DigiCert CertificatePolicy

DigiCert, Inc. Version4.04 May10,2012 Suite200 CanopyBuildingII 355South520West Lindon,UT84042 USA Tel:18018772100 Fax:18017050481 www.digicert.com


TABLEOFCONTENTS Introduction ............................................................................................................................................ 1 1.1. Overview ...................................................................................................................................... 1 1.2. Document name and Identification............................................................................................... 1 1.3. PKI Participants ........................................................................................................................... 3 1.3.1. Certification Authority .............................................................................................................. 3 1.3.2. Registration Authority .............................................................................................................. 3 1.3.1. Subscribers ............................................................................................................................. 3 1.3.2. Relying Parties ........................................................................................................................ 4 1.3.1. Other Participants ................................................................................................................... 4 1.4. Certificate Usage ......................................................................................................................... 4 1.4.1. Appropriate Certificate Uses ................................................................................................... 4 1.4.2. Prohibited Certificate Uses ...................................................................................................... 4 1.5. Policy administration .................................................................................................................... 4 1.5.1. Organization Administering the Document .............................................................................. 4 1.5.2. Contact Person ....................................................................................................................... 5 1.5.3. Person Determining CP Suitability for the Policy..................................................................... 5 1.5.4. CP Approval Procedures ......................................................................................................... 5 1.6. Definitions and acronyms ............................................................................................................. 5 2. PUBLICATION AND REPOSITORY RESPONSIBILITIES .................................................................... 7 2.1. Repositories ................................................................................................................................. 7 2.2. Publication of certification information .......................................................................................... 7 2.3. Time or frequency of publication .................................................................................................. 7 2.4. Access controls on repositories ................................................................................................... 7 3. IDENTIFICATION AND AUTHENTICATION ......................................................................................... 7 3.1. Naming ........................................................................................................................................ 7 3.1.1. Types of Names ...................................................................................................................... 7 3.1.2. Need for Names to be Meaningful........................................................................................... 7 3.1.3. Anonymity or Pseudonymity of Subscribers ............................................................................ 8 3.1.4. Rules for Interpreting Various Name Forms ............................................................................ 8 3.1.5. Uniqueness of Names ............................................................................................................. 8 3.1.6. Recognition, Authentication, and Role of Trademarks ............................................................ 8 3.2. Initial identity validation ................................................................................................................ 8 3.2.1. Method to Prove Possession of Private Key ........................................................................... 8 3.2.2. Authentication of Organization Identity .................................................................................... 8 3.2.3. Authentication of Individual Identity ......................................................................................... 8 3.2.4. Non-verified Subscriber Information ...................................................................................... 14 3.2.5. Validation of Authority ........................................................................................................... 14 3.3. Identification and authentication for re-key requests .................................................................. 14 3.3.1. Identification and Authentication for Routine Re-key ............................................................. 15 3.3.2. Identification and Authentication for Re-key After Revocation............................................... 16 3.4. Identification and authentication for revocation request ............................................................. 16 4. CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS ....................................................... 16 4.1. Certificate Application ................................................................................................................ 16 4.1.1. Who Can Submit a Certificate Application ............................................................................ 16 4.1.2. Enrollment Process and Responsibilities .............................................................................. 16 4.2. Certificate application processing .............................................................................................. 16 4.2.1. Performing Identification and Authentication Functions ........................................................ 16 4.2.2. Approval or Rejection of Certificate Applications................................................................... 16 4.2.1. Time to Process Certificate Applications ............................................................................... 17 4.3. Certificate issuance.................................................................................................................... 17 4.3.1. CA Actions during Certificate Issuance ................................................................................. 17 4.3.2. Notification to Subscriber by the CA of Issuance of Certificate ............................................. 17 4.4. Certificate acceptance ............................................................................................................... 17 4.4.1. Conduct Constituting Certificate Acceptance ........................................................................ 17 4.4.2. Publication of the Certificate by the CA ................................................................................. 17 4.4.3. Notification of Certificate Issuance by the CA to Other Entities ............................................. 17 4.5. Key pair and certificate usage .................................................................................................... 17 4.5.1. Subscriber Private Key and Certificate Usage ...................................................................... 17 4.5.2. Relying Party Public Key and Certificate Usage.................................................................... 17 1.


4.6. Certificate renewal ..................................................................................................................... 17 4.6.1. Circumstance for Certificate Renewal ................................................................................... 17 4.6.2. Who May Request Renewal .................................................................................................. 18 4.6.3. Processing Certificate Renewal Requests ............................................................................ 18 4.6.4. Notification of New Certificate Issuance to Subscriber .......................................................... 18 4.6.5. Conduct Constituting Acceptance of a Renewal Certificate .................................................. 18 4.6.6. Publication of the Renewal Certificate by the CA .................................................................. 18 4.6.7. Notification of Certificate Issuance by the CA to Other Entities ............................................. 18 4.7. Certificate re-key ........................................................................................................................ 18 4.8. Certificate modification ............................................................................................................... 19 4.9. Certificate revocation and suspension ....................................................................................... 19 4.9.1. Circumstances for Revocation .............................................................................................. 19 4.9.2. Who Can Request Revocation .............................................................................................. 20 4.9.3. Procedure for Revocation Request ....................................................................................... 21 4.9.4. Revocation Request Grace Period ........................................................................................ 21 4.9.5. Time within which CA Must Process the Revocation Request .............................................. 21 4.9.6. Revocation Checking Requirement for Relying Parties ......................................................... 21 4.9.7. CRL Issuance Frequency ...................................................................................................... 21 4.9.8. Maximum Latency for CRLs .................................................................................................. 22 4.9.9. On-line Revocation/Status Checking Availability ................................................................... 22 4.9.10. On-line Revocation Checking Requirements .................................................................... 22 4.9.11. Other Forms of Revocation Advertisements Available ..................................................... 22 4.9.12. Special Requirements Related to Key Compromise ......................................................... 22 4.9.13. Circumstances for Suspension ......................................................................................... 22 4.9.14. Who Can Request Suspension ........................................................................................ 22 4.9.15. Procedure for Suspension Request .................................................................................. 22 4.9.16. Limits on Suspension Period ............................................................................................ 22 4.10. Certificate status services .......................................................................................................... 22 4.10.1. Operational Characteristics .............................................................................................. 22 4.10.2. Service Availability ........................................................................................................... 22 4.10.3. Optional Features ............................................................................................................. 23 4.11. End of subscription .................................................................................................................... 23 4.12. Key escrow and recovery ........................................................................................................... 23 5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS ........................................................ 23 5.1. Physical Controls ....................................................................................................................... 23 5.1.1. Site Location and Construction ............................................................................................. 23 5.1.2. Physical Access .................................................................................................................... 24 5.1.3. Power and Air Conditioning ................................................................................................... 24 5.1.4. Water Exposures................................................................................................................... 24 5.1.5. Fire Prevention and Protection .............................................................................................. 24 5.1.6. Media Storage ....................................................................................................................... 24 5.1.7. Waste Disposal ..................................................................................................................... 24 5.1.8. Off-site Backup...................................................................................................................... 24 5.2. Procedural controls .................................................................................................................... 25 5.2.1. Trusted Roles ........................................................................................................................ 25 5.2.2. Number of Persons Required per Task ................................................................................. 25 5.2.3. Identification and Authentication for each Role ..................................................................... 25 5.2.4. Roles Requiring Separation of Duties ................................................................................... 26 5.3. Personnel controls ..................................................................................................................... 26 5.3.1. Qualifications, Experience, and Clearance Requirements .................................................... 26 5.3.2. Background Check Procedures............................................................................................. 26 5.3.3. Training Requirements .......................................................................................................... 26 5.3.4. Retraining Frequency and Requirements .............................................................................. 27 5.3.5. Job Rotation Frequency and Sequence ................................................................................ 27 5.3.6. Sanctions for Unauthorized Actions ...................................................................................... 27 5.3.7. Independent Contractor Requirements ................................................................................. 27 5.3.8. Documentation Supplied to Personnel .................................................................................. 27 5.4. Audit logging procedures ........................................................................................................... 27 5.4.1. Types of Events Recorded .................................................................................................... 27 5.4.2. Frequency of Processing Log................................................................................................ 30 5.4.3. Retention Period for Audit Log .............................................................................................. 30 5.4.4. Protection of Audit Log .......................................................................................................... 30

ii


5.4.5. Audit Log Backup Procedures ............................................................................................... 30 5.4.6. Audit Collection System (internal vs. external) ...................................................................... 30 5.4.7. Notification to Event-causing Subject .................................................................................... 30 5.4.8. Vulnerability Assessments .................................................................................................... 30 5.5. Records archival ........................................................................................................................ 31 5.5.1. Types of Records Archived ................................................................................................... 31 5.5.2. Retention Period for Archive ................................................................................................. 31 5.5.3. Protection of Archive ............................................................................................................. 31 5.5.4. Archive Backup Procedures .................................................................................................. 31 5.5.5. Requirements for Time-stamping of Records ........................................................................ 32 5.5.6. Archive Collection System (internal or external).................................................................... 32 5.5.7. Procedures to Obtain and Verify Archive Information ........................................................... 32 5.6. Key changeover ......................................................................................................................... 32 5.7. Compromise and disaster recovery ........................................................................................... 32 5.7.1. Incident and Compromise Handling Procedures ................................................................... 32 5.7.2. Computing Resources, Software, and/or Data Are Corrupted .............................................. 32 5.7.3. Entity Private Key Compromise Procedures ......................................................................... 32 5.7.4. Business Continuity Capabilities after a Disaster .................................................................. 32 5.8. CA or RA termination ................................................................................................................. 33 6. TECHNICAL SECURITY CONTROLS ................................................................................................ 33 6.1. Key pair generation and installation ........................................................................................... 33 6.1.1. Key Pair Generation .............................................................................................................. 33 6.1.2. Private Key Delivery to Subscriber ........................................................................................ 34 6.1.3. Public Key Delivery to Certificate Issuer ............................................................................... 34 6.1.4. CA Public Key Delivery to Relying Parties ............................................................................ 34 6.1.5. Key Sizes .............................................................................................................................. 34 6.1.6. Public Key Parameters Generation and Quality Checking .................................................... 34 6.1.7. Key Usage Purposes (as per X.509 v3 key usage field) ....................................................... 35 6.2. Private Key Protection and Cryptographic Module Engineering Controls .................................. 35 6.2.1. Cryptographic Module Standards and Controls..................................................................... 35 6.2.2. Private Key (n out of m) Multi-person Control ....................................................................... 36 6.2.3. Private Key Escrow ............................................................................................................... 36 6.2.4. Private Key Backup ............................................................................................................... 36 6.2.5. Private Key Archival .............................................................................................................. 37 6.2.6. Private Key Transfer into or from a Cryptographic Module ................................................... 37 6.2.7. Private Key Storage on Cryptographic Module ..................................................................... 37 6.2.8. Method of Activating Private Key .......................................................................................... 37 6.2.9. Method of Deactivating Private Key ...................................................................................... 37 6.2.10. Method of Destroying Private Key .................................................................................... 37 6.2.11. Cryptographic Module Rating ........................................................................................... 37 6.3. Other aspects of key pair management ..................................................................................... 37 6.3.1. Public Key Archival ............................................................................................................... 37 6.3.2. Certificate Operational Periods and Key Pair Usage Periods................................................ 37 6.4. Activation data ........................................................................................................................... 38 6.4.1. Activation Data Generation and Installation .......................................................................... 38 6.4.2. Activation Data Protection ..................................................................................................... 38 6.4.3. Other Aspects of Activation Data .......................................................................................... 39 6.5. Computer security controls ........................................................................................................ 39 6.5.1. Specific Computer Security Technical Requirements ........................................................... 39 6.5.2. Computer Security Rating ..................................................................................................... 39 6.6. Life cycle technical controls ....................................................................................................... 39 6.6.1. System Development Controls .............................................................................................. 39 6.6.2. Security Management Controls ............................................................................................. 40 6.6.3. Life Cycle Security Controls .................................................................................................. 40 6.7. Network security controls ........................................................................................................... 40 6.8. Time-stamping ........................................................................................................................... 40 7. CERTIFICATE, CRL, AND OCSP PROFILES .................................................................................... 41 7.1. Certificate profile ........................................................................................................................ 41 7.1.1. Version Number(s) ................................................................................................................ 41 7.1.2. Certificate Extensions ........................................................................................................... 41 7.1.3. Algorithm Object Identifiers ................................................................................................... 41 7.1.4. Name Forms ......................................................................................................................... 42

iii


7.1.5. Name Constraints ................................................................................................................. 42 7.1.6. Certificate Policy Object Identifier ......................................................................................... 43 7.1.7. Usage of Policy Constraints Extension ................................................................................. 43 7.1.8. Policy Qualifiers Syntax and Semantics ................................................................................ 43 7.1.9. Processing Semantics for the Critical Certificate Policies Extension..................................... 43 7.2. CRL profile ................................................................................................................................. 43 7.2.1. Version number(s) ................................................................................................................. 43 7.2.2. CRL and CRL Entry Extensions ............................................................................................ 43 7.3. OCSP profile .............................................................................................................................. 43 7.3.1. Version Number(s) ................................................................................................................ 43 7.3.2. OCSP Extensions ................................................................................................................. 43 8. COMPLIANCE AUDIT AND OTHER ASSESSMENTS ....................................................................... 43 8.1. Frequency or circumstances of assessment .............................................................................. 43 8.2. Identity/qualifications of assessor .............................................................................................. 43 8.3. Assessor's relationship to assessed entity ................................................................................. 44 8.4. Topics covered by assessment .................................................................................................. 44 8.5. Actions taken as a result of deficiency ....................................................................................... 44 8.6. Communication of results .......................................................................................................... 44 8.7. Self-Audits ................................................................................................................................. 44 9. OTHER BUSINESS AND LEGAL MATTERS ...................................................................................... 44 9.1. Fees ........................................................................................................................................... 44 9.1.1. Certificate Issuance or Renewal Fees ................................................................................... 44 9.1.2. Certificate Access Fees ........................................................................................................ 45 9.1.3. Revocation or Status Information Access Fees..................................................................... 45 9.1.4. Fees for Other Services ........................................................................................................ 45 9.1.5. Refund Policy ........................................................................................................................ 45 9.2. Financial responsibility ............................................................................................................... 45 9.2.1. Insurance Coverage .............................................................................................................. 45 9.2.2. Other Assets ......................................................................................................................... 45 9.2.3. Insurance or Warranty Coverage for End-Entities ................................................................. 45 9.3. Confidentiality of business information....................................................................................... 45 9.3.1. Scope of Confidential Information ......................................................................................... 45 9.3.2. Information Not Within the Scope of Confidential Information ............................................... 45 9.3.3. Responsibility to Protect Confidential Information ................................................................. 45 9.4. Privacy of personal information .................................................................................................. 45 9.4.1. Privacy Plan .......................................................................................................................... 45 9.4.2. Information Treated as Private .............................................................................................. 45 9.4.3. Information Not Deemed Private ........................................................................................... 45 9.4.4. Responsibility to Protect Private Information ......................................................................... 46 9.4.5. Notice and Consent to Use Private Information .................................................................... 46 9.4.6. Disclosure Pursuant to Judicial or Administrative Process .................................................... 46 9.4.7. Other Information Disclosure Circumstances ........................................................................ 46 9.5. Intellectual property rights .......................................................................................................... 46 9.6. Representations and warranties ................................................................................................ 46 9.6.1. CA Representations and Warranties ..................................................................................... 46 9.6.2. RA Representations and Warranties ..................................................................................... 46 9.6.3. Subscriber Representations and Warranties ......................................................................... 46 9.6.4. Relying Party Representations and Warranties..................................................................... 46 9.6.5. Representations and Warranties of Other Participants ......................................................... 46 9.7. Disclaimers of warranties ........................................................................................................... 47 9.8. Limitations of liability .................................................................................................................. 47 9.9. Indemnities ................................................................................................................................ 47 9.9.1. Indemnification by DigiCert ................................................................................................... 47 9.9.2. Indemnification by Subscribers ............................................................................................. 47 9.9.3. Indemnification by Relying Parties ........................................................................................ 47 9.10. Term and termination ................................................................................................................. 47 9.10.1. Term ................................................................................................................................. 47 9.10.2. Termination ...................................................................................................................... 47 9.10.3. Effect of Termination and Survival .................................................................................... 47 9.11. Individual notices and communications with participants ........................................................... 47 9.12. Amendments .............................................................................................................................. 47 9.12.1. Procedure for Amendment ............................................................................................... 47

iv


9.12.2. Notification Mechanism and Period .................................................................................. 47 9.12.3. Circumstances under which OID Must Be Changed ........................................................ 48 9.13. Dispute resolution provisions ..................................................................................................... 48 9.14. Governing law ............................................................................................................................ 48 9.15. Compliance with applicable law ................................................................................................. 48 9.16. Miscellaneous provisions ........................................................................................................... 48 9.16.1. Entire Agreement ............................................................................................................. 48 9.16.2. Assignment....................................................................................................................... 48 9.16.3. Severability ....................................................................................................................... 48 9.16.4. Enforcement (attorneys' fees and waiver of rights)........................................................... 48 9.16.5. Force Majeure .................................................................................................................. 48 9.17. Other provisions ......................................................................................................................... 49

1. INTRODUCTION
ThisCertificatePolicy(CP)definestheproceduralandoperationalrequirementsthatDigiCert requiresentitiestoadheretowhenissuingandmanagingdigitallysignedobjects(digitalcertificates andtimestamptokens)withinDigiCertsPKI.DigiCertscertificateandtimestamppoliciesare controlledbytheDigiCertPolicyAuthority(DCPA)thatdetermineshowthisCPappliestoCertificate Authorities(CAs),RegistrationAuthorities(RAs),Subscribers,RelyingPartiesandotherPKIentities thatinteroperatewithorwithintheDigiCertPKI. ThisdocumentspecifiesthepoliciesDigiCertusestomeetthecurrentrequirementsofthe CertificationAuthority/BrowserForum("CABForumGuidelines"),thecurrentversiontowhich DigiCertshallconformwhenissuingpubliclytrustedcertificates.TheCABForumGuidelinesinclude theBaselineRequirementsfortheIssuanceandManagementofPubliclyTrustedCertificates (BaselineRequirements)andtheGuidelinesforExtendedValidationCertificates(EVGuidelines), bothofwhicharepublishedathttp://www.cabforum.org.Ifanyinconsistencyexistsbetweenthis CPandtheBaselineRequirementsorEVGuidelines,theBaselineRequirementsandEVGuidelines takeprecedence.TimestampingpoliciesareinaccordancewithIETFRFC3161,X9.95,ETSI102 023,andETSI101861technicalstandards. ClientcertificatesfollowtheidentityassuranceframeworksfoundintheFederalBridgeCP,the CitizenandCommerceClassCommonCP,NIST80063,theKantaraInitiative,andtheEuropean Directive1999/93/EC. PersonalIdentityVerificationInteroperable(PIVI)cardsissuedunderthisCPareintendedto technicallyinteroperatewithFederalPIVCardreadersandapplications.RelianceonPIVICards requirescompliancewithtechnicalspecificationsandspecifictrustelements.PIVpoliciesforPIVI Hardware,PIVICardAuthentication,andPIVIContentSigningareforusewithPIVIsmartcards. TherequirementsassociatedwithPIVIHardwareandPIVIContentSigningareidenticaltoLevel4 Certificatesexceptwherespecificallynotedherein.PIVIContentSigningpolicyisreservedfor certificatesusedbytheCardManagementSystem(CMS)tosignthePIVIcardsecurityobjects. ThisCPisonlyoneofseveraldocumentsthatgoverntheDigiCertPKI.Otherimportantdocuments includeCertificationPracticeStatements,registrationauthorityagreementsandpracticestatements, subscriberagreements,relyingpartyagreements,customeragreements,privacypolicies,and memorandaofagreement.DigiCertmaypublishadditionalcertificatepoliciesorcertification practicestatementsasnecessarytodescribeotherproductandserviceofferings.These supplementalpoliciesandstatementsareavailabletoapplicableusersorrelyingparties. PursuanttotheIETFPKIXRFC3647CP/CPSframework,thisCPisdividedintoninepartsthatcover thesecuritycontrolsandpracticesandproceduresforcertificateortimestampingserviceswithin theDigiCertPKI.TopreservetheoutlinespecifiedbyRFC3647,sectionheadingsthatdonotapply havethestatement"Notapplicable"or"Nostipulation." ThisdocumentistheDigiCertCertificatePolicyandwasapprovedforpublicationon2August2010 bytheDigiCertPolicyAuthority(DCPA).Thefollowingrevisionshavebeenmadetotheoriginal document: Date Changes Version 10May2012 UpdatedtoincludeprovisionssetforthintheBaseline 4.04 Requirements,toaddEVCodeSigning,improvereadability, andtomodifyrequirementsrelatedtoIGTFcertificates. 1

1.1.

OVERVIEW

1.2.

DOCUMENTNAMEANDIDENTIFICATION

 Date 3May2011 29October2010 26August2010 2August2010 Changes PolicyOIDsrevisedforcertaincertificatetypesandminor updatesmadetovarioussections. ChangesmadeinresponsetocommentsfromtheFPKICPWG regardingcertificatestatusservices,trustedroles,andoffsite backupofarchive. Updatedtheprocessusedtoauthenticatethecertificate requestersauthorityundersection3.2.5forcodesigning certificatesissuedtoorganizations Thisversion 4.0replacestheDigiCertCertificatePolicyand CertificationPracticesStatement,Version3.08,dated May29,2009. Version 4.03 4.02 4.01 4.0

TheOIDforDigiCertisjointisoccitt(2)country(16)USA(840)UScompany(1)DigiCert (114412).DigiCertorganizesitsOIDarcsforthevariouscertificatesanddocumentsdescribed inthisCPasfollows: ObjectIdentifier(OID) DigitallySignedObject PolicyDocuments 2.16.840.1.114412.0 ThisCPDocument 2.16.840.1.114412.0.1.4 NonEVSSLCertificates 2.16.840.1.114412.1 OrganizationallyValidatedSSLCertificate 2.16.840.1.114412.1.1 DomainValidatedSSLCertificate 2.16.840.1.114412.1.2 FederatedDeviceCertificate 2.16.840.1.114412.1.11 ExtendedValidationSSLCertificates 2.16.840.1.114412.2 ObjectSigningCertificates 2.16.840.1.114412.3 CodeSigning 2.16.840.1.114412.3.1 ExtendedValidationCodeSigning 2.16.840.1.114412.3.2 WindowsKernelDriverSigning 2.16.840.1.114412.3.11 CertifiedDocumentSigning(CDS) 2.16.840.1.114412.3.21 ClientCertificateOIDarc 2.16.840.1.114412.4. Level1CertificatesPersonal 2.16.840.1.114412.4.1.1 Level1CertificatesEnterprise 2.16.840.1.114412.4.1.2 Level2Certificates 2.16.840.1.114412.4.2 Level3CertificatesUS 2.16.840.1.114412.4.3.1 Level3CertificatesCBP 2.16.840.1.114412.4.3.2 Level4CertificatesUS 2.16.840.1.114412.4.4.1 Level4CertificatesCBP 2.16.840.1.114412.4.4.2 PIVIOIDarc 2.16.840.1.114412.5 PIVIHardwarekeysrequireactivationbythe PIVICardholder(PIVAuth,DigSigandKey 2.16.840.1.114412.4.5.1 Management) PIVICardAuthenticationkeysdonotrequire 2.16.840.1.114412.4.5.2 PIVICardholderactivation PIVIContentSigningusebyPIVIcompliant 2.16.840.1.114412.4.5.3 CMS GridCertificates 2.16.840.1.114412.4.31or 2.16.840.1.114412.31(Gridonlyarc) IGTFComparabletoClassicwithSecured 2.16.840.1.114412.4.31. Infrastructure IGTFComparabletoMemberIntegrated CredentialServiceswithSecured 2.16.840.1.114412.4.31.5 Infrastructure

 GridOnlyHostCertificate AuthenticationOnlyCertificates Legacyarc Testarc 2.16.840.1.114412.31.4.31.1 2.16.840.1.114412.6 2.16.840.1.114412.81 2.16.840.1.114412.99

ThisCPappliestoanyentityassertingoneormoreoftheDigiCertOIDsidentifiedabove.Allother OIDsmentionedabovebelongtotheirrespectiveowners.CommercialBestPractices(CBP)differs fromUSinthattherearenotrustedrolecitizenshiprequirementsforanIssuerCAissuingundera CBPpolicy,whereaspoliciesdesignatedUSmustfollowthecitizenshippracticessetforthinSection 5.3.1ofthisCP. TheLegacyarcexiststoidentifycertificatesissuedforpurposeofachievingcompatibilitywithlegacy systemsthatareincapableofprocessingneweralgorithmsthatmightberequiredbycomparable industrybestpractices,e.g.,toidentifycertificatessignedusingtheSHA1algorithmwhenSHA256 wouldberequiredinaPKIwithwhichDigiCerthascrosscertified. SubsequentrevisionstothisCPmightcontainnewOIDassignmentsforthecertificatetypes identifiedabove.

1.3.

PKIPARTICIPANTS

DigiCertRootCertificateAuthoritiesandIntermediateCAsaremanagedbytheDigiCertPolicy Authority(DCPA)whichiscomposedofmembersofDigiCertmanagementappointedbyDigiCerts BoardofDirectors.TheDCPAisresponsibleforthisCP,theapprovalofrelatedpracticestatements, andoverseeingtheconformanceofCApracticeswiththisCP.DigiCertspoliciesaredesignedto ensurethattheDigiCertPKIcomplies,inallmaterialrespects,withU.S.andinternationalstandards andregulations,includingtheFederalBridgeCertificatePolicy,EuropeanDirective99/93,CAB ForumGuidelines,andrelevantlawonelectronicsignatures.DigiCertmayestablishorrecognize otherCAs(e.g.subordinateCAs)inaccordancewiththisCP,applicablecrosscertification/ federationpoliciesandmemorandaofagreement.Foreaseofreferenceherein,allCAsissuing certificatesinaccordancewiththisCP(includingDigiCert)arehereafterreferredtoasIssuerCAs. InaccordancewithEUDirective1999/93,EUQualifiedCertificateswillonlybeissuedbyIssuerCAs operatedunderthecontrolofDigiCert.DigiCertshallnotifytheU.S.FederalPKIPolicyAuthority (FPKIPA)priortoissuinganyCAcertificatetoanexternalIssuerCAthatDigiCertdesirestochainto theFederalBridgeCA. RegistrationAuthorities(RA)operateidentitymanagementsystems(IdMs)andcollectandverify SubscriberinformationontheIssuerCAsbehalf.TherequirementsinthisCPapplytoallRAs.An IssuerCAshallmonitoreachRAscompliancewiththispolicy,theCPS,andifapplicable,any RegistrationPracticesStatement(RPS)underwhichtheRAoperates.AnIssuerCAthatreliesona varietyofRAsorIdMstosupportvariouscommunitiesofinterestmaysubmitanRPSforeachRAor IdMtotheDCPAforapproval.TheRPSmustcontaindetailsnecessaryfortheDCPAtodetermine howtheRAachievescompliancewiththisPolicy.NecessarydetailsincludehowtheRAsprocessor IdMestablishestheidentitiesofapplicants,howtheintegrityandauthenticityofsuchidentifying informationissecurelymaintainedandmanaged,andhowchangesandupdatestosuchinformation arecommunicatedtotheIssuerCA. SubscribersuseDigiCertsservicesandPKItosupporttransactionsandcommunications. Subscribersarenotalwaysthepartyidentifiedinacertificate,suchaswhencertificatesareissuedto anorganizationsemployees.TheSubjectofacertificateisthepartynamedinthecertificate.A Subscriber,asusedherein,referstoboththesubjectofthecertificateandtheentitythatcontracted

1.3.1. DigiCertPolicyAuthorityandCertificationAuthorities

1.3.2. RegistrationAuthorities

1.3.3. Subscribers

 withtheIssuerCAforthecertificatesissuance.Priortoverificationofidentityandissuanceofa certificate,aSubscriberisanApplicant. RelyingPartiesareentitiesthatactinrelianceonacertificateand/ordigitalsignatureissuedby theIssuerCA.RelyingpartiesmustchecktheappropriateCRLorOCSPresponsepriortorelyingon informationfeaturedinacertificate. WhenissuingPIVIcards,theIssuerCAshallmakeaCardManagementSystems(CMS)responsible formanagingsmartcardtokencontent.TheIssuerCAshallensurethattheCMSmeetsthe requirementsdescribedherein.TheIssuerCAshallnotissueanycertificatetoaCMSthatincludesa PIVIHardwareorPIVICardAuthenticationpolicyOID.OtherparticipantsincludeBridgeCAsand CAsthatcrosscertifyIssuerCAstoprovidetrustamongotherPKIcommunities. Adigitalcertificate(orcertificate)isformatteddatathatcryptographicallybindsanidentified subscriberwithaPublicKey.Adigitalcertificateallowsanentitytakingpartinanelectronic transactiontoproveitsidentitytootherparticipantsinsuchtransaction.Digitalcertificatesare usedincommercialenvironmentsasadigitalequivalentofanidentificationcard. Atimestamptoken(TST)cryptographicallybindsarepresentationofdatatoaparticulartimestamp, thusestablishingevidencethatthedataexistedatacertainpointintime. CertificatesissuedunderthisCPmaybeusedforthepurposesdesignatedinthekeyusageand extendedkeyusagefieldsfoundinthecertificate.However,thesensitivityoftheinformation processedorprotectedbyacertificatevariesgreatly,andeachRelyingPartymustevaluatethe applicationenvironmentandassociatedrisksbeforedecidingonwhethertouseacertificateissued underthisCP. CertificatesdonotguaranteethattheSubjectistrustworthy,honest,reputableinitsbusiness dealings,compliantwithanylaws,orsafetodobusinesswith.Acertificateonlyestablishesthatthe informationinthecertificatewasverifiedasreasonablycorrectwhenthecertificateissued.Code signingcertificatesdonotindicatethatthesignedcodeissafetoinstallorisfreefrommalware,bugs, orvulnerabilities. CertificatesissuedunderthisCPmaynotbeused(i)foranyapplicationrequiringfailsafe performancesuchas(a)theoperationofnuclearpowerfacilities,(b)airtrafficcontrolsystems,(c) aircraftnavigationsystems,(d)weaponscontrolsystems,or(e)anyothersystemwhosefailure couldleadtoinjury,deathorenvironmentaldamage;or(ii)whereprohibitedbylaw.

1.3.4. RelyingParties

1.3.5. OtherParticipants

1.4.

CERTIFICATEUSAGE

1.4.1. AppropriateCertificateUses

1.4.2. ProhibitedCertificateUses

1.5.

POLICYADMINISTRATION

ThisCPandthedocumentsreferencedhereinaremaintainedbytheDCPA,whichcanbecontacted at: DigiCertPolicyAuthority Suite200CanopyBuildingII 355South520West Lindon,UT84042USA Tel:18018772100 Fax:18017050481

1.5.1. OrganizationAdministeringtheDocument

1.5.2. ContactPerson

Attn:LegalCounsel DigiCertPolicyAuthority Suite200CanopyBuildingII 355South520West Lindon,UT84042USA

TheDCPAdeterminesthesuitabilityandapplicabilityofthisCPandtheconformanceofaCPStothis CPbasedontheresultsandrecommendationsreceivedfromanindependentauditor(seeSection8). TheDCPAisalsoresponsibleforevaluatingandactingupontheresultsofcomplianceaudits. TheDCPAapprovestheCPandanyamendments.Amendmentsaremadebyeitherupdatingthe entireCPorbypublishinganaddendum.TheDCPAdetermineswhetheranamendmenttothisCP requiresnoticeoranOIDchange.SeealsoSection9.10andSection9.12below.

1.5.3. PersonDeterminingCPSuitabilityforthePolicy

1.5.4. CPApprovalProcedures

1.6.

AffiliatedOrganizationmeansanorganizationthathasanorganizationalaffiliationwitha Subscriberandthatapprovesorotherwiseallowssuchaffiliationtoberepresentedinacertificate. Applicantmeansanentityapplyingforacertificate. EUDirective99/93meanstheEUCouncilDirective1999/93/ECoftheEuropeanParliamentand oftheCouncilof13December1999onaCommunityframeworkforElectronicSignatures,OJL13, 19.01.2000,pp.1220. EVGuidelinesisdefinedinsection1.1. KeyPairmeansaPrivateKeyandassociatedPublicKey. OCSPRespondermeansanonlinesoftwareapplicationoperatedundertheauthorityofDigiCert andconnectedtoitsrepositoryforprocessingcertificatestatusrequests. PIVIProfilemeanstheX.509CertificateandCertificateRevocationList(CRL)ExtensionsProfile forPersonalIdentityVerificationInteroperable(PIVI)Cards,Ver.1.0,Date:April232010. PrivateKeymeansthekeyofakeypairthatiskeptsecretbytheholderofthekeypair,andthatis usedtocreatedigitalsignaturesand/ortodecryptelectronicrecordsorfilesthatwereencrypted withthecorrespondingPublicKey. PublicKeymeansthekeyofakeypairthatmaybepubliclydisclosedbytheholderofthe correspondingPrivateKeyandthatisusedbyaRelyingPartytoverifydigitalsignaturescreated withtheholder'scorrespondingPrivateKeyand/ortoencryptmessagessothattheycanbe decryptedonlywiththeholder'scorrespondingPrivateKey. QualifiedCertificatemeansacertificatethatmeetstherequirementsinAnnexIofEUDirective 99/93andisprovidedbyanIssuerCAmeetingtherequirementsofAnnexIIoftheDirective. RelyingPartymeansanentitythatreliesuponeithertheinformationcontainedwithina certificateoratimestamptoken.

DEFINITIONSANDACRONYMS

 RelyingPartyAgreementmeansanagreementwhichmustbereadandacceptedbytheRelying Partypriortovalidating,relyingonorusingaCertificateoraccessingorusingDigiCertsRepository. SecureSignatureCreationDevicemeansasignaturecreationdevicethatmeetsthe requirementslaiddowninAnnexIIIoftheEUDirective99/93. Subscribermeanseithertheentityidentifiedasthesubjectinthecertificateortheentity receivingDigiCertstimestampingservices. SubscriberAgreementmeansanagreementthatgovernstheissuanceanduseofacertificatethat theApplicantmustreadandacceptbeforereceivingacertificate. WebTrustmeansthecurrentversionoftheAICPA/CICAWebTrustProgramforCertification Authorities.

Acronyms: CA CBP CMS CP CPS CRL CSR DCPA ETSI EU EV FIPS FQDN HSM IANA ICANN IdM IETF IGTF ITU ITUT MICS OCSP OID PIN PIVI PKI PKIX PKCS RA SHA SSCD SSL TLD TLS URL UTC X.509

CertificateAuthorityorCertificationAuthority CommercialBestPractices CardManagementSystem CertificatePolicy CertificationPracticeStatement CertificateRevocationList CertificateSigningRequest DigiCertPolicyAuthority EuropeanTelecommunicationsStandardsInstitute EuropeanUnion ExtendedValidation (USGovernment)FederalInformationProcessingStandard FullyQualifiedDomainName HardwareSecurityModule InternetAssignedNumbersAuthority InternetCorporationforAssignedNamesandNumbers IdentityManagementSystem InternetEngineeringTaskForce InternationalGridTrustFederation InternationalTelecommunicationUnion ITUTelecommunicationStandardizationSector MemberIntegratedCredentialService(IGTF) OnlineCertificateStatusProtocol ObjectIdentifier PersonalIdentificationNumber(e.g.asecretaccesscode) PersonalIdentityVerificationInteroperable PublicKeyInfrastructure IETFWorkingGrouponPublicKeyInfrastructure PublicKeyCryptographyStandard RegistrationAuthority SecureHashingAlgorithm SecureSignatureCreationDevice SecureSocketsLayer TopLevelDomain TransportLayerSecurity UniformResourceLocator CoordinatedUniversalTime TheITUTstandardforCertificatesandtheircorrespondingauthentication framework 6

2. PUBLICATIONANDREPOSITORYRESPONSIBILITIES
IssuerCAsshallpublishallpubliclytrustedCAcertificatesandcrosscertificates,issuedtoand fromtheIssuerCA,revocationdataforissueddigitalcertificates,CP,CPS,andstandardRelying PartyAgreementsandSubscriberAgreementsinonlinerepositories.TheIssuerCAshallensurethat itsrootcertificateandtherevocationdataforissuedcertificatesareavailablethrougharepository 24hoursaday,7daysaweekwithaminimumof99%availabilityoverallperyearwithascheduled downtimethatdoesnotexceed0.5%annually.

2.1.

REPOSITORIES

2.2.

IssuerCAsshallmakethefollowinginformationpublicallyaccessibleontheweb:allpubliclytrusted rootcertificates,crosscertificates,CRLs,CPsandCPSs.

PUBLICATIONOFCERTIFICATIONINFORMATION

2.3.

IssuerCAsshallpublishCAcertificatesandrevocationdataassoonaspossibleafterissuance.Issuer CAsshallpublishnewormodifiedversionsCPSswithinsevendaysoftheirapproval. Informationpublishedinarepositoryispublicinformation.TheIssuerCAshallprovideunrestricted readaccesstoitsrepositoriesandshallimplementlogicalandphysicalcontrolstoprevent unauthorizedwriteaccesstosuchrepositories.

TIMEORFREQUENCYOFPUBLICATION

2.4.

ACCESSCONTROLSONREPOSITORIES

3. IDENTIFICATIONANDAUTHENTICATION 3.1. NAMING

IssuerCAsshallissuecertificateswithanonnullsubjectDistinguishedName(DN)thatcomplies withITUX.500standards.SubjectAlternateNameformsmaybeincludedincertificatesiftheyare markednoncritical.WhenDNsareused,commonnamesmustrespectnamespaceuniquenessand mustnotbemisleading.IssuerCAsshallceaseissuingpubliclytrustedSSLcertificatescontaining internalservernamesorreservedIPaddressesasofthesunsetdatessetforthintheBaseline Requirements. ForPIVICertificates: 1. IssuerCAsshallincludebothanonnullsubjectnameandsubjectalternativenamein Certificates. 2. IssuerCAsshallindicatetheSubscribersassociationwithanAffiliatedOrganizationusing theformsallowedintheFederalBridgeCertificatePolicy. 3. IssuerCAsshallclearlyindicatetheorganizationadministeringtheCMSineachPIVI ContentSigningcertificate. 4. IssuerCAsshallnotincludeaSubscribercommonnameinaPIVICardAuthentication subscribercertificate. 5. IssuerCAsshallencodetheUUIDwithintheserialNumberattributeusingtheUUIDstring representationdefinedinSection3ofRFC4122. IssuerCAsshallcomplywithsection3.1.2ofRFC3739whenprovidingEUQualifiedCertificates. Whenapplicable,IssuerCAsshallusedistinguishednamestoidentifyboththesubjectandissuerof thecertificate.Directoryinformationtreesshallaccuratelyreflectorganizationalstructures.

3.1.1. TypesofNames

3.1.2. NeedforNamestobeMeaningful

 Whenapplicable,IssuerCAsshallensurethateachUserPrincipalName(UPN)isuniqueand accuratelyreflectsorganizationalstructures. IssuerCAsmayissueendentityanonymousorpseudonymouscertificatesprovidedthat(i)such certificatesarenotprohibitedbyapplicablepolicy(e.g.forcertificatetype,assurancelevel,or certificateprofile)and(ii)namespaceuniquenessispreserved. DistinguishedNamesinCertificatesareinterpretedusingX.500standardsandASN.1syntax.SeeRFC 2253andRFC2616forfurtherinformationonhowX.500distinguishednamesincertificatesare interpretedasUniformResourceIdentifiersandHTTPreferences. TheDCPAshallenforcenameuniquenessincertificatesthataretrustedwithintheDigiCertPKI.The DCPAmayenforceuniquenessbyrequiringthateachcertificateincludeauniqueserialnumberthat isincorporatedaspartofthesubjectname. Subscribersmaynotrequestcertificateswithanycontentthatinfringestheintellectualproperty rightsofanotherentity.Unlessotherwisespecificallystated,thisCPdoesnotrequireanIssuerCAto verifyanApplicantsrighttouseatrademark.IssuerCAsmayrejectanyapplicationorrequire revocationofanycertificatethatispartofatrademarkdispute. AnIssuerCAmayuseanylegalmeansofcommunicationorinvestigationtoascertaintheidentityof anorganizationalorindividualApplicant.TheIssuerCAmayrefusetoissueacertificateinitssole discretion. TheIssuerCAshallverifythattheApplicantpossessesthePrivateKeycorrespondingtothePublic Keyinthecertificaterequest.TheIssuerCAshallrequirethatPrivateKeysforEUQualified CertificatebegeneratedintheSubscriberspresenceonaSecureSignatureCreationDevice(SSCD) (OID0.4.0.1456.1.1)andstoredsecurelyontheSSCDwithaSubscriberselectedPIN. IfapubliclytrustedSSLcertificatewillcontainanorganizationsname,thentheIssuerCA(oranRA) shallverifytheinformationabouttheorganizationanditslegalexistenceinaccordancewith Section11.2oftheBaselineRequirementsusingreliablethirdpartyandgovernmentdatabasesor throughotherdirectmeansofcommunicationwiththeentityorjurisdictiongoverningthe organizationslegalcreation,existence,orrecognition. Ifacertificateassertsanorganizationalaffiliationbetweenahumansubscriberandanorganization (e.g.PIVIHardwareCertificates),theIssuerCAshallobtaindocumentationfromtheorganization thatrecognizestheaffiliationandobligatestheorganizationtorequestrevocationofthecertificateif thataffiliationends.SeeSections3.2.5,4.9.1and9.6.1. IssuerCAsandRAsshallidentifyhighriskcertificaterequestsandshallconductadditional verificationactivityandtakeadditionalprecautionsasarereasonablynecessarytoensurethathigh risksrequestsareproperlyverified. DigiCertrequiresthatallrequestsforIssuerCAcertificatesorcrosscertificatesincludethe organizationname,address,anddocumentationoftheexistenceoftheorganization.

3.1.3. AnonymityorPseudonymityofSubscribers

3.1.4. RulesforInterpretingVariousNameForms

3.1.5. UniquenessofNames

3.1.6. Recognition,Authentication,andRoleofTrademarks

3.2.

INITIALIDENTITYVALIDATION

3.2.1. MethodtoProvePossessionofPrivateKey

3.2.2. AuthenticationofOrganizationIdentity

 RepresentativesoftheDCPAverifytheinformation,inadditiontotheauthenticityoftherequesting representativeandtherepresentativesauthorizationtoactinthenameoftheorganization. TheIssuerCAortheRAshallverifyanindividualsidentityinaccordancewiththeprocess establishedinitsCPSorRPSthatmeetsthefollowingminimumrequirements: IdentityVerification Certificate SSLServerCertificatesand TheApplicantshall submitalegiblecopyofatleastonecurrently ObjectSigningCertificates validgovernmentissuedphotoID(passport,driverslicense, (issuedtoanIndividual) militaryID,nationalID,orequivalentdocumenttype). IftheIssuerCAorRArequiresfurtherassurance,theApplicant shallprovideadditionalformsofidentification,includingnon photoandnongovernmentalformsofidentificationsuchasrecent utilitybills,financialaccountstatements,Applicantcreditcard, additionalIDcredential,orequivalentdocumenttype. TheIssuerCAorRAshallconfirmthattheApplicantisableto receivecommunicationbytelephone,postalmail/courier,orfax. IftheIssuerCAorRAcannotverifytheApplicantsidentityusing theproceduresdescribedabove,thentheIssuerCAorRAshall obtainaDeclarationofIdentity*witnessedandsignedbya RegistrationAuthority,TrustedAgent,notary,lawyer,accountant, postalcarrier,oranyentitycertifiedbyaStateorNational Governmentasauthorizedtoconfirmidentities. DeviceCertificate Seesection3.2.3.3 Sponsors EVSSLCertificatesissued AsspecifiedintheEVGuidelines toaSoleProprietor AuthenticationCertificates Theentitycontrollingthesecurelocationrepresentsthatthe certificateholderhasauthorizationtoaccessthelocation. GridonlyCertificates EithertheRAresponsibleforthegridcommunityoraTrusted AgentmustobtainacopyoftheApplicantsphotoIDorasimilar identitydocumentduringafacetofacemeetingwiththeApplicant oraTrustedAgentmustattestthattheApplicantispersonally knowntotheTrustedAgent.Ifanidentificationdocumentisused, theRAmustretainsufficientinformationabouttheApplicants identityinordertoverifytheApplicantatalaterdate. Level1ClientCertificates Applicantscontroloveranemailaddress(oranyoftheidentity Personal verificationmethodslistedforahigherlevelclientcertificate). (emailcertificates) (EquivalenttoNIST800 63/KantaraLevel1and FBCACPRudimentary)

3.2.3. AuthenticationofIndividualIdentity

 Level1ClientCertificates Enterprise (emailcertificates) (EquivalenttoCitizen& CommerceClassCommon CP(C4)AssuranceLevel 2.16.840.1.101.3.2.1.14.2) Anyoneofthefollowing: 1.InpersonappearancebeforeanRAorTrustedAgentwith presentmentofanidentitycredential(e.g.,driver'slicenseorbirth certificate). 2.Usingproceduressimilartothoseusedwhenapplyingforconsumer creditandauthenticatedthroughinformationinconsumercredit databasesorgovernmentrecords,suchas: theabilitytoplaceorreceivecallsfromagivennumber;or theabilitytoobtainmailsenttoaknownphysicaladdress. 3.Throughinformationderivedfromanongoingbusiness relationshipwiththecredentialproviderorapartnercompany(e.g.,a financialinstitution,airline,employer,orretailcompany).Acceptable informationincludes: theabilitytoobtainmailatthebillingaddressusedinthebusiness relationship;or verificationofinformationestablishedinprevioustransactions(e.g., previousordernumber);or theabilitytoplacecallsfromorreceivephonecallsataphone numberusedinpreviousbusinesstransactions. 4.AnymethodrequiredtoverifyidentityforissuanceofaLevel2,3, or4ClientCertificate ThislevelofassurancerequiresthattheIssuerCAorRAverifythat theassertednamematches: (a) agovernmentissuedphotoID; (b) theindividualsdateofbirth;and (c) acurrentaddressorpersonaltelephonenumber. TheIssuerCAorRAshallverifytheApplicantsidentityusingoneof thefollowingfour(4)methods: 1.InpersonproofingbeforeanRAorTrustedAgentwith presentmentofagovernmentissuedphotoID,examinedfor authenticityandvalidity. AnentitycertifiedbyaStateorNationalGovernmentasauthorizedto confirmidentitiesmayperforminpersonauthenticationonbehalfof theRA,providedthatthecertifiedentityforwardstheinformation collectedfromtheapplicantdirectlytotheRAinasecuremanner. Packagessecuredinatamperevidentmannerbythecertifiedentity satisfythisrequirement;othersecuremethodsarealsoacceptable. SuchauthenticationdoesnotrelievetheRAofitsresponsibilityto verifythepresenteddata. 2.Remotelyverifyinginformationprovidedbyapplicant(including name,dateofbirth,andcurrentaddressortelephonenumber)using (i)agovernmentissuedphotoIDand(ii)oneadditionalformofID suchasanothergovernmentissuedID,anemployeeorstudentID cardnumber,afinancialaccountnumber(e.g.,checkingaccount, savingsaccount,loanorcreditcard),orautilityserviceaccount number(e.g.,electricity,gas,orwater)foranaddressmatchingthe applicantsresidence. 10

Level2ClientCertificates (Corporatecertificates) (EquivalenttoNIST800 63Level3/KantaraLevels 2and3,IGTF Classic/MICS,andFBCA CPBasic)

 TheIssuerCAorRAmayconfirmanaddressbyissuingthe credentialsinamannerthatconfirmstheaddressofrecordandmay confirmatelephonenumberbyrecordingtheapplicantsvoiceduring acommunicationafterassociatingthetelephonenumberwiththe applicantinrecordsthatareavailabletotheIssuerCAorRA. 3.IftheIssuerCAorRAhasacurrent,ongoingrelationshipwiththe Applicant,theIssuerCAorRAmayverifyidentityusinganexchange ofapreviouslyexchangedsharedsecret(e.g.,aPINorpassword)that meetsorexceedsNISTSP80063Level2entropyrequirements, providedthat:(a)identitywasoriginallyestablishedwiththedegree ofrigorequivalenttothatrequiredin1or2aboveusinga governmentissuedphotoID,and(b)theongoingrelationshipexists sufficienttoensuretheApplicantscontinuedpersonalpossessionof thesharedsecret. 4.Anyofthemethodsrequiredtoverifyidentityforissuanceofa DigiCertLevel3or4ClientCertificate. InpersonproofingbeforeanRA,TrustedAgent, oranentitycertified byaStateorNationalGovernmentthatisauthorizedtoconfirm identities(providedthatthecertifiedentityforwardstheinformation collectedfromtheapplicantdirectlytotheRAinasecuremannerand thattheRAisnotrelievedofitsresponsibilitytoverifythepresented data). TheApplicantshallprovideatleastoneFederalGovernmentissued PictureI.D.,aREALID,ortwoNonFederalGovernmentI.D.s,oneof whichmustbeaphotoI.D.(e.g.,driverslicense). TheIssuerCAorRAshallexaminethecredentialsforauthenticityand validity.ForeachLevel3ClientCertificateissued,theIssuerCAorthe RAshallreviewandrecordaDeclarationofIdentity*whichshallbe signedbytheapplicantandthepersonperformingtheinperson identification. TheIssuerCAorRAshallverifytheprovidedinformation(name,date ofbirth,andcurrentaddress)toensurelegitimacyandmayverifyit electronicallybyarecordcheckwiththespecifiedissuingauthorityor throughsimilardatabasestoestablishtheexistenceofsuchrecords withmatchingnameandreferencenumbersandtocorroboratedate ofbirth,currentaddressofrecord,andotherpersonalinformation sufficienttoensureauniqueidentity. AtrustrelationshipbetweenanRAorTrustedAgentandtheapplicant thatisbasedonaninpersonantecedent(asdefinedinFBCA SupplementaryAntecedent,InPersonDefinition)maysufficeas meetingtheinpersonidentityproofingrequirementprovidedthat (1)itmeetsthethoroughnessandrigorofinpersonproofing describedabove,(2)supportingIDproofingartifactsexistto substantiatetheantecedentrelationship,and(3)mechanismsarein placethatbindtheindividualtotheassertedidentity. IfthephotoIDisvalidandconfirmstheaddressofrecordforthe Applicant,thenthecertificatemaybeapprovedforissuancewith 11

Level3ClientCertificates (EquivalenttoNIST800 63/KantaraLevel3,FBCA CPMedium,andEU QualifiedCertificates)

 noticeofissuancesenttotheaddressofrecord.IfthephotoIDdoes notconfirmtheApplicantsaddressofrecord,thenthecertificateshall beissuedinamannerthatconfirmstheaddressofrecord. ForallLevel3ClientCertificates,theidentityoftheApplicantmustbe establishednoearlierthan30dayspriortoinitialcertificateissuance. InpersonproofingbeforeanRA,TrustedAgent,oranentitycertified byaStateorNationalGovernmentthatisauthorizedtoconfirm identities(providedthatthecertifiedentityforwardstheinformation collectedfromtheapplicantdirectlytotheRAinasecuremannerand thattheRAisnotrelievedofitsresponsibilitytoverifythepresented data). TheApplicationshallsupply(i)oneFederalGovernmentissued PictureI.D.,aREALID,ortwoNonFederalGovernmentI.D.s,oneof whichmustbeaphotoI.D.(e.g.,driverslicense)and(ii)the contemporaneouscollectionofatleastonebiometric(e.g.photograph orfingerprints)toensurethattheApplicantcannotrepudiatethe application. TheIssuerCAorRAshallexaminethecredentialsforauthenticityand validity.ForeachLevel4ClientCertificateissued,theIssuerCAorthe RAshallreviewandrecordaDeclarationofIdentity*thatissignedby theapplicantandthepersonperformingtheinpersonidentification. ForallLevel4ClientCertificatestheuseofaninpersonantecedentis notapplicableandtheApplicantshallestablishhisorheridentityno morethan30dayspriortoinitialcertificateissuance.IssuerCAsand RAsshallissueLevel4ClientCertificatesinamannerthatconfirms theApplicantsaddressofrecord. IssuerCAsshallonlyissuePIVIHardwarecertificatestohuman subscribers. TheRAoraTrustedAgentshallcollectbiometricdataduringthe identityproofingandregistrationprocessthatcomplieswith[NISTSP 80076](seeAppendixA): Anelectronicfacialimageusedforprintingfacialimageon thecard,aswellasforperformingvisualauthentication duringcardusage.TheRAorTrustedAgentmustcollecta newfacialimageeachtimeacardisissued;and Twoelectronicfingerprintsarestoredonthecardfor automatedauthenticationduringcardusage. TheRAorTrustedAgentshallalsorequiretwoidentitysource documentsinoriginalform.Theidentitysourcedocumentsmust comefromthelistofacceptabledocumentsincludedinFormI9,OMB No.11150136,EmploymentEligibilityVerification.Atleastone documentmustbeavalidStateorFederalGovernmentissuedpicture identification(ID).ForallPIVICertificates,theuseofaninperson antecedentisnotapplicableandtheApplicantshallestablishtheir identitynomorethan30dayspriortoinitialcertificateissuance. InpersonverificationoftheApplicantsidentitybyappropriate meansinaccordancewithnationallaw.Theentityperformingthe validationshallchecktheevidenceofidentitydirectlyagainsta physicalpersonorindirectlyusingmeansthatprovideequivalent 12

Level4ClientCertificates (MediumHardware) (EquivalenttoNIST800 63/KantaraLevel4,FBCA CPMediumHardware,and EUQualifiedCertificates utilizingSecureSignature CreationDevices) Mustbeissuedto cryptographichardware.

PIVICertificates

EUQualifiedCertificates

 assurancetophysicalpresence.Submittedevidencemaybeinthe formofeitherpaperorelectronicdocumentation.Wherethesubject isanindividual,evidencemustincludethepersonspassportor governmentissuedIDcard.Collectedinformationmustinclude:full name(includingsurnameandgivennamesconsistentwiththe applicablelawandnationalidentificationpractices);dateandplaceof birth;andanationallyrecognizedidentitynumber(oranother attributethatdistinguishesthepersonfromotherswiththesame name). *ADeclarationofIdentityconsistsofthefollowing: a. theidentityofthepersonperformingtheverification, b. asigneddeclarationbytheverifyingpersonstatingthattheyverifiedtheidentityofthe Subscriberasrequiredusingtheformatsetforthat28U.S.C.1746(declarationunder penaltyofperjury)orcomparableprocedureunderlocallaw, c. auniqueidentifyingnumberfromtheverifiersidentification, d. auniqueidentifyingnumberfromtheApplicantsidentification, e. thedateandtimeoftheverification,and f. adeclarationofidentitybytheApplicantthatissigned(inhandwritingorthroughuseofa digitalsignature)inthepresenceofthepersonperformingtheverificationusingtheformat setforthat28U.S.C.1746(declarationunderpenaltyofperjury)orcomparableprocedure underlocallaw. IfanApplicantcannotparticipateinfacetofaceregistration,atrustedpersonwhoalreadyhasa certificateofthesametypeappliedforbytheApplicantmayrepresenttheApplicantduringthe validationprocess.ThetrustedpersonmustpresenttheircertificateandtheApplicantsinformation tothepersonperformingthefacetofaceregistration.

3.2.3.1.

AuthenticationforRolebasedClientCertificates

AnIssuerCAmayissuecertificatesthatidentifyaspecificrolethattheSubscriberholds,provided thattheroleidentifiesaspecificindividualwithinanorganization(e.g.,ChiefInformationOfficerisa uniqueindividualwhereasProgramAnalystisnot).Theserolebasedcertificatesareusedwhennon repudiationisdesired.TheIssuerCAmayonlyissuerolebasedcertificatestoSubscriberswhofirst obtainanindividualSubscribercertificatethatisatthesameorhigherassurancelevelasthe requestedrolebasedcertificate.AnIssuerCAmayissuecertificateswiththesameroletomultiple Subscribers.However,theIssuerCAshallrequirethateachcertificatehaveauniquekeypair. Individualsmaynotsharetheirissuedrolebasedcertificatesandarerequiredtoprotecttherole basedcertificateinthesamemannerasindividualcertificates. TheIssuerCAoranRAshallverifytheidentityoftheindividualrequestingarolebasedcertificate (i.e.thesponsor)inaccordancewithSection3.2.3andrecordtheinformationidentifiedinSection 3.2.3forasponsorassociatedwiththerolebeforeissuingarolebasedcertificate.Thesponsormust holdanindividualcertificateinhis/herownnameissuedbythesameCAatthesameorhigher assurancelevelastherolebasedcertificate. IGTFandEUQualifiedCertificatesarenotissuedasrolebasedcertificates. IfthecertificateisapseudonymouscertificatecrosscertifiedwiththeFBCAthatidentifiessubjects bytheirorganizationalroles,thentheIssuerCAorRAshallverifythattheindividualeitherholds thatroleorhastheauthoritytosignonbehalfoftherole.

3.2.3.2.

AuthenticationforGroupClientCertificates

Ifseveralentitiesareactinginonecapacityandnonrepudiationisnotnecessary,theIssuerCAmay issueacertificatecorrespondingtoaPrivateKeysharedbymultipleSubscribers.TheIssuerCAor

13

 RAshallrecordtheinformationidentifiedinSection3.2.3forasponsorfromtheInformation SystemsSecurityOfficeorequivalentbeforeissuingagroupcertificate. Inaddition,theIssuerCAortheRAshall: 1. RequirethattheInformationSystemsSecurityOffice,orequivalent,beresponsiblefor ensuringcontroloftheprivatekey,includingmaintainingalistofSubscriberswhohave accesstotheprivatekey,andaccountforthetimeperiodduringwhicheachSubscriberhad controlofthekey, 2. NotincludeasubjectNameDNinthecertificatethatcouldimplythatthesubjectisasingle individual, 3. Requirethatthesponsorprovideandcontinuouslyupdatealistofindividualswhoholdthe sharedprivatekey,and 4. Ensurethattheproceduresforissuinggroupcertificatescomplywithallotherstipulations ofthisCP(e.g.,keygeneration,privatekeyprotection,andSubscriberobligations). IGTFandEUQualifiedCertificatesarenotissuedasgroupcertificates.

3.2.3.3.

AuthenticationofDeviceswithHumanSponsors

AnIssuerCAmayissueaLevel1,2,3or4ClientorFederatedDeviceCertificateforuseona computingornetworkdevice,providedthattheentityowningthedeviceislistedasthesubject.In suchcases,thedevicemusthaveahumansponsorwhoprovides: 1. Equipmentidentification(e.g.,serialnumber)orservicename(e.g.,DNSname), 2. Equipmentpublickeys, 3. Equipmentauthorizationsandattributes(ifanyaretobeincludedinthecertificate),and 4. Contactinformation. Ifthecertificatessponsorchanges,thenewsponsorshallreviewthestatusofeachdevicetoensure itisstillauthorizedtoreceivecertificates.TheCPSshalldescribeprocedurestoensurethat certificateaccountabilityismaintained. TheIssuerCAshallverifyallregistrationinformationinaccordancewiththerequestedcertificate type.Acceptable methods for performing this authentication and integrity checking include: 1. Verificationofdigitallysignedmessagessentfromthesponsor(usingcertificatesof equivalentorgreaterassurancethanthatbeingrequested) 2. Inpersonregistrationbythesponsor,withtheidentityofthesponsorconfirmedin accordancewiththerequirementsofSection3.2.3. IssuerCAsarenotrequiredtoconfirmthatthecommonnameinaLevel1PersonalClient CertificateisthelegalnameoftheSubscriber.OVSSLCertificatesmayincludeapseudodomainfor usewithintheSubscribersinternal,nonpublicDNSnetworksuntilprohibitedbytheBaseline Requirements.Anyothernonverifiedinformationincludedinacertificateshallbedesignatedas suchinthecertificate.NounverifiedinformationshallbeincludedinanyLevel2,Level,3,Level 4,PIVI,ObjectSigning,EV,FederatedDevice,orEUQualifiedcertificate. TheIssuingCAorRAshallverifytheauthorizationofacertificaterequestasfollows: Verification Certificate DVSSLCertificates,OVSSL AnauthorizedcontactlistedwiththeDomainNameRegistrar,a Certificates,andFederated personwithcontroloverthedomainname,orthrough DeviceCertificates communicationwiththeapplicantusingareliablemethodperSection 11.2.3oftheBaselineRequirements. EVCertificates InaccordancewiththeEVGuidelines. ObjectSigningCertificates Anauthoritativesourcewithintheorganization(e.g.corporate,legal,

3.2.4. NonverifiedSubscriberInformation

3.2.5. ValidationofAuthority

14

 (includingEVCodeSigning andCDSCertificates) Level1ClientCertificates Personal (emailcertificates) Level1ClientCertificates Enterprise (emailcertificates) IGTFCertificates IT,HR,orotherappropriateorganizationalsources)usingareliable meansofcommunication Anindividualhascontrolovertheemailaddresslistedinthe certificate.

Apersonwhohastechnicaloradministrativecontroloverthedomain nameandverifyingtherequesterscontrolovertheemailaddress listedinthecertificate. Pursuanttotherelevantrequirementsbytheaccreditation authority. ClientCertificatesLevels2, Individuals affiliatedwiththeorganization whoconfirmthe 3and4andPIVI applicantsauthoritytoobtainacertificateindicatingtheaffiliation Certificates andwhoagreetorequestrevocationofthecertificatewhenthat affiliationends. EUQualifiedCertificates Anindividualisassociatedwiththeorganizationthatisauthorized toconsenttothecertificatespublication(seesection7.3.1ofTS 101456). TheIssuerCAshallimplementaprocesswherebyanApplicantmaylimitthenumberofindividuals authorizedtorequestcertificates.TheIssuerCAshallprovidealistofauthorizedcertificate requestersafterreceivingaverifiedrequestforsuchinformationfromanindividualauthorizedto makesuchrequest.

3.3.

IDENTIFICATIONANDAUTHENTICATIONFORREKEYREQUESTS

AnIssuerCAmayallowSubscribersofSSLandCodeSigningCertificatestoauthenticatethemselves withoverTLS/SSLsessionwithusernameandpassword.EachSubscribershallreestablishits identityusingtheinitialregistrationprocessesofsection3.2accordingtothefollowingtable: RoutineReKeyAuthentication ReVerificationRequired Certificate DVandOVSSLCertificates Usernameandpassword Atleastevery39months EVSSLCertificates Usernameandpassword AccordingtotheEV Guidelines SubscriberEVCodeSigning Usernameandpassword Atleastevery39months Certificates SigningAuthorityEVCode Usernameandpassword Atleastevery123months SigningCertificates TimestampEVCodeSigning Usernameandpassword Atleastevery123months Certificates ObjectSigningCertificates Usernameandpassword Atleasteverysixyears Level1ClientCertificates Usernameandpassword Atleasteverynineyears Level2ClientCertificates Sharedsecret(PIN/password) Atleasteverynineyears meetingNIST80063Level2 entropyrequirements(TableA.2) Level3and4ClientCertificates Currentsignaturekeyonly Atleasteverynineyears andPIVICertificates IGTFCertificates Usernameandpassword,RA Atleastevery13months. attestationaftercomparisonof However,certificates identitydocuments,re associatedwithaprivatekey authenticatethroughanapproved restrictedsolelytoa IdM,orthroughassociated hardwaretokenmaybe privatekey rekeyedorrenewedfora periodofupto5years

3.3.1. IdentificationandAuthenticationforRoutineRekey

15

 AuthenticationCertificates Usernameandpasswordorwith associatedprivatekey None

TheIssuerCAshallnotrekeyacertificatewithoutadditionalauthenticationifdoingsowouldallow theSubscribertousethecertificatebeyondthelimitsdescribedabove. TheIssuerCAshallrequiresubscribersofcertificatesrevoked(forreasonsotherthanastheresultof aroutinecertificaterenewal,update,ormodificationaction)toundergotheinitialregistration process(describedinSection3.2)toobtainanewcertificate. TheIssuerCAortheRAthatapprovedthecertificatesissuanceshallauthenticateallrevocation requests.TheIssuerCAorRAmayauthenticatearevocationrequestusingtheCertificatesPublic Key,regardlessofwhethertheassociatedPrivateKeyiscompromised.

3.3.2. IdentificationandAuthenticationforRekeyAfterRevocation

3.4.

IDENTIFICATIONANDAUTHENTICATIONFORREVOCATIONREQUEST

4. CERTIFICATELIFECYCLEOPERATIONALREQUIREMENTS 4.1. CERTIFICATEAPPLICATION

Noindividualorentitylistedonagovernmentdeniedlist,listofprohibitedpersons,orotherlistthat prohibitsdoingbusinesswithsuchorganizationorpersonunderthelawsoftheUnitedStatesmay submitanapplicationforacertificate. TheIssuerCAisresponsibleforensuringthattheidentityofeachCertificateApplicantisverifiedin accordancewiththisCPandtheapplicableCPSpriortotheissuanceofacertificate.Applicantsare responsibleforsubmittingsufficientinformationanddocumentationfortheIssuerCAortheRAto performtherequiredverificationofidentitypriortoissuingaCertificate.TheIssuerCAandRAshall authenticateandprotectallcommunicationmadeduringthecertificateapplicationprocess.

4.1.1. WhoCanSubmitaCertificateApplication

4.1.2. EnrollmentProcessandResponsibilities

4.2.

CERTIFICATEAPPLICATIONPROCESSING

TheIssuerCAortheRAshallidentifyandverifyeachApplicantinaccordancewiththeapplicable CertificationPracticeStatementsandRegistrationPracticeStatements.TheIssuerCAshallensure thatallcommunicationbetweentheIssuerCAandanRAregardingcertificateissuanceorchangesin thestatusofacertificatearemadeusingsecureandauditablemethods.Ifdatabasesorother sourcesareusedtoconfirmsensitiveorconfidentialattributesofanindividualsubscriber,thenthat sensitiveinformationshallbeprotectedandsecurelyexchangedinaconfidentialandtamperevident manner,protectedfromunauthorizedaccess,andtrackedusinganauditablechainofcustody. TheIssuerCAshallrejectanycertificateapplicationthatcannotbeverified.TheIssuerCAmayalso rejectacertificateapplicationonanyreasonablebasis,includingifthecertificatecoulddamagethe IssuerCAsbusinessorreputation.IssuerCAsarenotrequiredtoprovideareasonforrejectinga certificateapplication. IssuerCAsandRAsshallfollowindustrystandardswhenapprovingandissuingcertificates.The IssuerCAorRAshallcontractuallyrequiresubscriberstoverifytheinformationinacertificateprior tousingthecertificate.

4.2.1. PerformingIdentificationandAuthenticationFunctions

4.2.2. ApprovalorRejectionofCertificateApplications

16

Allpartiesinvolvedincertificateapplicationprocessingshallusereasonableeffortstoensurethat certificateapplicationsareprocessedinatimelymanner.Identityshallbeestablishednomorethan 30daysbeforeinitialissuanceofLevel3and4andPIVICertificates.

4.2.3. TimetoProcessCertificateApplications

4.3.

CERTIFICATEISSUANCE

TheIssuerCAandanyRAshallprotectdatabasesunderitscontrolandthatareusedtoconfirm Subscriberidentityinformationfromunauthorizedmodificationoruse.TheIssuerCAshallperform itsactionsduringthecertificateissuanceprocessinasecuremanner. TheIssuerCAorRAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceand mayuseanyreliablemechanismtodeliverthecertificatetotheSubscriber.

4.3.1. CAActionsduringCertificateIssuance

4.3.2. NotificationtoSubscriberbytheCAofIssuanceofCertificate

4.4.

CERTIFICATEACCEPTANCE

ThepassageoftimeafterdeliveryornoticeofissuanceofacertificatetotheSubscriberortheactual useofacertificateconstitutestheSubscribersacceptanceofthecertificate. TheIssuerCAshallpublishallCAcertificatestotheIssuerCAsrepository. Nostipulation.

4.4.1. ConductConstitutingCertificateAcceptance

4.4.2. PublicationoftheCertificatebytheCA

4.4.3. NotificationofCertificateIssuancebytheCAtoOtherEntities KEYPAIRANDCERTIFICATEUSAGE

4.5.

AllSubscribersshallprotecttheirPrivateKeysfromunauthorizeduseordisclosurebythirdparties andshallusetheirPrivateKeysonlyasspecifiedinthekeyusageextensionofthecorresponding Certificate. RelyingPartiesshallusesoftwarethatiscompliantwithX.509andapplicableIETFPKIX standards.TheIssuerCAshallspecifyrestrictionsontheuseofacertificatethroughcertificate extensionsandshallspecifythemechanism(s)todeterminecertificatevalidity(CRLsandOCSP). RelyingPartiesmustprocessandcomplywiththisinformationinaccordancewiththeirobligations asRelyingParties. ARelyingPartyshouldusediscretionwhenrelyingonacertificateandshouldconsiderthetotalityof thecircumstancesandriskoflosspriortorelyingonacertificate.Relyingonadigitalsignatureor certificatethathasnotbeenprocessedinaccordancewithapplicablestandardsmayresultinrisksto theRelyingParty.TheRelyingPartyissolelyresponsibleforsuchrisks.Ifthecircumstances indicatethatadditionalassurancesarerequired,theRelyingPartymustobtainsuchassurances beforeusingthecertificate.

4.5.1. SubscriberPrivateKeyandCertificateUsage

4.5.2. RelyingPartyPublicKeyandCertificateUsage

4.6.

CERTIFICATERENEWAL

AnIssuerCAmayrenewacertificateif: 1. theassociatedpublickeyhasnotreachedtheendofitsvalidityperiod,

4.6.1. CircumstanceforCertificateRenewal

17

 theassociatedprivatekeyhasnotbeencompromised, theSubscribernameandattributesareunchanged,and reverificationofsubscriberidentityisnotrequiredbySection3.3.1. AnIssuerCAmayalsorenewacertificateifaCAcertificateisrekeyed.Afterrenewingaclient certificate,theIssuerCAmaynotrekey,renew,ormodifytheoldcertificate. OnlyanauthorizedrepresentativeofaSubscribermayrequestrenewaloftheSubscribers certificates.AnIssuerCAmayrenewacertificatewithoutacorrespondingrequestifthesigning certificateisrekeyed. TheIssuerCAmayrequirereconfirmationorverificationoftheinformationinacertificatepriorto renewal. TheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuse anyreliablemechanismtodeliverthecertificatetotheSubscriber. ThepassageoftimeafterdeliveryornoticeofissuanceofthecertificatetotheSubscriber,oractual useofthecertificate,constitutestheSubscribersacceptanceofit. TheIssuerCAshallpublishrenewedCAcertificatestotheIssuerCAsrepository. Nostipulation. 2. 3. 4.

4.6.2. WhoMayRequestRenewal

4.6.3. ProcessingCertificateRenewalRequests

4.6.4. NotificationofNewCertificateIssuancetoSubscriber

4.6.5. ConductConstitutingAcceptanceofaRenewalCertificate

4.6.6. PublicationoftheRenewalCertificatebytheCA

4.6.7. NotificationofCertificateIssuancebytheCAtoOtherEntities CERTIFICATEREKEY

4.7.

Rekeyingacertificateconsistsofcreatinganewcertificatewithadifferentpublickey(and serialnumber)whileretainingtheremainingcontentsoftheoldcertificatethatdescribethe subject.Thenewcertificatemayhaveadifferentvalidityperiod,keyidentifiers,specifydifferent CRLandOCSPdistributionpoints,and/orbesignedwithadifferentkey. SubscribersrequestingClientCertificaterekeyshouldidentifythemselvesusingtheircurrent signaturekeyaspermittedbySection3.3.1.Subscribersofothertypesofcertificatesshall identifyandauthenticatethemselvesasstatedintheapplicableCPS. AfterrekeyingaClientCertificate,theIssuerCAmaynotrekey,renew,ormodifytheoldcertificate. TheIssuerCAmayinitiatecertificaterekeyattherequestofthecertificatesubjectorinitsown discretion. TheIssuerCAmayrequirerevalidationoftheSubscriberpriortorekeyingacertificate.Ata minimum,theIssuerCAshallcomplywithsection3.3.1inidentifyingtheSubscriberpriorto rekeyingthecertificate.

4.7.1. CircumstanceforCertificateRekey

4.7.2. WhoMayRequestCertificateRekey

4.7.3. ProcessingCertificateRekeyRequests

18

TheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuse anyreliablemechanismtodeliverthecertificatetotheSubscriber. ThepassageoftimeafterdeliveryornoticeofissuanceofthecertificatetotheSubscriberorthe actualuseofthecertificateconstitutestheSubscribersacceptanceofit. TheIssuerCAshallpublishrekeyedCAcertificatestotheIssuerCAsrepository. Nostipulation.

4.7.4. NotificationofCertificateRekeytoSubscriber

4.7.5. ConductConstitutingAcceptanceofaRekeyedCertificate

4.7.6. PublicationoftheRekeyedCertificatebytheCA

4.7.7. NotificationofCertificateIssuancebytheCAtoOtherEntities CERTIFICATEMODIFICATION

4.8.

Modifyingacertificatemeanscreatinganewcertificateforthesamesubjectwithauthenticated informationthatdiffersslightlyfromtheoldcertificate(e.g.,changestoemailaddressornon essentialpartsofnamesorattributes)providedthatthemodificationotherwisecomplieswiththis CP.Thenewcertificatemayhavethesameoradifferentsubjectpublickey.Aftermodifyingaclient certificate,theIssuerCAmaynotrekey,renew,ormodifytheoldcertificate. TheIssuerCAmaymodifyacertificateattherequestofthecertificatesubjectorinitsown discretion. Afterreceivingarequestformodification,theIssuerCAshallverifyanyinformationthatwillchange inthemodifiedcertificate.TheIssuerCAmayissuethemodifiedcertificateonlyaftercompletingthe verificationprocessonallmodifiedinformation.Thevalidityperiodofamodifiedcertificatemust notextendbeyondtheapplicabletimelimitsfoundinsection3.3.1or6.3.2. TheIssuerCAshallnotifytheSubscriberwithinareasonabletimeofcertificateissuanceandmayuse anyreliablemechanismtodeliverthecertificatetotheSubscriber. ThepassageoftimeafterdeliveryornoticeofissuanceofthecertificatetotheSubscriberoractual useofthecertificateconstitutestheSubscribersacceptanceofit. TheIssuerCAshallpublishmodifiedCAcertificatestotheIssuerCAsrepository. Nostipulation.

4.8.1. CircumstanceforCertificateModification

4.8.2. WhoMayRequestCertificateModification

4.8.3. ProcessingCertificateModificationRequests

4.8.4. NotificationofCertificateModificationtoSubscriber

4.8.5. ConductConstitutingAcceptanceofaModifiedCertificate

4.8.6. PublicationoftheModifiedCertificatebytheCA

4.8.7. NotificationofCertificateModificationbytheCAtoOtherEntities CERTIFICATEREVOCATIONANDSUSPENSION

4.9.

Revocationofacertificatepermanentlyendstheoperationalperiodofthecertificatepriortothe certificatereachingtheendofitsstatedvalidityperiod.Priortorevokingacertificate,theIssuerCA shallverifythattherevocationrequestwasmadebyeithertheorganizationorindividualthatmade

4.9.1. CircumstancesforRevocation

19

 thecertificateapplicationorbyanentitywiththelegaljurisdictionandauthoritytorequest revocation.TheIssuerCAshallrevokeacertificateiftheIssuerCAisawarethat: 1. TheSubscriberrequestedrevocationofitscertificate; 2. TheSubscriberdidnotauthorizetheoriginalcertificaterequestanddidnotretroactively grantauthorization; 3. EitherthePrivateKeyassociatedwiththecertificateorthePrivateKeyusedtosignthe certificatewascompromisedormisused; 4. TheSubscriberorthecrosscertifiedCAbreachedamaterialobligationundertheCP,the CPS,ortherelevantagreement; 5. EithertheSubscribersortheIssuerCAsobligationsundertheCPorCPSaredelayedor preventedbycircumstancesbeyondthepartysreasonablecontrol,includingcomputeror communicationfailure,and,asaresult,anotherentitysinformationismaterially threatenedorcompromised; 6. TheApplicanthaslostitsrightstoatrademarkorthedomainnamelistedinthecertificate; 7. ThecertificatewasnotissuedinaccordancewiththeCP,CPS,orapplicableindustry standards; 8. TheIssuerCAreceivedalawfulandbindingorderfromagovernmentorregulatorybodyto revokethecertificate; 9. TheIssuerCAceasedoperationsanddidnotarrangeforanothercertificateauthorityto providerevocationsupportforthecertificate; 10. TheIssuerCA'srighttomanagecertificatesunderapplicableindustrystandardswas terminated(unlessarrangementshavebeenmadetocontinuerevocationservicesandto maintaintheCRL/OCSPRepository); 11. AnyinformationappearingintheCertificatewasorbecameinaccurateormisleading; 12. ThetechnicalcontentorformatoftheCertificatepresentsanunacceptablesecurityriskto applicationsoftwarevendors,RelyingParties,orothers; 13. TheSubscriberwasaddedasadeniedpartyorprohibitedpersontoablacklist,oris operatingfromadestinationprohibitedunderU.S.law;or 14. Forcodesigningcertificates,thecertificatewasusedtosign,publish,ordistributemalware orotherharmfulcontent,includinganycodethatisdownloadedontoauserssystem withouttheirconsent. TheIssuerCAshallrevokeacertificateifthebindingbetweenthesubjectandthesubjectspublickey inthecertificateisnolongervalidorifanassociatedPrivateKeyiscompromised. Ifacertificateexpressesanorganizationalaffiliation,theIssuerCAortheRAshallrequirethe AffiliatedOrganizationtoinformitifthesubscriberaffiliationchanges.IftheAffiliatedOrganization nolongerauthorizestheaffiliationofaSubscriber,thentheIssuerCAshallrevokeanycertificates issuedtothatSubscribercontainingtheorganizationalaffiliation.IfanAffiliatedOrganization terminatesitsrelationshipwiththeIssuerCAorRAsuchthatitnolongerprovidesaffiliation information,theIssuerCAshallrevokeallcertificatesaffiliatedwiththatAffiliatedOrganization. AnIssuerCAorcrosscertifiedentityshallrequestrevocationofitsDigiCertissuedcrosscertificate ifitnolongermeetsthestipulationsofDigiCertspolicies,asindicatedbyDigiCertspolicyOIDsin certificatesorthoselistedinthepolicymappingextensionofthecrosscertificate. TheIssuerCAorRAshallacceptrevocationrequestsfromauthenticatedandauthorizedparties,such asthecertificateSubscriberandtheAffiliatedOrganizationnamedinacertificate.TheIssuerCAor RAmayestablishproceduresthatallowotherentitiestorequestcertificaterevocationforfraudor misuse.TheIssuerCAshallrevokeacertificateifitreceivessufficientevidenceofcompromiseof lossofthePrivateKey.TheIssuerCAmayrevokeacertificateofitsownvolitionwithoutreason, evenifnootherentityhasrequestedrevocation.Alegallyrecognizedrepresentativeofeitherparty toacrosssignedCAcertificatemayrequestrevocation.

4.9.2. WhoCanRequestRevocation

20

Entitiessubmittingcertificaterevocationrequestsmustlisttheiridentityandexplainthereasonfor requestingrevocation.TheIssuerCAorRAshallauthenticateandlogeachrevocationrequest.The IssuerCAwillalwaysrevokeacertificateiftherequestisauthenticatedasoriginatingfromthe SubscriberortheAffiliatedOrganizationlistedinthecertificate.Ifrevocationisrequestedby someoneotherthananauthorizedrepresentativeoftheSubscriberorAffiliatedOrganization,the IssuerCAorRAshallinvestigatetheallegedbasisfortherevocationrequest. TheIssuerCAshallmaintainacontinuous24/7abilitytointernallyrespondtoanyhighpriority certificateproblemreports.Ifappropriate,theIssuerCAortheRAmayforwardcomplaintstolaw enforcement. WheneveraPIVICardisnolongervalid,theRAresponsibleforitsissuanceormaintenanceshall collectitfromtheSubscriberassoonaspossible,destroyit,andlogitscollectionandphysical destruction. Therevocationrequestgraceperiodisthetimeavailabletothesubscriberwithinwhichthe subscribermustmakearevocationrequestafterreasonsforrevocationhavebeenidentified.Issuer CAsandRAsarerequiredtoreportthesuspectedcompromiseoftheirCAorRAprivatekeyand requestrevocationtoboththepolicyauthorityandoperatingauthorityofthesuperiorissuingCA (e.g.,theFPKIPA/FBCAOA,DCPA,crosssigningCA,RootCA,etc.)withinonehourofdiscovery. Subscribersshallrequestrevocationassoonaspossible(withinonedayafterdetection)ifthe PrivateKeycorrespondingtotheCertificateislostorcompromisedoriftheCertificatedataisno longervalid.TheIssuerCAmayextendrevocationgraceperiodsonacasebycasebasis. AnIssuerCAshallrevokeacertificatewithinonehourofreceivingappropriateinstructionfromthe DCPA.AnIssuerCAshallrevoketheCAcertificateofasubordinateorcrosssignedCAassoonas practicalafterreceivingpropernoticethatthesubordinateorcrosssignedCAhasbeen compromised.IfanIssuerCAortheDCPAdeterminesthatimmediaterevocationisnotpractical, becausethepotentialrisksofrevocationoutweightheriskscausedbythecompromise,thenthe IssuerCAandtheDCPAshalljointlydeterminetheappropriateprocesstofollowinorderto promptlyrevokethesubordinateorcrosssignedCAcertificate. TheIssuerCAshallrevokeothercertificatesasquicklyaspracticalaftervalidatingtherevocation request.TheIssuerCAshallprocessrevocationrequestsasfollows: 1. BeforethenextCRLispublished,iftherequestisreceivedtwoormorehoursbeforeregular periodicCRLissuance, 2. BypublishingitintheCRLfollowingthenextCRL,iftherequestisreceivedwithintwohours oftheregularlyschedulednextCRLissuance,and 3. Regardless,within18hoursafterreceipt. Priortorelyingontheinformationlistedinacertificate,aRelyingPartyshallconfirmthevalidityof eachcertificateinthecertificatepathinaccordancewithIETFPKIXstandards,includingchecksfor certificatevalidity,issuertosubjectnamechaining,policyandkeyuseconstraints,andrevocation statusthroughCRLsorOCSPrespondersidentifiedineachcertificateinthechain. IssuerCAsthatoperateofflineandonlyissueCAcertificates,certificatestatuscheckingcertificates, orinternaladministrativecertificatesshallpublishaCRLatleastevery6months(every31daysfor offlineCAschainingtotheFederalBridgeCA).AllotherIssuerCAsshallpublishCRLsatleastevery 24hoursandwithin18hoursofnoticeofakeycompromise.

4.9.3. ProcedureforRevocationRequest

4.9.4. RevocationRequestGracePeriod

4.9.5. TimewithinwhichCAMustProcesstheRevocationRequest

4.9.6. RevocationCheckingRequirementforRelyingParties

4.9.7. CRLIssuanceFrequency

21

TheIssuerCAshallpostanirregular,interimoremergencyCRLtoitsonlinerepositorywithinfour hoursofgeneration(andnolaterthan18hoursafternotificationofcompromise)andshallpublish allregularlyscheduledCRLspriortothenextUpdatefieldinthepreviouslyissuedCRLofthesame scope. TheIssuerCAshallensurethatthecertificatestatusinformationdistributedbyitonlinemeetsor exceedstherequirementsforCRLissuanceandlatencystatedinsections4.9.5,4.9.7and4.9.8.The IssuerCAshallsupportonlinestatuscheckingviaOCSPforallPIVIcertificates.Whereoffered,OCSP responsetimesshallbenolongerthansixseconds. ArelyingpartyshallconfirmthevalidityofacertificateviaCRLorOCSPinaccordancewithsection 4.9.6priortorelyingonthecertificate. AnIssuerCAmayuseothermethodstopublicizerevokedcertificates,providedthat: 1. thealternativemethodisdescribedinitsCPS, 2. thealternativemethodprovidesauthenticationandintegrityservicescommensuratewith theassurancelevelofthecertificatebeingverified,and 3. thealternativemethodmeetstheissuanceandlatencyrequirementsforCRLsstatedin sections4.9.5,4.9.7,and4.9.8. TheIssuerCAortheRAshallusecommerciallyreasonableeffortstonotifypotentialRelyingParties ifitdiscoversorsuspectsthatitsPrivateKeyhasbeencompromised.TheIssuerCAmusthavethe abilitytotransitionanyrevocationreasontocodetokeycompromise.Ifacertificateisrevoked becauseofcompromiseorsuspectedcompromise,theIssuerCAshallissueaCRLwithin18hours afteritreceivesnoticeofthecompromiseorsuspectedcompromise. Notapplicable. Notapplicable. Notapplicable. Notapplicable.

4.9.8. MaximumLatencyforCRLs

4.9.9. OnlineRevocation/StatusCheckingAvailability

4.9.10. OnlineRevocationCheckingRequirements

4.9.11. OtherFormsofRevocationAdvertisementsAvailable

4.9.12. SpecialRequirementsRelatedtoKeyCompromise

4.9.13. CircumstancesforSuspension 4.9.14. WhoCanRequestSuspension 4.9.15. ProcedureforSuspensionRequest 4.9.16. LimitsonSuspensionPeriod

4.10. CERTIFICATESTATUSSERVICES
IssuerCAsshallmakecertificatestatusinformationavailableviaCRLorOCSP.TheIssuerCAshall listrevokedcertificatesontheappropriateCRLwheretheyremainuntiloneadditionalCRLis publishedaftertheendofthecertificatesvalidityperiod,exceptforEVCodeSigningCertificates, whichshallremainontheCRLforatleast365daysfollowingthecertificatesvalidityperiod. IssuerCAsshallprovidecertificatestatusservices24x7withoutinterruption.

4.10.1. OperationalCharacteristics

4.10.2. ServiceAvailability

22

Nostipulation.

4.10.3. OptionalFeatures

4.11. ENDOFSUBSCRIPTION

TheIssuerCAshallallowSubscriberstoendtheirsubscriptiontocertificateservicesbyhavingtheir certificaterevokedorbyallowingthecertificateorapplicableSubscriberAgreementtoexpire withoutrenewal.

4.12. KEYESCROWANDRECOVERY
IssuerCAsmaynotescrowCAPrivateKeys.IssuerCAsmayescrowSubscriberkeymanagement keystoprovidekeyrecoveryservices.IssuerCAsshallencryptandprotectescrowedPrivateKeys withatleastthelevelofsecurityusedtogenerateanddeliverthePrivateKey.IssuerCAsshallnot allowathirdpartytoholdSubscribersignaturekeysintrust. SubscribersandotherauthorizedentitiesmayrequestrecoveryofanescrowedPrivateKey.Entities escrowingPrivateKeysshallhavepersonnelcontrolsinplacethatpreventunauthorizedaccessto PrivateKeys.Keyrecoveryrequestscanonlybemadeforoneofthefollowingreasons: 1. TheSubscriberhaslostordamagedtheprivatekeytoken, 2. TheSubscriberisnotavailableorisnolongerpartoftheorganizationthatcontractedwith theIssuerCAforPrivateKeyescrow, 3. ThePrivateKeyispartofarequiredinvestigationoraudit, 4. Therequesterhasauthorizationfromacompetentlegalauthoritytoaccessthe communicationthatisencryptedusingthekey, 5. Ifkeyrecoveryisrequiredbylaworgovernmentalregulation,or 6. IftheentitycontractingwiththeIssuerCAforescrowofthePrivateKeyindicatesthatkey recoveryismissioncriticalormissionessential. AnentityreceivingPrivateKeyescrowservicesshall: 1. NotifySubscribersthattheirPrivateKeysareescrowed, 2. Protectescrowedkeysfromunauthorizeddisclosure, 3. ProtectanyauthenticationmechanismsthatcouldbeusedtorecoverescrowedPrivateKeys, 4. Releaseescrowedkeysonlyforproperlyauthenticatedandauthorizedrequestsfor recovery,and 5. Complywithanylegalobligationstodiscloseorkeepconfidentialescrowedkeys,escrowed keyrelatedinformation,orthefactsconcerninganykeyrecoveryrequestorprocess. IssuerCAsthatsupportsessionkeyencapsulationandrecoveryshalldescribetheirpracticesintheir CPS.

4.12.1. KeyEscrowandRecoveryPolicyPractices

4.12.2. SessionKeyEncapsulationandRecoveryPolicyandPractices

5. FACILITY,MANAGEMENT,ANDOPERATIONALCONTROLS 5.1. PHYSICALCONTROLS

TheIssuerCAshallperformitsCAoperationsfromasecuredatacenterequippedwithlogicaland physicalcontrolsthatmaketheCAoperationsinaccessibletonontrustedpersonnel. The site location and construction, when combined with other physical security protection mechanisms such as guards, door locks, and intrusion sensors, shall provide robust protection against unauthorized access to CA equipment and records. RAsmustprotecttheirequipmentfromunauthorizedaccessinamannerthatis appropriatetothelevelofthreattotheRA,includingprotectingequipmentfromunauthorized access

5.1.1. SiteLocationandConstruction

23

while the cryptographic module is installed and activated and implementing physical access controls to reduce the risk of equipment tampering, even when the cryptographic module is not installed and activated. EachIssuerCAandeachRAshallprotectitsequipment(includingCMSequipmentcontainingaPIVI ContentSigningkey)fromunauthorizedaccessandshallimplementphysicalcontrolstoreducethe riskofequipmenttampering.TheIssuerCAandallRAsshallstoreallremovablemediaandpaper containingsensitiveplaintextinformationrelatedtoCAorRAoperationsinsecurecontainers.The securitymechanismsshouldbecommensuratewiththelevelofthreattotheequipmentanddata. TheIssuerCAshallmanuallyorelectronicallymonitoritssystemsforunauthorizedaccessatall times,maintainanaccesslogthatisinspectedperiodically,andrequiretwopersonphysicalaccess totheCAhardwareandsystems.AnIssuerCAshalldeactivate,remove,andsecurelystoreitsCA equipmentwhennotinuse.Activation data must either be memorized or recorded and stored in a manner commensurate with the security afforded the cryptographic module and must not be stored with the cryptographic module or removable hardware associated with remote workstations used to administer the CA equipment or private keys. IfthefacilityhousingtheCAequipmentiseverleftunattended,theIssuerCAsadministratorsshall verifythat: 1. theCAisinastateappropriatetothecurrentmodeofoperation, 2. thesecuritycontainersareproperlysecured, 3. physicalsecuritysystems(e.g.,doorlocks,ventcovers)arefunctioningproperly,and 4. theareaissecuredagainstunauthorizedaccess. The Issuer CA shall make a person or group of persons explicitly responsible for making security checks. If a group of persons is responsible, the Issuer CA shall maintain a log that identifies who performed the security check. If the facility is not continuously attended, the last person to depart shall initial a sign-out sheet that indicates the date and time and asserts that all necessary physical protection mechanisms are in place and activated. TheIssuerCAshallmaintainabackuppowersupplyandsufficientenvironmentalcontrolsto protecttheCAsystemsandallowtheCAtoautomaticallyfinishpendingoperationsandrecordthe stateofequipmentbeforealackofpowerorairconditioningcausesashutdown. TheIssuerCAshallprotectitsCAequipmentfromwaterexposure. TheIssuerCAshallusefacilitiesequippedwithfiresuppressionmechanisms. IssuerCAsandRAsshallprotectallmediafromaccidentaldamageandunauthorizedphysicalaccess. EachIssuerCAandeachRAshallduplicateandstoreitsauditandarchiveinformationinabackup locationthatisseparatefromitsprimaryoperationsfacility. IssuerCAsandRAsshalldestroyalldata(electronicandpaper)inaccordancewithgenerally acceptedproceduresforpermanentlydestroyingsuchdata. TheIssuerCAorRAshallmakeweeklysystembackupssufficienttorecoverfromsystemfailureand shallstorethebackups,includingatleastonefullbackupcopy,atanoffsitelocationthathas proceduralandphysicalcontrolsthatarecommensuratewithitsoperationallocation. 24

5.1.2. PhysicalAccess

5.1.3. PowerandAirConditioning

5.1.4. WaterExposures

5.1.5. FirePreventionandProtection 5.1.6. MediaStorage

5.1.7. WasteDisposal

5.1.8. OffsiteBackup

AllphysicalcontrolrequirementsunderthisSection5.1applyequallytoanyCertificateStatus Hosting,CMSorexternalRAsystem.

5.1.9. CertificateStatusHosting,CMSandExternalRASystems

5.2.

PROCEDURALCONTROLS

CAandRApersonnelactingintrustedrolesincludeCAandRAsystemadministrationpersonneland personnelinvolvedwithidentityvettingandtheissuanceandrevocationofcertificates.IssuerCAs andRAsshalldistributethefunctionsanddutiesperformedbypersonsintrustedrolesinawaythat preventsonepersonfromcircumventingsecuritymeasuresorsubvertingthesecurityand trustworthinessofthePKI.Allpersonnelintrustedrolesmustbefreefromconflictsofinterestthat mightprejudicetheimpartialityofCAandRAoperations.SeniormanagementoftheIssuerCAorthe RAshallberesponsibleforappointingindividualstotrustedroles.Alistofsuchpersonnelshallbe maintainedandreviewedannually. TheIssuerCAorRAshallonlyallowtrustedrolestoaccessaCMSafterthepersonsfulfillingthose roleshavebeenauthenticatedusingamethodcommensuratewithissuanceandcontrolofPIVI Hardware.

5.2.1. TrustedRoles

5.2.1.1.

CAAdministrators

TheCAAdministratorisresponsiblefortheinstallationandconfigurationoftheCAsoftware, includingkeygeneration,userandCAaccounts,auditparameters,keybackup,andkeymanagement. TheCAAdministratorisresponsibleforperformingandsecurelystoringregularsystembackupsof theCAsystem.AdministratorsmaynotissuecertificatestoSubscribers.

5.2.1.2.

CAOfficersCMS,RA,ValidationandVettingPersonnel

TheCAOfficerroleisresponsibleforissuingandrevokingcertificates,includingenrollment,identity verification,andcompliancewithrequiredissuanceandrevocationstepssuchasmanagingthe certificaterequestqueueandcompletingcertificateapprovalchecklistsasidentityvettingtasksare successfullycompleted.

5.2.1.3.

SystemAdministrator/SystemEngineer(Operator)

TheSystemAdministrator,SystemEngineerorCAOperatorisresponsibleforinstallingand configuringCAsystemhardware,includingservers,routers,firewalls,andnetworkconfigurations. TheSystemAdministrator/Engineerisalsoresponsibleforkeepingsystemsupdatedwithsoftware patchesandothermaintenanceneededforsystemstabilityandrecoverability.

5.2.1.4.

InternalAuditorRole

TheInternalAuditorRoleisresponsibleforreviewing,maintaining,andarchivingauditlogsand performingoroverseeinginternalcomplianceauditstodetermineiftheIssuerCAorRAisoperating inaccordancewiththisCP.

EachIssuerCAshallrequirethatatleasttwopeopleactinginatrustedrole(onetheCA AdministratorandtheothernotanInternalAuditor)takeactiontoactivatetheIssuerCAsPrivate Keys,generateaCAkeypair,orbackupaCAprivatekey.TheInternalAuditormayservetofulfillthe requirementofmultipartycontrolforphysicalaccesstotheCAsystem,butlogicalaccessshallnotbe achievedusingpersonnelthatserveintheInternalAuditorrole. IssuerCApersonnelshallauthenticatethemselvestothecertificatemanagementsystembeforethey areallowedaccesstothesystemsnecessarytoperformtheirtrustedroles.

5.2.2. NumberofPersonsRequiredperTask

5.2.3. IdentificationandAuthenticationforeachRole

25

IndividualpersonnelshallbespecificallydesignatedtothefourrolesdefinedinSection5.2.1above. TheIssuerCAorRAmayappointanindividualtoonlyoneoftheOfficer,Administrator,Operator,or Auditorroles. TheIssuerCAandRAmayenforceseparationofdutiesusingCAequipment,procedurally,orbyboth means.TheCAandRAsoftwareandhardwareshallidentifyandauthenticateitsusersandshall ensurethatnouseridentitycanassumebothanAdministratorandanOfficerrole,assumeboththe AdministratorandAuditorroles,orassumeboththeAuditorandOfficerroles.Anindividualmaynot havemorethanoneidentity. TheIssuerCAandtheRAshallensurethatthePIVIidentityproofing,registrationandissuance processadherestotheprincipleofseparationofdutiestoensurethatnosingleindividualhasthe capabilitytoissueaPIVIcredentialwithoutthecooperationofanotherauthorizedperson.

5.2.4. RolesRequiringSeparationofDuties

5.3.

PERSONNELCONTROLS

TheDCPAisresponsibleandaccountablefortheoperationoftheDigiCertPKIandcompliancewith thisCP.IssuerCAandRApersonnelandmanagementwhopurporttoactwithinthescopeofthis documentshallbeselectedonthebasisofloyalty,trustworthiness,andintegrity.Alltrustedrolesfor IssuerCAsissuingFederatedDeviceCertificates,ClientCertificatesatLevels3USand4US(which areintendedforinteroperabilitythroughtheFederalBridgeCAatidfpkicertpcymediumAssurance andidfpkicertpcymediumHardware)andforPIVICertificatesshallbeheldbycitizensofthe UnitedStatesorthecountrywheretheIssuerCAislocated.Inadditiontotheabove,anindividual performingatrustedroleforanRAmaybeacitizenofthecountrywheretheRAislocated.Thereis nocitizenshiprequirementforIssuerCAorRApersonnelperformingtrustedrolesassociatedwith theissuanceofSSL,CodeSigningorClientCertificatesatLevels1,2,3CBP,and4CBP. Managerialpersonnelinvolvedintimestampingoperationsmustpossessexperiencewith informationsecurityandriskassessmentandknowledgeoftimestampingtechnology,digital signaturetechnology,mechanismsforcalibrationoftimestampingclockswithUTC,andsecurity procedures. TheIssuerCAortheRAshallensurethatallindividualsassignedtotrustedroleshavethe experience,qualifications,andtrustworthinessrequiredtoperformtheirdutiesunderthisCP. TheIssuerCAandRAshallrequireeachpersonfulfillingatrustedroletoundergochecksand identificationpriortoactingintherole,includingverificationoftheindividualsidentity, employmenthistory,education,characterreferences,socialsecuritynumber,previousresidences, drivingrecordsandcriminalbackground.Backgroundinvestigationsmustbeperformedbya competentindependentauthoritythathastheauthoritytoperformbackgroundinvestigations.The IssuerCAorRAshallrequireachindividualtoappearinpersonbeforeatrustedagentwhose responsibilityitisverifyidentity.Thetrustedagentshallverifytheidentityoftheindividualusingat leastoneformofgovernmentissuedphotoidentification.Checksofpreviousresidencesareover thepastthreeyears.Allotherchecksareforthepriorfiveyears.TheIssuerCAorRAshall verifythehighesteducationdegreeobtainedregardlessofthedateawardedandshallrefreshall backgroundchecksatleasteverytenyears. TheIssuerCAshallprovideskillstrainingtoallpersonnelinvolvedintheIssuerCAsPKIoperations. Thetrainingmustrelatetothepersonsjobfunctionsandcover: 1. basicPublicKeyInfrastructure(PKI)knowledge,

5.3.1. Qualifications,Experience,andClearanceRequirements

5.3.2. BackgroundCheckProcedures

5.3.3. TrainingRequirements

26

 2. 3. 4. 5. softwareversionsusedbytheIssuerCA, authenticationandverificationpoliciesandprocedures, disasterrecoveryandbusinesscontinuityprocedures, commonthreatstothevalidationprocess,includingphishingandothersocialengineering tactics,and theEVGuidelines.

6. IssuerCAsshallmaintainarecordofwhoreceivedtrainingandwhatleveloftrainingwascompleted. IssuerCAsandRAsshallensurethatValidationSpecialistshavetheminimumskillsnecessaryto satisfactorilyperformvalidationdutiesbeforetheyaregrantedvalidationprivileges. IssuerCAsandRAsinvolvedwiththeoperationofCMSshallensurethatallpersonnelwhoperform dutiesinvolvingtheCMSreceivecomprehensivetraining.IssuerCAsandRAsshallcreateatraining (awareness)plantoaddressanysignificantchangetoCMSoperationsandshalldocumentthe executionoftheplan. Personnelmustmaintainskilllevelsthatareconsistentwithindustryrelevanttrainingand performanceprogramsinordertocontinueactingintrustedroles.TheIssuerCAorRAshallmake individualsactingintrustedrolesawareofanychangestotheIssuerCAsorRAsoperations.Ifsuch operationschange,theIssuerCAorRAshallprovidedocumentedtraining,inaccordancewithan executedtrainingplan,toalltrustedroles. Nostipulation.

5.3.4. RetrainingFrequencyandRequirements

5.3.5. JobRotationFrequencyandSequence 5.3.6. SanctionsforUnauthorizedActions

IssuerCAorRAemployeesandagentsfailingtocomplywiththisCP,whetherthroughnegligenceor maliciousintent,shallbesubjecttoadministrativeordisciplinaryactions,includingterminationof employmentoragencyandcriminalsanctions.Ifapersoninatrustedroleiscitedbymanagement forunauthorizedorinappropriateactions,thepersonwillbeimmediatelyremovedfromthetrusted rolependingmanagementreview.Aftermanagementreviewsanddiscussestheincidentwiththe trustedpersonnel,managementmayreassigntheemployeetoanontrustedroleordismissthe individualfromemploymentasappropriate. AnyIssuerCAorRAallowingindependentcontractorstobeassignedtoperformtrustedrolesshall requirethattheyagreetotheobligationsunderthisSection0andthesanctionsstatedabovein Section5.3.6. IssuerCAsandRAsshallprovidepersonnelintrustedroleswiththedocumentationnecessaryto performtheirduties.

5.3.7. IndependentContractorRequirements

5.3.8. DocumentationSuppliedtoPersonnel

5.4.

AUDITLOGGINGPROCEDURES

IssuerCAandRAsystems(includinganyCMS)shallrequireidentificationandauthenticationat systemlogon.Importantsystemactionsshallbeloggedtoestablishtheaccountabilityofthe operatorswhoinitiatesuchactions. IssuerCAsandRAsshallenableallessentialeventauditingcapabilitiesofitsCAorRAapplicationsin ordertorecordalleventsrelatedtothesecurityoftheCAorRA,includingthoselistedbelow.A messagefromanysourcereceivedbytheIssuerCArequestinganactionrelatedtotheoperational

5.4.1. TypesofEventsRecorded

27

 stateoftheCAisanauditableevent.IftheIssuerCAsapplicationscannotautomaticallyrecordan event,theIssuerCAshallimplementmanualprocedurestosatisfytherequirements.Foreachevent, theIssuerCAshallrecordtherelevant(i)dateandtime,(ii)typeofevent,(iii)successorfailure,and (iv)userorsystemthatcausedtheeventorinitiatedtheaction.TheIssuerCAshallmakeallevent recordsavailabletoitsauditorsasproofoftheIssuerCAspractices. AuditableEvent SECURITYAUDIT Anychangestotheauditparameters,e.g.,auditfrequency,typeofeventaudited Anyattempttodeleteormodifytheauditlogs AUTHENTICATIONTOSYSTEMS Successfulandunsuccessfulattemptstoassumearole Thevalueofmaximumnumberofauthenticationattemptsischanged Maximumnumberofauthenticationattemptsoccurduringuserlogin Anadministratorunlocksanaccountthathasbeenlockedasaresultofunsuccessful authenticationattempts Anadministratorchangesthetypeofauthenticator,e.g.,fromapasswordtoa biometric LOCALDATAENTRY Allsecurityrelevantdatathatisenteredinthesystem REMOTEDATAENTRY Allsecurityrelevantmessagesthatarereceivedbythesystem DATAEXPORTANDOUTPUT Allsuccessfulandunsuccessfulrequestsforconfidentialandsecurityrelevant information KEYGENERATION WheneveraCAgeneratesakey(notmandatoryforsinglesessionoronetimeuse symmetrickeys) PRIVATEKEYLOADANDSTORAGE TheloadingofComponentPrivateKeys AllaccesstocertificatesubjectPrivateKeysretainedwithintheCAforkeyrecovery purposes TRUSTEDPUBLICKEYENTRY,DELETIONANDSTORAGE SECRETKEYSTORAGE Themanualentryofsecretkeysusedforauthentication PRIVATEANDSECRETKEYEXPORT Theexportofprivateandsecretkeys(keysusedforasinglesessionormessageare excluded) CERTIFICATEREGISTRATION Allcertificaterequests,includingissuance,rekey,renewal,andrevocation Certificateissuance Verificationactivities CERTIFICATEREVOCATION Allcertificaterevocationrequests CERTIFICATESTATUSCHANGEAPPROVALORREJECTION CACONFIGURATION AnysecurityrelevantchangestotheconfigurationofaCAsystemcomponent ACCOUNTADMINISTRATION Rolesandusersareaddedordeleted Theaccesscontrolprivilegesofauseraccountorarolearemodified CERTIFICATEPROFILEMANAGEMENT Allchangestothecertificateprofile REVOCATIONPROFILEMANAGEMENT

28

 AuditableEvent Allchangestotherevocationprofile CERTIFICATEREVOCATIONLISTPROFILEMANAGEMENT Allchangestothecertificaterevocationlistprofile GenerationofCRLsandOCSPentries TIMESTAMPING Clocksynchronization MISCELLANEOUS AppointmentofanindividualtoaTrustedRole Designationofpersonnelformultipartycontrol InstallationofanOperatingSystem InstallationofaPKIApplication InstallationofaHardwareSecurityModules RemovalofHSMs DestructionofHSMs SystemStartup LogonattemptstoPKIApplication Receiptofhardware/software Attemptstosetpasswords Attemptstomodifypasswords BackupoftheinternalCAdatabase RestorationfrombackupoftheinternalCAdatabase Filemanipulation(e.g.,creation,renaming,moving) Postingofanymaterialtoarepository AccesstotheinternalCAdatabase Allcertificatecompromisenotificationrequests LoadingHSMswithCertificates ShipmentofHSMs ZeroizingHSMs RekeyoftheComponent CONFIGURATIONCHANGES Hardware Software OperatingSystem Patches SecurityProfiles PHYSICALACCESS/SITESECURITY PersonnelaccesstosecureareahousingCAcomponents AccesstoaCAcomponent Knownorsuspectedviolationsofphysicalsecurity Firewallandrouteractivities ANOMALIES Systemcrashesandhardwarefailures Softwareerrorconditions Softwarecheckintegrityfailures Receiptofimpropermessagesandmisroutedmessages Networkattacks(suspectedorconfirmed) Equipmentfailure Electricalpoweroutages UninterruptiblePowerSupply(UPS)failure Obviousandsignificantnetworkserviceoraccessfailures ViolationsofaCPorCPS

29

 AuditableEvent ResettingOperatingSystemclock TheIssuerCAorRAshall,atleasteverytwomonths,reviewsystemlogs,makesystemandfile integritychecks,andmakeavulnerabilityassessment.TheIssuerCAorRAmayuseautomatedtools toscanforanomaliesorspecificconditions.Duringitsreview,theIssuerCAorRAshallverifythat thelogshavenotbeentamperedwith,examineanystatisticallysignificantsetofsecurityauditdata generatedsincethelastreview,andmakeareasonablesearchforanyevidenceofmaliciousactivity. TheIssuerCAorRAshallbrieflyinspectalllogentriesandinvestigateanydetectedanomaliesor irregularities.TheIssuerCAorRAshallmakeasummaryofthereviewavailabletoitsauditorsupon request.TheIssuerCAofRAshalldocumentanyactionstakenasaresultofareview. TheIssuerCAandRAshallretainauditlogsonsiteuntilaftertheyarereviewed.Theindividual whoremovesauditlogsfromtheIssuerCAsorRAssystemsmustbedifferentthanthe individualswhocontroltheIssuerCAssignaturekeys.

5.4.2. FrequencyofProcessingLog

5.4.3. RetentionPeriodforAuditLog

5.4.4. ProtectionofAuditLog
The Issuer CA and RA shall implement procedures that protect archived data from destruction prior to the end of the audit log retention period. The Issuer CAandRAshallconfigureitssystemsandestablish operationalprocedurestoensurethat(i)onlyauthorizedpeoplehavereadaccesstologs,(ii)only authorizedpeoplemayarchiveauditlogs,and(iii)auditlogsarenotmodified.TheIssuerCAsoff sitestoragelocationmustbeasafeandsecurelocationthatisseparatefromthelocationwherethe datawasgenerated. TheIssuerCAandRAshallmakerecordsavailableifrequiredforthepurposeofprovidingevidence ofthecorrectoperationoftimestampingservicesforthepurposeoflegalproceedings.TheIssuer CAshallmakeitsauditlogsavailabletoauditorsuponrequest. Onatleastamonthlybasis,theIssuerCAandRAshallmakebackupsofauditlogsandauditlog summariesandsendacopyoftheauditlogoffsite. TheIssuerCAorRAmayuseautomaticauditprocesses,providedthattheyareinvokedatsystem startupandendonlyatsystemshutdown.Ifanautomatedauditsystemfailsandtheintegrityofthe systemorconfidentialityoftheinformationprotectedbythesystemisatrisk,theIssuerCAorRA shallconsidersuspendingitsoperationuntiltheproblemisremedied. Nostipulation.

5.4.5. AuditLogBackupProcedures

5.4.6. AuditCollectionSystem(internalvs.external)

5.4.7. NotificationtoEventcausingSubject 5.4.8. VulnerabilityAssessments

TheIssuerCAshallperformroutineriskassessmentsthatidentifyandassessreasonablyforeseeable internalandexternalthreatsthatcouldresultinunauthorizedaccess,disclosure,misuse,alteration, ordestructionofanycertificatedataorcertificateissuanceprocess.TheIssuerCAshallalso routinelyassessthesufficiencyofthepolicies,procedures,informationsystems,technology,and otherarrangementsthattheIssuerCAhasinplacetocontrolsuchrisks.TheIssuerCAsauditors shouldreviewthesecurityauditdatachecksforcontinuityandalerttheappropriatepersonnelof anyevents,suchasrepeatedfailedactions,requestsforprivilegedinformation,attemptedaccessof systemfiles,andunauthenticatedresponses.

30

5.5.

RECORDSARCHIVAL

The Issuer CA shall comply with any record retention policies that apply by law. The Issuer CA shall include sufficient detail in archived records to show that a certificate was issued in accordance with the CPS. TheIssuerCAshallretainthefollowinginformationinitsarchives(assuchinformationpertainsto theIssuerCAsCAoperations): 1. AnyaccreditationoftheIssuerCA, 2. CPandCPSversions, 3. ContractualobligationsandotheragreementsconcerningtheoperationoftheCA, 4. Systemandequipmentconfigurations,modifications,andupdates, 5. Certificateandrevocationrequests, 6. Identityauthenticationdata, 7. Anydocumentationrelatedtothereceiptoracceptanceofacertificateortoken, 8. SubscriberAgreements, 9. Issuedcertificates, 10. Arecordofcertificaterekeys, 11. CRLs, 12. Anydataorapplicationsnecessarytoverifyanarchivescontents, 13. Complianceauditorreports, 14. AnychangestotheIssuerCAsauditparameters, 15. Anyattempttodeleteormodifyauditlogs, 16. Keygeneration, 17. AccesstoPrivateKeysforkeyrecoverypurposes, 18. ChangestotrustedPublicKeys, 19. ExportofPrivateKeys, 20. Approvalorrejectionofacertificatestatuschangerequest, 21. Appointmentofanindividualtoatrustedrole, 22. Destructionofacryptographicmodule, 23. Certificatecompromisenotifications, 24. Remedialactiontakenasaresultofviolationsofphysicalsecurity,and 25. ViolationsoftheCPorCPS. TheIssuerCAshallretainarchiveddataforatleast10.5years.RAssupportingcertificatesthatare notcrosscertifiedwiththeFBCAmayretainarchiveddataforashorterperiodoftimeifthepractice isdocumentedinaRPSordocumentretentionpolicy. TheIssuerCAshallstoreitsarchivedrecordsatasecureoffsitelocationinamannerthatprevents unauthorizedmodification,substitution,ordestruction.Nounauthorizedusermayaccess,write, ordeletethearchives.TheIssuerCAshallnotreleasearchivesexceptasrequestedbytheDCPA orasrequiredbylaw.If the original media cannot retain the data for the required period, the archive site must define a mechanism to periodically transfer the archived data to new media. TheIssuerCAshall maintainanysoftwareapplicationrequiredtoprocessthearchivedatauntilthedataiseither destroyedortransferredtoanewermedium. TheIssuerCAanditsRAsshalldescribehowitsrecordsarebackedupandmanagedinitsCPSora referenceddocument.

5.5.1. TypesofRecordsArchived

5.5.2. RetentionPeriodforArchive

5.5.3. ProtectionofArchive

5.5.4. ArchiveBackupProcedures

31

TheIssuerCAshallautomaticallytimestamparchiverecordsastheyarecreated.Cryptographic timestampingofarchiverecordsisnotrequired;however,theIssuerCAshallsynchronizeitssystem timeatleasteveryeighthoursusingarealtimevaluetraceabletoarecognizedUTC(k)laboratoryor NationalMeasurementInstitute. TheIssuerCAshallcollectarchiveinformationinternally.

5.5.5. RequirementsforTimestampingofRecords

5.5.6. ArchiveCollectionSystem(internalorexternal) 5.5.7. ProcedurestoObtainandVerifyArchiveInformation

TheIssuerCAmayarchivedatamanuallyorautomatically.Ifautomaticarchivalisimplemented,the IssuerCAshallsynchronizeitsarchiveddataonadailybasis. TheIssuerCAmayallowSubscriberstoobtainacopyoftheirarchivedinformation.Otherwise,the IssuerCAshallrestrictaccesstoarchivedatatoauthorizedpersonnelinaccordancewiththeIssuer CA'sinternalsecuritypolicyandshallnotreleaseanyarchivedinformationexceptasallowedbylaw. TheIssuerCAshallmaintain,andprovideuponreceiptofaproperrequestbysuchauthorized person,theproceduresitfollowstocreate,verify,package,transmit,andstorearchivedinformation. TheIssuerCAshallperiodicallychangeitsPrivateKeysinamannersetforthintheCPSthatprevents downtimeintheIssuerCAsoperation.Afterkeychangeover,theIssuerCAshallsigncertificates usingonlythenewkey.TheIssuerCAshallstillprotectitsoldPrivateKeysandshallmaketheold certificateavailabletoverifysignaturesuntilallofthecertificatessignedwiththePrivateKeyhave expired.

5.6.

KEYCHANGEOVER

5.7.

COMPROMISEANDDISASTERRECOVERY

TheIssuerCAshalldevelopandimplementprocedurestobefollowedintheeventofaserious securityincidentorsystemcompromise.Requireddocumentationincludes,butisnotlimitedto, anIncidentResponsePlan,aDisasterRecoveryorBusinessContinuityPlan(DR/BCP),andrelated resources.TheIssuerCAshallreview,test,andupdateitsIncidentResponsePlanandDR/BCP,and supportingprocedures,atleastannually. TheIssuerCAshallrequirethatanyCMShavedocumentedincidenthandlingproceduresthatare approvedbytheheadoftheorganizationresponsibleforoperatingtheCMS.IftheCMSis compromised,theIssuerCAshallrevokeallcertificatesissuedtotheCMS,ifapplicable.TheIssuer CAanditsRAsshallalsoassessanydamagecausedbytheCMScompromise,revokeallpotentially compromisedSubscribercertificates,notifyaffectedsubscribersoftherevocation,andreestablish theoperationoftheCMS. TheIssuerCAshallmakeregularbackupcopiesofitsPrivateKeysandstoretheminasecureoff sitelocation.TheIssuerCAshallalsomakesystembackupsonadailybasis.Ifadisastercausesthe IssuerCAsoperationstobecomeinoperative,theIssuerCAshall,afterensuringtheintegrityofthe CAsystems,reinitiateitsoperationsonreplacementhardwareusingbackupcopiesofitssoftware, data,andPrivateKeysatasecurefacility.TheIssuerCAshallgiveprioritytoreestablishingthe generationofcertificatestatusinformation.IfthePrivateKeysaredestroyed,theIssuerCAshall reestablishoperationsasquicklyaspossible,givingprioritytogeneratingnewkeypairs. IftheIssuerCAsuspectsthataCAPrivateKeyiscomprisedorlostthentheIssuerCAshallfollowits IncidentResponsePlanandimmediatelyassessthesituation,determinethedegreeandscopeofthe

5.7.1. IncidentandCompromiseHandlingProcedures

5.7.2. ComputingResources,Software,and/orDataAreCorrupted

5.7.3. EntityPrivateKeyCompromiseProcedures

32

 incident,andtakeappropriateaction.IssuerCApersonnelshallreporttheresultsofthe investigation.Thereportmustdetailthecauseofthecompromiseorlossandthemeasuresshould betakentopreventareoccurrence.Ifthereisacompromiseorloss,theIssuerCAshallnotifyany affiliatedentitiessothattheymayissueCRLsrevokingcrosscertificatesissuedtotheIssuerCAand shallnotifyinterestedpartiesandmakeinformationavailablethatcanbeusedtoidentifywhich certificatesandtimestamptokensaffected,unlessdoingsowouldbreachtheprivacyoftheIssuer CAsuserorthesecurityoftheIssuerCAsservices. FollowingrevocationofaCAcertificateandimplementationoftheIssuerCAsIncidentResponse Plan,theIssuerCAshallgenerateanewCAKeyPairandsignanewCAcertificateinaccordancewith itsCPS.TheIssuerCAshalldistributethenewselfsignedcertificateinaccordancewithSection 6.1.4.TheIssuerCAshallceaseitsCAoperationsuntilappropriatestepsaretakentorecoverfrom thecompromiseandrestoresecurity. StatedgoalsoftheIssuerCAsDR/BCPshallincludethatcertificatestatusservicesbeminimally affectedbyanydisasterinvolvingtheIssuerCAsprimaryfacilityandthatotherservicesresumeas quicklyaspossiblefollowingadisaster.TheIssuerCAshallestablishasecurefacilityinatleastone secondary,geographicallydiverselocationtoensurethatitsdirectoryandonlinestatusservers,if any,remainoperationalintheeventofaphysicaldisasterattheIssuerCAsmainsite.TheIssuerCA shallprovidenoticeattheearliestfeasibletimetoallinterestedpartiesifadisasterphysically damagestheIssuerCAsequipmentordestroysallcopiesoftheIssuerCAssignaturekeys.

5.7.4. BusinessContinuityCapabilitiesafteraDisaster

5.8.

IfanIssuerCAsoperationsareterminated,theIssuerCAshallprovidenoticetointerested partiesandshalltransferitsresponsibilitiesandrecordstosuccessorentities.TheIssuerCAmay allowasuccessortoreissuecertificatesifthesuccessorhasallrelevantpermissionstodoso andhasoperationsthatareatleastassecuretheIssuerCAs.Ifaqualifiedsuccessordoesnot exists,theIssuerCAshalltransferallrelevantrecordstoagovernmentsupervisoryorlegal body.

CAORRATERMINATION

6. TECHNICALSECURITYCONTROLS 6.1. KEYPAIRGENERATIONANDINSTALLATION

AllkeysmustbegeneratedusingaFIPSapprovedmethodorequivalentinternationalstandard. IssuerCAsshallgeneratecryptographickeyingmaterialonaFIPS140level3validated cryptographicmoduleusingmultipleindividualsactingintrustedroles.Whengeneratingkey material,theIssuerCAshallcreateauditableevidencetoshowthattheIssuerCAenforcedrole separationandfolloweditskeygenerationprocess.AnindependentauditorvalidatesthateachCA keyassociatedwithacertificatecrosscertifiedwiththeFBCAandeachRootCAKeyisgeneratedin accordancewiththisCPbyhavingtheauditoreitherwitnessthekeygenerationorexamineasigned anddocumentedrecordofthekeygeneration. SubscriberswhogeneratetheirownkeysshalluseaFIPSapprovedmethodandeitheravalidated hardwareorvalidatedsoftwarecryptographicmodule,dependingonthelevelofassurancedesired. KeysforLevel3HardwareorLevel4Biometriccertificatesmustbegeneratedonvalidatedhardware cryptographicmodulesusingaFIPSapprovedmethod.Subscriberswhogeneratetheirownkeysfor aQualifiedCertificateonanSSCDshallensurethattheSSCDmeetstherequirementsofCWA14169 andthatthePublicKeytobecertifiedisfromthekeypairgeneratedbytheSSCD.

6.1.1. KeyPairGeneration

33

IftheIssuerCA,aCMS,oranRAgenerateskeysonbehalfoftheSubscriber,thentheentity generatingthekeyshalldeliverthePrivateKeysecurelytotheSubscriber.Theentitymaydeliver PrivateKeystoSubscriberselectronicallyoronahardwarecryptographicmodule/SSCD.Inall cases: 1. ThekeygeneratormaynotretainacopyoftheSubscribersPrivateKeyafterdelivery, 2. Thekeygeneratorshallprotecttheprivatekeyfromactivation,compromise,ormodification duringthedeliveryprocess, 3. TheSubscribershallacknowledgereceiptoftheprivatekey(s),and 4. ThekeygeneratorshalldeliverthePrivateKeyinawaythatensuresthatthecorrecttokens andactivationdataareprovidedtothecorrectSubscribers,including: a. Forhardwaremodules,thekeygeneratormaintainingaccountabilityforthe locationandstateofthemoduleuntiltheSubscriberacceptspossessionofitand b. Forelectronicdeliveryofprivatekeys,thekeygeneratorencryptingkeymaterial usingacryptographicalgorithmandkeysizeatleastasstrongastheprivatekey. Thekeygeneratorshalldeliveractivationdatausingaseparatesecurechannel. TheentityassistingwithSubscriberkeygenerationshallmaintainarecordoftheSubscribers acknowledgementofreceiptofthedevicecontainingtheSubscribersKeyPair.ACMSorRA providingkeydeliveryservicesshallprovideacopyofthisrecordtotheIssuerCA. SubscribersshalldelivertheirPublicKeystotheIssuerCAinasecurefashionandinamannerthat bindstheSubscribersverifiedidentitytothePublicKey.Thecertificaterequestprocessshallensure thattheApplicantpossessesthePrivateKeyassociatedwiththePublicKeypresentedfor certification.Ifcryptographyisusedtoachievethebinding,thecryptographymustbeatleastas strongastheCAkeysusedtosigntheCertificate. TheIssuerCAshallprovideitspublickeystoRelyingPartiesinasecurefashionandinamannerthat precludessubstitutionattacks.TheIssuerCAmaydeliveritsCAPublicKeystoRelyingPartiesas(i) specifiedinacertificatevalidationorpathdiscoverypolicyfile,(ii)trustanchorsincommercial browsersandoperatingsystemrootstore,and/or(iii)rootssignedbyotherCAs.TheIssuerCAmay distributePublicKeysthatarepartofanupdatedsignaturekeypairasaselfsignedcertificate,asa newCAcertificate,orinakeyrollovercertificate.AllaccreditationauthoritiessupportingDigiCert certificatesandallapplicationsoftwareprovidersarepermittedtoredistributeanyRootCertificate thatisissuedunderthisCP. TheIssuerCAshallfollowtheNISTtimelinesinusingandretiringsignaturealgorithmsandkeysizes. TheIssuerCAshallgenerateandusethefollowingkeys,signaturealgorithms,andhashalgorithms forsigningcertificates,CRLs,andcertificatestatusserverresponses: 2048bitRSAKeywithSecureHashAlgorithmversion1(SHA1) 2048bitRSAKeywithSecureHashAlgorithmversion2(SHA256) 384bitECDSAKeywithSecureHashAlgorithmversion2(SHA256) TheIssuerCAshallonlyissueendentitycertificatesthatcontainat least 2048-bit public keys for RSA, DSA, or Diffie-Hellman, or 224 bits for elliptic curve algorithms,exceptforcertificatesissuedtosmart cardsorotherhardwaredevicesthatareincapableofaccepting2048bitRSAcertificates,thenat least1024bitpublickeysforRSA,solongassuchcertificatesexpireonorbeforeDecember31, 2013.

6.1.2. PrivateKeyDeliverytoSubscriber

6.1.3. PublicKeyDeliverytoCertificateIssuer

6.1.4. CAPublicKeyDeliverytoRelyingParties

6.1.5. KeySizes

34

 TheIssuerCAmayrequirehigherbitkeysinitssolediscretion.TheIssuerCAshallonlyissueend entitycertificatesassociatedwithPIVICardsthatcontainpublickeysandalgorithmsthatconform to[NISTSP80078]. Anycertificates(whetherCAorendentity)expiringafter12/31/2030mustbeatleast3072bitfor RSAand256bitforECDSA. Signaturesonallcertificates shall be generated using at least SHA-1. Signatures on CRLs, OCSP responses, and OCSP responder certificates that provide status information for certificates that were generated using SHA-1 may continue to be generated using the SHA-1 algorithm. The following certificate types require the use of the SHA-256 algorithm: FederatedDeviceCertificates,Levels3and 4(USandCBP), andPIVI. Signatures on CRLs, OCSP responses, and OCSP responder certificates that provide status information for such certificates are generated using the SHA-256 algorithm. TheIssuerCAandSubscribersmayfulfilltheirrequirementsundertheCPandCPSusingTLSor anotherprotocolthatprovidessimilarsecurity,providedtheprotocolrequiresatleast: 1. AES(128bits)orequivalentforthesymmetrickeyandatleast2048bitRSAorequivalent fortheasymmetrickeysafter12/31/2010,and 2. AES(128bits)orequivalentforthesymmetrickey,andatleast3072bitRSAorequivalent fortheasymmetrickeysafter12/31/2030. TheIssuerCAshallgeneratePublicKeyparametersforsignaturealgorithmsandperformparameter qualitycheckinginaccordancewithFIPS186. TheIssuerCAshallincludekeyusageextensionfieldsthatspecifytheintendeduseofthecertificate andtechnicallylimitthecertificatesfunctionalityinX.509v3compliantsoftware. TheIssuerCAshallnotissueLevel3andLevel4certificatesthatarecertifiedforbothsigningand encryption.Level1andLevel2certificatesmayincludeasinglekeyforusewithencryptionand signatureinsupportoflegacyapplications.Suchdualusecertificatesmust: 1. begeneratedandmanagedinaccordancewiththeirrespectivesignaturecertificate requirements,exceptwhereotherwisenotedinthisCP, 2. neverassertthenonrepudiationkeyusagebit,and 3. notbeusedforauthenticatingdatathatwillbeverifiedonthebasisofthedualuse certificateatafuturetime.

6.1.6. PublicKeyParametersGenerationandQualityChecking

6.1.7. KeyUsagePurposes(asperX.509v3keyusagefield)

6.2.

PRIVATEKEYPROTECTIONANDCRYPTOGRAPHICMODULEENGINEERING CONTROLS

TheIssuerCAandallsystemsthatsignOCSPresponsesorCRLsinordertoprovidecertificatestatus servicesshallusecryptographichardwaremodulesvalidatedtoFIPS140Level3andInternational CommonCriteria(CC)InformationTechnologySecurityEvaluationAssuranceLevel(EAL)14169 EAL4+Type3(EAL4AugmentedbyAVA_VLA.4andAVA_MSU.3)intheEuropeanUnion(EU). Cryptographicmodulerequirementsforsubscribersandregistrationauthoritiesareshowninthe tablebelow. Subscriber RegistrationAuthority AssuranceLevel EVCodeSigning FIPS140Level2 (Hardware) FIPS140Level2 (Hardware)

6.2.1. CryptographicModuleStandardsandControls

35

CDS Level1 Level2 Level3 Level4&PIVICard Authentication EUQConSSCD

FIPS140Level2 (Hardware) N/A FIPS140Level1 (HardwareorSoftware) FIPS140Level1(Software) FIPS140Level2(Hardware) FIPS140Level2 (Hardware) EAL4Augmented (Hardware)

FIPS140Level3 (Hardware) FIPS140Level1 (HardwareorSoftware) FIPS140Level1 (HardwareorSoftware) FIPS140Level2 (Hardware) FIPS140Level2 (Hardware) EAL4Augmented (Hardware)

TheIssuerCAshallmaintainanyCardManagementMasterKeyandperformdiversification operationsinaFIPS1402Level3CryptographicModulethatconformsto[NISTSP80078].The IssuerCAshallrequirePIVIHardwareorcommensuratetousethekeysandshallrequirestrong authenticationoftrustedroleswhenactivatingtheCardManagementMasterKey.TheIssuerCA shallalsorequirethatcardmanagementbeconfiguredsuchthatonlytheauthorizedCMScan manageissuedcards. ForEVCodeSigningCertificates,theIssuerCAshallensurethatthePrivateKeyisproperly generated,stored,andusedinacryptomodulethatmeetsorexceedstherequirementsofFIPS140 level2. TheIssuerCAshallensurethatmultipletrustedpersonnelarerequiredtoactinordertoaccessand usetheIssuerCAsPrivateKeys,includinganyPrivateKeybackups. TheIssuerCAshallnotescrowitssignaturekeys.Subscribersmaynotescrowtheirprivate signaturekeysordualusekeys.TheIssuerCAmayescrowSubscriberPrivateKeysusedfor encryptioninordertoprovidekeyrecoveryasdescribedinsection4.12.1. TheIssuerCAshallbackupitsCA,CRL,andcertificatestatusPrivateKeysundermultipersoncontrol andshallstoreatleastonebackupoffsite.TheIssuerCAshallprotectallcopiesofitsCA,CRL,and certificatestatusPrivateKeysinthesamemannerastheoriginals. TheIssuerCAmaybackup(1)Level1,Level2,andLevel3subscriberprivatesignaturekeys, providedthatthebackupcopiesareheldinSubscriberscontrol,and(2)subscriberkeymanagement keys.TheIssuerCAmaynotbackupLevel4subscriberprivatesignaturekeys.TheIssuerCAmay notstorebackupkeysinaplaintextformoutsideofthecryptographicmodule.Storagethatcontains backupkeysshallprovidesecuritycontrolsthatareconsistentwiththeprotectionprovidedbythe Subscriberscryptographicmodule. TheIssuerCAmayrequirebackupofPIVIContentSigningprivatesignaturekeystofacilitate disasterrecovery,providedthatallbackupisperformedundermultipersoncontrol.

6.2.2. PrivateKey(noutofm)MultipersonControl

6.2.3. PrivateKeyEscrow

6.2.4. PrivateKeyBackup

36

TheIssuerCAshallnotarchiveitsPrivateKeysandshallnotallowthearchivalofanyPrivateKeys associatedwithEUQualifiedCertificates. Allkeysmustbegeneratedbyandinacryptographicmodule.TheIssuerCAandRAshallnever allowtheirPrivateKeystoexistinplaintextoutsideofthecryptographicmodule.TheIssuerCA shallonlyexportitsPrivateKeysfromthecryptographicmoduletoperformCAkeybackup procedures.Whentransportedbetweencryptographicmodules,theIssuerCAshallencryptthe privatekeyandprotectthekeysusedforencryptionfromdisclosure. TheIssuerCAshallstoreitsCAPrivateKeysonacryptographicmodulewhichhasbeenevaluatedto atleastFIPS140Level3andEAL4+. TheIssuerCAshallactivateitsPrivateKeysinaccordancewiththespecificationsofthe cryptographicmodulemanufacturer.SubscribersaresolelyresponsibleforprotectingtheirPrivate Keys.Ataminimum,Subscribersmustauthenticatethemselvestothecryptographicmodulebefore activatingtheirprivatekeys.Entryofactivationdatashallbeprotectedfromdisclosure. TheIssuerCAshalldeactivateitsPrivateKeysandstoreitscryptographicmodulesinsecure containerswhennotinuse.TheIssuerCAshallpreventunauthorizedaccesstoanyactivated cryptographicmodules. TheIssuerCAshalluseindividualsintrustedrolestodestroyCA,RA,andstatusserverPrivateKeys whentheyarenolongerneeded.SubscribersshalldestroytheirPrivateKeyswhenthe correspondingcertificateisrevokedorexpiredorifthePrivateKeyisnolongerneeded.For software cryptographic modules, the Issuer CA may destroy the Private Keys by overwriting the data. For hardware cryptographic modules, the Issuer CA may destroy the Private Keys by executing a zeroize command. Physical destruction of hardware is not required. SeeSection6.2.1.

6.2.5. PrivateKeyArchival

6.2.6. PrivateKeyTransferintoorfromaCryptographicModule

6.2.7. PrivateKeyStorageonCryptographicModule

6.2.8. MethodofActivatingPrivateKey

6.2.9. MethodofDeactivatingPrivateKey

6.2.10. MethodofDestroyingPrivateKey

6.2.11. CryptographicModuleRating OTHERASPECTSOFKEYPAIRMANAGEMENT

6.3.

TheIssuerCAshallarchiveacopyofeachPublicKey. TheIssuerCAcertificates,includingrenewedcertificates,havemaximumvalidityperiodsof: Type RootCA SubCA CrosscertifiedSubCA* CRLandOCSPrespondersigning OVSSL EVSSL EVCodeSigningCertificateissuedto Subscriber PrivateKeyUse 20 years 12 years 6years 3 years Nostipulation Nostipulation Nostipulation CertificateTerm 25years 15years 15years 31days 42months 27months 39months

6.3.1. PublicKeyArchival

6.3.2. CertificateOperationalPeriodsandKeyPairUsagePeriods

37

 EVCodeSigningCertificateissuedtoSigning Nostipulation 123months Authority TimeStampingAuthority Nostipulation 123months CodeSigningCertificate Nostipulation 123months Clientusedforsignatures(includingEU 36months 36months QualifiedCertificates) Clientusedforkeymanagement 36months 36months Clientforallotherpurposes 42months 42months PIVICards 60months 60months IGTF(2048bitRSAkeys)onhardware 60 months 13months IGTF(1024bitRSAkeys)onhardware 36 months 13months IGTFnotonhardware 13 months 13months *IGTFsigningcertificatesmusthavealifetimethatisatleasttwicethemaximumlifetimeofanend entitycertificate. OCSPresponderandCRLsigningcertificatesassociatedwithaPIVIcertificatemayonlyhavea maximumcertificatevalidityperiodof31days. Relyingpartiesmaystillvalidatesignaturesgeneratedwiththesekeysafterexpirationofthe certificate. Privatekeysassociatedwithselfsignedrootcertificatesthataredistributedastrustanchorsare usedforamaximumof20years. PIVIsubscribercertificatesmaynotexpirelaterthantheexpirationdateofthePIVIhardware tokenonwhichthecertificatesreside. TheIssuerCAmayretireitsCAPrivateKeysbeforetheperiodslistedabovetoaccommodatekey changeoverprocesses.TheIssuerCAshallnotissueaSubscribercertificatewithanexpirationdate thatispastthesigningrootsexpirationdateorthatexceedstheroutinerekeyidentification requirementsspecifiedinSection3.1.1.

6.4.

ACTIVATIONDATA

TheIssuerCAshallgenerateactivationdatathathassufficientstrengthtoprotectitsPrivateKeys.If theIssuerCAusespasswordsasactivationdataforasigningkey,theIssuerCAshallchangethe activationdatauponrekeyoftheCAcertificate.TheIssuerCAmayonlytransmitactivationdatavia anappropriatelyprotectedchannelandatatimeandplacethatisdistinctfromthedeliveryofthe associatedcryptographicmodule.

6.4.1. ActivationDataGenerationandInstallation

6.4.2. ActivationDataProtection
The Issuer CA shall protect data used to unlock private keys from disclosure using a combination of cryptographic and physical access control mechanisms. Activation data shall be: memorized biometric in nature, or recorded and secured at the level of assurance associated with the activation of the cryptographic module, and shall not be stored with the cryptographic module. TheIssuerCAshallrequirepersonneltomemorizeandnotwritedowntheirpasswordorsharetheir passwordswithotherindividuals.TheIssuerCAshallimplementprocessestotemporarilylock accesstosecureCAprocessesifacertainnumberoffailedloginattemptsoccur.

38

IftheIssuerCAmustresetactivationdataassociatedwithaPIVIcertificatethenasuccessful biometric1:1matchoftheapplicantagainstthebiometricscollectedinSection3.2.3isrequired. EithertheIssuerCAoranRAmustconductthisbiometric1:1match.

6.4.3. OtherAspectsofActivationData

6.5.

COMPUTERSECURITYCONTROLS

6.5.1. SpecificComputerSecurityTechnicalRequirements
The Issuer CA shall configure its systems, including any remote workstations, to: 1. authenticate the identity of users before permitting access to the system or applications, 2. manage the privileges of users and limit users to their assigned roles, 3. generate and archive audit records for all transactions, 4. enforce domain integrity boundaries for security critical processes, and 5. support recovery from key or system failure. The Issuer CA shall authenticate and protect all communications between a trusted role and its CA system. All Certificate Status Servers interoperating with cross-certified environments must: 1. authenticate the identity of users before permitting access to the system or applications, 2. manage privileges to limit users to their assigned roles, 3. enforce domain integrity boundaries for security critical processes, and 4. support recovery from key or system failure. ACMSmusthavethefollowingcomputersecurityfunctions: 1. authenticatetheidentityofusersbeforepermittingaccesstothesystemorapplications, 2. manageprivilegesofuserstolimituserstotheirassignedroles, 3. generateandarchiveauditrecordsforalltransactions,(seeSection5.4) 4. enforcedomainintegrityboundariesforsecuritycriticalprocesses,and 5. supportrecoveryfromkeyorsystemfailure. Nostipulation.

6.5.2. ComputerSecurityRating LIFECYCLETECHNICALCONTROLS

6.6.

InoperatingitsCA,theIssuerCAshalluseonly: 1. Commercialofftheshelfsoftwarethatwasdesignedanddevelopedunderaformaland documenteddevelopmentmethodology, 2. HardwareandsoftwaredevelopedspecificallyfortheIssuerCAbyverifiedpersonnel,using astructureddevelopmentapproachandacontrolleddevelopmentenvironment, 3. Opensourcesoftwarethatmeetssecurityrequirementsthroughsoftwareverification& validationandstructureddevelopment/lifecyclemanagement, 4. Hardwareandsoftwarepurchasedandshippedinafashionthatreducesthelikelihoodof tampering,and 5. ForCAoperations,hardwareandsoftwarethatisdedicatedonlytoperformingtheCA functions. TheIssuerCAshalltakepropercaretopreventmalicioussoftwarefrombeingloadedontotheCA equipment.TheIssuerCAshallscanallhardwareandsoftwareformaliciouscodeonfirstuseand periodicallythereafter.TheIssuerCAshallpurchaseordevelopupdatesinthesamemanneras originalequipment,andshallusetrustedtrainedpersonneltoinstallthesoftwareandequipment. TheIssuerCAshallnotinstallanysoftwareonitsCAsystemsthatarenotpartoftheCAsoperations.

6.6.1. SystemDevelopmentControls

39

 TheIssuerCAshalluseaformalconfigurationmanagementmethodologyforinstallationand ongoingmaintenanceofanyCMS.AnymodificationsandupgradestoaCMSshallbedocumentedand controlled.TheIssuerCAshallimplementamechanismfordetectingunauthorizedmodificationtoa CMS. TheIssuerCAshallestablishformalmechanismstodocument,control,monitor,andmaintainthe installationandconfigurationofitsCAsystems,includinganymodificationsorupgrades.TheIssuer CAschangecontrolprocessesshallincludeprocedurestodetectunauthorizedmodificationtothe IssuerCAssystemsanddataentriesthatareprocessed,loggedandtrackedforanysecurityrelated changestoCAsystems,firewalls,routers,softwareandotheraccesscontrols.Whenloadingsoftware ontoaCAsystem,theIssuerCAshallverifythatthesoftwareisthecorrectversionandissuppliedby thevendorfreeofanymodifications.TheIssuerCAshallverifytheintegrityofsoftwareusedwithits CAprocessesatleastonceaweek. Nostipulation.

6.6.2. SecurityManagementControls

6.6.3. LifeCycleSecurityControls NETWORKSECURITYCONTROLS

TheIssuerCAshalldocumentandcontroltheconfigurationsofitssystems,includinganyupgrades ormodificationsmade.TheIssuerCAshallimplementaprocessfordetectingunauthorized modificationstoitshardwareorsoftwareandforinstallingandmaintainingitssystems. The Issuer CA and its RAs shall implement appropriate network security controls, including turning off any unused network ports and services and only using network software that is necessary for the proper functioning of the CA systems. TheIssuerCAshallimplementthesamenetworksecuritycontrolsto protectaCMSasusedtoprotectitsotherCAequipment. IssuerCAsshallensurethattheaccuracyofclocksusedfortimestampingarewithinthreeminutes. Electronicofmanualproceduresmaybeusedtomaintainsystemtime.Clockadjustmentsare auditableevents.

6.7.

6.8.

TIMESTAMPING

6.9.

ThefollowingrequirementsapplytoPIVICards: 1. ToensureinteroperabilitywithFederalsystems,PIVICardsmustuseasmartcardplatform thatisonGSAsFIPS201EvaluationProgramApprovedProductList(APL)andusesthePIV applicationidentifier(AID). 2. TheIssuerCAshallensurethatallPIVICardsconformto[NISTSP800731]. 3. TheIssuerCAshallonlyissuethemandatoryX.509CertificateforAuthenticationundera policythatiscrosscertifiedwiththeFBCAPIVIHardwarepolicyOID. 4. TheIssuerCAshallonlyissuePIVIcertificatesthatconformtothePIVIProfile. 5. TheIssuerCAshallincludeanasymmetricX.509CertificateforCardAuthenticationineach PIVIcardthat: a. conformstoPIVIProfile, b. conformsto[NISTSP80073],and c. isissuedunderthePIVICardAuthenticationpolicy. 6. TheCMSshallincludeanelectronicrepresentation(asspecifiedinSP80073andSP800 76)ofthecardholdersfacialimageineachPIVIcard. 7. TheX.509CertificatesforDigitalSignatureandKeyManagementdescribedin[NISTSP800 73]areoptionalforPIVICards. 8. TheCMSshallmakeitsPIVICardsvisuallydistinctfromaFederalPIVCardtoprevent creationofafraudulentFederalPIVCard.Ataminimum,theCMSshallnotallowimagesor logosonaPIVICardtobeplacedwithinZone11,AgencySeal,asdefinedby[FIPS201]. 9. TheCMSshallrequirethefollowingitemsonthefrontofacard: 40

PIVICARDS

 a. Cardholderfacialimage, b. Cardholderfullname, c. OrganizationalAffiliation,ifexists;otherwisetheissuerofthecard,and d. Cardexpirationdate. TheIssuerCAshallissuePIVIcardswithanexpirationdatethatisfiveyearsorless. AllPIVICardsmustnotexpirelaterthanthePIVIContentSigningcertificateonthecard. TheIssuerCAshallincludeapolicyOIDthathasbeenmappedtotheFBCAPIVIContent SigningpolicyOIDinthedigitalsignaturecertificateusedtosignobjectsonthePIVICard. ThePIVIContentSigningcertificatemustconformtothePIVIProfile. TheIssuerCAanditsRAsshallmanagethePIVIContentSigningcertificateand correspondingprivatekeywithinatrustedCardManagementSystemasdefinedherein. Atissuance,theRAshallactivateandreleasethePIVICardtothesubscriberonlyaftera successful1:1biometricmatchoftheapplicantagainstthebiometricscollectedinSection 3.2.3. PIVICardsmaysupportcardactivationbythecardmanagementsystemtosupportcard personalizationandpostissuancecardupdate.Toactivatethecardforpersonalizationor update,thecardmanagementsystemshallperformachallengeresponseprotocolusing cryptographickeysstoredonthecardinaccordancewith[SP80073].Whencardsare personalized,cardmanagementkeysshallbesettobespecifictoeachPIVICard.Thatis, eachPIVICardshallcontainauniquecardmanagementkey.Cardmanagementkeysshall meetthealgorithmandkeysizerequirementsstatedinSpecialPublication80078, CryptographicAlgorithmsandKeySizesforPersonalIdentityVerification.[SP80078].

10. 11. 12. 13. 14. 15.

7. CERTIFICATE,CRL,ANDOCSPPROFILES 7.1. CERTIFICATEPROFILE

IssuerCAsshallissueX.509version3certificates. IssuerCAsshallusecertificateextensionsinaccordancewithapplicableindustrystandards, includingRFC3280/5280.IssuerCAsshallnotissuecertificateswithacriticalprivateextension. IGTFcertificatesmustcomplywiththeGridCertificateProfileasdefinedbytheOpenGridForum GFD.125. PIVICertificatesmustcomplywiththeX.509CertificateandCertificateRevocationList(CRL) ExtensionsProfileforPersonalIdentityVerificationInteroperable(PIVI)Cards,Date:April232010, assetforthat:http://www.idmanagement.gov/fpkipa/documents/pivi_certificate_crl_profile.pdf. IssuerCAsshallsigncertificatesusingoneofthefollowingalgorithms: iddsawithsha1 {iso(1)memberbody(2)us(840)x957(10040)x9cm(4)3} sha1WithRSAEncryption {iso(1)memberbody(2)us(840)rsadsi(113549)pkcs(1) pkcs1(1)5} sha256WithRSAEncryption {iso(1)memberbody(2)us(840)rsadsi(113549)pkcs(1) pkcs1(1)11} idRSASSAPSS {iso(1)memberbody(2)us(840)rsadsi(113549)pkcs(1) pkcs1(1)10} ecdsawithSHA1 {iso(1)memberbody(2)us(840)ansiX962(10045) signatures(4)1} ecdsawithSHA224 {iso(1)memberbody(2)us(840)ansiX962(10045) signatures(4)ecdsawithSHA2(3)1}

7.1.1. VersionNumber(s)

7.1.2. CertificateExtensions

7.1.3. AlgorithmObjectIdentifiers

41

 ecdsawithSH256 ecdsawithSHA384 ecdsawithSHA512 {iso(1)memberbody(2)us(840)ansiX962(10045) signatures(4)ecdsawithSHA2(3)2} {iso(1)memberbody(2)us(840)ansiX962(10045) signatures(4)ecdsawithSHA2(3)3} {iso(1)memberbody(2)us(840)ansiX962(10045) signatures(4)ecdsawithSHA2(3)4}

IfanIssuerCAsignscertificatesusingRSAwithPSSpadding,theIssuerCAmayuseanRSAsignature withPSSpaddingwiththefollowingalgorithmsandOIDs: idsha256 {jointisoitut(2)country(16)us(840)organization(1) gov(101)csor(3)nistalgorithm(4)hashalgs(2)1} idsha512 {jointisoitut(2)country(16)us(840)organization(1) gov(101)csor(3)nistalgorithm(4)hashalgs(2)3} IssuerCAsandSubscribersmaygenerateKeyPairsusingthefollowing: iddsa {iso(1)memberbody(2)us(840)x957(10040)x9cm(4)1} {iso(1)memberbody(2)us(840)rsadsi(113549)pkcs(1) RsaEncryption pkcs1(1)1} {iso(1)memberbody(2)us(840)ansix942(10046) Dhpublicnumber numbertype(2)1} {iso(1)memberbody(2)us(840)ansiX962(10045)id idecPublicKey publicKeyType(2)1} [jointisoccitt(2)country(16)us(840)organization(1) idkeyExchangeAlgorithm gov(101)dod(2)infosec(1)algorithms(1)22] IfanIssuerCAissuesanonCAcertificateforafederalagencyandthecertificatecontainsanelliptic curvepublickey,theIssuerCAshallspecifyoneofthefollowingnamedcurves: ansip192r1 {iso(1)memberbody(2)us(840)10045curves(3)prime(1)1} ansit163k1 {iso(1)identifiedorganization(3)certicom(132)curve(0)1} ansit163r2 {iso(1)identifiedorganization(3)certicom(132)curve(0)15} ansip224r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)33} ansit233k1 {iso(1)identifiedorganization(3)certicom(132)curve(0)26} ansit233r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)27} ansip256r1 {iso(1)memberbody(2)us(840)10045curves(3)prime(1)7} ansit283k1 {iso(1)identifiedorganization(3)certicom(132)curve(0)16} ansit283r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)17} ansip384r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)34} ansit409k1 {iso(1)identifiedorganization(3)certicom(132)curve(0)36} ansit409r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)37} ansip521r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)35} ansit571k1 {iso(1)identifiedorganization(3)certicom(132)curve(0)38} ansit571r1 {iso(1)identifiedorganization(3)certicom(132)curve(0)39} SignaturealgorithmsforPIVIcertificatesarelimitedtothoseidentifiedbyNISTSP80078. IssuerCAsshallusedistinguishednamesthatarecomposedofstandardattributetypes,suchas thoseidentifiedinRFC3280/5280.IssuerCAsshallincludeauniqueserialnumberineach certificate.The Issuer CA shall restrict OU fields from containing Subscriber information that is not verified in accordance with Section 3. IssuerCAsmayincludenameconstraintsinthenameConstraintsfieldwhenappropriate.

7.1.4. NameForms

7.1.5. NameConstraints

42

Nostipulation.

7.1.6. CertificatePolicyObjectIdentifier 7.1.7. UsageofPolicyConstraintsExtension 7.1.8. PolicyQualifiersSyntaxandSemantics

Notapplicable.

IssuerCAsmayincludebriefstatementsinthePolicyQualifierfieldoftheCertificatePolicy extension. Nostipulation.

7.1.9. ProcessingSemanticsfortheCriticalCertificatePoliciesExtension CRLPROFILE

7.2.

IssuerCAsshallissueversion2CRLsthatconformtoRFC3280/5280. IssuerCAsshalluseCRLextensionsthatconformwiththeFederalPKIX.509CRLExtensionsProfile.

7.2.1. Versionnumber(s)

7.2.2. CRLandCRLEntryExtensions OCSPPROFILE

7.3.

IssuerCAsshalloperateanOCSPserviceinaccordancewithRFC2560. IssuerCAsshallsupportversion1OCSPrequestsandresponses. Nostipulation.

7.3.1. VersionNumber(s) 7.3.2. OCSPExtensions

ThepoliciesinthisCParedesignedtomeetorexceedtherequirementsofgenerallyacceptedand developingindustrystandards,includingtheEVGuidelinesandtheAICPA/CICAWebTrust ProgramforCertificationAuthorities,ANSX9.79/ISO21188PKIPracticesandPolicyFramework ("CAWebTrust/ISO21188").ForIssuerCAschainedtotheFBCA,theauditorletterofcompliance shallmeettheFPKIPAsAuditorLetterofComplianceRequirements,datedOctober28,2009 (FPKIPAAuditRequirements).

8. COMPLIANCEAUDITANDOTHERASSESSMENTS

8.1.

Onatleastanannualbasis,IssuerCAsshallretainanindependentauditorwhoshallassesstheIssuer CAscompliancewiththisCPanditsCPS.ThisauditmustcoverCMSs,SubCAs,RAs,andeachstatus serverthatisspecifiedinacertificateissuedbytheIssuerCA.Anyindependententityinteroperating withintheDigiCertPKIshallsubmititspracticesstatementandtheresultsofitscomplianceauditto theDCMAonanannualbasisforreviewandapproval.

FREQUENCYORCIRCUMSTANCESOFASSESSMENT

8.2.

TheIssuerCAshalluseanauditorthatmeetsthefollowingqualifications: 1. Qualificationsandexperience:Auditingmustbetheauditorsprimarybusinessfunction.The individualoratleastonememberoftheauditgroupmustbequalifiedasaCertified InformationSystemsAuditor(CISA),anAICPACertifiedInformationTechnology Professional(CPA.CITP),aCertifiedInternalAuditor(CIA),orhaveanotherrecognized informationsecurityauditingcredential.

IDENTITY/QUALIFICATIONSOFASSESSOR

43

 2. Expertise:Theindividualorgroupmustbetrainedandskilledintheauditingofsecure informationsystemsandbefamiliarwithPublicKeyinfrastructures,certificationsystems, andInternetsecurityissues. Rulesandstandards:Theauditormustconformtoapplicablestandards,rules,andbest practicespromulgatedbytheAmericanInstituteofCertifiedPublicAccountants(AICPA),the CanadianInstituteofCharteredAccountants(CICA),theInstituteofCharteredAccountants ofEngland&Wales(ICAEW),theInternationalAccountingStandardsadoptedbythe EuropeanCommission(IAS),InformationSystemsAuditandControlAssociation(ISACA), theInstituteofInternalAuditors(IIA),oranotherqualifiedauditingstandardsbody. Reputation:Thefirmmusthaveareputationforconductingitsauditingbusiness competentlyandcorrectly. Insurance:EVauditorsmustmaintainProfessionalLiability/ErrorsandOmissions Insurance,withpolicylimitsofatleast$1millionincoverage.

3.

4. 5.

8.3.

TheIssuerCAshallutilizeanindependentauditorthatdoesnothaveafinancialinterest,business relationship,orcourseofdealingthatcouldforeseeablycreateasignificantbiasfororagainstthe IssuerCA.

ASSESSOR'SRELATIONSHIPTOASSESSEDENTITY

8.4.

Theauditmustconformtoindustrystandards,covertheIssuerCA'scompliancewithitsbusiness practicesdisclosure,andevaluatetheintegrityoftheIssuerCAsPKIoperations.

TOPICSCOVEREDBYASSESSMENT

8.5.

Ifanauditreportsamaterialnoncompliancewithapplicablelaw,thisCP,theCPS,oranyother contractualobligationsrelatedtotheIssuerCAsservices,then(1)theauditorshalldocumentthe discrepancy,(2)theauditorshallpromptlynotifytheIssuerCAandtheDCPA,and(3)theIssuerCA andtheDCPAshalldevelopaplantocurethenoncompliance.TheDCPAshallalsonotifyany affectedcrosscertifyingentityandanyrelevantgovernmentaccreditingbody.TheIssuerCAshall submittheplantotheDCPAforapprovalandtoanythirdpartythattheIssuerCAislegallyobligated tosatisfy.TheDCPAmayrequireadditionalactionifnecessarytorectifyanysignificantissues createdbythenoncompliance,includingrequiringrevocationofaffectedcertificates. TheresultsofeachauditshallbereportedtotheDCPAforreviewandapproval.Theresultsshall alsobecommunicatedtoanythirdpartyentitiesentitledbylaw,regulation,oragreementtoreceive acopyoftheauditresults.

ACTIONSTAKENASARESULTOFDEFICIENCY

8.6.

COMMUNICATIONOFRESULTS

8.7.

TheIssuerCAshallperformregularinternalauditsofitsoperations,personnel,andcompliancewith thisCPusingarandomlyselectedsampleofcertificatesissuedsincethelastinternalaudit.The IssuerCAshallselfauditatleastthreepercentofOVandDVSSLCertificatesandsixpercentofEV SSLCertificates.

SELFAUDITS

9. OTHERBUSINESSANDLEGALMATTERS 9.1. FEES

IssuerCAsmaychargefeesforcertificateissuanceandrenewal.

9.1.1. CertificateIssuanceorRenewalFees

44

IssuerCAsmaychargefeesforaccesstotheirdatabasesofcertificates. Nostipulation. Nostipulation. Nostipulation.

9.1.2. CertificateAccessFees

9.1.3. RevocationorStatusInformationAccessFees 9.1.4. FeesforOtherServices 9.1.5. RefundPolicy FINANCIALRESPONSIBILITY

9.2.

IssuerCAsshallmaintainErrorsandOmissions/ProfessionalLiabilityInsuranceofatleast$1 millionperoccurrencefromaninsurancecompanyratednolessthanAastoPolicyHoldersRating inthecurrenteditionofBestsInsuranceGuide(orwithanassociationofcompanies,eachofthe membersofwhicharesorated). Nostipulation. Nostipulation.

9.2.1. InsuranceCoverage

9.2.2. OtherAssets 9.2.3. InsuranceorWarrantyCoverageforEndEntities CONFIDENTIALITYOFBUSINESSINFORMATION

9.3.

IssuerCAsshallspecifywhatconstitutesconfidentialinformationinitsCPS. IssuerCAsmaytreatanyinformationnotlistedasconfidentialintheCPSaspublicinformation. IssuerCAsshallcontractuallyobligateemployees,agents,andcontractorstoprotectconfidential information.IssuerCAsshallprovidetrainingtoemployeesonhowtohandleconfidential information.

9.3.1. ScopeofConfidentialInformation

9.3.2. InformationNotWithintheScopeofConfidentialInformation 9.3.3. ResponsibilitytoProtectConfidentialInformation

9.4.

PRIVACYOFPERSONALINFORMATION

IssuerCAsshallcreateandfollowapubliclypostedprivacypolicythatspecifieshowtheIssuerCA handlespersonalinformation. IssuerCAsshalltreatallpersonalinformationaboutanindividualthatisnotpubliclyavailableinthe contentsofacertificateorCRLasprivateinformation.TheIssuerCAshallprotectprivate informationinitspossessionusingareasonabledegreeofcareandappropriatesafeguards.The IssuerCAshallnotdistributecertificatesthatcontaintheUUIDinthesubjectalternativename extensionviapubliclyaccessiblerepositories(e.g.,LDAP,HTTP). Privateinformationdoesnotincludecertificates,CRLs,ortheircontents. 45

9.4.1. PrivacyPlan

9.4.2. InformationTreatedasPrivate

9.4.3. InformationNotDeemedPrivate

IssuerCAsareresponsibleforsecurelystoringandprotectingprivateinformation. Subscribersmustconsenttotheglobaltransferandpublicationofanypersonaldatacontainedin Certificates. IssuerCAsmaydiscloseprivateinformation,withoutnotice,whenrequiredtodosobylawor regulation. Nostipulation.

9.4.4. ResponsibilitytoProtectPrivateInformation

9.4.5. NoticeandConsenttoUsePrivateInformation

9.4.6. DisclosurePursuanttoJudicialorAdministrativeProcess

9.4.7. OtherInformationDisclosureCircumstances INTELLECTUALPROPERTYRIGHTS

9.5. 9.6.

IssuerCAsshallnotknowinglyviolatetheintellectualpropertyrightsofanythirdparty.

REPRESENTATIONSANDWARRANTIES

IssuerCAsmustrepresenttoDigiCert,Subscribers,andRelyingPartiesthattheycomply,inall materialaspects,withthisCP,theirCPS,andallapplicablelawsandregulations.ForPIV,theIssuer CAshallmaintainanagreementwithAffiliatedOrganizationsthatincludesobligationsrelatedto authorizingaffiliationwithSubscribersofPIVIcertificates. Ataminimum,IssuerCAsshallrequireRAsoperatingontheirbehalftorepresentthattheyhave followedthisCPandtherelevantCPSwhenparticipatingintheissuanceandmanagementof certificates. EachSubscribershallrepresenttoDigiCertandtheIssuingCAthattheSubscriberwill: 1. SecurelygenerateitsPrivateKeysandprotectitsPrivateKeysfromcompromise, 2. ProvideaccurateandcompleteinformationandcommunicationtotheIssuerCAandRA, 3. Confirmtheaccuracyofcertificatedatapriortousingthecertificate, 4. PromptlyceaseusingacertificateandnotifytheIssuerCAif(i)anyinformationthatwas submittedtotheIssuerCAorisincludedinacertificatechangesorbecomesmisleading or(ii)thereisanyactualorsuspectedmisuseorcompromiseofthePrivateKey associatedwiththecertificate, 5. Usethecertificateonlyforauthorizedandlegalpurposes,consistentwiththerelevantCPS andSubscriberAgreement,includingonlyinstallingSSLcertificatesonserversaccessibleat thedomainlistedinthecertificateandnotusingcodesigningcertificatestosignmalicious codeoranycodethatisdownloadedwithoutausersconsent,and 6. PromptlyceaseusingthecertificateandrelatedPrivateKeyafterthecertificatesexpiration. RelyingPartiesmustfollowtheproceduresandmaketherepresentationsrequiredbytherelevant CPSandintheapplicableRelyingPartyAgreementpriortorelyingonorusingacertificate. Nostipulation.

9.6.1. CARepresentationsandWarranties

9.6.2. RARepresentationsandWarranties

9.6.3. SubscriberRepresentationsandWarranties

9.6.4. RelyingPartyRepresentationsandWarranties

9.6.5. RepresentationsandWarrantiesofOtherParticipants

46

9.7.

Exceptasexpresslystatedotherwisehereinoraslimitedbylaw,DigiCertdisclaimsallwarranties andobligationsrelatedtothisCP.Afiduciarydutyisnotcreatedsimplybecauseanentityuses servicesofferedwithintheDigiCertPKI.

DISCLAIMERSOFWARRANTIES

9.8.

IssuerCAsmaylimittheirliabilitytoanyextentnototherwiseprohibitedbythisCP,providedthat theIssuerCAremainsresponsibleforcomplyingwiththisCPandtheIssuerCAsCPS.

LIMITATIONSOFLIABILITY

9.9.

INDEMNITIES

IssuerCAsarerequiredtoindemnifyDigiCertforanyviolationofthisCP. IssuerCAsshallincludeanyindemnificationrequirementsforSubscribersintheirCPSandintheir SubscriberAgreements. IssuerCAsshallincludeanyindemnificationrequirementsforRelyingPartiesintheirCPS.

9.9.1. IndemnificationbyanIssuerCA 9.9.2. IndemnificationbySubscribers

9.9.3. IndemnificationbyRelyingParties

9.10. TERMANDTERMINATION
ThisCPandanyamendmentsareeffectivewhenpublishedtoDigiCertsonlinerepositoryand remainineffectuntilreplacedwithanewerversion. ThisCPandanyamendmentsremainineffectuntilreplacedbyanewerversion. DigiCertwillcommunicatetheconditionsandeffectofthisCPsterminationviatheDigiCert Repository.Thecommunicationwillspecifywhichprovisionssurvivetermination.Ataminimum, responsibilitiesrelatedtoprotectingconfidentialinformationwillsurvivetermination. DigiCertacceptsdigitallysignedorpapernoticesrelatedtothisCPthatareaddressedtothe locationsspecifiedinSection2.2ofthisCP.Noticesaredeemedeffectiveafterthesenderreceivesa validanddigitallysignedacknowledgmentofreceiptfromDigiCert.Ifanacknowledgementof receiptisnotreceivedwithinfivedays,thesendermustresendthenoticeinpaperformtothe streetaddressspecifiedinSection2.2usingeitheracourierservicethatconfirmsdeliveryorvia certifiedorregisteredmailwithpostageprepaidandreturnreceiptrequested.

9.10.1. Term

9.10.2. Termination

9.10.3. EffectofTerminationandSurvival

9.11. INDIVIDUALNOTICESANDCOMMUNICATIONSWITHPARTICIPANTS

9.12. AMENDMENTS
TheDCPAdetermineswhatamendmentsshouldbemadetothisCP.Amendmentsaremadeby postinganupdatedversionoftheCPtotheonlinerepository.Controlsareinplacetoreasonably ensurethatthisCPisnotamendedandpublishedwithoutthepriorauthorizationoftheDCPA.The DCPAreviewsthisCPannually. DigiCertwillpostnoticeonitswebsiteofanyproposedsignificantrevisionstothisCP.Although DigiCertmayincludeafinaldateforreceiptofcommentsandtheproposedeffectivedate,DigiCertis

9.12.1. ProcedureforAmendment

9.12.2. NotificationMechanismandPeriod

47

 notrequiredtohaveafixednoticeandcommentperiod.IssuerCAsmaymakenonmaterial changestotheirCPSswithoutnoticetotheDCPAifthenonmaterialchangedoesnotrequire changingthisCP. IftheDCPAdeterminesanamendmentnecessitatesachangeinanOID,thentherevisedversionof thisCPwillalsocontainarevisedOID.Otherwise,amendmentsdonotrequireanOIDchange.

9.12.3. CircumstancesunderwhichOIDMustBeChanged

9.13. DISPUTERESOLUTIONPROVISIONS

Beforeresortingtoanydisputeresolutionmechanism,includingadjudicationoranytypeof alternativedisputeresolution,apartymustnotifyDigiCertofthedisputewithaviewtoseekdispute resolution. FordisputesinvolvingQualifiedCertificates,thenationallawoftherelevantMemberStateshall govern.Forallothercertificates,thelawsofthestateofUtahshallgoverntheinterpretation, construction,andenforcementofthisCPandallproceedingsrelatedhereunder,includingtort claims,withoutregardtoanyconflictsoflawprinciples,andUtahshallbethenonexclusivevenue andshallhavejurisdictionoversuchproceedings. ThisCPissubjecttoallapplicablelawsandregulations,includingUnitedStatesrestrictionsonthe exportofsoftwareandcryptographyproducts.Subjecttosection9.4.5sNoticeandConsenttoUse PrivateInformationcontainedinCertificates,eachIssuerCAshallmeettherequirementsof Europeandataprotectiondirective95/46/ECandshallestablishandmaintainappropriatetechnical andorganizationmeasuresagainstunauthorizedorunlawfulprocessingofpersonaldataandagainst theloss,damage,ordestructionofpersonaldata.

9.14. GOVERNINGLAW

9.15. COMPLIANCEWITHAPPLICABLELAW

9.16. MISCELLANEOUSPROVISIONS 9.16.1. EntireAgreement

Issuer CAs shall contractually obligate each RA involved in Certificate issuance to comply with this CP and applicable industry guidelines. IssuerCAsshallcontractuallyobligatepartiesusingproductsand servicesissuedunderthisCP,suchasSubscribersandRelyingParties,totherelevantprovisions herein.ThisCPdoesnotgiveanythirdpartyrightsundersuchagreements. EntitiesoperatingunderthisCPmaynotassigntheirrightsorobligationswithoutthepriorwritten consentofDigiCert. IfaprovisionofthisCPisheldinvalidorunenforceablebyacompetentcourtortribunal,the remainderoftheCPwillremainvalidandenforceable. DigiCertmayseekindemnificationandattorneys'feesfromapartyfordamages,losses,andexpenses relatedtothatparty'sconduct.DigiCertsfailuretoenforceaprovisionofthisCPdoesnotwaive DigiCertsrighttoenforcethesameprovisionlaterorrighttoenforceanyotherprovisionofthisCP. Tobeeffective,waiversmustbeinwritingandsignedbyDigiCert. DigiCertisnotliableforadelayorfailuretoperformanobligationunderthisCPtotheextentthat thedelayorfailureiscausedbyanoccurrencebeyondDigiCertsreasonablecontrol.Theoperation oftheInternetisbeyondDigiCertsreasonablecontrol.

9.16.2. Assignment

9.16.3. Severability

9.16.4. Enforcement(attorneys'feesandwaiverofrights)

9.16.5. ForceMajeure

48

9.17. OTHERPROVISIONS
Nostipulation.

49