GlobalSign Certification Practice Statement Date: December 29, 2020 Effective date for Qualified Timestamping, Qualified Web Authentication Certificates, Qualified Certificates for Electronic Signatures and Qualified Certificates for Electronic Seals: {normal date + 2 weeks} Version: v9.6 Table of Contents TABLE OF CONTENTS ................................................................................................................................ 2 DOCUMENT HISTORY ............................................................................................................................... 8 ACKNOWLEDGMENTS .............................................................................................................................10 1.0 INTRODUCTION ...........................................................................................................................11 1.1 OVERVIEW ........................................................................................................................................ 12 1.1.1 Certificate Naming ................................................................................................................. 15 1.2 DOCUMENT NAME AND IDENTIFICATION ................................................................................................. 17 1.3 PKI PARTICIPANTS .............................................................................................................................. 22 1.3.1 Certification Authorities ......................................................................................................... 22 1.3.2 Registration Authorities ......................................................................................................... 22 1.3.3 Subscribers ............................................................................................................................. 24 1.3.4 Relying Parties ....................................................................................................................... 24 1.3.5 Other Participants .................................................................................................................. 24 1.4 CERTIFICATE USAGE ............................................................................................................................ 25 1.4.1 Appropriate Certificate Usage ............................................................................................... 25 1.4.2 Prohibited Certificate usage .................................................................................................. 27 1.5 POLICY ADMINISTRATION ..................................................................................................................... 28 1.5.1 Organization Administering the Document ........................................................................... 28 1.5.2 Contact Person ....................................................................................................................... 28 1.5.3 Person Determining CPS Suitability for the Policy.................................................................. 28 1.5.4 CPS Approval Procedures ....................................................................................................... 28 1.6 DEFINITIONS AND ACRONYMS ............................................................................................................... 29 2.0 PUBLICATION AND REPOSITORY RESPONSIBILITIES .....................................................................37 2.1 REPOSITORIES .................................................................................................................................... 37 2.2 PUBLICATION OF CERTIFICATE INFORMATION ........................................................................................... 37 2.3 TIME OR FREQUENCY OF PUBLICATION .................................................................................................... 38 2.4 ACCESS CONTROLS ON REPOSITORIES ..................................................................................................... 38 3.0 IDENTIFICATION AND AUTHENTICATION .....................................................................................38 3.1 NAMING ........................................................................................................................................... 38 3.1.1 Types of Names...................................................................................................................... 38 3.1.2 Need for Names to be Meaningful ........................................................................................ 39 3.1.3 Anonymity or Pseudonymity of Subscribers ........................................................................... 39 3.1.4 Rules for Interpreting Various Name Forms .......................................................................... 39 3.1.5 Uniqueness of Names ............................................................................................................ 39 3.1.6 Recognition, Authentication, and Role of Trademarks .......................................................... 40 3.2 INITIAL IDENTITY VALIDATION ................................................................................................................ 40 3.2.1 Method to Prove Possession of Private Key ........................................................................... 40 3.2.2 Authentication of Organization Identity ................................................................................ 40 3.2.3 Authentication of Individual identity ..................................................................................... 42 3.2.4 Non-Verified Subscriber Information ..................................................................................... 46 3.2.5 Validation of Authority .......................................................................................................... 47 3.2.6 Criteria for Interoperation ..................................................................................................... 48 3.2.7 Authentication of Domain Names ......................................................................................... 49 3.2.8 Authentication of Email addresses ........................................................................................ 50 3.3 IDENTIFICATION AND AUTHENTICATION FOR RE-KEY REQUESTS .................................................................... 50 3.3.1 Identification and Authentication for Routine Re-key ........................................................... 50 3.3.2 Identification and Authentication for Reissuance after Revocation ...................................... 51 3.3.3 Re-verification and Revalidation of Identity When Certificate Information Changes ............ 51 3.3.4 Identification and Authentication for Re-key After Revocation ............................................. 51 3.4 IDENTIFICATION AND AUTHENTICATION FOR REVOCATION REQUEST ............................................................. 51 GlobalSign CPS (Certification Practice Statement) 2 of 95 Version: 9.6 4.0 CERTIFICATE LIFECYCLE OPERATIONAL REQUIREMENTS ..............................................................52 4.1 CERTIFICATE APPLICATION .................................................................................................................... 52 4.1.1 Who Can Submit a Certificate Application ............................................................................. 52 4.1.2 Enrollment Process and Responsibilities ................................................................................ 52 4.2 CERTIFICATE APPLICATION PROCESSING .................................................................................................. 53 4.2.1 Performing Identification and Authentication Functions ....................................................... 53 4.2.2 Approval or Rejection of Certificate Applications .................................................................. 53 4.2.3 Time to Process Certificate Applications ................................................................................ 53 4.3 CERTIFICATE ISSUANCE ........................................................................................................................ 54 4.3.1 CA Actions during Certificate Issuance .................................................................................. 54 4.3.2 Notifications to Subscriber by the CA of Issuance of Certificate ............................................ 54 4.3.3 Notification to North American Energy Standards Board (NAESB) Subscribers by the CA of Issuance of Certificate ........................................................................................................................... 54 4.4 CERTIFICATE ACCEPTANCE .................................................................................................................... 54 4.4.1 Conduct Constituting Certificate Acceptance ........................................................................ 54 4.4.2 Publication of the Certificate by the CA ................................................................................. 55 4.4.3 Notification of Certificate Issuance by the CA to Other Entities ............................................ 55 4.5 KEY PAIR AND CERTIFICATE USAGE ......................................................................................................... 55 4.5.1 Subscriber Private Key and Certificate Usage .......................................................................
Details
-
File Typepdf
-
Upload Time-
-
Content LanguagesEnglish
-
Upload UserAnonymous/Not logged-in
-
File Pages95 Page
-
File Size-