DigiCert

CertificatePolicy

DigiCert,Inc.Version4.10

September9,2016

2600WestExecutiveParkway,Suite500

Lehi,UT84043USA

Tel:1‐801‐877‐2100Fax:1‐801‐705‐0481

www.digicert.com

i

TABLEOFCONTENTS1.  Introduction ............................................................................................................................................ 1 

1.1.  Overview ...................................................................................................................................... 1 1.2.  Document name and Identification ............................................................................................... 1 1.3.  PKI Participants ........................................................................................................................... 3 

1.3.1.  DigiCert Policy Authority and Certification Authorities ............................................................. 3 1.3.2.  Registration Authorities ........................................................................................................... 4 1.3.3.  Subscribers ............................................................................................................................. 4 1.3.4.  Relying Parties ........................................................................................................................ 4 1.3.5.  Other Participants ................................................................................................................... 4 

1.4.  Certificate Usage ......................................................................................................................... 4 1.4.1.  Appropriate Certificate Uses ................................................................................................... 4 1.4.2.  Prohibited Certificate Uses ...................................................................................................... 5 

1.5.  Policy administration .................................................................................................................... 5 1.5.1.  Organization Administering the Document .............................................................................. 5 1.5.2.  Contact Person ....................................................................................................................... 5 1.5.3.  Person Determining CPS Suitability for the Policy .................................................................. 5 1.5.4.  CP Approval Procedures ......................................................................................................... 5 

1.6.  Definitions and acronyms ............................................................................................................. 5 2.  PUBLICATION AND REPOSITORY RESPONSIBILITIES .................................................................... 7 

2.1.  Repositories ................................................................................................................................. 7 2.2.  Publication of certification information .......................................................................................... 8 2.3.  Time or frequency of publication .................................................................................................. 8 2.4.  Access controls on repositories ................................................................................................... 8 

3.  IDENTIFICATION AND AUTHENTICATION ......................................................................................... 8 3.1.  Naming ........................................................................................................................................ 8 

3.1.1.  Types of Names ...................................................................................................................... 8 3.1.2.  Need for Names to be Meaningful ........................................................................................... 9 3.1.3.  Anonymity or Pseudonymity of Subscribers ............................................................................ 9 3.1.4.  Rules for Interpreting Various Name Forms ............................................................................ 9 3.1.5.  Uniqueness of Names ............................................................................................................. 9 3.1.6.  Recognition, Authentication, and Role of Trademarks ............................................................ 9 

3.2.  Initial identity validation ................................................................................................................ 9 3.2.1.  Method to Prove Possession of Private Key ........................................................................... 9 3.2.2.  Authentication of Organization Identity .................................................................................... 9 3.2.3.  Authentication of Individual Identity ....................................................................................... 10 3.2.4.  Non-verified Subscriber Information ...................................................................................... 16 3.2.5.  Validation of Authority ........................................................................................................... 16 

3.3.  Identification and authentication for re-key requests .................................................................. 16 3.3.1.  Identification and Authentication for Routine Re-key ............................................................. 16 3.3.2.  Identification and Authentication for Re-key After Revocation............................................... 17 

3.4.  Identification and authentication for revocation request ............................................................. 17 4.  CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS ....................................................... 17 

4.1.  Certificate Application ................................................................................................................ 17 4.1.1.  Who Can Submit a Certificate Application ............................................................................ 17 4.1.2.  Enrollment Process and Responsibilities .............................................................................. 17 

4.2.  Certificate application processing .............................................................................................. 18 4.2.1.  Performing Identification and Authentication Functions ........................................................ 18 4.2.2.  Approval or Rejection of Certificate Applications ................................................................... 18 4.2.3.  Time to Process Certificate Applications ............................................................................... 18 

4.3.  Certificate issuance .................................................................................................................... 18 4.3.1.  CA Actions during Certificate Issuance ................................................................................. 18 4.3.2.  Notification to Subscriber by the CA of Issuance of Certificate ............................................. 18 

4.4.  Certificate acceptance ............................................................................................................... 18 4.4.1.  Conduct Constituting Certificate Acceptance ........................................................................ 18 4.4.2.  Publication of the Certificate by the CA ................................................................................. 18 4.4.3.  Notification of Certificate Issuance by the CA to Other Entities ............................................. 18 

4.5.  Key pair and certificate usage .................................................................................................... 19 4.5.1.  Subscriber Private Key and Certificate Usage ...................................................................... 19 4.5.2.  Relying Party Public Key and Certificate Usage .................................................................... 19 

ii

4.6.  Certificate renewal ..................................................................................................................... 19 4.6.1.  Circumstance for Certificate Renewal ................................................................................... 19 4.6.2.  Who May Request Renewal .................................................................................................. 19 4.6.3.  Processing Certificate Renewal Requests ............................................................................ 19 4.6.4.  Notification of New Certificate Issuance to Subscriber .......................................................... 19 4.6.5.  Conduct Constituting Acceptance of a Renewal Certificate .................................................. 19 4.6.6.  Publication of the Renewal Certificate by the CA .................................................................. 19 4.6.7.  Notification of Certificate Issuance by the CA to Other Entities ............................................. 20 

4.7.  Certificate re-key ........................................................................................................................ 20 4.7.1.  Circumstance for Certificate Rekey ....................................................................................... 20 4.7.2.  Who May Request Certificate Rekey .................................................................................... 20 4.7.3.  Processing Certificate Rekey Requests ................................................................................ 20 4.7.4.  Notification of Certificate Rekey to Subscriber ...................................................................... 20 4.7.5.  Conduct Constituting Acceptance of a Rekeyed Certificate .................................................. 20 4.7.6.  Publication of the Rekeyed Certificate by the CA .................................................................. 20 4.7.7.  Notification of Certificate Issuance by the CA to Other Entities ............................................. 20 

4.8.  Certificate modification ............................................................................................................... 20 4.8.1.  Circumstance for Certificate Modification .............................................................................. 20 4.8.2.  Who May Request Certificate Modification............................................................................ 20 4.8.3.  Processing Certificate Modification Requests ....................................................................... 21 4.8.4.  Notification of Certificate Modification to Subscriber ............................................................. 21 4.8.5.  Conduct Constituting Acceptance of a Modified Certificate ................................................... 21 4.8.6.  Publication of the Modified Certificate by the CA .................................................................. 21 4.8.7.  Notification of Certificate Modification by the CA to Other Entities ........................................ 21 

4.9.  Certificate revocation and suspension ....................................................................................... 21 4.9.1.  Circumstances for Revocation .............................................................................................. 21 4.9.2.  Who Can Request Revocation .............................................................................................. 22 4.9.3.  Procedure for Revocation Request ....................................................................................... 22 4.9.4.  Revocation Request Grace Period ........................................................................................ 22 4.9.5.  Time within which CA Must Process the Revocation Request .............................................. 22 4.9.6.  Revocation Checking Requirement for Relying Parties ......................................................... 23 4.9.7.  CRL Issuance Frequency ...................................................................................................... 23 4.9.8.  Maximum Latency for CRLs .................................................................................................. 23 4.9.9.  On-line Revocation/Status Checking Availability ................................................................... 23 4.9.10.  On-line Revocation Checking Requirements .................................................................... 23 4.9.11.  Other Forms of Revocation Advertisements Available ..................................................... 23 4.9.12.  Special Requirements Related to Key Compromise ......................................................... 24 4.9.13.  Circumstances for Suspension ......................................................................................... 24 4.9.14.  Who Can Request Suspension ........................................................................................ 24 4.9.15.  Procedure for Suspension Request .................................................................................. 24 4.9.16.  Limits on Suspension Period ............................................................................................ 24 

4.10.  Certificate status services .......................................................................................................... 24 4.10.1.  Operational Characteristics .............................................................................................. 24 4.10.2.  Service Availability ........................................................................................................... 24 4.10.3.  Optional Features ............................................................................................................. 24 

4.11.  End of subscription .................................................................................................................... 24 4.12.  Key escrow and recovery ........................................................................................................... 24 

4.12.1.  Key Escrow and Recovery Policy Practices ..................................................................... 24 4.12.2.  Session Key Encapsulation and Recovery Policy and Practices ...................................... 25 

5.  FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS ........................................................ 25 5.1.  Physical Controls ....................................................................................................................... 25 

5.1.1.  Site Location and Construction ............................................................................................. 25 5.1.2.  Physical Access .................................................................................................................... 25 5.1.3.  Power and Air Conditioning ................................................................................................... 26 5.1.4.  Water Exposures ................................................................................................................... 26 5.1.5.  Fire Prevention and Protection .............................................................................................. 26 5.1.6.  Media Storage ....................................................................................................................... 26 5.1.7.  Waste Disposal ..................................................................................................................... 26 5.1.8.  Off-site Backup ...................................................................................................................... 26 5.1.9.  Certificate Status Hosting, CMS and External RA Systems .................................................. 26 

5.2.  Procedural controls .................................................................................................................... 26 5.2.1.  Trusted Roles ........................................................................................................................ 26 

iii

5.2.2.  Number of Persons Required per Task ................................................................................. 27 5.2.3.  Identification and Authentication for each Role ..................................................................... 27 5.2.4.  Roles Requiring Separation of Duties ................................................................................... 27 

5.3.  Personnel controls ..................................................................................................................... 28 5.3.1.  Qualifications, Experience, and Clearance Requirements .................................................... 28 5.3.2.  Background Check Procedures ............................................................................................. 28 5.3.3.  Training Requirements .......................................................................................................... 28 5.3.4.  Retraining Frequency and Requirements .............................................................................. 29 5.3.5.  Job Rotation Frequency and Sequence ................................................................................ 29 5.3.6.  Sanctions for Unauthorized Actions ...................................................................................... 29 5.3.7.  Independent Contractor Requirements ................................................................................. 29 5.3.8.  Documentation Supplied to Personnel .................................................................................. 29 

5.4.  Audit logging procedures ........................................................................................................... 29 5.4.1.  Types of Events Recorded .................................................................................................... 29 5.4.2.  Frequency of Processing Log ................................................................................................ 31 5.4.3.  Retention Period for Audit Log .............................................................................................. 32 5.4.4.  Protection of Audit Log .......................................................................................................... 32 5.4.5.  Audit Log Backup Procedures ............................................................................................... 32 5.4.6.  Audit Collection System (internal vs. external) ...................................................................... 32 5.4.7.  Notification to Event-causing Subject .................................................................................... 32 5.4.8.  Vulnerability Assessments .................................................................................................... 32 

5.5.  Records archival ........................................................................................................................ 32 5.5.1.  Types of Records Archived ................................................................................................... 32 5.5.2.  Retention Period for Archive ................................................................................................. 33 5.5.3.  Protection of Archive ............................................................................................................. 33 5.5.4.  Archive Backup Procedures .................................................................................................. 33 5.5.5.  Requirements for Time-stamping of Records ........................................................................ 33 5.5.6.  Archive Collection System (internal or external) .................................................................... 33 5.5.7.  Procedures to Obtain and Verify Archive Information ........................................................... 34 

5.6.  Key changeover ......................................................................................................................... 34 5.7.  Compromise and disaster recovery ........................................................................................... 34 

5.7.1.  Incident and Compromise Handling Procedures ................................................................... 34 5.7.2.  Computing Resources, Software, and/or Data Are Corrupted .............................................. 34 5.7.3.  Entity Private Key Compromise Procedures ......................................................................... 34 5.7.4.  Business Continuity Capabilities after a Disaster .................................................................. 35 

5.8.  CA or RA termination ................................................................................................................. 35 6.  TECHNICAL SECURITY CONTROLS ................................................................................................ 35 

6.1.  Key pair generation and installation ........................................................................................... 35 6.1.1.  Key Pair Generation .............................................................................................................. 35 6.1.2.  Private Key Delivery to Subscriber ........................................................................................ 36 6.1.3.  Public Key Delivery to Certificate Issuer ............................................................................... 36 6.1.4.  CA Public Key Delivery to Relying Parties ............................................................................ 36 6.1.5.  Key Sizes .............................................................................................................................. 36 6.1.6.  Public Key Parameters Generation and Quality Checking .................................................... 37 6.1.7.  Key Usage Purposes (as per X.509 v3 key usage field) ....................................................... 37 

6.2.  Private Key Protection and Cryptographic Module Engineering Controls .................................. 37 6.2.1.  Cryptographic Module Standards and Controls ..................................................................... 37 For EV Code Signing Certificates, the Issuer CA shall ensure that the Private Key is properly generated, stored, and used in a cryptomodule that meets or exceeds the requirements of FIPS 140 level 2. ................................................................................................................................................. 38 6.2.2.  Private Key (n out of m) Multi-person Control ....................................................................... 38 6.2.3.  Private Key Escrow ............................................................................................................... 39 6.2.4.  Private Key Backup ............................................................................................................... 39 6.2.5.  Private Key Archival .............................................................................................................. 39 6.2.6.  Private Key Transfer into or from a Cryptographic Module ................................................... 39 6.2.7.  Private Key Storage on Cryptographic Module ..................................................................... 39 6.2.8.  Method of Activating Private Key .......................................................................................... 39 6.2.9.  Method of Deactivating Private Key ...................................................................................... 39 6.2.10.  Method of Destroying Private Key .................................................................................... 39 6.2.11.  Cryptographic Module Rating ........................................................................................... 40 

6.3.  Other aspects of key pair management ..................................................................................... 40 6.3.1.  Public Key Archival ............................................................................................................... 40 

iv

6.3.2.  Certificate Operational Periods and Key Pair Usage Periods................................................ 40 6.4.  Activation data ........................................................................................................................... 41 

6.4.1.  Activation Data Generation and Installation .......................................................................... 41 6.4.2.  Activation Data Protection ..................................................................................................... 41 6.4.3.  Other Aspects of Activation Data .......................................................................................... 41 

6.5.  Computer security controls ........................................................................................................ 41 6.5.1.  Specific Computer Security Technical Requirements ........................................................... 41 6.5.2.  Computer Security Rating ..................................................................................................... 42 

6.6.  Life cycle technical controls ....................................................................................................... 42 6.6.1.  System Development Controls .............................................................................................. 42 6.6.2.  Security Management Controls ............................................................................................. 42 6.6.3.  Life Cycle Security Controls .................................................................................................. 42 

6.7.  Network security controls ........................................................................................................... 43 6.8.  Time-stamping ........................................................................................................................... 43 6.9.  PIV-I Cards ................................................................................................................................ 43 

7.  CERTIFICATE, CRL, AND OCSP PROFILES .................................................................................... 44 7.1.  Certificate profile ........................................................................................................................ 44 

7.1.1.  Version Number(s) ................................................................................................................ 44 7.1.2.  Certificate Extensions ........................................................................................................... 44 7.1.3.  Algorithm Object Identifiers ................................................................................................... 44 7.1.4.  Name Forms ......................................................................................................................... 45 7.1.5.  Name Constraints ................................................................................................................. 45 7.1.6.  Certificate Policy Object Identifier ......................................................................................... 45 7.1.7.  Usage of Policy Constraints Extension ................................................................................. 45 7.1.8.  Policy Qualifiers Syntax and Semantics ................................................................................ 45 7.1.9.  Processing Semantics for the Critical Certificate Policies Extension ..................................... 45 

7.2.  CRL profile ................................................................................................................................. 46 7.2.1.  Version number(s) ................................................................................................................. 46 7.2.2.  CRL and CRL Entry Extensions ............................................................................................ 46 

7.3.  OCSP profile .............................................................................................................................. 46 7.3.1.  Version Number(s) ................................................................................................................ 46 7.3.2.  OCSP Extensions ................................................................................................................. 46 

8.  COMPLIANCE AUDIT AND OTHER ASSESSMENTS ....................................................................... 46 8.1.  Frequency or circumstances of assessment .............................................................................. 46 8.2.  Identity/qualifications of assessor .............................................................................................. 46 8.3.  Assessor's relationship to assessed entity ................................................................................. 47 8.4.  Topics covered by assessment .................................................................................................. 47 8.5.  Actions taken as a result of deficiency ....................................................................................... 47 8.6.  Communication of results .......................................................................................................... 47 8.7.  Self-Audits ................................................................................................................................. 47 

9.  OTHER BUSINESS AND LEGAL MATTERS ...................................................................................... 47 9.1.  Fees ........................................................................................................................................... 47 

9.1.1.  Certificate Issuance or Renewal Fees ................................................................................... 47 9.1.2.  Certificate Access Fees ........................................................................................................ 47 9.1.3.  Revocation or Status Information Access Fees ..................................................................... 47 9.1.4.  Fees for Other Services ........................................................................................................ 47 9.1.5.  Refund Policy ........................................................................................................................ 48 

9.2.  Financial responsibility ............................................................................................................... 48 9.2.1.  Insurance Coverage .............................................................................................................. 48 9.2.2.  Other Assets ......................................................................................................................... 48 9.2.3.  Insurance or Warranty Coverage for End-Entities ................................................................. 48 

9.3.  Confidentiality of business information ....................................................................................... 48 9.3.1.  Scope of Confidential Information ......................................................................................... 48 9.3.2.  Information Not Within the Scope of Confidential Information ............................................... 48 9.3.3.  Responsibility to Protect Confidential Information ................................................................. 48 

9.4.  Privacy of personal information .................................................................................................. 48 9.4.1.  Privacy Plan .......................................................................................................................... 48 9.4.2.  Information Treated as Private .............................................................................................. 48 9.4.3.  Information Not Deemed Private ........................................................................................... 48 9.4.4.  Responsibility to Protect Private Information ......................................................................... 48 9.4.5.  Notice and Consent to Use Private Information .................................................................... 48 9.4.6.  Disclosure Pursuant to Judicial or Administrative Process .................................................... 49 

v

9.4.7.  Other Information Disclosure Circumstances ........................................................................ 49 9.5.  Intellectual property rights .......................................................................................................... 49 9.6.  Representations and warranties ................................................................................................ 49 

9.6.1.  CA Representations and Warranties ..................................................................................... 49 9.6.2.  RA Representations and Warranties ..................................................................................... 49 9.6.3.  Subscriber Representations and Warranties ......................................................................... 49 9.6.4.  Relying Party Representations and Warranties ..................................................................... 49 9.6.5.  Representations and Warranties of Other Participants ......................................................... 49 

9.7.  Disclaimers of warranties ........................................................................................................... 49 9.8.  Limitations of liability .................................................................................................................. 50 9.9.  Indemnities ................................................................................................................................ 50 

9.9.1.  Indemnification by an Issuer CA ............................................................................................ 50 9.9.2.  Indemnification by Subscribers ............................................................................................. 50 9.9.3.  Indemnification by Relying Parties ........................................................................................ 50 

9.10.  Term and termination ................................................................................................................. 50 9.10.1.  Term ................................................................................................................................. 50 9.10.2.  Termination ...................................................................................................................... 50 9.10.3.  Effect of Termination and Survival .................................................................................... 50 

9.11.  Individual notices and communications with participants ........................................................... 50 9.12.  Amendments .............................................................................................................................. 50 

9.12.1.  Procedure for Amendment ............................................................................................... 50 9.12.2.  Notification Mechanism and Period .................................................................................. 50 9.12.3.  Circumstances under which OID Must Be Changed ........................................................ 50 

9.13.  Dispute resolution provisions ..................................................................................................... 51 9.14.  Governing law ............................................................................................................................ 51 9.15.  Compliance with applicable law ................................................................................................. 51 9.16.  Miscellaneous provisions ........................................................................................................... 51 

9.16.1.  Entire Agreement ............................................................................................................. 51 9.16.2.  Assignment ....................................................................................................................... 51 9.16.3.  Severability ....................................................................................................................... 51 9.16.4.  Enforcement (attorneys' fees and waiver of rights) ........................................................... 51 9.16.5.  Force Majeure .................................................................................................................. 51 

9.17.  Other provisions ......................................................................................................................... 51 

1

1. INTRODUCTION

1.1. OVERVIEWThisCertificatePolicy(CP)definestheproceduralandoperationalrequirementsthatDigiCertrequiresentitiestoadheretowhenissuingandmanagingdigitallysignedobjects(digitalCertificatesandtime‐stamptokens)withinDigiCert’sPKI,excludingparticipantsinDigiCert’sPrivatePKIservices,whicharenotcross‐certifiedorpubliclytrusted.SpecificrequirementsregardingthoseCertificatesaresetforthintheindividualagreementswiththeappropriateDigiCertcustomer.DigiCert’sCertificateandtime‐stamppoliciesarecontrolledbytheDigiCertPolicyAuthority(DCPA)thatdetermineshowthisCPappliestoCertificateAuthorities(CAs),RegistrationAuthorities(RAs),Subscribers,RelyingPartiesandotherPKIentitiesthatinteroperatewithorwithintheDigiCertPKI.ThisdocumentspecifiesthepoliciesDigiCertusestomeetthecurrentrequirementsoftheCertificationAuthority/BrowserForum("CABForumGuidelines"),thecurrentversiontowhichDigiCertshallconformwhenissuingpublicly‐trustedCertificates.TheCABForumGuidelinesincludetheBaselineRequirementsfortheIssuanceandManagementofPublicly‐TrustedCertificates(“BaselineRequirements”)andtheGuidelinesforExtendedValidationCertificates(“EVGuidelines”),bothofwhicharepublishedathttps://www.cabforum.org.WithregardtoSSL/TLSServerCertificatesorCodeSigningCertificates,ifanyinconsistencyexistsbetweenthisCPandtheBaselineRequirementsorEVGuidelines,theBaselineRequirementsandEVGuidelinestakeprecedence.Time‐stampingpoliciesareinaccordancewithIETFRFC3161,X9.95,ETSI102023,andETSI101861technicalstandards.ClientCertificatesfollowtheidentityassuranceframeworksfoundintheFederalBridgeCP,NIST800‐63,theKantaraInitiative,andEUlawapplicabletoQualifiedCertificates.PersonalIdentityVerification–Interoperable(PIV‐I)cardsissuedunderthisCPareintendedtotechnicallyinteroperatewithFederalPIVCardreadersandapplications.RelianceonPIV‐ICardsrequirescompliancewithtechnicalspecificationsandspecifictrustelements.PIVpoliciesforPIV‐IHardware,PIV‐ICardAuthentication,andPIV‐IContentSigningareforusewithPIV‐Ismartcards.TherequirementsassociatedwithPIV‐IHardwareandPIV‐IContentSigningareidenticaltoLevel4Certificatesexceptwherespecificallynotedherein.PIV‐IContentSigningpolicyisreservedforcertificatesusedbytheCardManagementSystem(CMS)tosignthePIV‐Icardsecurityobjects.ThisCPisonlyoneofseveraldocumentsthatgoverntheDigiCertPKI.OtherimportantdocumentsincludeCertificationPracticeStatements,registrationauthorityagreementsandpracticestatements,subscriberagreements,relyingpartyagreements,customeragreements,privacypolicies,andmemorandaofagreement.DigiCertmaypublishadditionalcertificatepoliciesorcertificationpracticestatementsasnecessarytodescribeotherproductandserviceofferings.Thesesupplementalpoliciesandstatementsareavailabletoapplicableusersorrelyingparties.PursuanttotheIETFPKIXRFC3647CP/CPSframework,thisCPisdividedintoninepartsthatcoverthesecuritycontrolsandpracticesandproceduresforcertificateortime‐stampingserviceswithintheDigiCertPKI.TopreservetheoutlinespecifiedbyRFC3647,sectionheadingsthatdonotapplyhavethestatement"Notapplicable"or"Nostipulation."

1.2. DOCUMENTNAMEANDIDENTIFICATIONThisdocumentistheDigiCertCertificatePolicyandwasapprovedforpublicationon2August2010bytheDigiCertPolicyAuthority(DCPA).Thefollowingrevisionshavebeenmadetotheoriginaldocument:

2

Date Changes Version9‐September‐2016 Updatedto clarifyIDdocumentsallowedandforconsistency

withFBCACP2.29,andsec.9.6.3ofBaselineRequirements4.10

1‐June‐2015 UpdatedforconsistencywithCA/BrowserForumBaselineRequirementsandnewFederalPIV‐IProfilereference

4.09

1‐April‐2015 MadeadditionalchangesbasedonFPKICPWGreview. 4.087‐October‐2014 UpdatedforconsistencywithFBCACPv.2.27 4.0714‐May‐2014 UpdatedtocomplywithchangestoBaselineRequirements

andtheEVGuidelines.4.06

2‐May‐2013 Updatedmailingaddress,removedreferencestoAdobeCDSProgram,revisedexplanationofLevel2identificationrequirements,revisedprivatekeymanagementprovisionsandkeyceremonywitnessrequirements.

4.05

10‐May‐2012 UpdatedtoincludeprovisionssetforthintheBaselineRequirements,toaddEVCodeSigning,improvereadability,andtomodifyrequirementsrelatedtoIGTFCertificates.

4.04

3‐May‐2011 PolicyOIDsrevisedforcertaincertificatetypesandminorupdatesmadetovarioussections.

4.03

29‐October‐2010 ChangesmadeinresponsetocommentsfromtheFPKICPWGregardingcertificatestatusservices,trustedroles,andoff‐sitebackupofarchive.

4.02

26‐August‐2010 Updatedtheprocessusedtoauthenticatethecertificaterequester’sauthorityundersection3.2.5forcodesigningcertificatesissuedtoorganizations

4.01

2‐August‐2010 Thisversion4.0replacestheDigiCertCertificatePolicyandCertificationPracticesStatement,Version3.08,datedMay29,2009.

4.0

TheOIDforDigiCertisjoint‐iso‐ccitt(2)country(16)USA(840)US‐company(1)DigiCert(114412).DigiCertorganizesitsOIDarcsforthevariousCertificatesanddocumentsdescribedinthisCPasfollows:

DigitallySignedObject ObjectIdentifier(OID)PolicyDocuments 2.16.840.1.114412.0 ThisCPDocument 2.16.840.1.114412.0.1.4CertificatesissuedpursuanttoCPS 2.16.840.1.114412.0.2.4NonEVSSLCertificates 2.16.840.1.114412.1 Organization‐ValidatedSSLCertificate* 2.16.840.1.114412.1.1Domain‐ValidatedSSLCertificate* 2.16.840.1.114412.1.2 FederatedDeviceCertificate 2.16.840.1.114412.1.11 FederatedDeviceHardwareCertificate 2.16.840.1.114412.1.12ExtendedValidationSSLCertificates* 2.16.840.1.114412.2ObjectSigningCertificates 2.16.840.1.114412.3 CodeSigning 2.16.840.1.114412.3.1 ExtendedValidationCodeSigning* 2.16.840.1.114412.3.2 WindowsKernelDriverSigning 2.16.840.1.114412.3.11 AdobeSigningCertificates 2.16.840.1.114412.3.21ClientCertificateOIDarc 2.16.840.1.114412.4. Level1Certificates–Personal 2.16.840.1.114412.4.1.1 Level1Certificates–Enterprise 2.16.840.1.114412.4.1.2 Level2Certificates 2.16.840.1.114412.4.2 Level3Certificates–US 2.16.840.1.114412.4.3.1 Level3Certificates–CBP 2.16.840.1.114412.4.3.2

3

Level4Certificates–US 2.16.840.1.114412.4.4.1 Level4Certificates–CBP 2.16.840.1.114412.4.4.2PIV‐IOIDarc 2.16.840.1.114412.4.5PIV‐IHardware‐keysrequireactivationbythePIV‐ICardholder(PIVAuth,DigSigandKeyManagement)

2.16.840.1.114412.4.5.1

PIV‐ICardAuthentication‐keysdonotrequirePIV‐ICardholderactivation 2.16.840.1.114412.4.5.2

PIV‐IContentSigning–usebyPIV‐I‐compliantCMS

2.16.840.1.114412.4.5.3

GridCertificates 2.16.840.1.114412.4.31or2.16.840.1.114412.31(Grid‐onlyarc)

IGTF‐ComparabletoClassicwithSecuredInfrastructure

2.16.840.1.114412.4.31.1(Clientw/Public)or2.16.840.1.114412.31.4.1.1(ClientGridOnly)

IGTF‐ComparabletoMember‐IntegratedCredentialServiceswithSecuredInfrastructure

2.16.840.1.114412.4.31.5

IGTFGridHost‐PublicTrust 2.16.840.1.114412.1.31.1Grid‐OnlyHostCertificate 2.16.840.1.114412.31.1.1.1

Authentication‐OnlyCertificates 2.16.840.1.114412.6Legacyarc 2.16.840.1.114412.81Testarc 2.16.840.1.114412.99

*AlsogovernedbyguidelinesoftheCA/BrowserForum.ThisCPappliestoanyentityassertingoneormoreoftheDigiCertOIDsidentifiedabove.AllotherOIDsmentionedabovebelongtotheirrespectiveowners.CommercialBestPractices(“CBP”)differsfrom“US”inthattherearenotrustedrolecitizenshiprequirementsforanIssuerCAissuingunderaCBPpolicy,whereaspoliciesdesignated“US”mustfollowthecitizenshippracticessetforthinSection5.3.1ofthisCP.TheLegacyarcexiststoidentifyCertificatesissuedforpurposeofachievingcompatibilitywithlegacysystemsthatareincapableofprocessingneweralgorithmsthatmightberequiredbycomparableindustrybestpractices,e.g.,toidentifyCertificatessignedusingtheSHA‐1algorithmwhenSHA‐256wouldberequiredinaPKIwithwhichDigiCerthascross‐certified.SubsequentrevisionstothisCPmightcontainnewOIDassignmentsforthecertificatetypesidentifiedabove.

1.3. PKIPARTICIPANTS

1.3.1. DigiCertPolicyAuthorityandCertificationAuthoritiesDigiCertRootCertificateAuthoritiesandIntermediateCAsaremanagedbytheDigiCertPolicyAuthority(DCPA)whichiscomposedofmembersofDigiCertmanagementappointedbyDigiCert’sexecutivemanagement.TheDCPAisresponsibleforthisCP,theapprovalofrelatedpracticestatements,andoverseeingtheconformanceofCApracticeswiththisCP.DigiCert’spoliciesaredesignedtoensurethattheDigiCertPKIcomplies,inallmaterialrespects,withU.S.andinternationalstandardsandregulations,includingtheFederalBridgeCertificatePolicy,EUlaw,CA/BrowserForumGuidelines,andrelevantlawonelectronicsignatures.DigiCertmayestablishorrecognizeotherCAs(e.g.subordinateCAs)inaccordancewiththisCP,applicablecross‐certification/federationpoliciesandmemorandaofagreement.Foreaseofreferenceherein,allCAsissuingCertificatesinaccordancewiththisCP(includingDigiCert)arehereafterreferredtoas“IssuerCAs.”

4

InaccordancewithEUlaw,EUQualifiedCertificateswillonlybeissuedbyIssuerCAsoperatedunderthecontrolofDigiCert.DigiCertshallnotifytheU.S.FederalPKIPolicyAuthority(FPKIPA)priortoissuinganyCACertificatetoanexternalIssuerCAthatDigiCertdesirestochaintotheFederalBridgeCA.

1.3.2. RegistrationAuthoritiesRegistrationAuthorities(RA)operateidentitymanagementsystems(IdMs)andcollectandverifySubscriberinformationontheIssuerCA’sbehalf.TherequirementsinthisCPapplytoallRAs.AnIssuerCAshallmonitoreachRA’scompliancewiththispolicy,theCPS,andifapplicable,anyRegistrationPracticesStatement(RPS)underwhichtheRAoperates.AnIssuerCAthatreliesonavarietyofRAsorIdMstosupportvariouscommunitiesofinterestmaysubmitanRPSforeachRAorIdMtotheDCPAforapproval.TheRPSmustcontaindetailsnecessaryfortheDCPAtodeterminehowtheRAachievescompliancewiththisPolicy.NecessarydetailsincludehowtheRA’sprocessorIdMestablishestheidentitiesofapplicants,howtheintegrityandauthenticityofsuchidentifyinginformationissecurelymaintainedandmanaged,andhowchangesandupdatestosuchinformationarecommunicatedtotheIssuerCA.

1.3.3. SubscribersSubscribersuseDigiCert’sservicesandPKItosupporttransactionsandcommunications.SubscribersarenotalwaysthepartyidentifiedinaCertificate,suchaswhenCertificatesareissuedtoanorganization’semployees.TheSubjectofaCertificateisthepartynamedintheCertificate.ASubscriber,asusedherein,referstoboththesubjectoftheCertificateandtheentitythatcontractedwiththeIssuerCAfortheCertificate’sissuance.PriortoverificationofidentityandissuanceofaCertificate,aSubscriberisanApplicant.

1.3.4. RelyingPartiesRelyingPartiesareentitiesthatactinrelianceonaCertificateand/ordigitalsignatureissuedbytheIssuerCA.RelyingpartiesmustchecktheappropriateCRLorOCSPresponsepriortorelyingoninformationfeaturedinaCertificate.

1.3.5. OtherParticipantsWhenissuingPIV‐Icards,theIssuerCAshallmakeaCardManagementSystems(CMS)responsibleformanagingsmartcardtokencontent.TheIssuerCAshallensurethattheCMSmeetstherequirementsdescribedherein.TheIssuerCAshallnotissueanyCertificatetoaCMSthatincludesaPIV‐IHardwareorPIV‐ICardAuthenticationpolicyOID.OtherparticipantsincludeBridgeCAsandCAsthatcross‐certifyIssuerCAstoprovidetrustamongotherPKIcommunities.

1.4. CERTIFICATEUSAGEAdigitalCertificate(orCertificate)isformatteddatathatcryptographicallybindsanidentifiedsubscriberwithaPublicKey.AdigitalCertificateallowsanentitytakingpartinanelectronictransactiontoproveitsidentitytootherparticipantsinsuchtransaction.DigitalCertificatesareusedincommercialenvironmentsasadigitalequivalentofanidentificationcard.Atime‐stamptoken(TST)cryptographicallybindsarepresentationofdatatoaparticulartimestamp,thusestablishingevidencethatthedataexistedatacertainpointintime.

1.4.1. AppropriateCertificateUsesCertificatesissuedunderthisCPmaybeusedforthepurposesdesignatedinthekeyusageandextendedkeyusagefieldsfoundintheCertificate.However,thesensitivityoftheinformationprocessedorprotectedbyaCertificatevariesgreatly,andeachRelyingPartymustevaluatetheapplicationenvironmentandassociatedrisksbeforedecidingonwhethertouseaCertificateissuedunderthisCP.

5

1.4.2. ProhibitedCertificateUsesCertificatesdonotguaranteethattheSubjectistrustworthy,honest,reputableinitsbusinessdealings,compliantwithanylaws,orsafetodobusinesswith.ACertificateonlyestablishesthattheinformationintheCertificatewasverifiedasreasonablycorrectwhentheCertificateissued.CodesigningCertificatesdonotindicatethatthesignedcodeissafetoinstallorisfreefrommalware,bugs,orvulnerabilities.CertificatesissuedunderthisCPshouldnotbeused(i)foranyapplicationrequiringfail‐safeperformancesuchas(a)theoperationofnuclearpowerfacilities,(b)airtrafficcontrolsystems,(c)aircraftnavigationsystems,(d)weaponscontrolsystems,or(e)anyothersystemwhosefailurecouldleadtoinjury,deathorenvironmentaldamage;or(ii)whereprohibitedbylaw.

1.5. POLICYADMINISTRATION

1.5.1. OrganizationAdministeringtheDocumentThisCPandthedocumentsreferencedhereinaremaintainedbytheDCPA,whichcanbecontactedat:

DigiCertPolicyAuthoritySuite5002600WestExecutiveParkwayLehi,UT84043USATel:1‐801‐701‐9600Fax:1‐801‐705‐0481www.digicert.comsupport@digicert.com

1.5.2. ContactPersonAttn:LegalCounselDigiCertPolicyAuthoritySuite5002600WestExecutiveParkwayLehi,UT84043USAwww.digicert.comsupport@digicert.com

1.5.3. PersonDeterminingCPSSuitabilityforthePolicyTheDCPAdeterminesthesuitabilityandapplicabilityofthisCPandtheconformanceofaCPStothisCPbasedontheresultsandrecommendationsreceivedfromanindependentauditor(seeSection8).TheDCPAisalsoresponsibleforevaluatingandactingupontheresultsofcomplianceaudits.

1.5.4. CPApprovalProceduresTheDCPAapprovestheCPandanyamendments.AmendmentsaremadebyeitherupdatingtheentireCPorbypublishinganaddendum.TheDCPAdetermineswhetheranamendmenttothisCPrequiresnoticeoranOIDchange.SeealsoSection9.10andSection9.12below.

1.6. DEFINITIONSANDACRONYMS

1.6.1. Definitions“AffiliatedOrganization”meansanorganizationthathasanorganizationalaffiliationwithaSubscriberandthatapprovesorotherwiseallowssuchaffiliationtoberepresentedinaCertificate.

6

“Applicant”meansanentityapplyingforacertificate.“Certificate”meansanelectronicdocumentthatusesadigitalsignaturetobindaPublicKeyandanidentity. “EVGuidelines”isdefinedinsection1.1.“KeyPair”meansaPrivateKeyanditsassociatedPublicKey.“OCSPResponder”meansanonlinesoftwareapplicationoperatedundertheauthorityofDigiCertandconnectedtoitsrepositoryforprocessingcertificatestatusrequests.“PIV‐IProfile”meanstheX.509CertificateandCertificateRevocationList(CRL)ExtensionsProfileforPersonalIdentityVerificationInteroperable(PIV‐I)Cards,Ver.1.1,Date:May52015.“PrivateKey”meansthekeyofaKeyPairthatiskeptsecretbytheholderoftheKeyPair,andthatisusedtocreatedigitalsignaturesand/ortodecryptelectronicrecordsorfilesthatwereencryptedwiththecorrespondingPublicKey.“PublicKey”meansthekeyofaKeyPairthatmaybepubliclydisclosedbytheholderofthecorrespondingPrivateKeyandthatisusedbyaRelyingPartytoverifydigitalsignaturescreatedwiththeholder'scorrespondingPrivateKeyand/ortoencryptmessagessothattheycanbedecryptedonlywiththeholder'scorrespondingPrivateKey.“QualifiedCertificate”meansaCertificatethatmeetstherequirementsofEUlawandisprovidedbyanIssuerCAmeetingtherequirementsofEUlaw.“RelyingParty”meansanentitythatreliesuponeithertheinformationcontainedwithinaCertificateoratime‐stamptoken.“RelyingPartyAgreement”meansanagreementwhichmustbereadandacceptedbytheRelyingPartypriortovalidating,relyingonorusingaCertificateoraccessingorusingDigiCert’sRepository.“SecureSignatureCreationDevice”meansasignature‐creationdevicethatmeetstherequirementslaiddowninEUlaw.“Subscriber”meanseithertheentityidentifiedasthesubjectintheCertificateortheentityreceivingDigiCert’stime‐stampingservices.“SubscriberAgreement”meansanagreementthatgovernstheissuanceanduseofaCertificatethattheApplicantmustreadandacceptbeforereceivingaCertificate.“WebTrust”meansthecurrentversionofCPACanada’sWebTrustProgramforCertificationAuthorities.

1.6.2. AcronymsCA CertificateAuthorityorCertificationAuthorityCBP CommercialBestPracticesCMS CardManagementSystemCP CertificatePolicyCPS CertificationPracticeStatementCRL CertificateRevocationList

7

CSR CertificateSigningRequestDCPA DigiCertPolicyAuthorityDV DomainValidatedETSI EuropeanTelecommunicationsStandardsInstituteEU EuropeanUnionEV ExtendedValidationFIPS (USGovernment)FederalInformationProcessingStandardFQDN FullyQualifiedDomainNameHSM HardwareSecurityModuleIANA InternetAssignedNumbersAuthorityICANN InternetCorporationforAssignedNamesandNumbersIdM IdentityManagementSystemIETF InternetEngineeringTaskForceIGTF InternationalGridTrustFederationITU InternationalTelecommunicationUnionITU‐T ITUTelecommunicationStandardizationSectorMICS Member‐IntegratedCredentialService(IGTF)OCSP OnlineCertificateStatusProtocolOID ObjectIdentifierOV OrganizationValidatedPIN PersonalIdentificationNumber(e.g.asecretaccesscode)PIV‐I PersonalIdentityVerification‐InteroperablePKI PublicKeyInfrastructurePKIX IETFWorkingGrouponPublicKeyInfrastructurePKCS PublicKeyCryptographyStandardRA RegistrationAuthoritySHA SecureHashingAlgorithmSSCD SecureSignatureCreationDeviceSSL SecureSocketsLayerTLD Top‐LevelDomainTLS TransportLayerSecurityURL UniformResourceLocatorUTC CoordinatedUniversalTimeX.509 TheITU‐TstandardforCertificatesandtheircorrespondingauthentication

framework

1.6.3. References

CA/BrowserForumBaselineRequirementsCertificatePolicyfortheIssuanceandManagementofPublicly‐TrustedCertificates(“BaselineRequirements”)CA/BrowserForumGuidelinesfortheIssuanceandManagementofExtendedValidationCertificates(“EVGuidelines”)

2. PUBLICATIONANDREPOSITORYRESPONSIBILITIES

2.1. REPOSITORIESIssuerCAsshallpublishallpubliclytrustedCACertificatesandcross‐Certificates,issuedtoandfromtheIssuerCA,revocationdataforissueddigitalCertificates,CP,CPS,andstandardRelyingPartyAgreementsandSubscriberAgreementsinonlinerepositories.TheIssuerCAshallensurethatitsrootCertificateandtherevocationdataforissuedCertificatesareavailablethrougharepository24hoursaday,7daysaweekwithaminimumof99%availabilityoverallperyearwithascheduleddown‐timethatdoesnotexceed0.5%annually.

8

2.2. PUBLICATIONOFCERTIFICATIONINFORMATIONIssuerCAsshallmakethefollowinginformationpubliclyaccessibleontheweb:allpubliclytrustedrootCertificates,crossCertificates,CRLs,CPsandCPSs.PointerstorepositoryinformationinCAandendentityCertificatesshallonlycontainvalidUniformResourceIdentifiers(URIs)thatareaccessiblebyrelyingparties.

2.3. TIMEORFREQUENCYOFPUBLICATIONIssuerCAsshallpublishCACertificatesandrevocationdataassoonaspossibleafterissuance.IssuerCAsshallpublishnewormodifiedversionsCPSswithinsevendaysoftheirapproval.

2.4. ACCESSCONTROLSONREPOSITORIESInformationpublishedinarepositoryispublicinformation.TheIssuerCAshallprovideunrestrictedreadaccesstoitsrepositoriesandshallimplementlogicalandphysicalcontrolstopreventunauthorizedwriteaccesstosuchrepositories.

3. IDENTIFICATIONANDAUTHENTICATION

3.1. NAMING

3.1.1. TypesofNamesIssuerCAsshallissueCertificateswithanon‐nullsubjectDistinguishedName(DN)thatcomplieswithITUX.500standards.Level1CertificatesmayincludeanullsubjectDNiftheyincludeatleastonealternativenameformthatismarkedcritical.SubjectAlternateNameformsmaybeincludedinCertificatesiftheyaremarkednon‐critical.WhenDNsareused,commonnamesmustrespectnamespaceuniquenessandmustnotbemisleading.IssuerCAsshallceaseissuingpubliclytrustedSSLCertificatescontaininginternalnamesorreservedIPaddressesasofthesunsetdatessetforthintheBaselineRequirements.ForPIV‐ICertificates:

1. IssuerCAsshallincludebothanon‐nullsubjectnameandsubjectalternativenameinCertificates.

2. IssuerCAsshallindicatetheSubscriber’sassociationwithanAffiliatedOrganizationasfollows:PIV‐IHardware:

ForcertificateswithanAffiliatedOrganization:cn=Subscriber'sfullname,ou=AffiliatedOrganizationName,{BaseDN}ForcertificateswithnoAffiliatedOrganization:cn=Subscriber'sfullname,ou=Unaffiliated,ou=EntityCA’sName,{BaseDN}

PIV‐ICardAuthentication:

ForcertificateswithanAffiliatedOrganization:serialNumber=UUID,ou=AffiliatedOrganizationName,{BaseDN}ForcertificateswithnoAffiliatedOrganization:serialNumber=UUID,ou=Unaffiliated,ou=EntityCA’sName,{BaseDN}

3. IssuerCAsshallclearlyindicatetheorganizationadministeringtheCMSineachPIV‐IContentSigningCertificate.

4. IssuerCAsshallnotincludeaSubscribercommonnameinaPIV‐ICardAuthenticationsubscriberCertificate.

5. IssuerCAsshallencodetheUUIDwithintheserialNumberattributeusingtheUUIDstringrepresentationdefinedinSection3ofRFC4122.

IssuerCAsshallcomplywithsection3.1.2ofRFC3739whenprovidingEUQualifiedCertificates.

9

3.1.2. NeedforNamestobeMeaningfulWhenapplicable,IssuerCAsshallusedistinguishednamestoidentifyboththeentity(i.e.person,organization,device,orobject)thatisthesubjectoftheCertificateandtheentitythatistheissueroftheCertificate.Directoryinformationtreesshallaccuratelyreflectorganizationalstructures.Whenapplicable,IssuerCAsshallensurethateachUserPrincipalName(UPN)isuniqueandaccuratelyreflectsorganizationalstructures.

3.1.3. AnonymityorPseudonymityofSubscribersIssuerCAsmayissueend‐entityanonymousorpseudonymousCertificatesprovidedthat(i)suchCertificatesarenotprohibitedbyapplicablepolicy(e.g.forcertificatetype,assurancelevel,orcertificateprofile)and(ii)namespaceuniquenessispreserved.

3.1.4. RulesforInterpretingVariousNameFormsDistinguishedNamesinCertificatesareinterpretedusingX.500standardsandASN.1syntax.SeeRFC2253andRFC2616forfurtherinformationonhowX.500distinguishednamesinCertificatesareinterpretedasUniformResourceIdentifiersandHTTPreferences.

3.1.5. UniquenessofNamesTheDCPAshallenforcenameuniquenessinCertificatesthataretrustedwithintheDigiCertPKI.TheDCPAmayenforceuniquenessbyrequiringthateachCertificateincludeauniqueserialnumberthatisincorporatedaspartofthesubjectname.

3.1.6. Recognition,Authentication,andRoleofTrademarksSubscribersmaynotrequestCertificateswithanycontentthatinfringestheintellectualpropertyrightsofanotherentity.Unlessotherwisespecificallystated,thisCPdoesnotrequireanIssuerCAtoverifyanApplicant’srighttouseatrademark.IssuerCAsmayrejectanyapplicationorrequirerevocationofanyCertificatethatispartofatrademarkdispute.

3.2. INITIALIDENTITYVALIDATIONAnIssuerCAmayuseanylegalmeansofcommunicationorinvestigationtoascertaintheidentityofanorganizationalorindividualApplicant.TheIssuerCAmayrefusetoissueaCertificateinitssolediscretion.

3.2.1. MethodtoProvePossessionofPrivateKeyTheIssuerCAshallverifythattheApplicantpossessesthePrivateKeycorrespondingtothePublicKeyinthecertificaterequest.TheIssuerCAshallrequirethatPrivateKeysforEUQualifiedCertificatebegeneratedintheSubscriber’spresenceonaSecureSignatureCreationDevice(SSCD)(OID0.4.0.1456.1.1)andstoredsecurelyontheSSCDwithaSubscriber‐selectedPIN.

3.2.2. AuthenticationofOrganizationIdentityDomainnamesincludedinapubliclytrustedSSLCertificatemustbeverifiedinaccordancewithSection3.2.2oftheBaselineRequirements.Ifapublicly‐trustedSSLCertificatewillcontainanorganization’sname,thentheIssuerCA(oranRA)shallverifytheinformationabouttheorganizationanditslegalexistenceinaccordancewithSection3.2.2.1oftheBaselineRequirementsusingreliablethirdpartyandgovernmentdatabasesorthroughotherdirectmeansofcommunicationwiththeentityorjurisdictiongoverningtheorganization’slegalcreation,existence,orrecognition.IftherequestisforaCertificatethatassertsanorganizationalaffiliationbetweenahumansubscriberandanorganization(e.g.PIV‐IHardwareCertificates),theIssuerCAshallobtaindocumentationfromtheorganizationthatrecognizestheaffiliationandobligatestheorganizationtorequestrevocationoftheCertificateifthataffiliationends.SeeSections3.2.5,4.9.1and9.6.1.

10

IssuerCAsandRAsshallidentifyhigh‐riskcertificaterequestsandshallconductadditionalverificationactivityandtakeadditionalprecautionsasarereasonablynecessarytoensurethathigh‐riskrequestsareproperlyverified.AllrequestsforIssuerCACertificatesorCertificateswithanorganization’snamethatarecross‐certifiedwiththeFBCAshallincludetheorganizationname,address,anddocumentationoftheexistenceoftheorganization.ForIssuerCACertificatesandCAcross‐Certificates,representativesoftheDCPAverifytheinformation,inadditiontotheauthenticityoftherequestingrepresentativeandtherepresentative’sauthorizationfortheCertificate.

3.2.3. AuthenticationofIndividualIdentityTheIssuerCAoranRAshallverifyanindividual’sidentityinaccordancewiththeprocessestablishedinitsCPSorRPSthatmeetsthefollowingminimumrequirements:

Certificate IdentityVerificationSSLServerCertificatesandObjectSigningCertificates(issuedtoanIndividual)

TheApplicantshallsubmitalegiblecopy,whichdiscerniblyshowstheApplicant’sface,ofatleastonecurrentlyvalidgovernment‐issuedphotoID(passport,driverslicense,militaryID,nationalID,orequivalentdocumenttype).Thecopyofthedocumentshallbeinspectedforanyindicationofalterationorfalsification.IftheIssuerCAorRArequiresfurtherassurance,theApplicantshallprovideadditionalformsofidentification,includingnon‐photoandnon‐governmentalformsofidentificationsuchasrecentutilitybills,financialaccountstatements,Applicantcreditcard,additionalIDcredential,orequivalentdocumenttype.TheIssuerCAorRAshallconfirmthattheApplicantisabletoreceivecommunicationbytelephone,postalmail/courier,orfax.IftheIssuerCAorRAcannotverifytheApplicant’sidentityusingtheproceduresdescribedabove,thentheIssuerCAorRAshallobtainaDeclarationofIdentity*witnessedandsignedbyaRegistrationAuthority,TrustedAgent,notary,lawyer,accountant,postalcarrier,oranyentitycertifiedbyaStateorNationalGovernmentasauthorizedtoconfirmidentities.

DeviceCertificateSponsors

Seesection3.2.3.3

EVSSLCertificatesissuedtoaBusinessEntity

AsspecifiedintheEVGuidelines

Authentication‐OnlyCertificates

Theentitycontrollingthesecurelocationrepresentsthatthecertificateholderhasauthorizationtoaccessthelocation.

Grid‐onlyCertificates EithertheRAresponsibleforthegridcommunityoraTrustedAgentmusteitherreviewanidentitydocumentduringaface‐to‐facemeetingwiththeApplicant,oraTrustedAgentmustattestthattheApplicantispersonallyknowntotheTrustedAgent.Ifanidentificationdocumentisused,theRAmustretainsufficientinformationabouttheApplicant’sidentityinordertoverifytheApplicantatalaterdate.

Level1ClientCertificates–Personal(emailcertificates)

Applicant’scontroloveranemailaddress(oranyoftheidentityverificationmethodslistedforahigherlevelclientcertificate).

11

Level1ClientCertificates‐Enterprise(emailcertificates)

Anyoneofthefollowing:

1.In‐personappearancebeforeanRAorTrustedAgentwithpresentmentofanidentitycredential(e.g.,driver'slicenseorbirthcertificate).

2.Usingproceduressimilartothoseusedwhenapplyingforconsumercreditandauthenticatedthroughinformationinconsumercreditdatabasesorgovernmentrecords,suchas:

‐theabilitytoplaceorreceivecallsfromagivennumber;or‐theabilitytoobtainmailsenttoaknownphysicaladdress.

3.Throughinformationderivedfromanongoingbusinessrelationshipwiththecredentialproviderorapartnercompany(e.g.,afinancialinstitution,airline,employer,orretailcompany).Acceptableinformationincludes:

‐theabilitytoobtainmailatthebillingaddressusedinthebusinessrelationship;or‐verificationofinformationestablishedinprevioustransactions(e.g.,previousordernumber);or‐theabilitytoplacecallsfromorreceivephonecallsataphonenumberusedinpreviousbusinesstransactions.4.AnymethodrequiredtoverifyidentityforissuanceofaLevel2,3,or4ClientCertificate

Level2ClientCertificates

ThislevelofassurancerequiresthattheIssuerCAorRAverifytheApplicant’sidentityusingthepossessionofareliableformofidentification.PersonalidentifyinginformationshallbecomparedwithApplicant‐providedinformationtoconfirmthattheassertednamematches:(a) thenamecontainedinthepresentedidentificationcredential;(b) theindividual’sdateofbirth;and(c) acurrentaddressorpersonaltelephonenumbersufficienttoidentifyauniqueindividual.TheIssuerCAorRAshallverifytheApplicant’sidentityusingoneofthefollowingfour(4)methods:1.In‐personproofingbeforeanRAorTrustedAgent(orentitycertifiedbyaStateorNationalGovernmentasauthorizedtoconfirmidentities)withpresentmentofavalidcurrentgovernment‐issuedidentitydocumentthatcontainstheApplicant’spictureandeitheraddressofrecordornationality(e.g.driver’slicenseorPassport).SuchauthenticationdoesnotrelievetheRAofitsresponsibilitytoverifythepresenteddata.2.RemotelyverifyinginformationprovidedbytheApplicant(verifiedelectronicallybyarecordcheckwiththespecifiedissuingauthorityorthroughsimilardatabasestoestablishtheexistenceofsuchrecordswithmatchingnameandreferencenumbersandtocorroboratedateofbirthandcurrentaddressofrecordortelephonenumber).TheIssuerCAorRAmayconfirmanaddressbyissuingthecredentialsinamannerthatconfirmstheaddressofrecordorverifyingknowledgeofrecentaccountactivityassociatedwiththe

12

Applicant’saddressandmayconfirmatelephonenumberbysendingachallenge‐responseSMStextmessageorbyrecordingtheapplicant’svoiceduringacommunicationafterassociatingthetelephonenumberwiththeapplicantinrecordsthatareavailabletotheIssuerCAorRA.

3.IftheIssuerCAorRAhasacurrent,ongoingrelationshipwiththeApplicant,theIssuerCAorRAmayverifyidentityusinganexchangeofapreviouslyexchangedsharedsecret(e.g.,aPINorpassword)thatmeetsorexceedsNISTSP800‐63Level2entropyrequirements,providedthat:(a)identitywasoriginallyestablishedwiththedegreeofrigorequivalenttothatrequiredin1or2aboveusingagovernment‐issuedphotoID,and(b)theongoingrelationshipexistssufficienttoensuretheApplicant’scontinuedpersonalpossessionofthesharedsecret.4.AnyofthemethodsrequiredtoverifyidentityforissuanceofaDigiCertLevel3or4ClientCertificate.

Level3ClientCertificates

In‐personproofingbeforeanRA,TrustedAgent, oranentitycertifiedbyaStateorNationalGovernmentthatisauthorizedtoconfirmidentities(providedthatthecertifiedentityforwardstheinformationcollectedfromtheapplicantdirectlytotheRAinasecuremannerandthattheRAisnotrelievedofitsresponsibilitytoverifythepresenteddata).

TheApplicantshallprovideatleastoneFederalGovernment‐issuedPictureI.D.,aREALID,ortwoNon‐FederalGovernmentI.D.s,oneofwhichmustbeaphotoI.D.AcceptableformsofNon‐FederalGovernmentphotoIDsincludeadriver'slicense,state‐issuedphotoIDcard,passport,nationalidentitycard,permanentresidentcard,trustedtravelercard,tribalID,militaryID,orsimilarphotoidentificationdocument.SeeUSCISFormI‐9.

TheIssuerCAorRAshallexaminethecredentialsanddeterminewhethertheyareauthenticandunexpired.ForeachLevel3orhigherassuranceClientCertificateissued,theIssuerCAortheRAshallreviewandrecordaDeclarationofIdentity*whichshallbesignedbytheapplicantandthepersonperformingthein‐personidentification.TheIssuerCAorRAshallchecktheprovidedinformation(name,dateofbirth,andcurrentaddress)toensurelegitimacyandmayverifyitelectronicallybyarecordcheckasdescribedabove.TheIssuerCAorRAmayemployanin‐personantecedentprocess,definedinFBCASupplementaryAntecedent,In‐PersonDefinition,tomeetthein‐personidentityproofingrequirement.Underthisdefinition,historicalin‐personidentityproofingissufficientif(1)itmeetsthethoroughnessandrigorofin‐personproofingdescribedabove,(2)supportingIDproofingartifactsexisttosubstantiatetheantecedentrelationship,and(3)mechanismsareinplacethatbindtheindividualtotheassertedidentity.Inoneusecase,theApplicant(e.g.anemployee)hasbeenidentifiedpreviouslybyanemployerusingUSCISFormI‐9andisboundtothe

13

assertedidentityremotelythroughtheuseofknownattributesorsharedsecrets.Inanotherusecase,athirdpartyIdentityVerificationProviderconstructsareal‐time,five‐questionprocess,basedonmultiplehistoricantecedentdatabases,andtheapplicantisgiventwominutestoansweratleastfourofthefivequestionscorrectly.SeeFBCASupplementaryAntecedent,In‐PersonDefinition.IfthephotoIDisunexpiredandconfirmstheaddressofrecordfortheApplicant,thenthecertificatemaybeapprovedforissuancewithnoticeofissuancesenttotheaddressofrecord.IfthephotoIDdoesnotconfirmtheApplicant’saddressofrecord,thenthecertificateshallbeissuedinamannerthatconfirmstheaddressofrecord.ForallLevel3orhigherassuranceClientCertificates,theidentityoftheApplicantmustbeestablishednoearlierthan30dayspriortoinitialcertificateissuance.

Level4ClientCertificates(MediumHardware)Mustbeissuedtocryptographichardware.

In‐personproofingbeforeanRA,TrustedAgent,oranentitycertifiedbyaStateorNationalGovernmentthatisauthorizedtoconfirmidentities(providedthatthecertifiedentityforwardstheinformationcollectedfromtheapplicantdirectlytotheRAinasecuremannerandthattheRAisnotrelievedofitsresponsibilitytoverifythepresenteddata).TheApplicationshallsupply(i)oneFederalGovernment‐issuedPictureI.D.,aREALID,ortwoNon‐FederalGovernmentI.D.s,oneofwhichmustbeaphotoI.D.and(ii)thecontemporaneouscollectionofatleastonebiometric(e.g.photographorfingerprints)toensurethattheApplicantcannotrepudiatetheapplication.AcceptableformsofNon‐FederalGovernmentphotoIDsincludeadriver'slicense,state‐issuedphotoIDcard,passport,nationalidentitycard,permanentresidentcard,trustedtravelercard,tribalID,militaryID,orsimilarphotoidentificationdocument.SeeUSCISFormI‐9.TheIssuerCAorRAshallexaminethecredentialsanddeterminewhethertheyareauthenticandunexpired.ForeachLevel4ClientCertificateissued,theIssuerCAortheRAshallreviewandrecordaDeclarationofIdentity*thatissignedbytheapplicantandthepersonperformingthein‐personidentification.ForallLevel4ClientCertificatestheuseofanin‐personantecedentisnotapplicableandtheApplicantshallestablishhisorheridentitynomorethan30dayspriortoinitialcertificateissuance.IssuerCAsandRAsshallissueLevel4ClientCertificatesinamannerthatconfirmstheApplicant’saddressofrecord.

PIV‐ICertificates IssuerCAsshallonlyissuePIV‐IHardwareCertificatestohumansubscribers.TheRAoraTrustedAgentshallcollectbiometricdataduringtheidentityproofingandregistrationprocessthatcomplieswith[NISTSP800‐76](seeAppendixA):

• Anelectronicfacialimageusedforprintingfacialimageonthecard,aswellasforperformingvisualauthenticationduringcardusage.TheRAorTrustedAgentmustcollectanewfacialimageeachtimeacardisissued;and

• Twoelectronicfingerprintsarestoredonthecardfor

14

automatedauthenticationduringcardusage.TheRAorTrustedAgentshallalsorequiretwoidentitysourcedocumentsinoriginalform.TheidentitysourcedocumentsmustcomefromthelistofacceptabledocumentsincludedinFormI‐9,OMBNo.1115‐0136,EmploymentEligibilityVerification.Atleastonedocumentmustbeavalid,unexpiredStateorFederalGovernment‐issuedpictureidentification(ID).ForallPIV‐ICertificates,theuseofanin‐personantecedentisnotapplicableandtheApplicantshallestablishtheiridentitynomorethan30dayspriortoinitialcertificateissuance.

EUQualifiedCertificates In‐personverificationoftheApplicant’sidentitybyappropriatemeansinaccordancewithnationallaw.Theentityperformingthevalidationshallchecktheevidenceofidentitydirectlyagainstaphysicalpersonorindirectlyusingmeansthatprovideequivalentassurancetophysicalpresence.

*ADeclarationofIdentityconsistsofthefollowing:

a. theidentityofthepersonperformingtheverification;b. asigneddeclarationbytheverifyingpersonstatingthattheyverifiedtheidentityofthe

Subscriberasrequiredusingtheformatsetforthat28U.S.C.1746(declarationunderpenaltyofperjury)orcomparableprocedureunderlocallaw;thesignatureonthedeclarationmaybeeitherahandwrittenordigitalsignatureusingacertificatethatisofequalorhigherlevelofassuranceasthecredentialbeingissued;

c. uniqueidentifyingnumber(s)fromtheApplicant’sidentificationdocument(s),orafacsimileoftheID(s);

d. thedateoftheverification;ande. adeclarationofidentitybytheApplicantthatissigned(inhandwritingorthroughuseofa

digitalsignaturethatisofequivalentorhigherassurancethanthecredentialbeingissued)inthepresenceofthepersonperformingtheverificationusingtheformatsetforthat28U.S.C.1746(declarationunderpenaltyofperjury)orcomparableprocedureunderlocallaw.

Wherein‐personidentityverificationisrequiredandtheApplicantcannotparticipateinface‐to‐faceregistrationalone(e.g.becauseApplicantisanetworkdevice,minor,orpersonnotlegallycompetent),thentheApplicantmaybeaccompaniedbyapersonalreadycertifiedbythePKIorwhohastherequiredidentitycredentialsforaCertificateatthesameorhigherlevelofassuranceappliedforbytheApplicant.ThepersonaccompanyingtheApplicant(i.e.the“Sponsor”)willpresentinformationsufficientforregistrationatthelevelofthecertificatebeingrequested,forhimselforherself,andfortheApplicant.Forin‐personidentityproofingatLevels3and4andforPIV‐I,anentitycertifiedbyaStateorNationalGovernmentasauthorizedtoconfirmidentitiesmayperformin‐personauthenticationonbehalfoftheRA.Theinformationcollectedfromtheapplicantshouldbereliablycollectedfromthecertifiedentity.Packagessecuredinatamper‐evidentmannerbythecertifiedentitysatisfythisrequirement;othersecuremethodsarealsoacceptable.SuchauthenticationdoesnotrelievetheRAofitsresponsibilitytoverifythepresenteddata.

3.2.3.1. Authentication for Role‐based Client Certificates AnIssuerCAmayissueCertificatesthatidentifyaspecificrolethattheSubscriberholds,providedthattheroleidentifiesaspecificindividualwithinanorganization(e.g.,ChiefInformationOfficerisauniqueindividualwhereasProgramAnalystisnot).Theserole‐basedCertificatesareusedwhennon‐repudiationisdesired.TheIssuerCAmayonlyissuerole‐basedcertificatestoSubscriberswhofirstobtainanindividualSubscriberCertificatethatisatthesameorhigherassurancelevelastherequestedrole‐basedCertificate.AnIssuerCAmayissueCertificateswiththesameroletomultiple

15

Subscribers.However,theIssuerCAshallrequirethateachCertificatehaveauniqueKeyPair.Individualsmaynotsharetheirissuedrole‐basedCertificatesandarerequiredtoprotecttherole‐basedCertificateinthesamemannerasindividualCertificates.TheIssuerCAoranRAshallverifytheidentityoftheindividualrequestingarole‐basedCertificate(i.e.thesponsor)inaccordancewithSection3.2.3andrecordtheinformationidentifiedinSection3.2.3forasponsorassociatedwiththerolebeforeissuingarole‐basedCertificate.ThesponsormustholdanindividualCertificateinhis/herownnameissuedbythesameCAatthesameorhigherassurancelevelastherole‐basedCertificate.Proceduresandpoliciesforissuingrole‐basedCertificatesshallcomplywithallprovisionsofthisCP(e.g.,keygeneration,privatekeyprotection,andSubscriberobligations).IGTFandEUQualifiedCertificatesarenotissuedasrole‐basedCertificates.IftheCertificateisapseudonymouscertificatecross‐certifiedwiththeFBCAthatidentifiessubjectsbytheirorganizationalroles,thentheIssuerCAorRAshallverifythattheindividualeitherholdsthatroleorhastheauthoritytosignonbehalfoftherole.

3.2.3.2. Authentication for Group Client Certificates Ifseveralentitiesareactinginonecapacityandnon‐repudiationisnotnecessary,theIssuerCAmayissueaCertificatecorrespondingtoaPrivateKeysharedbymultipleSubscribers.TheIssuerCAorRAshallrecordtheinformationidentifiedinSection3.2.3forasponsorfromtheInformationSystemsSecurityOfficeorequivalentbeforeissuingagroupCertificate.Inaddition,theIssuerCAortheRAshall:

1. RequirethattheInformationSystemsSecurityOffice,orequivalent,beresponsibleforensuringcontrolofthePrivateKey,includingmaintainingalistofSubscriberswhohaveaccesstothePrivateKey,andaccountforthetimeperiodduringwhicheachSubscriberhadcontrolofthekey,

2. NotincludeasubjectNameDNinthecertificateinawaythatcouldimplythatthesubjectisasingleindividual,

3. RequirethatthesponsorprovideandcontinuouslyupdatealistofindividualswhoholdthesharedPrivateKey,and

4. EnsurethattheproceduresforissuinggroupcertificatescomplywithallotherstipulationsofthisCP(e.g.,keygeneration,privatekeyprotection,andSubscriberobligations).

IGTFandEUQualifiedCertificatesarenotissuedasgroupCertificates.

3.2.3.3. Authentication of Devices with Human Sponsors AnIssuerCAmayissueaLevel1,2,3or4ClientorFederatedDeviceCertificateforuseonacomputingornetworkdevice,providedthattheentityowningthedeviceislistedasthesubject.Insuchcases,thedevicemusthaveahumansponsorwhoprovides:

1. Equipmentidentification(e.g.,serialnumber)orservicename(e.g.,DNSname),2. EquipmentPublicKeys,3. Equipmentauthorizationsandattributes(ifanyaretobeincludedinthecertificate),and4. Contactinformation.

IftheCertificate’ssponsorchanges,thenewsponsorshallreviewthestatusofeachdevicetoensureitisstillauthorizedtoreceiveCertificates.TheCPSshalldescribeprocedurestoensurethatcertificateaccountabilityismaintained.TheIssuerCAshallverifyallregistrationinformationcommensuratewiththerequestedcertificatetype.Acceptable methods for performing this authentication and integrity checking include:

16

1. Verificationofdigitallysignedmessagessentfromthesponsor(usingCertificatesofequivalentorgreaterassurancethanthatbeingrequested)

2. Inpersonregistrationbythesponsor,withtheidentityofthesponsorconfirmedinaccordancewiththerequirementsofSection3.2.3.

3.2.4. Non‐verifiedSubscriberInformationIssuerCAsarenotrequiredtoconfirmthatthecommonnameinaLevel1‐PersonalClientCertificateisthelegalnameoftheSubscriber.OVSSLCertificatesmayincludeapseudo‐domainforusewithintheSubscriber’sinternal,non‐public‐DNSnetworksuntilprohibitedbytheBaselineRequirements.Anyothernon‐verifiedinformationincludedinaCertificateshallbedesignatedassuchintheCertificate.NounverifiedinformationshallbeincludedinanyLevel2,Level,3,Level4,PIV‐I,ObjectSigning,EV,FederatedDevice,orEUQualifiedCertificate.

3.2.5. ValidationofAuthorityTheIssuerCAorRAshallverifytheauthorizationofacertificaterequestasfollows:

Certificate VerificationDVSSLCertificates,OVSSLCertificates,andFederatedDeviceCertificates

AnauthorizedcontactlistedwiththeDomainNameRegistrar,apersonwithcontroloverthedomainname,orthroughcommunicationwiththeapplicantusingaReliableMethodofCommunication,asdefinedintheBaselineRequirements.

EVCertificates InaccordancewiththeEVGuidelines.ObjectSigningCertificates(includingEVCodeSigningCertificates)

IfaCertificatenamesanorganization,anauthoritativesourcewithintheorganization(e.g.corporate,legal,IT,HR,orotherappropriateorganizationalsources)usingaReliableMethodofCommunication.

Level1ClientCertificates‐Personal(emailcertificates)

AnindividualhascontrolovertheemailaddresslistedintheCertificate.

Level1ClientCertificates‐Enterprise(emailcertificates)

Apersonwhohastechnicaloradministrativecontroloverthedomainnameandverifyingtherequester’scontrolovertheemailaddresslistedintheCertificate.

IGTFCertificates Pursuanttotherelevantrequirementsbytheaccreditationauthority.

ClientCertificatesLevels2,3and4andPIV‐ICertificates

Individuals affiliatedwiththeorganizationwhoconfirmtheapplicant’sauthoritytoobtainaCertificateindicatingtheaffiliationandwhoagreetorequestrevocationoftheCertificatewhenthataffiliationends.

EUQualifiedCertificates AnindividualisassociatedwiththeorganizationthatisauthorizedtoconsenttotheCertificate’spublication(seesection7.3.1ofTS101456).

TheIssuerCAshallimplementaprocesswherebyanApplicantmaylimitthenumberofindividualsauthorizedtorequestCertificates.TheIssuerCAshallprovidealistofauthorizedcertificaterequestersafterreceivingaverifiedrequestforsuchinformationfromanindividualauthorizedtomakesuchrequest.

3.3. IDENTIFICATIONANDAUTHENTICATIONFORRE‐KEYREQUESTS

3.3.1. IdentificationandAuthenticationforRoutineRe‐keyAnIssuerCAmayallowSubscribersofSSLandCodeSigningCertificatestoauthenticatethemselvesoveraTLS/SSLsessionwithusernameandpassword.EachSubscribershallreestablishitsidentityusingtheinitialregistrationprocessesofsection3.2accordingtothefollowingtable:

Certificate RoutineRe‐KeyAuthentication Re‐VerificationRequiredDVandOVSSLCertificates Usernameandpassword Atleastevery39months

17

EVSSLCertificates Usernameandpassword AccordingtotheEVGuidelines

SubscriberEVCodeSigningCertificates

Usernameandpassword Atleastevery39months

SigningAuthorityEVCodeSigningCertificates

Usernameandpassword Atleastevery123months

TimestampEVCodeSigningCertificates

Usernameandpassword Atleastevery123months

ObjectSigningCertificates Usernameandpassword AtleasteverysixyearsLevel1ClientCertificates Usernameandpassword AtleasteverynineyearsLevel2ClientCertificates Currentsignaturekeyormulti‐

factorauthenticationmeetingNISTSP800‐63Level3

Atleasteverynineyears

Level3and4ClientCertificatesandPIV‐ICertificates

Currentsignaturekey ormulti‐factorauthenticationmeetingNISTSP800‐63Level3

Atleasteverynineyears

FederatedDeviceandFederatedDevice‐hardware

Currentsignaturekeyormulti‐factorauthenticationmeetingNIST‐800‐63Level3

Atleasteverynineyears

IGTFCertificates Usernameandpassword,RAattestationaftercomparisonofidentitydocuments,re‐authenticatethroughanapprovedIdM,orthroughassociatedPrivateKey

Atleastevery13months.However,certificatesassociatedwithaPrivateKeyrestrictedsolelytoahardwaretokenmayberekeyedorrenewedforaperiodofupto5years

Authentication‐OnlyCertificates UsernameandpasswordorwithassociatedPrivateKey

None

TheIssuerCAshallnotre‐keyaCertificatewithoutadditionalauthenticationifdoingsowouldallowtheSubscribertousetheCertificatebeyondthelimitsdescribedabove.

3.3.2. IdentificationandAuthenticationforRe‐keyAfterRevocationTheIssuerCAshallrequiresubscribersofCertificatesthathavebeenrevokedforreasonsotherthanastheresultofaroutinecertificaterenewal,update,ormodificationactiontoundergotheinitialregistrationprocess(describedinSection3.2)toobtainanewCertificate.

3.4. IDENTIFICATIONANDAUTHENTICATIONFORREVOCATIONREQUESTTheIssuerCAortheRAthatapprovedtheCertificate’sissuanceshallauthenticateallrevocationrequests.TheIssuerCAorRAmayauthenticatearevocationrequestusingtheCertificate’sPublicKey,regardlessofwhethertheassociatedPrivateKeyiscompromised.

4. CERTIFICATELIFE‐CYCLEOPERATIONALREQUIREMENTS

4.1. CERTIFICATEAPPLICATION

4.1.1. WhoCanSubmitaCertificateApplicationNoindividualorentitylistedonagovernmentdeniedlist,listofprohibitedpersons,orotherlistthatprohibitsdoingbusinesswithsuchorganizationorpersonunderthelawsoftheUnitedStatesmaysubmitanapplicationforaCertificate.

4.1.2. EnrollmentProcessandResponsibilitiesTheIssuerCAisresponsibleforensuringthattheidentityofeachCertificateApplicantisverifiedinaccordancewiththisCPandtheapplicableCPSpriortotheissuanceofaCertificate.Applicantsare

18

responsibleforsubmittingsufficientinformationanddocumentationfortheIssuerCAortheRAtoperformtherequiredverificationofidentitypriortoissuingaCertificate.

4.2. CERTIFICATEAPPLICATIONPROCESSING

4.2.1. PerformingIdentificationandAuthenticationFunctionsTheIssuerCAortheRAshallidentifyandverifyeachApplicantinaccordancewiththeapplicableCertificationPracticeStatementsandRegistrationPracticeStatements.TheIssuerCAshallensurethatallcommunicationbetweentheIssuerCAandanRAregardingcertificateissuanceorchangesinthestatusofaCertificatearemadeusingsecureandauditablemethods.Ifdatabasesorothersourcesareusedtoconfirmsensitiveorconfidentialattributesofanindividualsubscriber,thenthatsensitiveinformationshallbeprotectedandsecurelyexchangedinaconfidentialandtamper‐evidentmanner,protectedfromunauthorizedaccess,andtrackedusinganauditablechainofcustody.

4.2.2. ApprovalorRejectionofCertificateApplicationsTheIssuerCAshallrejectanycertificateapplicationthatcannotbeverified.TheIssuerCAmayalsorejectacertificateapplicationonanyreasonablebasis,includingiftheCertificatecoulddamagetheIssuerCA’sbusinessorreputation.IssuerCAsarenotrequiredtoprovideareasonforrejectingacertificateapplication.IssuerCAsandRAsshallfollowindustrystandardswhenapprovingandissuingCertificates.TheIssuerCAorRAshallcontractuallyrequiresubscriberstoverifytheinformationinaCertificatepriortousingtheCertificate.

4.2.3. TimetoProcessCertificateApplicationsAllpartiesinvolvedincertificateapplicationprocessingshallusereasonableeffortstoensurethatcertificateapplicationsareprocessedinatimelymanner.Identityshallbeestablishednomorethan30daysbeforeinitialissuanceofLevel3and4andPIV‐ICertificates.

4.3. CERTIFICATEISSUANCE

4.3.1. CAActionsduringCertificateIssuanceIssuerCAsshallverifythesourceofacertificaterequestbeforeissuance.TheIssuerCAandanyRAshallprotectdatabasesundertheircontrolandthatareusedtoconfirmSubscriberidentityinformationfromunauthorizedmodificationoruse.TheIssuerCAshallperformitsactionsduringthecertificateissuanceprocessinasecuremanner.

4.3.2. NotificationtoSubscriberbytheCAofIssuanceofCertificateTheIssuerCAorRAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.

4.4. CERTIFICATEACCEPTANCE

4.4.1. ConductConstitutingCertificateAcceptanceThepassageoftimeafterdeliveryornoticeofissuanceofaCertificatetotheSubscriberortheactualuseofaCertificateconstitutestheSubscriber’sacceptanceoftheCertificate.

4.4.2. PublicationoftheCertificatebytheCATheIssuerCAshallpublishallCACertificatestotheIssuerCA’srepository.

4.4.3. NotificationofCertificateIssuancebytheCAtoOtherEntitiesNostipulation.

19

4.5. KEYPAIRANDCERTIFICATEUSAGE

4.5.1. SubscriberPrivateKeyandCertificateUsageAllSubscribersshallprotecttheirPrivateKeysfromunauthorizeduseordisclosurebythirdpartiesandshallusetheirPrivateKeysonlyfortheirintendedpurpose.

4.5.2. RelyingPartyPublicKeyandCertificateUsageRelyingPartiesshallusesoftwarethatiscompliantwithX.509andapplicableIETFPKIXstandards.TheIssuerCAshallspecifyrestrictionsontheuseofaCertificatethroughcertificateextensionsandshallspecifythemechanism(s)todeterminecertificatevalidity(CRLsandOCSP).RelyingPartiesmustprocessandcomplywiththisinformationinaccordancewiththeirobligationsasRelyingParties.ARelyingPartyshouldusediscretionwhenrelyingonaCertificateandshouldconsiderthetotalityofthecircumstancesandriskoflosspriortorelyingonaCertificate.RelyingonadigitalsignatureorCertificatethathasnotbeenprocessedinaccordancewithapplicablestandardsmayresultinriskstotheRelyingParty.TheRelyingPartyissolelyresponsibleforsuchrisks.Ifthecircumstancesindicatethatadditionalassurancesarerequired,theRelyingPartymustobtainsuchassurancesbeforeusingtheCertificate.

4.6. CERTIFICATERENEWAL

4.6.1. CircumstanceforCertificateRenewalAnIssuerCAmayrenewaCertificateif:

1. theassociatedPublicKeyhasnotreachedtheendofitsvalidityperiod,2. theassociatedPrivateKeyhasnotbeencompromised,3. theSubscriberandattributesremainconsistent,and4. re‐verificationofsubscriberidentityisnotrequiredbySection3.3.1.

AnIssuerCAmayalsorenewaCertificateifaCACertificateisre‐keyedorasotherwisenecessarytoprovideservices.AfterrenewingaclientCertificate,theIssuerCAmaynotre‐key,renew,ormodifytheoldCertificate.

4.6.2. WhoMayRequestRenewalOnlythecertificatesubjectoranauthorizedrepresentativeofthecertificatesubjectmayrequestrenewaloftheSubscriber’sCertificates.ForCertificatescross‐certifiedwiththeFBCA,renewalrequestsareonlyacceptedfromcertificatesubjects,PKIsponsorsorRAs.AnIssuerCAmayperformrenewalofitssubscriberCertificateswithoutacorrespondingrequest,suchaswhentheCAre‐keys.

4.6.3. ProcessingCertificateRenewalRequestsTheIssuerCAmayrequirereconfirmationorverificationoftheinformationinaCertificatepriortorenewal.

4.6.4. NotificationofNewCertificateIssuancetoSubscriberTheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.

4.6.5. ConductConstitutingAcceptanceofaRenewalCertificateThepassageoftimeafterdeliveryornoticeofissuanceoftheCertificatetotheSubscriber,oractualuseoftheCertificate,constitutestheSubscriber’sacceptanceofit.

4.6.6. PublicationoftheRenewalCertificatebytheCATheIssuerCAshallpublishallrenewedCACertificatestotheIssuerCA’srepository.

20

4.6.7. NotificationofCertificateIssuancebytheCAtoOtherEntitiesNostipulation.

4.7. CERTIFICATERE‐KEY

4.7.1. CircumstanceforCertificateRekeyRe‐keyingaCertificateconsistsofcreatinganewCertificatewithadifferentPublicKey(andserialnumber)whileretainingtheremainingcontentsoftheoldCertificatethatdescribethesubject.ThenewCertificatemayhaveadifferentvalidityperiod,keyidentifiers,specifydifferentCRLandOCSPdistributionpoints,and/orbesignedwithadifferentkey.Subscribersrequestingre‐keyshouldidentifyandauthenticatethemselvesaspermittedbySection3.3.1.Afterre‐keyingaClientCertificate,aPIV‐ICertificate,orafederateddeviceCertificate,theIssuerCAmaynotre‐key,renew,ormodifythepreviousCertificate.

4.7.2. WhoMayRequestCertificateRekeyOnlythesubjectoftheCertificateorthePKIsponsormayrequestre‐key.TheIssuerCAoranRAmayinitiatecertificatere‐keyattherequestofthecertificatesubjectorinitsowndiscretion.

4.7.3. ProcessingCertificateRekeyRequestsRe‐keyrequestsareonlyacceptedfromthesubjectoftheCertificateorthePKIsponsor.Ataminimum,theIssuerCAshallcomplywithsection3.3.1inidentifyingandauthenticatingtheSubscriberorPKIsponsorpriortorekeyingtheCertificate.

4.7.4. NotificationofCertificateRekeytoSubscriberTheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.

4.7.5. ConductConstitutingAcceptanceofaRekeyedCertificateThepassageoftimeafterdeliveryornoticeofissuanceoftheCertificatetotheSubscriberortheactualuseoftheCertificateconstitutestheSubscriber’sacceptanceofit.

4.7.6. PublicationoftheRekeyedCertificatebytheCATheIssuerCAshallpublishrekeyedCACertificatestotheIssuerCA’srepository.

4.7.7. NotificationofCertificateIssuancebytheCAtoOtherEntitiesNostipulation.

4.8. CERTIFICATEMODIFICATION

4.8.1. CircumstanceforCertificateModificationModifyingaCertificatemeanscreatinganewCertificateforthesamesubjectwithauthenticatedinformationthatdiffersslightlyfromtheoldCertificate(e.g.,changestoemailaddressornon‐essentialpartsofnamesorattributes)providedthatthemodificationotherwisecomplieswiththisCP.ThenewCertificatemayhavethesameoradifferentsubjectPublicKey.AftermodifyingaCertificatethatiscross‐certifiedwiththeFBCA,theIssuerCAmaynotre‐key,renew,ormodifytheoldCertificate.

4.8.2. WhoMayRequestCertificateModificationTheIssuerCAmaymodifyaCertificateattherequestofthecertificatesubjectorinitsowndiscretion.

21

4.8.3. ProcessingCertificateModificationRequestsAfterreceivingarequestformodification,theIssuerCAshallverifyanyinformationthatwillchangeinthemodifiedCertificate.TheIssuerCAmayissuethemodifiedCertificateonlyaftercompletingtheverificationprocessonallmodifiedinformation.ThevalidityperiodofamodifiedCertificatemustnotextendbeyondtheapplicabletimelimitsfoundinsection3.3.1or6.3.2.

4.8.4. NotificationofCertificateModificationtoSubscriberTheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuseanyreliablemechanismtodelivertheCertificatetotheSubscriber.

4.8.5. ConductConstitutingAcceptanceofaModifiedCertificateThepassageoftimeafterdeliveryornoticeofissuanceoftheCertificatetotheSubscriberoractualuseoftheCertificateconstitutestheSubscriber’sacceptanceofit.

4.8.6. PublicationoftheModifiedCertificatebytheCATheIssuerCAshallpublishmodifiedCACertificatestotheIssuerCA’srepository.

4.8.7. NotificationofCertificateModificationbytheCAtoOtherEntitiesNostipulation.

4.9. CERTIFICATEREVOCATIONANDSUSPENSION

4.9.1. CircumstancesforRevocationRevocationofaCertificatepermanentlyendstheoperationalperiodoftheCertificatepriortotheCertificatereachingtheendofitsstatedvalidityperiod.PriortorevokingaCertificate,theIssuerCAshallverifythattherevocationrequestwasmadebyeithertheorganizationorindividualthatmadethecertificateapplicationorbyanentitywiththelegaljurisdictionandauthoritytorequestrevocation.TheIssuerCAshouldrevokeaCertificateiftheIssuerCAisawarethat:

1. TheSubscriberrequestedrevocationofitsCertificate;2. TheSubscriberdidnotauthorizetheoriginalcertificaterequestanddidnotretroactively

grantauthorization;3. EitherthePrivateKeyassociatedwiththeCertificateorthePrivateKeyusedtosignthe

Certificatewascompromisedormisused;4. TheSubscriberorthecross‐certifiedCAbreachedamaterialobligationundertheCP,the

CPS,ortherelevantagreement;5. EithertheSubscriber’sortheIssuerCA’sobligationsundertheCPorCPSaredelayedor

preventedbycircumstancesbeyondtheparty’sreasonablecontrol,includingcomputerorcommunicationfailure,and,asaresult,anotherentity’sinformationismateriallythreatenedorcompromised;

6. TheApplicanthaslostitsrightstoatrademarkorthedomainnamelistedintheCertificate;7. TheCertificatewasnotissuedinaccordancewiththeCP,CPS,orapplicableindustry

standards;8. TheIssuerCAreceivedalawfulandbindingorderfromagovernmentorregulatorybodyto

revoketheCertificate;9. TheIssuerCAceasedoperationsanddidnotarrangeforanothercertificateauthorityto

providerevocationsupportfortheCertificate;10. TheIssuerCA'srighttomanageCertificatesunderapplicableindustrystandardswas

terminated(unlessarrangementshavebeenmadetocontinuerevocationservicesandtomaintaintheCRL/OCSPRepository);

11. AnyinformationappearingintheCertificatewasorbecameinaccurateormisleading;12. ThetechnicalcontentorformatoftheCertificatepresentsanunacceptablesecurityriskto

applicationsoftwarevendors,RelyingParties,orothers;13. TheSubscriberwasaddedasadeniedpartyorprohibitedpersontoablacklist,oris

operatingfromadestinationprohibitedunderU.S.law;or

22

14. Forcode‐signingCertificates,theCertificatewasusedtosign,publish,ordistributemalwareorotherharmfulcontent,includinganycodethatisdownloadedontoauser’ssystemwithouttheirconsent.

TheIssuerCAshallrevokeaCertificateifthebindingbetweenthesubjectandthesubject’sPublicKeyintheCertificateisnolongervalidorifanassociatedPrivateKeyiscompromised.IfaCertificateexpressesanorganizationalaffiliation,theIssuerCAortheRAshallrequiretheAffiliatedOrganizationtoinformitifthesubscriberaffiliationchanges.IftheAffiliatedOrganizationnolongerauthorizestheaffiliationofaSubscriber,thentheIssuerCAshallrevokeanyCertificatesissuedtothatSubscribercontainingtheorganizationalaffiliation.IfanAffiliatedOrganizationterminatesitsrelationshipwiththeIssuerCAorRAsuchthatitnolongerprovidesaffiliationinformation,theIssuerCAshallrevokeallCertificatesaffiliatedwiththatAffiliatedOrganization.AnIssuerCAorcross‐certifiedentityshallrequestrevocationofitsDigiCert‐issuedcross‐CertificateifitnolongermeetsthestipulationsofDigiCert’spolicies,asindicatedbyDigiCert’spolicyOIDsinCertificatesorthoselistedinthepolicymappingextensionofthecross‐Certificate.

4.9.2. WhoCanRequestRevocationTheIssuerCAorRAshallacceptrevocationrequestsfromauthenticatedandauthorizedparties,suchasthecertificateSubscriberortheAffiliatedOrganizationnamedinaCertificate.TheIssuerCAorRAmayestablishproceduresthatallowotherentitiestorequestcertificaterevocationforfraudormisuse.TheIssuerCAshallrevokeaCertificateifitreceivessufficientevidenceofcompromiseoflossofthePrivateKey.TheIssuerCAmayrevokeaCertificateofitsownvolitionwithoutreason,evenifnootherentityhasrequestedrevocation.

4.9.3. ProcedureforRevocationRequestEntitiessubmittingcertificaterevocationrequestsmustlisttheiridentityandexplainthereasonforrequestingrevocation.TheIssuerCAorRAshallauthenticateandlogeachrevocationrequest.TheIssuerCAwillalwaysrevokeaCertificateiftherequestisauthenticatedasoriginatingfromtheSubscriberortheAffiliatedOrganizationlistedintheCertificate.IfrevocationisrequestedbysomeoneotherthananauthorizedrepresentativeoftheSubscriberorAffiliatedOrganization,theIssuerCAorRAshallinvestigatetheallegedbasisfortherevocationrequest.TheIssuerCAshallmaintainacontinuous24/7abilitytointernallyrespondtoanyhighprioritycertificateproblemreports.Ifappropriate,theIssuerCAortheRAmayforwardcomplaintstolawenforcement.WheneveraPIV‐ICardisnolongervalid,theRAresponsibleforitsissuanceormaintenanceshallcollectitfromtheSubscriberassoonaspossible,destroyit,andlogitscollectionandphysicaldestruction.

4.9.4. RevocationRequestGracePeriodTherevocationrequestgraceperiodisthetimeavailabletothesubscriberwithinwhichthesubscribermustmakearevocationrequestafterreasonsforrevocationhavebeenidentified.IssuerCAsandRAsarerequiredtoreportthesuspectedcompromiseoftheirCAorRAPrivateKeyandrequestrevocationtoboththepolicyauthorityandoperatingauthorityofthesuperiorissuingCA(e.g.,theFPKIPA/FBCAOA,DCPA,cross‐signingCA,RootCA,etc.)withinonehourofdiscovery.SubscribersshallrequestrevocationassoonaspossibleifthePrivateKeycorrespondingtotheCertificateislostorcompromisedorifthecertificatedataisnolongervalid.TheIssuerCAmayextendrevocationgraceperiodsonacase‐by‐casebasis.

4.9.5. TimewithinwhichCAMustProcesstheRevocationRequestAnIssuerCAshallrevokeaCertificatewithinonehourofreceivingappropriateinstructionfromtheDCPA.AnIssuerCAshallrevoketheCACertificateofasubordinateorcross‐signedCAassoonas

23

practicalafterreceivingpropernoticethatthesubordinateorcross‐signedCAhasbeencompromised.IfanIssuerCAortheDCPAdeterminesthatimmediaterevocationisnotpractical,becausethepotentialrisksofrevocationoutweightheriskscausedbythecompromise,thentheIssuerCAandtheDCPAshalljointlydeterminetheappropriateprocesstofollowinordertopromptlyrevokethesubordinateorcross‐signedCACertificate.TheIssuerCAshallrevokeotherCertificatesasquicklyaspracticalaftervalidatingtherevocationrequest.TheIssuerCAshallprocessrevocationrequestsasfollows:

1. BeforethenextCRLispublished,iftherequestisreceivedtwoormorehoursbeforeregularperiodicCRLissuance,

2. BypublishingitintheCRLfollowingthenextCRL,iftherequestisreceivedwithintwohoursoftheregularlyschedulednextCRLissuance,and

3. Regardless,within18hoursafterreceipt.

4.9.6. RevocationCheckingRequirementforRelyingPartiesPriortorelyingontheinformationlistedinaCertificate,aRelyingPartyshallconfirmthevalidityofeachCertificateinthecertificatepathinaccordancewithIETFPKIXstandards,includingchecksforcertificatevalidity,issuer‐to‐subjectnamechaining,policyandkeyuseconstraints,andrevocationstatusthroughCRLsorOCSPrespondersidentifiedineachCertificateinthechain.

4.9.7. CRLIssuanceFrequencyCRLissuanceiscomprisedofCRLgenerationandpublication.ForIssuerCAsandonlineintermediateCAs,theintervalbetweenCRLissuanceshallnotexceed24hours.ForRootCAsandIntermediateCAsthatareoperatedinanoff‐linemanner,routineCRLsmaybeissuedlessfrequentlythanspecifiedabove,providedthattheCAonlyissuesCACertificates,certificate‐status‐checkingCertificates,andinternaladministrativeCertificates.CRLissuanceintervalsforsuchofflineCAsarenogreaterthan6months.However,theintervalbetweenroutineCRLissuanceforofflineCAschainingtotheFederalBridgeCAshallnotexceed31days,andsuchCAsmustmeettherequirementsspecifiedinsection4.9.12forissuingEmergencyCRLsandarerequiredtonotifytheDCPAuponEmergencyCRLissuance.

4.9.8. MaximumLatencyforCRLsAllCRLsforCAschainingtotheFederalBridgeshallbepublishedwithin4hoursofgeneration.Furthermore,eachCRLshallbepublishednolaterthanthetimespecifiedinthenextUpdatefieldofthepreviouslyissuedCRLforsamescope.

4.9.9. On‐lineRevocation/StatusCheckingAvailabilityTheIssuerCAshallensurethatthecertificatestatusinformationdistributedbyiton‐linemeetsorexceedstherequirementsforCRLissuanceandlatencystatedinsections4.9.5,4.9.7and4.9.8.IssuerCAsshallsupportonlinestatuscheckingviaOCSPforallPIV‐Icertificates.Whereoffered,OCSPresponsetimesshallbenolongerthansixseconds.

4.9.10. On‐lineRevocationCheckingRequirementsArelyingpartyshallconfirmthevalidityofaCertificateviaCRLorOCSPinaccordancewithsection4.9.6priortorelyingontheCertificate.

4.9.11. OtherFormsofRevocationAdvertisementsAvailableAnIssuerCAmayuseothermethodstopublicizerevokedCertificates,providedthat:

1. thealternativemethodisdescribedinitsCPS,2. thealternativemethodprovidesauthenticationandintegrityservicescommensuratewith

theassuranceleveloftheCertificatebeingverified,and

24

3. thealternativemethodmeetstheissuanceandlatencyrequirementsforCRLsstatedinsections4.9.5,4.9.7,and4.9.8.

4.9.12. SpecialRequirementsRelatedtoKeyCompromiseTheIssuerCAortheRAshallusecommerciallyreasonableeffortstonotifypotentialRelyingPartiesifitdiscoversorsuspectsthatitsPrivateKeyhasbeencompromised.TheIssuerCAmusthavetheabilitytotransitionanyrevocationreasontocodeto“keycompromise”.IfaCertificateisrevokedbecauseofcompromiseorsuspectedcompromise,theIssuerCAshallissueaCRLwithin18hoursafteritreceivesnoticeofthecompromiseorsuspectedcompromise.

4.9.13. CircumstancesforSuspensionNotapplicable.

4.9.14. WhoCanRequestSuspensionNotapplicable.

4.9.15. ProcedureforSuspensionRequestNotapplicable.

4.9.16. LimitsonSuspensionPeriodNotapplicable.

4.10. CERTIFICATESTATUSSERVICES

4.10.1. OperationalCharacteristicsIssuerCAsshallmakecertificatestatusinformationavailableviaCRLorOCSP.TheIssuerCAshalllistrevokedCertificatesontheappropriateCRLwheretheyremainuntiloneadditionalCRLispublishedaftertheendoftheCertificate’svalidityperiod,exceptforEVCodeSigningCertificates,whichshallremainontheCRLforatleast365daysfollowingtheCertificate’svalidityperiod.

4.10.2. ServiceAvailabilityIssuerCAsshallprovidecertificatestatusservices24x7withoutinterruption.

4.10.3. OptionalFeaturesNostipulation.

4.11. ENDOFSUBSCRIPTIONTheIssuerCAshallallowSubscriberstoendtheirsubscriptiontocertificateservicesbyhavingtheirCertificaterevokedorbyallowingtheCertificateorapplicableSubscriberAgreementtoexpirewithoutrenewal.

4.12. KEYESCROWANDRECOVERY

4.12.1. KeyEscrowandRecoveryPolicyPracticesIssuerCAsmaynotescrowCAPrivateKeys.IssuerCAsmayescrowSubscriberkeymanagementkeystoprovidekeyrecoveryservices.IssuerCAsshallencryptandprotectescrowedPrivateKeyswithatleastthelevelofsecurityusedtogenerateanddeliverthePrivateKey.ForCertificatescross‐certifiedwiththeFBCA,thirdpartiesarenotpermittedtoholdtheSubscribersignaturekeysintrust.SubscribersandotherauthorizedentitiesmayrequestrecoveryofanescrowedPrivateKey.EntitiesescrowingPrivateKeysshallhavepersonnelcontrolsinplacethatpreventunauthorizedaccesstoPrivateKeys.Keyrecoveryrequestscanonlybemadeforoneofthefollowingreasons:

1. TheSubscriberhaslostordamagedtheprivate‐keytoken,

25

2. TheSubscriberisnotavailableorisnolongerpartoftheorganizationthatcontractedwiththeIssuerCAforPrivateKeyescrow,

3. ThePrivateKeyispartofarequiredinvestigationoraudit,4. Therequesterhasauthorizationfromacompetentlegalauthoritytoaccessthe

communicationthatisencryptedusingthekey,5. Ifkeyrecoveryisrequiredbylaworgovernmentalregulation,or6. IftheentitycontractingwiththeIssuerCAforescrowofthePrivateKeyindicatesthatkey

recoveryismissioncriticalormissionessential.

AnentityreceivingPrivateKeyescrowservicesshall:

1. NotifySubscribersthattheirPrivateKeysareescrowed,2. Protectescrowedkeysfromunauthorizeddisclosure,3. ProtectanyauthenticationmechanismsthatcouldbeusedtorecoverescrowedPrivateKeys,4. Releaseescrowedkeysonlyforproperlyauthenticatedandauthorizedrequestsfor

recovery,and5. Complywithanylegalobligationstodiscloseorkeepconfidentialescrowedkeys,escrowed

key‐relatedinformation,orthefactsconcerninganykeyrecoveryrequestorprocess.

4.12.2. SessionKeyEncapsulationandRecoveryPolicyandPracticesIssuerCAsthatsupportsessionkeyencapsulationandrecoveryshalldescribetheirpracticesintheirCPS.

5. FACILITY,MANAGEMENT,ANDOPERATIONALCONTROLS

5.1. PHYSICALCONTROLS

5.1.1. SiteLocationandConstructionTheIssuerCAshallperformitsCAoperationsfromasecuredatacenterequippedwithlogicalandphysicalcontrolsthatmaketheCAoperationsinaccessibletonon‐trustedpersonnel.Thesitelocationandconstruction,whencombinedwithotherphysicalsecurityprotectionmechanismssuchasguards,doorlocks,andintrusionsensors,shallproviderobustprotectionagainstunauthorizedaccesstoCAequipmentandrecords.RAsmustprotecttheirequipmentfromunauthorizedaccessinamannerthatisappropriatetothelevelofthreattotheRA,includingprotectingequipmentfromunauthorizedaccesswhilethecryptographicmoduleisinstalledandactivatedandimplementingphysicalaccesscontrolstoreducetheriskofequipmenttampering,evenwhenthecryptographicmoduleisnotinstalledandactivated.

5.1.2. PhysicalAccessEachIssuerCAandeachRAshallprotectitsequipment(includingcertificatestatusserversandCMSequipmentcontainingaPIV‐IContentSigningkey)fromunauthorizedaccessandshallimplementphysicalcontrolstoreducetheriskofequipmenttampering.TheIssuerCAandallRAsshallstoreallremovablemediaandpapercontainingsensitiveplain‐textinformationrelatedtoCAorRAoperationsinsecurecontainers.Thesecuritymechanismsshouldbecommensuratewiththelevelofthreattotheequipmentanddata.TheIssuerCAshallmanuallyorelectronicallymonitoritssystemsforunauthorizedaccessatalltimes,maintainanaccesslogthatisinspectedperiodically,andrequiretwo‐personphysicalaccesstotheCAhardwareandsystems.AnIssuerCAshalldeactivateandsecurelystoreitsCAequipmentwhennotinuse.ActivationdatamusteitherbememorizedorrecordedandstoredinamannercommensuratewiththesecurityaffordedthecryptographicmoduleandmustnotbestoredwiththecryptographicmoduleorremovablehardwareassociatedwithremoteworkstationsusedtoadministertheCAequipmentorPrivateKeys.

26

IfthefacilityhousingtheCAequipmentiseverleftunattended,theIssuerCA’sadministratorsshallverifythat:

1. theCAisinastateappropriatetothecurrentmodeofoperation,2. thesecuritycontainersareproperlysecured3. physicalsecuritysystems(e.g.,doorlocks,ventcovers)arefunctioningproperly,and4. theareaissecuredagainstunauthorizedaccess.

The Issuer CA shall make a person or group of persons explicitly responsible for making security checks. If a group of persons is responsible, the Issuer CA shall maintain a log that identifies who performed the security check. If the facility is not continuously attended, the last person to depart shall initial a sign-out sheet that indicates the date and time and asserts that all necessary physical protection mechanisms are in place and activated.

5.1.3. PowerandAirConditioningTheIssuerCAshallmaintainabackuppowersupplyandsufficientenvironmentalcontrolstoprotecttheCAsystemsandallowtheCAtoautomaticallyfinishpendingoperationsandrecordthestateofequipmentbeforealackofpowerorairconditioningcausesashutdown.

5.1.4. WaterExposuresTheIssuerCAshallprotectitsCAequipmentfromwaterexposure.

5.1.5. FirePreventionandProtectionTheIssuerCAshallusefacilitiesequippedwithfiresuppressionmechanisms.

5.1.6. MediaStorageIssuerCAsandRAsshallprotectallmediafromaccidentaldamageandunauthorizedphysicalaccess.EachIssuerCAandeachRAshallduplicateandstoreitsauditandarchiveinformationinabackuplocationthatisseparatefromitsprimaryoperationsfacility.

5.1.7. WasteDisposalIssuerCAsandRAsshalldestroyalldata(electronicandpaper)inaccordancewithgenerallyacceptedproceduresforpermanentlydestroyingsuchdata.

5.1.8. Off‐siteBackupTheIssuerCAorRAshallmakeweeklysystembackupssufficienttorecoverfromsystemfailureandshallstorethebackups,includingatleastonefullbackupcopy,atanoffsitelocationthathasproceduralandphysicalcontrolsthatarecommensuratewithitsoperationallocation.

5.1.9. CertificateStatusHosting,CMSandExternalRASystemsAllphysicalcontrolrequirementsunderthisSection5.1applyequallytoanyCertificateStatusHosting,CMSorexternalRAsystem.

5.2. PROCEDURALCONTROLS

5.2.1. TrustedRolesCAandRApersonnelactingintrustedrolesincludeCAandRAsystemadministrationpersonnelandpersonnelinvolvedwithidentityvettingandtheissuanceandrevocationofCertificates.IssuerCAsandRAsshalldistributethefunctionsanddutiesperformedbypersonsintrustedrolesinawaythatpreventsonepersonfromcircumventingsecuritymeasuresorsubvertingthesecurityandtrustworthinessofthePKI.AllpersonnelintrustedrolesmustbefreefromconflictsofinterestthatmightprejudicetheimpartialityofCAandRAoperations.SeniormanagementoftheIssuerCAortheRAshallberesponsibleforappointingindividualstotrustedroles.Alistofsuchpersonnelshallbemaintainedandreviewedannually.

27

TheIssuerCAorRAshallonlyallowtrustedrolestoaccessaCMSafterthepersonsfulfillingthoseroleshavebeenauthenticatedusingamethodcommensuratewithissuanceandcontrolofPIV‐IHardware.ThefollowingfourtrustedrolesaredefinedbythisCP,althoughanIssuerCAorRAmaydefineadditionalones:

5.2.1.1. CA Administrators TheCAAdministratorisresponsiblefortheinstallationandconfigurationoftheCAsoftware,includingkeygeneration,userandCAaccounts,auditparameters,keybackup,andkeymanagement.TheCAAdministratorisresponsibleforperformingandsecurelystoringregularsystembackupsoftheCAsystem.AdministratorsmaynotissuecertificatestoSubscribers.

5.2.1.2. Registration Officers – CMS, RA, Validation and Vetting Personnel TheRegistrationOfficerroleisresponsibleforissuingandrevokingCertificates,includingenrollment,identityverification,andcompliancewithrequiredissuanceandrevocationstepssuchasmanagingthecertificaterequestqueueandcompletingcertificateapprovalchecklistsasidentityvettingtasksaresuccessfullycompleted.

5.2.1.3. System Administrator/ System Engineer (Operator) TheSystemAdministrator,SystemEngineerorCAOperatorisresponsibleforinstallingandconfiguringCAsystemhardware,includingservers,routers,firewalls,andnetworkconfigurations.TheSystemAdministrator/Engineerisalsoresponsibleforkeepingsystemsupdatedwithsoftwarepatchesandothermaintenanceneededforsystemstabilityandrecoverability.

5.2.1.4. Internal Auditor Role TheInternalAuditorRoleisresponsibleforreviewing,maintaining,andarchivingauditlogsandperformingoroverseeinginternalcomplianceauditstodetermineiftheIssuerCAorRAisoperatinginaccordancewiththisCP.

5.2.2. NumberofPersonsRequiredperTaskEachIssuerCAshallrequirethatatleasttwopeopleactinginatrustedrole(onetheCAAdministratorandtheothernotanInternalAuditor)takeactionrequiringatrustedrole,suchasactivatingtheIssuerCA’sPrivateKeys,generatingaCAKeyPair,orcreatingabackupofaCAPrivateKey.TheInternalAuditormayservetofulfilltherequirementofmultipartycontrolforphysicalaccesstotheCAsystem,butlogicalaccessshallnotbeachievedusingpersonnelthatserveintheInternalAuditorrole.

5.2.3. IdentificationandAuthenticationforeachRoleIssuerCApersonnelshallauthenticatethemselvestothecertificatemanagementsystembeforetheyareallowedaccesstothesystemsnecessarytoperformtheirtrustedroles.

5.2.4. RolesRequiringSeparationofDutiesIndividualpersonnelshallbespecificallydesignatedtothefourrolesdefinedinSection5.2.1above.AnindividualmayassumeonlyoneoftheRegistrationOfficer,Administrator,orInternalAuditorroles.IndividualsdesignatedasRegistrationOfficerorAdministratormayalsoassumetheOperatorrole.AnInternalAuditormaynotassumeanyotherrole.TheIssuerCAandRAmayenforceseparationofdutiesusingCAequipment,procedurally,orbybothmeans.TheCAandRAsoftwareandhardwareshallidentifyandauthenticateitsusersandshallensurethatnouseridentitycanassumebothanAdministratorandaRegistrationOfficerrole,assumeboththeAdministratorandInternalAuditorroles,orassumeboththeInternalAuditorandRegistrationOfficerroles.Anindividualmaynothavemorethanoneidentity.

28

TheIssuerCAandtheRAshallensurethatthePIV‐Iidentityproofing,registrationandissuanceprocessadherestotheprincipleofseparationofdutiestoensurethatnosingleindividualhasthecapabilitytoissueaPIV‐Icredentialwithoutthecooperationofanotherauthorizedperson.

5.3. PERSONNELCONTROLS

5.3.1. Qualifications,Experience,andClearanceRequirementsTheDCPAisresponsibleandaccountablefortheoperationoftheDigiCertPKIandcompliancewiththisCP.IssuerCAandRApersonnelandmanagementwhopurporttoactwithinthescopeofthisdocumentshallbeselectedonthebasisofloyalty,trustworthiness,andintegrity.AlltrustedrolesforIssuerCAsissuingFederatedDeviceCertificates,ClientCertificatesatLevels3‐USand4‐US(whichareintendedforinteroperabilitythroughtheFederalBridgeCAatid‐fpki‐certpcy‐mediumAssuranceandid‐fpki‐certpcy‐mediumHardware)andforPIV‐ICertificatesshallbeheldbycitizensoftheUnitedStatesorthecountrywheretheIssuerCAislocated.Inadditiontotheabove,anindividualperformingatrustedroleforanRAmaybeacitizenofthecountrywheretheRAislocated.ThereisnocitizenshiprequirementforIssuerCAorRApersonnelperformingtrustedrolesassociatedwiththeissuanceofSSL,CodeSigningorClientCertificatesatLevels1,2,3‐CBP,and4‐CBP.Managerialpersonnelinvolvedintime‐stampingoperationsmustpossessexperiencewithinformationsecurityandriskassessmentandknowledgeoftime‐stampingtechnology,digitalsignaturetechnology,mechanismsforcalibrationoftimestampingclockswithUTC,andsecurityprocedures.TheIssuerCAortheRAshallensurethatallindividualsassignedtotrustedroleshavetheexperience,qualifications,andtrustworthinessrequiredtoperformtheirdutiesunderthisCP.

5.3.2. BackgroundCheckProceduresTheIssuerCAandRAshallrequireeachpersonfulfillingatrustedroletoundergoidentityverification,backgroundchecks,andadjudicationpriortoactingintherole,includingverificationoftheindividual’sidentity,employmenthistory,education,characterreferences,socialsecuritynumber,previousresidences,drivingrecordsandcriminalbackground.TheIssuerCAorRAshallrequireeachindividualtoappearin‐personbeforeatrustedagentwhoseresponsibilityitisverifyidentity.Thetrustedagentshallverifytheidentityoftheindividualusingatleastoneformofgovernment‐issuedphotoidentification.Checksofpreviousresidencesareoverthepastthreeyears.Allotherchecksareforthepriorfiveyears.TheIssuerCAorRAshallverifythehighesteducationdegreeobtainedregardlessofthedateawardedandshallrefreshallbackgroundchecksatleasteverytenyears.Basedupontheinformationobtained,acompetentadjudicationauthoritywithintheIssuerCAorRAshalladjudicatewhethertheindividualissuitableforthepositiontowhichtheywillbeassigned.

5.3.3. TrainingRequirementsTheIssuerCAshallprovideskillstrainingtoallpersonnelinvolvedintheIssuerCA’sPKIoperations.Thetrainingmustrelatetotheperson’sjobfunctionsandcover:

1. basicPublicKeyInfrastructure(PKI)knowledge,2. softwareversionsusedbytheIssuerCA,3. authenticationandverificationpoliciesandprocedures,4. CA/RAsecurityprinciplesandmechanisms,5. disasterrecoveryandbusinesscontinuityprocedures,6. commonthreatstothevalidationprocess,includingphishingandothersocialengineering

tactics,and7. CA/BrowserForumGuidelines.

IssuerCAsshallmaintainarecordofwhoreceivedtrainingandwhatleveloftrainingwascompleted.IssuerCAsandRAsshallensurethatRegistrationOfficershavetheminimumskillsnecessarytosatisfactorilyperformvalidationdutiesbeforetheyaregrantedvalidationprivileges.Where

29

competencewasdemonstratedinlieuoftraining,theIssuerCAorRAmustmaintainsupportingdocumentation.IssuerCAsandRAsinvolvedwiththeoperationofCMSshallensurethatallpersonnelwhoperformdutiesinvolvingtheCMSreceivecomprehensivetraining.IssuerCAsandRAsshallcreateatraining(awareness)plantoaddressanysignificantchangetoCMSoperationsandshalldocumenttheexecutionoftheplan.

5.3.4. RetrainingFrequencyandRequirementsPersonnelmustmaintainskilllevelsthatareconsistentwithindustry‐relevanttrainingandperformanceprogramsinordertocontinueactingintrustedroles.TheIssuerCAorRAshallmakeindividualsactingintrustedrolesawareofanychangestotheIssuerCA’sorRA’soperations.Ifsuchoperationschange,theIssuerCAorRAshallprovidedocumentedtraining,inaccordancewithanexecutedtrainingplan,toalltrustedroles.

5.3.5. JobRotationFrequencyandSequenceNostipulation.

5.3.6. SanctionsforUnauthorizedActionsIssuerCAorRAemployeesandagentsfailingtocomplywiththisCP,whetherthroughnegligenceormaliciousintent,shallbesubjecttoadministrativeordisciplinaryactions,includingterminationofemploymentoragencyandcriminalsanctions.Ifapersoninatrustedroleiscitedbymanagementforunauthorizedorinappropriateactions,thepersonwillbeimmediatelyremovedfromthetrustedrolependingmanagementreview.Aftermanagementreviewsanddiscussestheincidentwiththetrustedpersonnel,managementmayreassigntheemployeetoanon‐trustedroleordismisstheindividualfromemploymentasappropriate.

5.3.7. IndependentContractorRequirementsAnyIssuerCAorRAallowingindependentcontractorstobeassignedtoperformtrustedrolesshallrequirethattheyagreetotheobligationsunderthisSection5(Facility,Management,andOperationalControls)andthesanctionsstatedaboveinSection5.3.6.

5.3.8. DocumentationSuppliedtoPersonnelIssuerCAsandRAsshallprovidepersonnelintrustedroleswiththedocumentationnecessarytoperformtheirduties.

5.4. AUDITLOGGINGPROCEDURES

5.4.1. TypesofEventsRecordedIssuerCAandRAsystems(includinganyCMS)shallrequireidentificationandauthenticationatsystemlogon.Importantsystemactionsshallbeloggedtoestablishtheaccountabilityoftheoperatorswhoinitiatesuchactions.IssuerCAsandRAsshallenableallessentialeventauditingcapabilitiesofitsCAorRAapplicationsinordertorecordalleventsrelatedtothesecurityoftheCAorRA,includingthoselistedbelow.AmessagefromanysourcereceivedbytheIssuerCArequestinganactionrelatedtotheoperationalstateoftheCAisanauditableevent.IftheIssuerCA’sapplicationscannotautomaticallyrecordanevent,theIssuerCAshallimplementmanualprocedurestosatisfytherequirements.Foreachevent,theIssuerCAshallrecordtherelevant(i)dateandtime,(ii)typeofevent,(iii)successorfailure,and(iv)userorsystemthatcausedtheeventorinitiatedtheaction.TheIssuerCAshallmakealleventrecordsavailabletoitsauditorsasproofoftheIssuerCA’spractices.

AuditableEventSECURITYAUDIT

30

AuditableEventAnychangestotheauditparameters,e.g.,auditfrequency,typeofeventauditedAnyattempttodeleteormodifytheauditlogsAUTHENTICATIONTOSYSTEMSSuccessfulandunsuccessfulattemptstoassumearoleThevalueofmaximumnumberofauthenticationattemptsischangedMaximumnumberofauthenticationattemptsoccurduringuserloginAnadministratorunlocksanaccountthathasbeenlockedasaresultofunsuccessfulauthenticationattemptsAnadministratorchangesthetypeofauthenticator,e.g.,fromapasswordtoabiometricLOCALDATAENTRYAllsecurity‐relevantdatathatisenteredinthesystemREMOTEDATAENTRYAllsecurity‐relevantmessagesthatarereceivedbythesystemDATAEXPORTANDOUTPUTAllsuccessfulandunsuccessfulrequestsforconfidentialandsecurity‐relevantinformationKEYGENERATIONWheneveraCAgeneratesakey(notmandatoryforsinglesessionorone‐timeusesymmetrickeys)PRIVATEKEYLOADANDSTORAGETheloadingofComponentPrivateKeysAllaccesstocertificatesubjectPrivateKeysretainedwithintheCAforkeyrecoverypurposesTRUSTEDPUBLICKEYENTRY,DELETIONANDSTORAGESECRETKEYSTORAGEThemanualentryofsecretkeysusedforauthenticationPRIVATEANDSECRETKEYEXPORTTheexportofprivateandsecretkeys(keysusedforasinglesessionormessageareexcluded)CERTIFICATEREGISTRATIONAllcertificaterequests,includingissuance,re‐key,renewal,andrevocationCertificateissuanceVerificationactivitiesCERTIFICATEREVOCATIONAllcertificaterevocationrequestsCERTIFICATESTATUSCHANGEAPPROVALORREJECTIONCACONFIGURATIONAnysecurity‐relevantchangestotheconfigurationofaCAsystemcomponentACCOUNTADMINISTRATIONRolesandusersareaddedordeletedTheaccesscontrolprivilegesofauseraccountorarolearemodified CERTIFICATEPROFILEMANAGEMENTAllchangestothecertificateprofileREVOCATIONPROFILEMANAGEMENTAllchangestotherevocationprofileCERTIFICATEREVOCATIONLISTPROFILEMANAGEMENTAllchangestothecertificaterevocationlistprofileGenerationofCRLsandOCSPentriesTIMESTAMPINGClocksynchronizationMISCELLANEOUSAppointmentofanindividualtoaTrustedRoleDesignationofpersonnelformultipartycontrol

31

AuditableEventInstallationofanOperatingSystemInstallationofaPKIApplicationInstallationofaHardwareSecurityModulesRemovalofHSMsDestructionofHSMsSystemStartupLogonattemptstoPKIApplicationReceiptofhardware/softwareAttemptstosetpasswordsAttemptstomodifypasswordsBackupoftheinternalCAdatabaseRestorationfrombackupoftheinternalCAdatabase Filemanipulation (e.g.,creation,renaming,moving)PostingofanymaterialtoarepositoryAccesstotheinternalCAdatabaseAllcertificatecompromisenotificationrequestsLoadingHSMswithCertificatesShipmentofHSMsZeroizingHSMsRe‐keyoftheComponentCONFIGURATIONCHANGESHardwareSoftwareOperatingSystemPatchesSecurityProfilesPHYSICALACCESS/SITESECURITYPersonnelaccesstosecureareahousingCAcomponentsAccesstoaCAcomponentKnownorsuspectedviolationsofphysicalsecurityFirewallandrouteractivitiesANOMALIESSystemcrashesandhardwarefailuresSoftwareerrorconditionsSoftwarecheckintegrityfailuresReceiptofimpropermessagesandmisroutedmessagesNetworkattacks(suspectedorconfirmed)EquipmentfailureElectricalpoweroutagesUninterruptiblePowerSupply(UPS)failureObviousandsignificantnetworkserviceoraccessfailuresViolationsofaCPorCPSResettingOperatingSystemclock

5.4.2. FrequencyofProcessingLogTheIssuerCAorRAshall,atleasteverytwomonths,reviewsystemlogs,makesystemandfileintegritychecks,andmakeavulnerabilityassessment.TheIssuerCAorRAmayuseautomatedtoolstoscanforanomaliesorspecificconditions.Duringitsreview,theIssuerCAorRAshallverifythatthelogshavenotbeentamperedwith,examineanystatisticallysignificantsetofsecurityauditdatageneratedsincethelastreview,andmakeareasonablesearchforanyevidenceofmaliciousactivity.TheIssuerCAorRAshallbrieflyinspectalllogentriesandinvestigateanydetectedanomaliesor

32

irregularities.TheIssuerCAorRAshallmakeasummaryofthereviewavailabletoitsauditorsuponrequest.TheIssuerCAofRAshalldocumentanyactionstakenasaresultofareview.

5.4.3. RetentionPeriodforAuditLogTheIssuerCAandRAshallretainauditlogson‐siteuntilaftertheyarereviewed.TheindividualwhoremovesauditlogsfromtheIssuerCA’sorRA’ssystemsmustbedifferentthantheindividualswhocontroltheIssuerCA’ssignaturekeys.

5.4.4. ProtectionofAuditLogThe Issuer CA and RA shall implement procedures that protect archived data from destruction prior to the end of the audit log retention period. The Issuer CAandRAshallconfigureitssystemsandestablishoperationalprocedurestoensurethat(i)onlyauthorizedpeoplehavereadaccesstologs,(ii)onlyauthorizedpeoplemayarchiveauditlogs,and(iii)auditlogsarenotmodified.TheIssuerCA’soff‐sitestoragelocationmustbeasafeandsecurelocationthatisseparatefromthelocationwherethedatawasgenerated.TheIssuerCAandRAshallmakerecordsavailableifrequiredforthepurposeofprovidingevidenceofthecorrectoperationoftime‐stampingservicesforthepurposeoflegalproceedings.TheIssuerCAshallmakeitsauditlogsavailabletoauditorsuponrequest.

5.4.5. AuditLogBackupProceduresOnatleastamonthlybasis,theIssuerCAandRAshallmakebackupsofauditlogsandauditlogsummariesandsendacopyoftheauditlogoff‐site.

5.4.6. AuditCollectionSystem(internalvs.external)TheIssuerCAorRAmayuseautomaticauditprocesses,providedthattheyareinvokedatsystemstartupandendonlyatsystemshutdown.Ifanautomatedauditsystemfailsandtheintegrityofthesystemorconfidentialityoftheinformationprotectedbythesystemisatrisk,theDCPAshallbenotifiedanddeterminewhethertosuspendtheIssuerCA’sorRA’soperationsuntiltheproblemisremedied.

5.4.7. NotificationtoEvent‐causingSubjectNostipulation.

5.4.8. VulnerabilityAssessmentsTheIssuerCAshallperformroutineriskassessmentsthatidentifyandassessreasonablyforeseeableinternalandexternalthreatsthatcouldresultinunauthorizedaccess,disclosure,misuse,alteration,ordestructionofanycertificatedataorcertificateissuanceprocess.TheIssuerCAshallalsoroutinelyassessthesufficiencyofthepolicies,procedures,informationsystems,technology,andotherarrangementsthattheIssuerCAhasinplacetocontrolsuchrisks.TheIssuerCA’sauditorsshouldreviewthesecurityauditdatachecksforcontinuityandalerttheappropriatepersonnelofanyevents,suchasrepeatedfailedactions,requestsforprivilegedinformation,attemptedaccessofsystemfiles,andunauthenticatedresponses.

5.5. RECORDSARCHIVALThe Issuer CA shall comply with any record retention policies that apply by law. The Issuer CA shall include sufficient detail in archived records to show that a Certificate was issued in accordance with the CPS.

5.5.1. TypesofRecordsArchivedTheIssuerCAshallretainthefollowinginformationinitsarchives(assuchinformationpertainstotheIssuerCA’sCAoperations):

1. AnyaccreditationoftheIssuerCA,2. CPandCPSversions,

33

3. ContractualobligationsandotheragreementsconcerningtheoperationoftheCA,4. Systemandequipmentconfigurations,modifications,andupdates,5. Certificateandrevocationrequests,6. Identityauthenticationdata,7. AnydocumentationrelatedtothereceiptoracceptanceofaCertificateortoken,8. SubscriberAgreements,9. Issuedcertificates,10. Arecordofcertificatere‐keys,11. CRLsforCAscross‐certifiedwiththeFederalBridgeCA,12. Anydataorapplicationsnecessarytoverifyanarchive’scontents,13. Complianceauditorreports,14. AnychangestotheIssuerCA’sauditparameters,15. Anyattempttodeleteormodifyauditlogs,16. Keygeneration,17. AccesstoPrivateKeysforkeyrecoverypurposes,18. ChangestotrustedPublicKeys,19. ExportofPrivateKeys,20. Approvalorrejectionofarevocationrequest,21. Appointmentofanindividualtoatrustedrole,22. Destructionofacryptographicmodule,23. Certificatecompromisenotifications,24. Remedialactiontakenasaresultofviolationsofphysicalsecurity,and25. ViolationsoftheCPorCPS.

5.5.2. RetentionPeriodforArchiveTheIssuerCAshallretainarchiveddataassociatedwithLevel3,Level4,federateddevice,andPIV‐ICertificatesfor10.5years.ForallotherCertificates,theIssuerCAshallretainarchiveddataforatleast7.5years.RAssupportingCertificatesthatarenotcross‐certifiedwiththeFBCAmayretainarchiveddataforashorterperiodoftimeifthepracticeisdocumentedinaRPSordocumentretentionpolicy.

5.5.3. ProtectionofArchiveTheIssuerCAshallstoreitsarchivedrecordsatasecureoff‐sitelocationinamannerthatpreventsunauthorizedmodification,substitution,ordestruction.Nounauthorizedusermayaccess,write,ordeletethearchives.Iftheoriginalmediacannotretainthedatafortherequiredperiod,thearchivesitemustdefineamechanismtoperiodicallytransferthearchiveddatatonewmedia. TheIssuerCAshallmaintainanysoftwareapplicationrequiredtoprocessthearchivedatauntilthedataiseitherdestroyedortransferredtoanewermedium.

5.5.4. ArchiveBackupProceduresIfanIssuerCAorRAchoosestobackupitsarchiverecords,thentheIssuerCAorRAshalldescribehowitsrecordsarebackedupandmanagedinitsCPSorareferenceddocument.

5.5.5. RequirementsforTime‐stampingofRecordsTheIssuerCAshallautomaticallytime‐stamparchiverecordsastheyarecreated.Cryptographictime‐stampingofarchiverecordsisnotrequired;however,theIssuerCAshallsynchronizeitssystemtimeatleasteveryeighthoursusingarealtimevaluetraceabletoarecognizedUTC(k)laboratoryorNationalMeasurementInstitute.

5.5.6. ArchiveCollectionSystem(internalorexternal)TheIssuerCAshallcollectarchiveinformationinternally.

34

5.5.7. ProcedurestoObtainandVerifyArchiveInformationTheIssuerCAmayarchivedatamanuallyorautomatically.Ifautomaticarchivalisimplemented,theIssuerCAshallsynchronizeitsarchiveddataonadailybasis.TheIssuerCAmayallowSubscriberstoobtainacopyoftheirarchivedinformation.Otherwise,theIssuerCAshallrestrictaccesstoarchivedatatoauthorizedpersonnelinaccordancewiththeIssuerCA'sinternalsecuritypolicyandshallnotreleaseanyarchivedinformationexceptasallowedbylaw.CAsshallstateintheirCPSthedetailsofhowtheycreate,verify,package,transmit,andstorearchivedinformation.

5.6. KEYCHANGEOVERTheIssuerCAshallperiodicallychangeitsPrivateKeysinamannersetforthintheCPSthatpreventsdowntimeintheIssuerCA’soperation.Afterkeychangeover,theIssuerCAshallsignCertificatesusingonlythenewkey.TheIssuerCAshallstillprotectitsoldPrivateKeysandshallmaketheoldCertificateavailabletoverifysignaturesuntilalloftheCertificatessignedwiththePrivateKeyhaveexpired.IssuerCAscross‐certifiedwiththeFBCAmustbeabletocontinuetointeroperatewiththeFBCAaftertheFBCAperformsakeyrollover,whetherornottheFBCADNischanged.IssuerCAseithermustestablishkeyrolloverCertificatesasdescribedaboveormustobtainanewCACertificateforthenewPublicKeyfromtheissuersoftheircurrentCertificates.

5.7. COMPROMISEANDDISASTERRECOVERY

5.7.1. IncidentandCompromiseHandlingProceduresTheIssuerCAshalldevelopandimplementprocedurestobefollowedintheeventofaserioussecurityincidentorsystemcompromise.Requireddocumentationincludes,butisnotlimitedto,anIncidentResponsePlan,aDisasterRecoveryorBusinessContinuityPlan(DR/BCP),andrelatedresources.TheIssuerCAshallreview,test,andupdateitsIncidentResponsePlanandDR/BCP,andsupportingprocedures,atleastannually.TheIssuerCAshallrequirethatanyCMShavedocumentedincidenthandlingproceduresthatareapprovedbytheheadoftheorganizationresponsibleforoperatingtheCMS.IftheCMSiscompromised,theIssuerCAshallrevokeallCertificatesissuedtotheCMS,ifapplicable.TheIssuerCAanditsRAsshallalsoassessanydamagecausedbytheCMScompromise,revokeallpotentiallycompromisedSubscriberCertificates,notifyaffectedsubscribersoftherevocation,andre‐establishtheoperationoftheCMS.

5.7.2. ComputingResources,Software,and/orDataAreCorruptedTheIssuerCAshallmakeregularback‐upcopiesofitsPrivateKeysandstoretheminasecureoff‐sitelocation.TheIssuerCAshallalsomakeregularsystemback‐upsonatleastaweeklybasis.IfadisastercausestheIssuerCA’soperationstobecomeinoperative,theIssuerCAshall,afterensuringtheintegrityoftheCAsystems,re‐initiateitsoperationsonreplacementhardwareusingbackupcopiesofitssoftware,data,andPrivateKeysatasecurefacility.TheIssuerCAshallgiveprioritytoreestablishingthegenerationofcertificatestatusinformation.IfthePrivateKeysaredestroyed,theIssuerCAshallreestablishoperationsasquicklyaspossible,givingprioritytogeneratingnewKeyPairs.

5.7.3. EntityPrivateKeyCompromiseProceduresIftheIssuerCAsuspectsthataCAPrivateKeyiscomprisedorlostthentheIssuerCAshallfollowitsIncidentResponsePlanandimmediatelyassessthesituation,determinethedegreeandscopeoftheincident,andtakeappropriateaction.IssuerCApersonnelshallreporttheresultsoftheinvestigation.Thereportmustdetailthecauseofthecompromiseorlossandthemeasuresshouldbetakentopreventareoccurrence.Ifthereisacompromiseorloss,theIssuerCAshallnotifyany

35

affiliatedentitiessothattheymayissueCRLsrevokingcross‐CertificatesissuedtotheIssuerCAandshallnotifyinterestedpartiesandmakeinformationavailablethatcanbeusedtoidentifywhichCertificatesandtime‐stamptokensaffected,unlessdoingsowouldbreachtheprivacyoftheIssuerCA’suserorthesecurityoftheIssuerCA’sservices.FollowingrevocationofaCACertificateandimplementationoftheIssuerCA’sIncidentResponsePlan,theIssuerCAshallgenerateanewCAKeyPairandsignanewCACertificateinaccordancewithitsCPS.TheIssuerCAshalldistributethenewself‐signedCertificateinaccordancewithSection6.1.4.TheIssuerCAshallceaseitsCAoperationsuntilappropriatestepsaretakentorecoverfromthecompromiseandrestoresecurity.

5.7.4. BusinessContinuityCapabilitiesafteraDisasterStatedgoalsoftheIssuerCA’sDR/BCPshallincludethatcertificatestatusservicesbeminimallyaffectedbyanydisasterinvolvingtheIssuerCA’sprimaryfacilityandthatotherservicesresumeasquicklyaspossiblefollowingadisaster.TheIssuerCAshallestablishasecurefacilityinatleastonesecondary,geographicallydiverselocationtoensurethatitsdirectoryandon‐linestatusservers,ifany,remainoperationalintheeventofaphysicaldisasterattheIssuerCA’smainsite.TheIssuerCAshallprovidenoticeattheearliestfeasibletimetoallinterestedpartiesifadisasterphysicallydamagestheIssuerCA’sequipmentordestroysallcopiesoftheIssuerCA’ssignaturekeys.

5.8. CAORRATERMINATIONIfanIssuerCA’soperationsareterminated,theIssuerCAshallprovidenoticetointerestedpartiesandshalltransferitsresponsibilitiesandrecordstosuccessorentities.TheIssuerCAmayallowasuccessortore‐issueCertificatesifthesuccessorhasallrelevantpermissionstodosoandhasoperationsthatareatleastassecuretheIssuerCA’s.Ifaqualifiedsuccessordoesnotexist,theIssuerCAshalltransferallrelevantrecordstoagovernmentsupervisoryorlegalbody.

6. TECHNICALSECURITYCONTROLS

6.1. KEYPAIRGENERATIONANDINSTALLATION

6.1.1. KeyPairGenerationAllkeysmustbegeneratedusingaFIPS‐approvedmethodorequivalentinternationalstandard.IssuerCAsshallgeneratecryptographickeyingmaterialonaFIPS140level3validatedcryptographicmoduleusingmultipleindividualsactingintrustedroles.Whengeneratingkeymaterial,theIssuerCAshallcreateauditableevidencetoshowthattheIssuerCAenforcedroleseparationandfolloweditskeygenerationprocess.AnindependentthirdpartyshallvalidatethateachCAkey,includinganyrootorintermediateCAkeysassociatedwithaCertificatecross‐certifiedwiththeFBCAandeachRootCAKey(forCertificatesnotcross‐certifiedwiththeFBCA),isgeneratedinaccordancewiththisCPeitherbyhavingtheindependentthirdpartywitnessthekeygenerationorbyexaminingasignedanddocumentedrecordofthekeygeneration.SubscriberswhogeneratetheirownkeysshalluseaFIPS‐approvedmethodandeitheravalidatedhardwareorvalidatedsoftwarecryptographicmodule,dependingonthelevelofassurancedesired.KeysforLevel3HardwareorLevel4BiometricCertificatesmustbegeneratedonvalidatedhardwarecryptographicmodulesusingaFIPS‐approvedmethod.SubscriberswhogeneratetheirownkeysforaQualifiedCertificateonanSSCDshallensurethattheSSCDmeetstherequirementsofCWA14169andthatthePublicKeytobecertifiedisfromtheKeyPairgeneratedbytheSSCD.

36

6.1.2. PrivateKeyDeliverytoSubscriberIftheIssuerCA,aCMS,oranRAgenerateskeysonbehalfoftheSubscriber,thentheentitygeneratingthekeyshalldeliverthePrivateKeysecurely(encrypted)totheSubscriber.TheentitymaydeliverPrivateKeystoSubscriberselectronicallyoronahardwarecryptographicmodule/SSCD.Inallcases:

1. Exceptwhereescrow/backupservicesareprovided,thekeygeneratormaynotretainacopyoftheSubscriber’sPrivateKeyafterdelivery,

2. ThekeygeneratorshallprotectthePrivateKeyfromactivation,compromise,ormodificationduringthedeliveryprocess,

3. TheSubscribershallacknowledgereceiptofthePrivateKey(s),and4. ThekeygeneratorshalldeliverthePrivateKeyinawaythatensuresthatthecorrecttokens

andactivationdataareprovidedtothecorrectSubscribers,including:a. Forhardwaremodules,thekeygeneratormaintainingaccountabilityforthe

locationandstateofthemoduleuntiltheSubscriberacceptspossessionofitandb. ForelectronicdeliveryofPrivateKeys,thekeygeneratorencryptingkeymaterial

usingacryptographicalgorithmandkeysizeatleastasstrongasthePrivateKey.Thekeygeneratorshalldeliveractivationdatausingaseparatesecurechannel.

TheentityassistingwithSubscriberkeygenerationshallmaintainarecordoftheSubscriber’sacknowledgementofreceiptofthedevicecontainingtheSubscriber’sKeyPair.ACMSorRAprovidingkeydeliveryservicesshallprovideacopyofthisrecordtotheIssuerCA.

6.1.3. PublicKeyDeliverytoCertificateIssuerSubscribersshalldelivertheirPublicKeystotheIssuerCAinasecurefashionandinamannerthatbindstheSubscriber’sverifiedidentitytothePublicKey.ThecertificaterequestprocessshallensurethattheApplicantpossessesthePrivateKeyassociatedwiththePublicKeypresentedforcertification.Ifcryptographyisusedtoachievethebinding,thecryptographymustbeatleastasstrongastheCAkeysusedtosigntheCertificate.

6.1.4. CAPublicKeyDeliverytoRelyingPartiesTheIssuerCAshallprovideitsPublicKeystoRelyingPartiesinasecurefashionandinamannerthatprecludessubstitutionattacks.TheIssuerCAmaydeliveritsCAPublicKeystoRelyingPartiesas(i)specifiedinacertificatevalidationorpathdiscoverypolicyfile,(ii)trustanchorsincommercialbrowsersandoperatingsystemrootstores,and/or(iii)rootssignedbyotherCAs.TheIssuerCAmaydistributePublicKeysthatarepartofanupdatedsignatureKeyPairasaself‐signedCertificate,asanewCACertificate,orinakeyroll‐overCertificate.AllaccreditationauthoritiessupportingDigiCertCertificatesandallapplicationsoftwareprovidersarepermittedtoredistributeanyRootCertificatethatisissuedunderthisCP.

6.1.5. KeySizesForsigningCertificatesissuedwithpolicyOIDsof2.16.840.1.114412.1.11,2.16.840.1.114412.1.12,orwithinthepolicyOIDarcof2.16.840.1.114412.4andforsigningCRLsandcertificatestatusserverresponsesforsuchCertificates,theIssuerCAshalluseatleasta2048‐bitRSAKeyor384‐bitECDSAKeywithSHA‐256(orahashalgorithmthatisequallyormoreresistanttoacollisionattack).Certificatesthatdonotassertthesecertificatepolicies(seeotherpolicieslistedinSection1.2)mayalsobesignedusingtheSHA‐1hashalgorithm,providedthatitsuseotherwisecomplieswithrequirementsoftheCA/BrowserForum.SignaturesonCRLs,OCSPresponses,andOCSPresponderCertificatesthatprovidestatusinformationforCertificatesthatweregeneratedusingSHA‐1maycontinuetobegeneratedusingtheSHA‐1algorithm.AllothersignaturesonCRLs,OCSPresponses,andOCSPresponderCertificatesmustusetheSHA‐256hashalgorithmoronethatisequallyormoreresistanttocollisionattack.TheIssuerCAshallonlyissueend‐entityCertificatesthatcontainat least 2048-bit Public Keys for RSA, DSA, or Diffie-Hellman, or 224 bits for elliptic curve algorithms.TheIssuerCAmayrequire

37

higherbitkeysinitssolediscretion.TheIssuerCAshallonlyissueend‐entityCertificatesassociatedwithPIV‐ICardsthatcontainPublicKeysandalgorithmsthatconformto[NISTSP800‐78].AnyCertificates(whetherCAorend‐entity)expiringafter12/31/2030mustbeatleast3072bitforRSAand256bitforECDSA. TheIssuerCAandSubscribersmayfulfillthetransmissionsecurityrequirementsofthisCPusingTLSoranotherprotocolthatprovidessimilarsecurity,providedtheprotocolrequiresatleastAES128bitsorequivalentforthesymmetrickeyandatleast2048‐bitRSAorequivalentfortheasymmetrickeys(andatleast3072‐bitRSAorequivalentforasymmetrickeysafter12/31/2030).

6.1.6. PublicKeyParametersGenerationandQualityCheckingTheIssuerCAshallgeneratePublicKeyparametersforsignaturealgorithmsandperformparameterqualitycheckinginaccordancewithFIPS186.

6.1.7. KeyUsagePurposes(asperX.509v3keyusagefield)TheIssuerCAshallincludekeyusageextensionfieldsthatspecifytheintendeduseoftheCertificateandtechnicallylimittheCertificate’sfunctionalityinX.509v3‐compliantsoftware.TheuseofaspecifickeyisdeterminedbythekeyusageextensionintheX.509Certificate.CACertificatesshallhavetwokeyusagebitsset:keyCertSignandcRLSign,andforsigningOCSPresponses,theCertificateshallalsosetthedigitalSignaturebit.TheIssuerCAshallnotissueLevel4Certificatesthatarecertifiedforbothsigningandencryption.Theuseofasinglekeyforencryptionandsignatureisdiscouraged,andIssuerCAsshouldissueSubscriberstwoKeyPairs—oneforkeymanagementandonefordigitalsignatureandauthentication.However,forsupportoflegacyapplications,otherCertificates,includingthoseatLevels1,2and3,mayincludeasinglekeyforusewithencryptionandsignature.Suchdual‐useCertificatesmust:

1. begeneratedandmanagedinaccordancewiththeirrespectivesignaturecertificaterequirements,exceptwhereotherwisenotedinthisCP,

2. neverassertthenon‐repudiationkeyusagebit,and3. notbeusedforauthenticatingdatathatwillbeverifiedonthebasisofthedual‐use

Certificateatafuturetime.SubscriberCertificatesassertkeyusagesbasedontheintendedapplicationoftheKeyPair.Inparticular,Certificatestobeusedfordigitalsignatures(includingauthentication)setthedigitalSignatureand/ornonRepudiationbits.CertificatestobeusedforkeyordataencryptionshallsetthekeyEnciphermentand/ordataEnciphermentbits.CertificatestobeusedforkeyagreementshallsetthekeyAgreementbit.PIV‐IContentSigningcertificatesincludeanextendedkeyusageofid‐fpki‐pivi‐content‐signing.

6.2. PRIVATEKEYPROTECTIONANDCRYPTOGRAPHICMODULEENGINEERINGCONTROLS

6.2.1. CryptographicModuleStandardsandControlsTheIssuerCAandallsystemsthatsignOCSPresponsesorCRLsinordertoprovidecertificatestatusservicesshallusecryptographichardwaremodulesvalidatedtoFIPS140‐2Level3andInternationalCommonCriteria(CC)InformationTechnologySecurityEvaluationAssuranceLevel(EAL)14169EAL4+Type3(EAL4AugmentedbyAVA_VLA.4andAVA_MSU.3)intheEuropeanUnion(EU).

38

Cryptographicmodulerequirementsforsubscribersandregistrationauthoritiesareshowninthetablebelow.

AssuranceLevel Subscriber RegistrationAuthority

EVCodeSigningFIPS140Level2(Hardware)

FIPS140Level2(Hardware)

AdobeSigningCertificates

FIPS140Level2(Hardware)

FIPS140Level3(Hardware)

Level1‐Rudimentary N/A FIPS140Level1(HardwareorSoftware)

Level2–Basic FIPS140Level1(HardwareorSoftware)

FIPS140Level1(HardwareorSoftware)

Level3‐MediumFIPS140Level1(Software)FIPS140Level2(Hardware)

FIPS140Level2(Hardware)

Level4,MediumHardware,Biometric,

&PIV‐ICard/HardwareAuthentication

FIPS140Level2(Hardware)

FIPS140Level2(Hardware)

EUQConSSCDEAL4Augmented

(Hardware)EAL4Augmented

(Hardware)

TheIssuerCAshallmaintainanyCardManagementMasterKeyandperformdiversificationoperationsinaFIPS140‐2Level3CryptographicModulethatconformsto[NISTSP800‐78].TheIssuerCAshallrequirePIV‐IHardwareorcommensuratetousethekeysandshallrequirestrongauthenticationoftrustedroleswhenactivatingtheCardManagementMasterKey.TheIssuerCAshallalsorequirethatcardmanagementbeconfiguredsuchthatonlytheauthorizedCMScanmanageissuedcards.

ForEVCodeSigningCertificates,theIssuerCAshallensurethatthePrivateKeyisproperlygenerated,stored,andusedinacryptomodulethatmeetsorexceedstherequirementsofFIPS140level2.

6.2.1.1. Custodial Subscriber Key Stores CustodialSubscriberKeyStoresholdkeysforanumberofSubscribercertificatesinonelocation.EffectiveJanuary1,2017,allcryptographicmodulesforCustodialSubscriberKeyStoresforcertificatesissuedatLevels2,3‐US,3‐CBP,4‐US,and4‐CBPshallbenolessthanFIPS140Level2Hardwareandauthenticationtoactivatetheprivatekeyassociatedwithagivencertificateshallrequireauthenticationcommensuratewiththeassurancelevelofthecertificate.

6.2.2. PrivateKey(noutofm)Multi‐personControlTheIssuerCAshallensurethatmultipletrustedpersonnelarerequiredtoactinordertoaccessanduseanIssuerCA’sPrivateKeys,includinganyPrivateKeybackups.

39

6.2.3. PrivateKeyEscrowTheIssuerCAshallnotescrowitssignaturekeys.Subscribersmaynotescrowtheirprivatesignaturekeys.TheIssuerCAmayescrowSubscriberPrivateKeysusedforencryptioninordertoprovidekeyrecoveryasdescribedinsection4.12.1.

6.2.4. PrivateKeyBackupTheIssuerCAshallbackupitsCA,CRL,andcertificatestatusPrivateKeysundermulti‐personcontrolandshallstoreatleastonebackupoffsite.TheIssuerCAshallprotectallcopiesofitsCA,CRL,andcertificatestatusPrivateKeysinthesamemannerastheoriginals.TheIssuerCAmayprovidebackupservicesforPrivateKeysthatarenotrequiredtobemaintainedincryptographichardware.AccesstoPrivateKeybackupsshallbesecuredinamannerthatonlytheSubscribercancontrolthePrivateKey.TheIssuerCAmaynotbackupLevel4subscriberprivatesignaturekeys.TheIssuerCAmaynotstorebackupkeysinaplaintextformoutsideofthecryptographicmodule.StoragethatcontainsbackupkeysshallprovidesecuritycontrolsthatareconsistentwiththeprotectionprovidedbytheSubscriber’scryptographicmodule.TheIssuerCAmayrequirebackupofPIV‐IContentSigningprivatesignaturekeystofacilitatedisasterrecovery,providedthatallbackupisperformedundermulti‐personcontrol.

6.2.5. PrivateKeyArchivalTheIssuerCAshallnotarchiveitsPrivateKeysandshallnotallowthearchivalofanyPrivateKeysassociatedwithEUQualifiedCertificates.

6.2.6. PrivateKeyTransferintoorfromaCryptographicModuleAllkeysmustbegeneratedbyandinacryptographicmodule.TheIssuerCAandRAshallneverallowtheirPrivateKeystoexistinplaintextoutsideofthecryptographicmodule.TheIssuerCAshallonlyexportitsPrivateKeysfromthecryptographicmoduletoperformCAkeybackupprocedures.Whentransportedbetweencryptographicmodules,theIssuerCAshallencryptthePrivateKeyandprotectthekeysusedforencryptionfromdisclosure.

6.2.7. PrivateKeyStorageonCryptographicModuleTheIssuerCAshallstoreitsCAPrivateKeysonacryptographicmodulewhichhasbeenevaluatedtoatleastFIPS140Level3andEAL4+.

6.2.8. MethodofActivatingPrivateKeyTheIssuerCAshallactivateitsPrivateKeysinaccordancewiththespecificationsofthecryptographicmodulemanufacturer.SubscribersaresolelyresponsibleforprotectingtheirPrivateKeys.Ataminimum,SubscribersmustauthenticatethemselvestothecryptographicmodulebeforeactivatingtheirPrivateKeys.Entryofactivationdatashallbeprotectedfromdisclosure.

6.2.9. MethodofDeactivatingPrivateKeyTheIssuerCAshalldeactivateitsPrivateKeysandstoreitscryptographicmodulesinsecurecontainerswhennotinuse.TheIssuerCAshallpreventunauthorizedaccesstoanyactivatedcryptographicmodules.

6.2.10. MethodofDestroyingPrivateKeyTheIssuerCAshalluseindividualsintrustedrolestodestroyCA,RA,andstatusserverPrivateKeyswhentheyarenolongerneeded.SubscribersshalldestroytheirPrivateKeyswhenthecorrespondingCertificateisrevokedorexpiredorifthePrivateKeyisnolongerneeded.Forsoftwarecryptographicmodules,theIssuerCAmaydestroythePrivateKeysbyoverwritingthedata.Forhardwarecryptographicmodules,theIssuerCAmaydestroythePrivateKeysbyexecutinga“zeroize”command.Physicaldestructionofhardwareisnotrequired.

40

6.2.11. CryptographicModuleRatingSeeSection6.2.1.

6.3. OTHERASPECTSOFKEYPAIRMANAGEMENT

6.3.1. PublicKeyArchivalTheIssuerCAshallarchiveacopyofeachPublicKey.

6.3.2. CertificateOperationalPeriodsandKeyPairUsagePeriodsAllCertificates,includingrenewedCertificates,havemaximumvalidityperiodsof:

Type PrivateKeyUse CertificateTermRootCA 20years 25yearsSubCA 12years 15yearsFBCA‐Cross‐certifiedSubCAs 6years (periodof

keyuseforsigningcertificates)

10years(keystillsignsCRLs,OCSPresponses,andOCSPresponder

certificates)IGTFCross‐certifiedSubCA* 6years 15yearsCRLandOCSPrespondersigning 3years 31days†OVSSL Nostipulation 42monthsEVSSL Nostipulation 27monthsEVCodeSigningCertificateissuedtoSubscriber

Nostipulation 39months

EVCodeSigningCertificateissuedtoSigningAuthority

Nostipulation 123months

TimeStampingAuthority Nostipulation 123monthsCodeSigningCertificateandDocumentSigning

Nostipulation‡ 123months

FBCAandIGTFClientusedforsignatures(includingEUQualifiedCertificates)

36months 36months

FBCAandIGTFClientusedforkeymanagement

36months 36months

Clientforallotherpurposes(FBCAorIGTFcompliant)

36months 36months

Clientforallotherpurposes(nonFBCAandIGTFcerts)

Nostipulation 60months

PIV‐IContentSigning** 36months 9yearsPIV‐ICards 6years 6yearsIGTFonhardware 60months 13months

*IGTFsigningCertificatesmusthavealifetimethatisatleasttwicethemaximumlifetimeofanendentityCertificate.†OCSPresponderandCRLsigningCertificatesassociatedwithaPIV‐ICertificatemayonlyhaveamaximumcertificatevalidityperiodof31days.‡Codeandcontentsignerscross‐certifiedwithFBCAmayusetheirPrivateKeysforthreeyears;thelifetimeoftheassociatedPublicKeysshallnotexceedeightyears.**SubscriberPublicKeysinCertificatesthatassertthePIV‐IContentSigningOIDintheextendedkeyusageextensionhaveamaximumusageperiodofnineyears.ThePrivateKeyscorrespondingtothePublicKeysintheseCertificateshaveamaximumusageperiodofthreeyears.ExpirationofPIV‐IContentSigningCertificateshallbelaterthantheexpirationofthePIV‐IHardwareandPIV‐ICardAuthenticationCertificates.

41

RelyingpartiesmaystillvalidatesignaturesgeneratedwiththesekeysafterexpirationoftheCertificate.Privatekeysassociatedwithself‐signedrootCertificatesthataredistributedastrustanchorsareusedforamaximumof20years.PIV‐IsubscriberCertificatesmaynotexpirelaterthantheexpirationdateofthePIV‐IhardwaretokenonwhichtheCertificatesreside.TheIssuerCAmayretireitsCAPrivateKeysbeforetheperiodslistedabovetoaccommodatekeychangeoverprocesses.TheIssuerCAshallnotissueaSubscriberCertificatewithanexpirationdatethatispasttheIssuerCA’spublickeyexpirationdateorthatexceedstheroutinere‐keyidentificationrequirementsspecifiedinSection3.1.1.

6.4. ACTIVATIONDATA

6.4.1. ActivationDataGenerationandInstallationTheIssuerCAshallgenerateactivationdatathathassufficientstrengthtoprotectitsPrivateKeys.IftheIssuerCAusespasswordsasactivationdataforasigningkey,theIssuerCAshallchangetheactivationdatauponrekeyoftheCACertificate.TheIssuerCAmayonlytransmitactivationdataviaanappropriatelyprotectedchannelandatatimeandplacethatisdistinctfromthedeliveryoftheassociatedcryptographicmodule.

6.4.2. ActivationDataProtectionTheIssuerCAshallprotectdatausedtounlockPrivateKeysfromdisclosureusingacombinationofcryptographicandphysicalaccesscontrolmechanisms.Activationdatashallbe:

memorized biometricinnature,or recordedandsecuredatthelevelofassuranceassociatedwiththeactivationofthe

cryptographicmodule,andshallnotbestoredwiththecryptographicmodule.

TheIssuerCAshallrequirepersonneltomemorizeandnotwritedowntheirpasswordorsharetheirpasswordswithotherindividuals.TheIssuerCAshallimplementprocessestotemporarilylockaccesstosecureCAprocessesifacertainnumberoffailedlog‐inattemptsoccurassetforthintheapplicableCPS.

6.4.3. OtherAspectsofActivationDataIftheIssuerCAmustresetactivationdataassociatedwithaPIV‐Icertificatethenasuccessfulbiometric1:1matchoftheapplicantagainstthebiometricscollectedinSection3.2.3isrequired.EithertheIssuerCAoranRAmustconductthisbiometric1:1match.

6.5. COMPUTERSECURITYCONTROLS

6.5.1. SpecificComputerSecurityTechnicalRequirementsTheIssuerCAshallconfigureitssystems,includinganyremoteworkstations,to:

1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications,2. managetheprivilegesofusersandlimituserstotheirassignedroles,3. generateandarchiveauditrecordsforalltransactions,4. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and5. supportrecoveryfromkeyorsystemfailure.

TheIssuerCAshallauthenticateandprotectallcommunicationsbetweenatrustedroleanditsCAsystem.

42

AllCertificateStatusServersinteroperatingwithcross‐certifiedenvironmentsmust:1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications,2. manageprivilegestolimituserstotheirassignedroles,3. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and4. supportrecoveryfromkeyorsystemfailure.

ACMSmusthavethefollowingcomputersecurityfunctions:

1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications,2. manageprivilegesofuserstolimituserstotheirassignedroles,3. generateandarchiveauditrecordsforalltransactions,(seeSection5.4)4. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and5. supportrecoveryfromkeyorsystemfailure.

6.5.2. ComputerSecurityRatingNostipulation.

6.6. LIFECYCLETECHNICALCONTROLS

6.6.1. SystemDevelopmentControlsInoperatingitsCA,theIssuerCAshalluseonly:

1. Commercialoff‐the‐shelfsoftwarethatwasdesignedanddevelopedunderaformalanddocumenteddevelopmentmethodology,

2. HardwareandsoftwaredevelopedspecificallyfortheIssuerCAbyverifiedpersonnel,usingastructureddevelopmentapproachandacontrolleddevelopmentenvironment,

3. Opensourcesoftwarethatmeetssecurityrequirementsthroughsoftwareverification&validationandstructureddevelopment/life‐cyclemanagement,

4. Hardwareandsoftwarepurchasedandshippedinafashionthatreducesthelikelihoodoftampering,and

5. ForCAoperations,hardwareandsoftwarethatisdedicatedonlytoperformingtheCAfunctions.

TheIssuerCAshalltakepropercaretopreventmalicioussoftwarefrombeingloadedontotheCAequipment.TheIssuerCAshallscanallhardwareandsoftwareformaliciouscodeonfirstuseandperiodicallythereafter.TheIssuerCAshallpurchaseordevelopupdatesinthesamemannerasoriginalequipment,andshallusetrustedtrainedpersonneltoinstallthesoftwareandequipment.TheIssuerCAshallnotinstallanysoftwareonitsCAsystemsthatarenotpartoftheCA’soperations.

TheIssuerCAshalluseaformalconfigurationmanagementmethodologyforinstallationandongoingmaintenanceofanyCMS.AnymodificationsandupgradestoaCMSshallbedocumentedandcontrolled.TheIssuerCAshallimplementamechanismfordetectingunauthorizedmodificationtoaCMS.

6.6.2. SecurityManagementControlsTheIssuerCAshallestablishformalmechanismstodocument,control,monitor,andmaintaintheinstallationandconfigurationofitsCAsystems,includinganymodificationsorupgrades.TheIssuerCA’schangecontrolprocessesshallincludeprocedurestodetectunauthorizedmodificationtotheIssuerCA’ssystemsanddataentriesthatareprocessed,loggedandtrackedforanysecurity‐relatedchangestoCAsystems,firewalls,routers,softwareandotheraccesscontrols.WhenloadingsoftwareontoaCAsystem,theIssuerCAshallverifythatthesoftwareisthecorrectversionandissuppliedbythevendorfreeofanymodifications.TheIssuerCAshallverifytheintegrityofsoftwareusedwithitsCAprocessesatleastonceaweek.

6.6.3. LifeCycleSecurityControlsNostipulation.

43

6.7. NETWORKSECURITYCONTROLSTheIssuerCAshalldocumentandcontroltheconfigurationsofitssystems,includinganyupgradesormodificationsmade.TheIssuerCAshallimplementaprocessfordetectingunauthorizedmodificationstoitshardwareorsoftwareandforinstallingandmaintainingitssystems.TheIssuerCAanditsRAsshallimplementappropriatenetworksecuritycontrols,includingturningoffanyunusednetworkportsandservicesandonlyusingnetworksoftwarethatisnecessaryfortheproperfunctioningoftheCAsystems.TheIssuerCAshallimplementthesamenetworksecuritycontrolstoprotectaCMSasusedtoprotectitsotherCAequipment.

6.8. TIME‐STAMPINGIssuerCAsshallensurethattheaccuracyofclocksusedfortime‐stampingarewithinthreeminutes.Electronicormanualproceduresmaybeusedtomaintainsystemtime.Clockadjustmentsareauditableevents,seeSection5.4.1.

6.9. PIV‐ICARDSThefollowingrequirementsapplytoPIV‐ICards:

1. ToensureinteroperabilitywithFederalsystems,PIV‐ICardsmustuseasmartcardplatformthatisonGSA’sFIPS201EvaluationProgramApprovedProductList(APL)andusesthePIVapplicationidentifier(AID).

2. TheIssuerCAshallensurethatallPIV‐ICardsconformto[NISTSP800‐731].3. TheIssuerCAshallonlyissuethemandatoryX.509CertificateforAuthenticationundera

policythatiscrosscertifiedwiththeFBCAPIV‐IHardwarepolicyOID.4. TheIssuerCAshallonlyissuePIV‐ICertificatesthatconformtothePIV‐IProfile.5. TheIssuerCAshallincludeanasymmetricX.509CertificateforCardAuthenticationineach

PIV‐Icardthat:a. conformstoPIV‐IProfile,b. conformsto[NISTSP800‐73],andc. isissuedunderthePIV‐ICardAuthenticationpolicy.

6. TheCMSshallincludeanelectronicrepresentation(asspecifiedinSP800‐73andSP800‐76)ofthecardholder’sfacialimageineachPIV‐Icard.

7. TheX.509CertificatesforDigitalSignatureandKeyManagementdescribedin[NISTSP800‐73]areoptionalforPIV‐ICards.

8. TheCMSshallmakeitsPIV‐ICardsvisuallydistinctfromaFederalPIVCardtopreventcreationofafraudulentFederalPIVCard.Ataminimum,theCMSshallnotallowimagesorlogosonaPIV‐ICardtobeplacedwithinZone11,AgencySeal,asdefinedby[FIPS201].

9. TheCMSshallrequirethefollowingitemsonthefrontofacard:a. Cardholderfacialimage,b. Cardholderfullname,c. OrganizationalAffiliation,ifexists;otherwisetheissuerofthecard,andd. Cardexpirationdate.

10. TheIssuerCAshallissuePIV‐Icardswithanexpirationdatethatissixyearsorless.11. AllPIV‐ICardsmustnotexpirelaterthanthePIV‐IContentSigningCertificateonthecard.12. TheIssuerCAshallincludeapolicyOIDthathasbeenmappedtotheFBCAPIV‐IContent

SigningpolicyOIDinthedigitalsignatureCertificateusedtosignobjectsonthePIV‐ICard.ThePIV‐IContentSigningCertificatemustconformtothePIV‐IProfile.

13. TheIssuerCAanditsRAsshallmanagethePIV‐IContentSigningCertificateandcorrespondingPrivateKeywithinatrustedCardManagementSystemasdefinedherein.

14. Atissuance,theRAshallactivateandreleasethePIV‐ICardtothesubscriberonlyafterasuccessful1:1biometricmatchoftheapplicantagainstthebiometricscollectedinSection3.2.3.

15. PIV‐ICardsmaysupportcardactivationbythecardmanagementsystemtosupportcardpersonalizationandpost‐issuancecardupdate.Toactivatethecardforpersonalizationorupdate,thecardmanagementsystemshallperformachallengeresponseprotocolusing

44

cryptographickeysstoredonthecardinaccordancewith[SP800‐73].Whencardsarepersonalized,cardmanagementkeysshallbesettobespecifictoeachPIV‐ICard.Thatis,eachPIV‐ICardshallcontainauniquecardmanagementkey.CardmanagementkeysshallmeetthealgorithmandkeysizerequirementsstatedinSpecialPublication800‐78,CryptographicAlgorithmsandKeySizesforPersonalIdentityVerification.[SP800‐78].

7. CERTIFICATE,CRL,ANDOCSPPROFILES

7.1. CERTIFICATEPROFILE

7.1.1. VersionNumber(s)IssuerCAsshallissueX.509version3Certificates.

7.1.2. CertificateExtensionsIssuerCAsshallusecertificateextensionsinaccordancewithapplicableindustrystandards,includingRFC3280/5280.IssuerCAsshallnotissueCertificateswithacriticalprivateextension.IGTFCertificatesmustcomplywiththeGridCertificateProfileasdefinedbytheOpenGridForumGFD.125.PIV‐ICertificatesmustcomplywiththeX.509CertificateandCertificateRevocationList(CRL)ExtensionsProfileforPersonalIdentityVerificationInteroperable(PIV‐I)Cards,Date:April232010,assetforthat:http://www.idmanagement.gov/sites/default/files/documents/pivi_certificate_crl_profile.pdf.

7.1.3. AlgorithmObjectIdentifiersIssuerCAsshallsignCertificatesusingoneofthefollowingalgorithms:id‐dsa‐with‐sha1 {iso(1)member‐body(2)us(840)x9‐57(10040)x9cm(4)3}sha‐1WithRSAEncryption {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)

pkcs‐1(1)5}sha256WithRSAEncryption {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)

pkcs‐1(1)11}id‐RSASSA‐PSS {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)

pkcs‐1(1)10}ecdsa‐with‐SHA1 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)

signatures(4)1}ecdsa‐with‐SHA224 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)

signatures(4)ecdsa‐with‐SHA2(3)1}ecdsa‐with‐SH256 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)

signatures(4)ecdsa‐with‐SHA2(3)2}ecdsa‐with‐SHA384 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)

signatures(4)ecdsa‐with‐SHA2(3)3}ecdsa‐with‐SHA512 {iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)

signatures(4)ecdsa‐with‐SHA2(3)4}IfanIssuerCAsignsCertificatesusingRSAwithPSSpadding,theIssuerCAmayuseanRSAsignaturewithPSSpaddingwiththefollowingalgorithmsandOIDs:id‐sha256 {joint‐iso‐itu‐t(2)country(16)us(840)organization(1)

gov(101)csor(3)nistalgorithm(4)hashalgs(2)1}id‐sha512 {joint‐iso‐itu‐t(2)country(16)us(840)organization(1)

gov(101)csor(3)nistalgorithm(4)hashalgs(2)3}IssuerCAsandSubscribersmaygenerateKeyPairsusingthefollowing:id‐dsa {iso(1)member‐body(2)us(840)x9‐57(10040)x9cm(4)1}RsaEncryption {iso(1)member‐body(2)us(840)rsadsi(113549)pkcs(1)

45

pkcs‐1(1)1}

Dhpublicnumber{iso(1)member‐body(2)us(840)ansi‐x942(10046)number‐type(2)1}

id‐ecPublicKey{iso(1)member‐body(2)us(840)ansi‐X9‐62(10045)id‐publicKeyType(2)1}

id‐keyExchangeAlgorithm[joint‐iso‐ccitt(2)country(16)us(840)organization(1)gov(101)dod(2)infosec(1)algorithms(1)22]

IfanIssuerCAissuesanon‐CACertificateforafederalagencyandtheCertificatecontainsanellipticcurvePublicKey,theIssuerCAshallspecifyoneofthefollowingnamedcurves:ansip192r1 {iso(1)member‐body(2)us(840)10045curves(3)prime(1)1}ansit163k1 {iso(1)identified‐organization(3)certicom(132)curve(0)1}ansit163r2 {iso(1)identified‐organization(3)certicom(132)curve(0)15}ansip224r1 {iso(1)identified‐organization(3)certicom(132)curve(0)33}ansit233k1 {iso(1)identified‐organization(3)certicom(132)curve(0)26}ansit233r1 {iso(1)identified‐organization(3)certicom(132)curve(0)27}ansip256r1 {iso(1)member‐body(2)us(840)10045curves(3)prime(1)7}ansit283k1 {iso(1)identified‐organization(3)certicom(132)curve(0)16}ansit283r1 {iso(1)identified‐organization(3)certicom(132) curve(0)17}ansip384r1 {iso(1)identified‐organization(3)certicom(132)curve(0)34}ansit409k1 {iso(1)identified‐organization(3)certicom(132)curve(0)36}ansit409r1 {iso(1)identified‐organization(3)certicom(132)curve(0)37}ansip521r1 {iso(1)identified‐organization(3)certicom(132)curve(0)35}ansit571k1 {iso(1)identified‐organization(3)certicom(132)curve(0)38}ansit571r1 {iso(1)identified‐organization(3)certicom(132)curve(0)39}SignaturealgorithmsforPIV‐ICertificatesarelimitedtothoseidentifiedbyNISTSP800‐78.

7.1.4. NameFormsIssuerCAsshallusedistinguishednamesthatarecomposedofstandardattributetypes,suchasthoseidentifiedinRFC3280/5280.IssuerCAsshallincludeauniqueserialnumberineachCertificate.TheIssuerCAshallrestrictOUfieldsfromcontainingSubscriberinformationthatisnotverifiedinaccordancewithSection3.

7.1.5. NameConstraintsIssuerCAsmayincludenameconstraintsinthenameConstraintsfieldwhenappropriate.

7.1.6. CertificatePolicyObjectIdentifierWhenanIssuerCAissuesaCertificatecontainingoneofthepolicyidentifierssetforthinSection1.2,itassertsthattheCertificateismanagedinaccordancewiththepolicythatisidentifiedherein.

7.1.7. UsageofPolicyConstraintsExtensionNotapplicable.

7.1.8. PolicyQualifiersSyntaxandSemanticsIssuerCAsmayincludebriefstatementsinthePolicyQualifierfieldoftheCertificatePolicyextension.

7.1.9. ProcessingSemanticsfortheCriticalCertificatePoliciesExtensionNostipulation.

46

7.2. CRLPROFILE

7.2.1. Versionnumber(s)IssuerCAsshallissueversion2CRLsthatconformtoRFC3280/5280.

7.2.2. CRLandCRLEntryExtensionsIssuerCAsshalluseCRLextensionsthatconformwiththeFederalPKIX.509CRLExtensionsProfile.

7.3. OCSPPROFILEIssuerCAsshalloperateanOCSPserviceinaccordancewithRFC2560.

7.3.1. VersionNumber(s)IssuerCAsshallsupportversion1OCSPrequestsandresponses.

7.3.2. OCSPExtensionsNostipulation.

8. COMPLIANCEAUDITANDOTHERASSESSMENTSThepoliciesinthisCParedesignedtomeetorexceedtherequirementsofgenerallyacceptedanddevelopingindustrystandards,includingtheEVGuidelinesandtheWebTrustProgramforCertificationAuthorities,ANSX9.79/ISO21188PKIPracticesandPolicyFramework("CAWebTrust/ISO21188").ForIssuerCAschainedtotheFBCA,theauditorletterofcomplianceshallmeetFPKIPAAuditRequirements.AllIssuerCAsshallensurethatauditsareconductedforallPKIfunctionsregardlessofhoworbywhomthePKIcomponentsaremanagedandoperated.

8.1. FREQUENCYORCIRCUMSTANCESOFASSESSMENTOnatleastanannualbasis,IssuerCAsshallretainanindependentauditorwhoshallassesstheIssuerCA’scompliancewiththisCPanditsCPS.ThisauditmustcoverCMSs,SubCAs,RAs,andeachstatusserverthatisspecifiedinacertificateissuedbytheIssuerCA.AnyindependententityinteroperatingwithintheDigiCertPKIshallsubmititspracticesstatementandtheresultsofitscomplianceaudittotheDCMAonanannualbasisforreviewandapproval.

8.2. IDENTITY/QUALIFICATIONSOFASSESSORTheIssuerCAshalluseanauditorthatmeetsthefollowingqualifications:

1. Qualificationsandexperience:Auditingmustbetheauditor’sprimarybusinessfunction.TheindividualoratleastonememberoftheauditgroupmustbequalifiedasaCertifiedInformationSystemsAuditor(CISA),anAICPACertifiedInformationTechnologyProfessional(CPA.CITP),aCertifiedInternalAuditor(CIA),orhaveanotherrecognizedinformationsecurityauditingcredential.

2. Expertise:TheindividualorgroupmustbetrainedandskilledintheauditingofsecureinformationsystemsandbefamiliarwithPublicKeyinfrastructures,certificationsystems,andInternetsecurityissues.

3. Rulesandstandards:Theauditormustconformtoapplicablestandards,rules,andbestpracticespromulgatedbytheAmericanInstituteofCertifiedPublicAccountants(AICPA),CPACanada,theInstituteofCharteredAccountantsofEngland&Wales(ICAEW),theInternationalAccountingStandardsadoptedbytheEuropeanCommission(IAS),InformationSystemsAuditandControlAssociation(ISACA),theInstituteofInternalAuditors(IIA),oranotherqualifiedauditingstandardsbody.

4. Reputation:Thefirmmusthaveareputationforconductingitsauditingbusinesscompetentlyandcorrectly.

47

5. Insurance:EVauditorsmustmaintainProfessionalLiability/ErrorsandOmissions

Insurance,withpolicylimitsofatleast$1millionincoverage.

8.3. ASSESSOR'SRELATIONSHIPTOASSESSEDENTITYTheIssuerCAshallutilizeindependentauditorsthatdonothaveafinancialinterest,businessrelationship,orcourseofdealingthatcouldforeseeablycreateasignificantbiasfororagainsttheIssuerCA.

8.4. TOPICSCOVEREDBYASSESSMENTTheauditmustconformtoindustrystandards,covertheIssuerCA'scompliancewithitsbusinesspracticesdisclosure,andevaluatetheintegrityoftheIssuerCA’sPKIoperations.TheauditmustverifythateachIssuerCAiscompliantwiththisCPandanyMOAbetweenitandanyotherPKI.

8.5. ACTIONSTAKENASARESULTOFDEFICIENCYIfanauditreportsamaterialnoncompliancewithapplicablelaw,thisCP,theCPS,oranyothercontractualobligationsrelatedtotheIssuerCA’sservices,then(1)theauditorshalldocumentthediscrepancy,(2)theauditorshallpromptlynotifytheIssuerCAandtheDCPA,and(3)theIssuerCAandtheDCPAshalldevelopaplantocurethenoncompliance.TheDCPAshallalsonotifyanyaffectedcross‐certifyingentityandanyrelevantgovernmentaccreditingbody.TheIssuerCAshallsubmittheplantotheDCPAforapprovalandtoanythirdpartythattheIssuerCAislegallyobligatedtosatisfy.TheDCPAmayrequireadditionalactionifnecessarytorectifyanysignificantissuescreatedbythenon‐compliance,includingrequiringrevocationofaffectedCertificates.

8.6. COMMUNICATIONOFRESULTSTheresultsofeachauditshallbereportedtotheDCPAforreviewandapproval.Theresultsshallalsobecommunicatedtoanythirdpartyentitiesentitledbylaw,regulation,oragreementtoreceiveacopyoftheauditresults.Onanannualbasis,theDCPAshallsubmitanauditcompliancepackagetotheFederalPKIPolicyAuthoritypreparedinaccordancewiththe“ComplianceAuditRequirements”document,whichshallincludeanassertionthatallPKIcomponentshavebeenaudited,includinganycomponentsthatmaybeseparatelymanagedandoperated.ThepackageshallidentifytheversionsoftheCPandCPSusedintheassessment.

8.7. SELF‐AUDITSTheIssuerCAshallperformregularinternalauditsofitsoperations,personnel,andcompliancewiththisCPusingarandomlyselectedsampleofCertificatesissuedsincethelastinternalaudit.TheIssuerCAshallself‐auditatleastthreepercentofOVandDVSSLCertificatesandthreepercentofEVSSLandEVCodeSigningCertificates.

9. OTHERBUSINESSANDLEGALMATTERS

9.1. FEES

9.1.1. CertificateIssuanceorRenewalFeesIssuerCAsmaychargefeesforcertificateissuanceandrenewal.

9.1.2. CertificateAccessFeesIssuerCAsmaychargefeesforaccesstotheirdatabasesofCertificates.

9.1.3. RevocationorStatusInformationAccessFeesNostipulation.

9.1.4. FeesforOtherServicesNostipulation.

48

9.1.5. RefundPolicyNostipulation.

9.2. FINANCIALRESPONSIBILITY

9.2.1. InsuranceCoverageIssuerCAsshallmaintainErrorsandOmissions/ProfessionalLiabilityInsuranceofatleast$1millionperoccurrencefromaninsurancecompanyratednolessthanA‐astoPolicyHolder’sRatinginthecurrenteditionofBest’sInsuranceGuide(orwithanassociationofcompanies,eachofthemembersofwhicharesorated).

9.2.2. OtherAssetsNostipulation.

9.2.3. InsuranceorWarrantyCoverageforEnd‐EntitiesNostipulation.

9.3. CONFIDENTIALITYOFBUSINESSINFORMATION

9.3.1. ScopeofConfidentialInformationIssuerCAsshallspecifywhatconstitutesconfidentialinformationinitsCPS.

9.3.2. InformationNotWithintheScopeofConfidentialInformationIssuerCAsmaytreatanyinformationnotlistedasconfidentialintheCPSaspublicinformation.

9.3.3. ResponsibilitytoProtectConfidentialInformationIssuerCAsshallcontractuallyobligateemployees,agents,andcontractorstoprotectconfidentialinformation.IssuerCAsshallprovidetrainingtoemployeesonhowtohandleconfidentialinformation.

9.4. PRIVACYOFPERSONALINFORMATION

9.4.1. PrivacyPlanIssuerCAsshallcreateandfollowapubliclypostedprivacypolicythatspecifieshowtheIssuerCAhandlespersonalinformation.

9.4.2. InformationTreatedasPrivateIssuerCAsshalltreatallpersonalinformationaboutanindividualthatisnotpubliclyavailableinthecontentsofaCertificateorCRLasprivateinformation.TheIssuerCAshallprotectprivateinformationinitspossessionusingareasonabledegreeofcareandappropriatesafeguards.TheIssuerCAshallnotdistributeCertificatesthatcontaintheUUIDinthesubjectalternativenameextensionviapubliclyaccessiblerepositories(e.g.,LDAP,HTTP).

9.4.3. InformationNotDeemedPrivatePrivateinformationdoesnotincludeCertificates,CRLs,ortheircontents.

9.4.4. ResponsibilitytoProtectPrivateInformationIssuerCAsareresponsibleforsecurelystoringandprotectingprivateinformation.

9.4.5. NoticeandConsenttoUsePrivateInformationSubscribersmustconsenttotheglobaltransferandpublicationofanypersonaldatacontainedinCertificates.

49

9.4.6. DisclosurePursuanttoJudicialorAdministrativeProcessIssuerCAsmaydiscloseprivateinformation,withoutnotice,whenrequiredtodosobylaworregulation.

9.4.7. OtherInformationDisclosureCircumstancesNostipulation.

9.5. INTELLECTUALPROPERTYRIGHTSIssuerCAsshallnotknowinglyviolatetheintellectualpropertyrightsofanythirdparty.

9.6. REPRESENTATIONSANDWARRANTIES

9.6.1. CARepresentationsandWarrantiesIssuerCAsmustrepresenttoDigiCert,Subscribers,andRelyingPartiesthattheycomply,inallmaterialaspects,withthisCP,theirCPS,andallapplicablelawsandregulations.ForPIV‐I,theIssuerCAshallmaintainanagreementwithAffiliatedOrganizationsthatincludesobligationsrelatedtoauthorizingaffiliationwithSubscribersofPIV‐ICertificates.

9.6.2. RARepresentationsandWarrantiesAtaminimum,IssuerCAsshallrequireRAsoperatingontheirbehalftorepresentthattheyhavefollowedthisCPandtherelevantCPSwhenparticipatingintheissuanceandmanagementofCertificates.

9.6.3. SubscriberRepresentationsandWarrantiesPriortobeingissuedandreceivingaCertificate,eachSubscribershallrepresenttoDigiCertandtheIssuerCAthattheSubscriberwill:

1. SecurelygenerateitsPrivateKeysandprotectitsPrivateKeysfromcompromise,2. ProvideaccurateandcompleteinformationandcommunicationtotheIssuerCAandRA,3. ConfirmtheaccuracyofCertificatedatapriortousingtheCertificate,4. Promptly(i)requestrevocationofaCertificate,ceaseusingitanditsassociatedPrivate

Key,andnotifytheIssuerCAifthereisanyactualorsuspectedmisuseorcompromiseofthePrivateKeyassociatedwiththePublicKeyincludedintheCertificate,and(ii)requestrevocationoftheCertificate,andceaseusingit,ifanyinformationintheCertificateisorbecomesincorrectorinaccurate,

5. UsetheCertificateonlyforauthorizedandlegalpurposes,consistentwiththerelevantCPSandSubscriberAgreement,includingonlyinstallingSSLCertificatesonserversaccessibleatthedomainlistedintheCertificateandnotusingcodesigningCertificatestosignmaliciouscodeoranycodethatisdownloadedwithoutauser’sconsent,and

6. PromptlyceaseusingtheCertificateandrelatedPrivateKeyaftertheCertificate’sexpiration.

9.6.4. RelyingPartyRepresentationsandWarrantiesRelyingPartiesmustfollowtheproceduresandmaketherepresentationsrequiredbytherelevantCPSandintheapplicableRelyingPartyAgreementpriortorelyingonorusingaCertificate.

9.6.5. RepresentationsandWarrantiesofOtherParticipantsNostipulation.

9.7. DISCLAIMERSOFWARRANTIESExceptasexpresslystatedotherwisehereinoraslimitedbylaw,DigiCertdisclaimsallwarrantiesandobligationsrelatedtothisCP.AfiduciarydutyisnotcreatedsimplybecauseanentityusesservicesofferedwithintheDigiCertPKI.

50

9.8. LIMITATIONSOFLIABILITYIssuerCAsmaylimittheirliabilitytoanyextentnototherwiseprohibitedbythisCP,providedthattheIssuerCAremainsresponsibleforcomplyingwiththisCPandtheIssuerCA’sCPS.

9.9. INDEMNITIES

9.9.1. IndemnificationbyanIssuerCAIssuerCAsarerequiredtoindemnifyDigiCertforanyviolationofthisCP.

9.9.2. IndemnificationbySubscribersIssuerCAsshallincludeanyindemnificationrequirementsforSubscribersintheirCPSandintheirSubscriberAgreements.

9.9.3. IndemnificationbyRelyingPartiesIssuerCAsshallincludeanyindemnificationrequirementsforRelyingPartiesintheirCPS.

9.10. TERMANDTERMINATION

9.10.1. TermThisCPandanyamendmentsareeffectivewhenpublishedtoDigiCert’sonlinerepositoryandremainineffectuntilreplacedwithanewerversion.

9.10.2. TerminationThisCPandanyamendmentsremainineffectuntilreplacedbyanewerversion.

9.10.3. EffectofTerminationandSurvivalDigiCertwillcommunicatetheconditionsandeffectofthisCP’sterminationviatheDigiCertRepository.Thecommunicationwillspecifywhichprovisionssurvivetermination.Ataminimum,responsibilitiesrelatedtoprotectingconfidentialinformationwillsurvivetermination.

9.11. INDIVIDUALNOTICESANDCOMMUNICATIONSWITHPARTICIPANTSDigiCertacceptsdigitallysignedorpapernoticesrelatedtothisCPthatareaddressedtothelocationsspecifiedinSection2.2ofthisCP.NoticesaredeemedeffectiveafterthesenderreceivesavalidanddigitallysignedacknowledgmentofreceiptfromDigiCert.Ifanacknowledgementofreceiptisnotreceivedwithinfivedays,thesendermustresendthenoticeinpaperformtothestreetaddressspecifiedinSection2.2usingeitheracourierservicethatconfirmsdeliveryorviacertifiedorregisteredmailwithpostageprepaidandreturnreceiptrequested.

9.12. AMENDMENTS

9.12.1. ProcedureforAmendmentTheDCPAdetermineswhatamendmentsshouldbemadetothisCP.AmendmentsaremadebypostinganupdatedversionoftheCPtotheonlinerepository.ControlsareinplacetoreasonablyensurethatthisCPisnotamendedandpublishedwithoutthepriorauthorizationoftheDCPA.TheDCPAreviewsthisCPannually.

9.12.2. NotificationMechanismandPeriodDigiCertwillpostnoticeonitswebsiteofanyproposedsignificantrevisionstothisCP.AlthoughDigiCertmayincludeafinaldateforreceiptofcommentsandtheproposedeffectivedate,DigiCertisnotrequiredtohaveafixednotice‐and‐commentperiod.

9.12.3. CircumstancesunderwhichOIDMustBeChangedIftheDCPAdeterminesanamendmentnecessitatesachangeinanOID,thentherevisedversionofthisCPwillalsocontainarevisedOID.Otherwise,amendmentsdonotrequireanOIDchange.

51

9.13. DISPUTERESOLUTIONPROVISIONSBeforeresortingtoanydisputeresolutionmechanism,includingadjudicationoranytypeofalternativedisputeresolution,apartymustnotifyDigiCertofthedisputewithaviewtoseekdisputeresolution.

9.14. GOVERNINGLAWFordisputesinvolvingQualifiedCertificates,thenationallawoftherelevantMemberStateshallgovern.Forallothercertificates,thelawsofthestateofUtahshallgoverntheinterpretation,construction,andenforcementofthisCPandallproceedingsrelatedhereunder,includingtortclaims,withoutregardtoanyconflictsoflawprinciples,andUtahshallbethenon‐exclusivevenueandshallhavejurisdictionoversuchproceedings.

9.15. COMPLIANCEWITHAPPLICABLELAWThisCPissubjecttoallapplicablelawsandregulations,includingUnitedStatesrestrictionsontheexportofsoftwareandcryptographyproducts.Subjecttosection9.4.5’sNoticeandConsenttoUsePrivateInformationcontainedinCertificates,eachIssuerCAshallmeettherequirementsofEuropeandataprotectionlawsandshallestablishandmaintainappropriatetechnicalandorganizationmeasuresagainstunauthorizedorunlawfulprocessingofpersonaldataandagainsttheloss,damage,ordestructionofpersonaldata.

9.16. MISCELLANEOUSPROVISIONS

9.16.1. EntireAgreementIssuerCAsshallcontractuallyobligateeachRAinvolvedinCertificateissuancetocomplywiththisCPandapplicableindustryguidelines. IssuerCAsshallcontractuallyobligatepartiesusingproductsandservicesissuedunderthisCP,suchasSubscribersandRelyingParties,totherelevantprovisionsherein.ThisCPdoesnotgiveanythirdpartyrightsundersuchagreements.

9.16.2. AssignmentEntitiesoperatingunderthisCPmaynotassigntheirrightsorobligationswithoutthepriorwrittenconsentofDigiCert.

9.16.3. SeverabilityIfaprovisionofthisCPisheldinvalidorunenforceablebyacompetentcourtortribunal,theremainderoftheCPwillremainvalidandenforceable.

9.16.4. Enforcement(attorneys'feesandwaiverofrights)DigiCertmayseekindemnificationandattorneys'feesfromapartyfordamages,losses,andexpensesrelatedtothatparty'sconduct.DigiCert’sfailuretoenforceaprovisionofthisCPdoesnotwaiveDigiCert’srighttoenforcethesameprovisionlaterorrighttoenforceanyotherprovisionofthisCP.Tobeeffective,waiversmustbeinwritingandsignedbyDigiCert.

9.16.5. ForceMajeureDigiCertisnotliableforadelayorfailuretoperformanobligationunderthisCPtotheextentthatthedelayorfailureiscausedbyanoccurrencebeyondDigiCert’sreasonablecontrol.TheoperationoftheInternetisbeyondDigiCert’sreasonablecontrol.

9.17. OTHERPROVISIONSNostipulation.