GlobalSign Certificate Policy Date: 16th June 2016 Version: v5.2 GlobalSign Certificate Policy Table of Contents TABLE OF CONTENTS ................................................................................................................................ 2 DOCUMENT HISTORY ............................................................................................................................... 8 ACKNOWLEDGMENTS .............................................................................................................................. 8 1.0 INTRODUCTION ............................................................................................................................ 9 1.1 OVERVIEW .......................................................................................................................................... 9 Additional requirements for Trusted Root Issuer CAs ............................................................ 11 1.2 DOCUMENT NAME AND IDENTIFICATION ................................................................................................. 11 1.3 PKI PARTICIPANTS............................................................................................................................... 12 Certification Authorities (“Issuer CAs”) .................................................................................. 12 Registration Authorities ......................................................................................................... 12 Subscribers ............................................................................................................................. 13 Relying Parties ....................................................................................................................... 14 Other Participants .................................................................................................................. 14 1.4 CERTIFICATE USAGE ............................................................................................................................. 14 Appropriate Certificate Usage ............................................................................................... 14 Prohibited Certificate Usage .................................................................................................. 14 Certificate extensions ............................................................................................................ 15 1.5 POLICY ADMINISTRATION ..................................................................................................................... 15 Organization Administering the Document ........................................................................... 15 Contact Person ....................................................................................................................... 15 Person Determining CP Suitability for the Policy ................................................................... 16 CP Approval Procedures ......................................................................................................... 16 1.6 DEFINITIONS AND ACRONYMS ............................................................................................................... 16 2.0 PUBLICATION AND REPOSITORY RESPONSIBILITIES .....................................................................21 2.1 REPOSITORIES .................................................................................................................................... 21 2.2 PUBLICATION OF CERTIFICATE INFORMATION ........................................................................................... 21 2.3 TIME OR FREQUENCY OF PUBLICATION .................................................................................................... 21 2.4 ACCESS CONTROL ON REPOSITORIES ....................................................................................................... 21 3.0 IDENTIFICATION AND AUTHENTICATION .....................................................................................22 3.1 NAMING ........................................................................................................................................... 22 Types of Names...................................................................................................................... 22 Need for Names to be Meaningful ........................................................................................ 22 Anonymity or Pseudonymity of Subscribers ........................................................................... 22 Rules for Interpreting Various Name Forms .......................................................................... 22 Uniqueness of Names ............................................................................................................ 22 Recognition, Authentication, and Role of Trademarks .......................................................... 22 3.2 INITIAL IDENTITY VALIDATION ................................................................................................................ 22 Method to Prove Possession of Private Key ........................................................................... 22 Authentication of Organization Identity ................................................................................ 23 Authentication of Individual identity ..................................................................................... 23 Non Verified Subscriber Information ..................................................................................... 25 Validation of Authority .......................................................................................................... 25 Criteria for Interoperation ..................................................................................................... 27 Authentication of Domain Name ........................................................................................... 27 3.3 IDENTIFICATION AND AUTHENTICATION FOR RE-KEY REQUESTS .................................................................... 27 Identification and Authentication for Routine Re-key ........................................................... 27 Identification and Authentication for Reissuance after Revocation ...................................... 28 Re-verification and Revalidation of Identity When Certificate Information Changes ............ 28 Identification and Authentication for Re-key After Revocation ............................................. 28 3.4 IDENTIFICATION AND AUTHENTICATION FOR REVOCATION REQUEST ............................................................. 28 GlobalSign CP (Certificate Policy) 2 of 55 Version: 5.2 GlobalSign Certificate Policy 4.0 CERTIFICATE LIFECYCLE OPERATIONAL REQUIREMENTS ..............................................................28 4.1 CERTIFICATE APPLICATION .................................................................................................................... 28 Who Can Submit a Certificate Application ............................................................................. 28 Enrollment Process and Responsibilities ................................................................................ 28 4.2 CERTIFICATE APPLICATION PROCESSING .................................................................................................. 28 Performing Identification and Authentication Functions ....................................................... 28 Approval or Rejection of Certificate Applications .................................................................. 29 Time to Process Certificate Applications ................................................................................ 29 4.3 CERTIFICATE ISSUANCE ........................................................................................................................ 29 CA Actions during Certificate Issuance .................................................................................. 29 Notifications to Subscriber by the CA of Issuance of Certificate ............................................ 29 4.4 CERTIFICATE ACCEPTANCE .................................................................................................................... 29 Conduct Constituting Certificate Acceptance ........................................................................ 29 Publication of the Certificate by the CA ................................................................................. 29 Notification of Certificate Issuance by the CA to Other Entities ............................................ 29 4.5 KEY PAIR AND CERTIFICATE USAGE ......................................................................................................... 29 Subscriber Private Key and Certificate Usage ........................................................................ 29 Relying Party Public Key and Certificate Usage ..................................................................... 29 4.6 CERTIFICATE RENEWAL ........................................................................................................................ 30 Circumstances for Certificate Renewal .................................................................................. 30 Who May Request Renewal ................................................................................................... 30 Processing Certificate Renewal Requests .............................................................................