OVE/ONORM EN 319411-1 V1.2.2:2018
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; - Part 1: General requirements
Hardcopy
11-08-2021
English
13-07-2018
Trusting Service Providers (TSP) issuing public key certificates, including trusted web site certificates. The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle management of certificates. These policy documents are defined in clauses 4 and 5. A framework for the definition of policy requirements for TSPs issuing certificates in a specific context CA hierarchies, which is limited to supporting the policies as specified in the present document. It does not include requirements for root CAs and intermediate CAs for other purposes. The present document is applicable to: • the general requirements of certification in support of cryptographic mechanisms, including digital signatures for electronic signatures and seals; • the general requirements of issuing TLS / SSL certificates; • the general requirements of cryptography for authentication and encryption. The present document does not specify the requirements of an independent party, including requirements for being made available for independent assessors. • the general requirements of issuing TLS / SSL certificates; • the general requirements of cryptography for authentication and encryption. The present document does not specify the requirements of an independent party, including requirements for being made available for independent assessors. • the general requirements of issuing TLS / SSL certificates; • the general requirements of cryptography for authentication and encryption. The present document does not specify the requirements of an independent party, including requirements for being made available for independent assessors.
DocumentType |
Standard
|
Pages |
0
|
PublisherName |
Osterreichisches Normungsinstitut/Austrian Standards
|
Status |
Superseded
|
SupersededBy | |
Supersedes |
The present document specifies generally applicable policy and security requirements for Trust Service Providers (TSP) issuing public key certificates, including trusted web site certificates.The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle management of certificates. These policy and security requirements support several reference certificate policies, defined in clauses 4 and 5.A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where particular requirements apply is defined in clause 7.The present document covers requirements for CA hierarchies, however this is limited to supporting the policies as specified in the present document. It does not include requirements for root CAs and intermediate CAs for other purposes.The present document is applicable to:• the general requirements of certification in support of cryptographic mechanisms, including digital signatures for electronic signatures and seals;• the general requirements of certification authorities issuing TLS/SSL certificates;• the general requirements of the use of cryptography for authentication and encryption.The present document does not specify how the requirements identified can be assessed by an independent party, including requirements for information to be made available to such independent assessors, or requirements on such assessors.NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP's processes and services. The present document references ETSI EN 319 401 [8] for general policy requirements common to all classes ofTSP's services.The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4] and BRG [5].
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.