4. TheIssuerCAshallrestrictOUfieldsfromcontainingSubscriberinformationthatisnotverifiedinaccordancewithSection3.ThecommonNameattributemustbepresentandthecontentsshouldbeanidentifierforthecertificatesuchthatthecertificate’sNameisuniqueacrossallcertificatesissuedbytheissuingcertificate.
7.1.5. NameConstraintsIssuerCAsmayincludenameconstraintsinthenameConstraintsfieldwhenappropriate.
48
7.1.5.1. Name‐Constrained serverAuth CAs IftheSubordinateCACertificateincludestheid‐kp‐serverAuthextendedkeyusage,thenatechnicallyconstrainedSubordinateCACertificateshallincludetheNameConstraintsX.509v3extensionwithconstraintsondNSName,iPAddressandDirectoryNameasfollows:
(a)ForeachdNSNameinpermittedSubtrees,theIssuerCAshallconfirmthattheApplicanthasregisteredthedNSNameorhasbeenauthorizedbythedomainregistranttoactontheregistrant'sbehalfinlinewiththeverificationpracticesofBaselineRequirementssection3.2.2.4.(b)ForeachiPAddressrangeinpermittedSubtrees,theIssuerCAshallconfirmthattheApplicanthasbeenassignedtheiPAddressrangeorhasbeenauthorizedbytheassignertoactontheassignee'sbehalf.(c)ForeachDirectoryNameinpermittedSubtreestheIssuerCAshallconfirmtheApplicant’sand/orSubsidiary’sOrganizationalname(s)andlocation(s)suchthatendentitycertificatesissuedfromthesubordinateCACertificatewillcomplywithsection7.1.2.4and7.1.2.5oftheBaselineRequirements.
IftheSubordinateCACertificateisnotallowedtoissuecertificateswithaniPAddress,thentheSubordinateCACertificateshallspecifytheentireIPv4andIPv6addressrangesinexcludedSubtrees.TheSubordinateCACertificateshallincludewithinexcludedSubtreesaniPAddressGeneralNameof8zerooctets(coveringtheIPv4addressrangeof0.0.0.0/0).TheSubordinateCACertificateshallalsoincludewithinexcludedSubtreesaniPAddressGeneralNameof32zerooctets(coveringtheIPv6addressrangeof::0/0).Otherwise,theSubordinateCACertificateshallincludeatleastoneiPAddressinpermittedSubtrees.
IftheSubordinateCAisnotallowedtoissuecertificateswithdNSNames,thentheSubordinateCACertificateshallincludeazero‐lengthdNSNameinexcludedSubtrees.Otherwise,theSubordinateCACertificateshallincludeatleastonedNSNameinpermittedSubtrees.
7.1.5.2. Name‐Constrained emailProtection CAs IfthetechnicallyconstrainedSubordinateCAcertificateincludestheid‐kp‐emailProtectionextendedkeyusage,itshallincludetheNameConstraintsX.509v3extensionwithconstraintsonrfc822Name,withatleastonenameinpermittedSubtrees,eachsuchnamehavingitsownershipvalidatedaccordingtosection3.2.2.4oftheBaselineRequirements.
7.1.6. CertificatePolicyObjectIdentifierWhenanIssuerCAissuesaCertificatecontainingoneofthepolicyidentifierssetforthinSection1.2,itassertsthattheCertificateismanagedinaccordancewiththepolicythatisidentifiedherein.
7.1.7. UsageofPolicyConstraintsExtensionNotapplicable.
7.1.8. PolicyQualifiersSyntaxandSemanticsIssuerCAsmayincludebriefstatementsinthePolicyQualifierfieldoftheCertificatePolicyextension.
7.1.9. ProcessingSemanticsfortheCriticalCertificatePoliciesExtensionNostipulation.
49
7.2. CRLPROFILE
7.2.1. Versionnumber(s)IssuerCAsshallissueversion2CRLsthatconformtoRFC3280/5280.
7.2.2. CRLandCRLEntryExtensionsIssuerCAsshalluseCRLextensionsthatconformwiththeFederalPKIX.509CRLExtensionsProfile.
7.3. OCSPPROFILEIssuerCAsshalloperateanOCSPserviceinaccordancewithRFC6960.
7.3.1. VersionNumber(s)IssuerCAsshallsupportversion1OCSPrequestsandresponses.
7.3.2. OCSPExtensionsNostipulation.
8. COMPLIANCEAUDITANDOTHERASSESSMENTSThepoliciesinthisCParedesignedtomeetorexceedtherequirementsofgenerallyacceptedanddevelopingindustrystandards,includingtheWebTrustProgramforCertificationAuthorities.ForIssuerCAschainedtotheFBCA,theauditorletterofcomplianceshallmeetFPKIPAAuditRequirements.AllIssuerCAsshallensurethatauditsareconductedforallPKIfunctionsregardlessofhoworbywhomthePKIcomponentsaremanagedandoperated.
8.1. FREQUENCYORCIRCUMSTANCESOFASSESSMENTOnatleastanannualbasis,IssuerCAsshallretainanindependentauditorforaperiodintimeauditwhoshallassesstheIssuerCA’scompliancewiththisCPanditsCPS.ThisauditmustcoverCMSs,SubCAs,RAs,andeachstatusserverthatisspecifiedinacertificateissuedbytheIssuerCA.AnyindependententityinteroperatingwithintheDigiCertPKIshallsubmititspracticesstatementandtheresultsofitscomplianceaudittotheDCMAonanannualbasisforreviewandapproval.
8.2. IDENTITY/QUALIFICATIONSOFASSESSOR
TheIssuerCAshalluseanauditorthatmeetsSection8.2oftheBaselineandSection8.2oftheFederalBridgeCP(forcertificatescross‐certifiedundertheFederalBridgeCA).
8.3. ASSESSOR'SRELATIONSHIPTOASSESSEDENTITYTheIssuerCAshallutilizeindependentauditorsthatdonothaveafinancialinterest,businessrelationship,orcourseofdealingthatcouldforeseeablycreateasignificantbiasfororagainsttheIssuerCA.
8.4. TOPICSCOVEREDBYASSESSMENTTheauditmustconformtoindustrystandards,covertheIssuerCA'scompliancewithitsbusinesspracticesdisclosure,andevaluatetheintegrityoftheIssuerCA’sPKIoperations.TheauditmustverifythateachIssuerCAiscompliantwiththisCPandanyMOAbetweenitandanyotherPKI.
8.5. ACTIONSTAKENASARESULTOFDEFICIENCYIfanauditreportsamaterialnoncompliancewithapplicablelaw,thisCP,theCPS,oranyothercontractualobligationsrelatedtotheIssuerCA’sservices,then(1)theauditorshalldocumentthediscrepancy,(2)theauditorshallpromptlynotifytheIssuerCAandtheDCPA,and(3)theIssuerCAandtheDCPAshalldevelopaplantocurethenoncompliance.TheDCPAshallalsonotifyanyaffectedcross‐certifyingentityandanyrelevantgovernmentaccreditingbody.TheIssuerCAshallsubmittheplantotheDCPAforapprovalandtoanythirdpartythattheIssuerCAislegallyobligatedtosatisfy.
50
TheDCPAmayrequireadditionalactionifnecessarytorectifyanysignificantissuescreatedbythenon‐compliance,includingrequiringrevocationofaffectedCertificates.
8.6. COMMUNICATIONOFRESULTSTheresultsofeachauditshallbereportedtotheDCPAforreviewandapproval.Theresultsshallalsobecommunicatedtoanythirdpartyentitiesentitledbylaw,regulation,oragreementtoreceiveacopyoftheauditresults.Onanannualbasis,theDCPAshallsubmitanauditcompliancepackagetotheFederalPKIPolicyAuthoritypreparedinaccordancewiththe“ComplianceAuditRequirements”document,whichshallincludeanassertionthatallPKIcomponentshavebeenaudited,includinganycomponentsthatmaybeseparatelymanagedandoperated.ThepackageshallidentifytheversionsoftheCPandCPSusedintheassessment.CopiesofapplicableauditsshallbesenttoAdobewithinthreemonthsofthecompletion.
8.7. SELF‐AUDITSTheIssuerCAshallperformregularinternalauditsofitsoperations,personnel,andcompliancewiththisCPusingarandomlyselectedsampleofCertificatesissuedsincethelastinternalaudit.TheIssuerCAshallself‐auditatleastthreepercentofSSL/TLSCertificatesandEVCodeSigningCertificates.
9. OTHERBUSINESSANDLEGALMATTERS
9.1. FEES
9.1.1. CertificateIssuanceorRenewalFeesIssuerCAsmaychargefeesforcertificateissuanceandrenewal.
9.1.2. CertificateAccessFeesIssuerCAsmaychargefeesforaccesstotheirdatabasesofCertificates.
9.1.3. RevocationorStatusInformationAccessFeesNostipulation.
9.1.4. FeesforOtherServicesNostipulation.
9.1.5. RefundPolicyNostipulation.
9.2. FINANCIALRESPONSIBILITY
9.2.1. InsuranceCoverageIssuerCAsshallmaintainErrorsandOmissions/ProfessionalLiabilityInsuranceofatleast$1millionperoccurrencefromaninsurancecompanyratednolessthanA‐astoPolicyHolder’sRatinginthecurrenteditionofBest’sInsuranceGuide(orwithanassociationofcompanies,eachofthemembersofwhicharesorated).
9.2.2. OtherAssetsNostipulation.
9.2.3. InsuranceorWarrantyCoverageforEnd‐EntitiesNostipulation.
51
9.3. CONFIDENTIALITYOFBUSINESSINFORMATION
9.3.1. ScopeofConfidentialInformationIssuerCAsshallspecifywhatconstitutesconfidentialinformationinitsCPS.
9.3.2. InformationNotWithintheScopeofConfidentialInformationIssuerCAsmaytreatanyinformationnotlistedasconfidentialintheCPSaspublicinformation.
9.3.3. ResponsibilitytoProtectConfidentialInformationIssuerCAsshallcontractuallyobligateemployees,agents,andcontractorstoprotectconfidentialinformation.IssuerCAsshallprovidetrainingtoemployeesonhowtohandleconfidentialinformation.
9.4. PRIVACYOFPERSONALINFORMATION
9.4.1. PrivacyPlanIssuerCAsshallcreateandfollowapubliclypostedprivacypolicythatspecifieshowtheIssuerCAhandlespersonalinformation.
9.4.2. InformationTreatedasPrivateIssuerCAsshalltreatallpersonalinformationaboutanindividualthatisnotpubliclyavailableinthecontentsofaCertificateorCRLasprivateinformation.TheIssuerCAshallprotectprivateinformationinitspossessionusingareasonabledegreeofcareandappropriatesafeguards.TheIssuerCAshallnotdistributeCertificatesthatcontaintheUUIDinthesubjectalternativenameextensionviapubliclyaccessiblerepositories(e.g.,LDAP,HTTP).
9.4.3. InformationNotDeemedPrivatePrivateinformationdoesnotincludeCertificates,CRLs,ortheircontents.
9.4.4. ResponsibilitytoProtectPrivateInformationIssuerCAsareresponsibleforsecurelystoringandprotectingprivateinformation.
9.4.5. NoticeandConsenttoUsePrivateInformationSubscribersmustconsenttotheglobaltransferandpublicationofanypersonaldatacontainedinCertificates.
9.4.6. DisclosurePursuanttoJudicialorAdministrativeProcessIssuerCAsmaydiscloseprivateinformation,withoutnotice,whenrequiredtodosobylaworregulation.
9.4.7. OtherInformationDisclosureCircumstancesNostipulation.
9.5. INTELLECTUALPROPERTYRIGHTSIssuerCAsshallnotknowinglyviolatetheintellectualpropertyrightsofanythirdparty.
9.6. REPRESENTATIONSANDWARRANTIES
9.6.1. CARepresentationsandWarrantiesIssuerCAsmustrepresenttoDigiCert,Subscribers,andRelyingPartiesthattheycomply,inallmaterialaspects,withthisCP,theirCPS,andallapplicablelawsandregulations.
52
9.6.2. RARepresentationsandWarrantiesAtaminimum,IssuerCAsshallrequireRAsoperatingontheirbehalftorepresentthattheyhavefollowedthisCPandtherelevantCPSwhenparticipatingintheissuanceandmanagementofCertificates.
9.6.3. SubscriberRepresentationsandWarrantiesDigiCertrequires,aspartoftheSubscriberAgreementorTermsofUse,thattheApplicantmakethecommitmentsandwarrantiesinthissectionforthebenefitofDigiCertandtheCertificateBeneficiaries.PriortotheissuanceofaCertificate,DigiCertwillobtain,fortheexpressbenefitofDigiCertandtheCertificateBeneficiaries,either:
1.TheApplicant’sagreementtotheSubscriberAgreementwithDigiCert,or2.TheApplicant’sacknowledgementoftheTermsofUse.
PriortobeingissuedandreceivingaCertificate,eachSubscribershallrepresenttoDigiCertandtheIssuerCAthattheSubscriberwill:
1. SecurelygenerateitsPrivateKeysandprotectitsPrivateKeysfromcompromise,2. ProvideaccurateandcompleteinformationandcommunicationtotheIssuerCAandRA,3. ConfirmtheaccuracyofCertificatedatapriortousingtheCertificate,4. Promptly(i)requestrevocationofaCertificate,ceaseusingitanditsassociatedPrivate
Key,andnotifytheIssuerCAifthereisanyactualorsuspectedmisuseorcompromiseofthePrivateKeyassociatedwiththePublicKeyincludedintheCertificate,and(ii)requestrevocationoftheCertificate,andceaseusingit,ifanyinformationintheCertificateisorbecomesincorrectorinaccurate,
5. EnsurethatindividualsusingCertificatesonbehalfofanorganizationhavereceivedsecuritytrainingappropriatetotheCertificate,
6. UsetheCertificateonlyforauthorizedandlegalpurposes,consistentwiththerelevantCPSandSubscriberAgreement,includingonlyinstallingSSL/TLSServerCertificatesonserversaccessibleatthedomainlistedintheCertificateandnotusingcodesigningCertificatestosignmaliciouscodeoranycodethatisdownloadedwithoutauser’sconsent,and
7. PromptlyceaseusingtheCertificateandrelatedPrivateKeyaftertheCertificate’sexpiration.
9.6.4. RelyingPartyRepresentationsandWarrantiesRelyingPartiesmustfollowtheproceduresandmaketherepresentationsrequiredbytherelevantCPSandintheapplicableRelyingPartyAgreementpriortorelyingonorusingaCertificate.
9.6.5. RepresentationsandWarrantiesofOtherParticipantsNostipulation.
9.7. DISCLAIMERSOFWARRANTIESExceptasexpresslystatedotherwisehereinoraslimitedbylaw,DigiCertdisclaimsallwarrantiesandobligationsrelatedtothisCP.AfiduciarydutyisnotcreatedsimplybecauseanentityusesservicesofferedwithintheDigiCertPKI.
9.8. LIMITATIONSOFLIABILITYIssuerCAsmaylimittheirliabilitytoanyextentnototherwiseprohibitedbythisCP,providedthattheIssuerCAremainsresponsibleforcomplyingwiththisCPandtheIssuerCA’sCPS.
9.9. INDEMNITIES
9.9.1. IndemnificationbyanIssuerCAIssuerCAsarerequiredtoindemnifyDigiCertforanyviolationofthisCP.
53
9.9.2. IndemnificationbySubscribersIssuerCAsshallincludeanyindemnificationrequirementsforSubscribersintheirCPSandintheirSubscriberAgreements.
9.9.3. IndemnificationbyRelyingPartiesIssuerCAsshallincludeanyindemnificationrequirementsforRelyingPartiesintheirCPS.
9.10. TERMANDTERMINATION
9.10.1. TermThisCPandanyamendmentsareeffectivewhenpublishedtoDigiCert’sonlinerepositoryandremainineffectuntilreplacedwithanewerversion.
9.10.2. TerminationThisCPandanyamendmentsremainineffectuntilreplacedbyanewerversion.
9.10.3. EffectofTerminationandSurvivalDigiCertwillcommunicatetheconditionsandeffectofthisCP’sterminationviatheDigiCertRepository.Thecommunicationwillspecifywhichprovisionssurvivetermination.Ataminimum,responsibilitiesrelatedtoprotectingconfidentialinformationwillsurvivetermination.
9.11. INDIVIDUALNOTICESANDCOMMUNICATIONSWITHPARTICIPANTSDigiCertacceptsdigitallysignedorpapernoticesrelatedtothisCPthatareaddressedtothelocationsspecifiedinSection2.2ofthisCP.NoticesaredeemedeffectiveafterthesenderreceivesavalidanddigitallysignedacknowledgmentofreceiptfromDigiCert.Ifanacknowledgementofreceiptisnotreceivedwithinfivedays,thesendermustresendthenoticeinpaperformtothestreetaddressspecifiedinSection2.2usingeitheracourierservicethatconfirmsdeliveryorviacertifiedorregisteredmailwithpostageprepaidandreturnreceiptrequested.CAsshallnotifytheFPKIPAatleasttwoweekspriortoimplementationofanyplannedchangetotheinfrastructurethathasthepotentialtoaffecttheFPKIoperationalenvironment,andallnewartifacts(CAcertificates,CRLDP,AIAand/orSIAURLs,etc.)producedasaresultofthechangewillbeprovidedtotheFPKIPAwithin24hoursfollowingimplementation.CAsshallnotifyAdobeamonthinadvanceofanyupdatesorchangeswiththepotentialtoaffectcompliancewiththeAATLprogram,including:
1. AdditionsofRootCAsandSubordinateCAs2. AdditionalCPsattheRootCAlevel3. ChangesinCertificateissuanceprocedures4. TerminationsortransitionofownershipofRootCAsorSubordinateCAs.
9.12. AMENDMENTS
9.12.1. ProcedureforAmendmentTheDCPAdetermineswhatamendmentsshouldbemadetothisCP.AmendmentsaremadebypostinganupdatedversionoftheCPtotheonlinerepository.ControlsareinplacetoreasonablyensurethatthisCPisnotamendedandpublishedwithoutthepriorauthorizationoftheDCPA.TheDCPAreviewsthisCPannually.
9.12.2. NotificationMechanismandPeriodDigiCertwillpostnoticeonitswebsiteofanyproposedsignificantrevisionstothisCP.AlthoughDigiCertmayincludeafinaldateforreceiptofcommentsandtheproposedeffectivedate,DigiCertisnotrequiredtohaveafixednotice‐and‐commentperiod.
54
9.12.3. CircumstancesunderwhichOIDMustBeChangedIftheDCPAdeterminesanamendmentnecessitatesachangeinanOID,thentherevisedversionofthisCPwillalsocontainarevisedOID.Otherwise,amendmentsdonotrequireanOIDchange.
9.13. DISPUTERESOLUTIONPROVISIONSBeforeresortingtoanydisputeresolutionmechanism,includingadjudicationoranytypeofalternativedisputeresolution,apartymustnotifyDigiCertofthedisputewithaviewtoseekdisputeresolution.
9.14. GOVERNINGLAWFordisputesinvolvingQualifiedCertificates,thenationallawoftherelevantMemberStateshallgovern.Forallothercertificates,thelawsofthestateofUtahshallgoverntheinterpretation,construction,andenforcementofthisCPandallproceedingsrelatedhereunder,includingtortclaims,withoutregardtoanyconflictsoflawprinciples,andUtahshallbethenon‐exclusivevenueandshallhavejurisdictionoversuchproceedings.
9.15. COMPLIANCEWITHAPPLICABLELAWThisCPissubjecttoallapplicablelawsandregulations,includingUnitedStatesrestrictionsontheexportofsoftwareandcryptographyproducts.Subjecttosection9.4.5’sNoticeandConsenttoUsePrivateInformationcontainedinCertificates,eachIssuerCAshallmeettherequirementsofEuropeandataprotectionlawsandshallestablishandmaintainappropriatetechnicalandorganizationmeasuresagainstunauthorizedorunlawfulprocessingofpersonaldataandagainsttheloss,damage,ordestructionofpersonaldata.
9.16. MISCELLANEOUSPROVISIONS
9.16.1. EntireAgreementIssuerCAsshallcontractuallyobligateeachRAinvolvedinCertificateissuancetocomplywiththisCPandapplicableindustryguidelines.IssuerCAsshallcontractuallyobligatepartiesusingproductsandservicesissuedunderthisCP,suchasSubscribersandRelyingParties,totherelevantprovisionsherein.ThisCPdoesnotgiveanythirdpartyrightsundersuchagreements.
9.16.2. AssignmentEntitiesoperatingunderthisCPmaynotassigntheirrightsorobligationswithoutthepriorwrittenconsentofDigiCert.
9.16.3. SeverabilityIfaprovisionofthisCPisheldinvalidorunenforceablebyacompetentcourtortribunal,theremainderoftheCPwillremainvalidandenforceable.
9.16.4. Enforcement(attorneys'feesandwaiverofrights)DigiCertmayseekindemnificationandattorneys'feesfromapartyfordamages,losses,andexpensesrelatedtothatparty'sconduct.DigiCert’sfailuretoenforceaprovisionofthisCPdoesnotwaiveDigiCert’srighttoenforcethesameprovisionlaterorrighttoenforceanyotherprovisionofthisCP.Tobeeffective,waiversmustbeinwritingandsignedbyDigiCert.
9.16.5. ForceMajeureDigiCertisnotliableforadelayorfailuretoperformanobligationunderthisCPtotheextentthatthedelayorfailureiscausedbyanoccurrencebeyondDigiCert’sreasonablecontrol.TheoperationoftheInternetisbeyondDigiCert’sreasonablecontrol.
9.17. OTHERPROVISIONSNostipulation.