Сотрудники сертификационного центра и третьи лица при верификации Базови вимоги до видачі та управлінню публічно-довірених сертифікатів EV Украина ☎ +380672576220 

☎ +380443834054
☎ +380672576220
Ukrainian Symantec Partner
Ukrainian DigiCert Partner
Контакты
Правила выпуска зеленых EV SSL сертификатов
для верификации владельца и защиты сайта

Переход на сайт по продаже сертификатов SSL и подписи кода документов почты CSR
pKey
Установка
SSL
Цепочка
SSL
Проверка
SSL
Seal
SSL
Экспорт-Импорт
Конвертер
Code Sign
сертификаты
Email Smime
сертификаты
PDF и Word
сертификаты
База
знаний

Правила EV SSL сертификатов
Помощь
Index
1. Scope (6)
2. Purpose (6)
2.1 Purpose of EV Certificates (6)
2.1 Purpose of EV Certificates (6)
2.1.1 Primary Purposes (6)
2.1.2 Secondary Purposes (6)
2.1.3 Excluded Purposes (7)
3. References (7)
4. Definitions (7)
5. Abbreviations and Acronyms (10)
6. Conventions (11)
7. Certificate Warranties and Representations (11)
7.1 EV Certificate Warranties (11)
7.2 By the Applicant (12)
8. Community and Applicability (12)
8.1 Issuance of EV Certificates (12)
8.2 EV Policies (12)
8.2.1 Implementation (12)
8.2.2 Disclosure (12)
8.3 Commitment to Comply with Recommendations (12)
8.4 Insurance (12)
8.5 Obtaining EV Certificates (13)
8.5.1 General (13)
8.5.2 Private Organization Subjects (13)
8.5.3 Government Entity Subjects (13)
8.5.4 Business Entity Subjects (13)
8.5.5 Non-Commercial Entity Subjects (14)
9. EV Certificate Content and Profile (14)
9.1 Issuer Information (14)
9.2 Subject Information (14)
9.2.1 Subject Organization Name Field (14)
9.2.2 Subject Alternative Name Extension (15)
9.2.3 Subject Common Name Field (15)
9.2.4 Subject Business Category Field (15)
9.2.5 Subject Jurisdiction of Incorporation or Registration Field (15)
9.2.6 Subject Registration Number Field (16)
9.2.7 Subject Physical Address of Place of Business Field (16)
9.2.8 Other Subject Attributes (16)
9.3 Certificate Policy Identification (17)
9.3.1 EV Certificate Policy Identification Requirements (17)
9.3.2 EV Subscriber Certificates (17)
9.3.3 Root CA Certificates (17)
9.3.4 EV Subordinate CA Certificates (17)
9.3.5 Subscriber Certificates (17)
9.4 Maximum Validity Period For EV Certificate (17)
9.5 Subscriber Public Key (17)
9.6 Certificate Serial Number (17)
9.7 Additional Technical Requirements for EV Certificates (17)
10. EV Certificate Request Requirements (18)
10.1 General Requirements (18)
10.1.1 Documentation Requirements (18)
10.1.2 Role Requirements (18)
10.2 EV Certificate Request Requirements (18)
10.3 Requirements for Subscriber Agreement and Terms of Use (19)
11. Verification Requirements (19)
11.1 General Overview (19)
11.1.1 Verification Requirements - Overview (19)
11.1.2 Acceptable Methods of Verification Overview (19)
11.2 Verification of Applicant’s Legal Existence and Identity (19)
11.2.1 Verification Requirements (19)
11.2.2 Acceptable Method of Verification (20)
11.3 Verification of Applicant’s Legal Existence and Identity - Assumed Name (22)
11.3.1 Verification Requirements (22)
11.3.2 Acceptable Method of Verification (23)
11.4 Verification of Applicant’s Physical Existence (23)
11.4.1 Address of Applicant’s Place of Business (23)
11.4.2 Telephone Number for Applicant’s Place of Business (24)
11.5 Verification of Applicant’s Operational Existence (24)
11.5.1 Verification Requirements (24)
11.5.2 Acceptable Methods of Verification (24)
11.6 Verification of Applicant’s Domain Name (24)
11.6.1 Verification Requirements (24)
11.6.2 Acceptable Methods of Verification (25)
11.7 Verification of Name, Title, and Authority of Contract Signer and Certificate Approver (26)
11.7.1 Verification Requirements (26)
11.7.2 Acceptable Methods of Verification Name, Title and Agency (26)
11.7.3 Acceptable Methods of Verification Authority (27)
11.7.4 Pre-Authorized Certificate Approver (28)
11.8 Verification of Signature on Subscriber Agreement and EV Certificate Requests (28)
11.8.1 Verification Requirements (28)
11.8.2 Acceptable Methods of Signature Verification (29)
11.9 Verification of Approval of EV Certificate Request (29)
11.9.1 Verification Requirements (29)
11.9.2 Acceptable Methods of Verification (29)
11.10 Verification of Certain Information Sources (29)
11.10.1 Verified Legal Opinion (29)
11.10.2 Verified Accountant Letter (30)
11.10.3 Face-to-Face Validation (31)
11.10.4 Independent Confirmation From Applicant (31)
11.10.5 Qualified Independent Information Source (33)
11.10.6 Qualified Government Information Source (33)
11.10.7 Qualified Government Tax Information Source (33)
11.11 Other Verification Requirements (33)
11.11.1 High Risk Status (33)
11.11.2 Denied Lists and Other Legal Black Lists (33)
11.11.3 Parent/Subsidiary/Affiliate Relationship (34)
11.12 Final Cross-Correlation and Due Diligence (34)
11.13 Requirements for Re-use of Existing Documentation (35)
11.13.1 For Validated Data (35)
11.13.2 Validation for Existing Subscribers (36)
11.13.3 Exceptions (36)
11.13.4 Validation of Re-issuance Requests (36)
12. Certificate Issuance by a Root CA (36)
13. Certificate Revocation and Status Checking (37)
14. Employee and third party issues (37)
14.1 Trustworthiness and Competence (37)
14.1.1 Identity and Background Verification (37)
14.1.2 Training and Skills Level (37)
14.1.3 Separation of Duties (37)
14.2 Delegation of Functions to Registration Authorities and Subcontractors (38)
14.2.1 General (38)
14.2.2 Enterprise RAs (38)
14.2.3 Guidelines Compliance Obligation (38)
14.2.4 Allocation of Liability (38)
15. Data Records (38)
16. Data Security (38)
17. Audit (39)
17.1 Eligible Aud it Schemes (39)
17.2 Audit Period (39)
17.3 Audit Record (39)
17.4 Pre-Issuance Readiness Audit (39)
17.5 Regular Self Audits (39)
17.6 Auditor Qualification (39)
17.7 Root CA Key Pair Generation (40)
18. Liability and Indemnification (40)
Appendix A - User Agent Verification (Normative) (41)
Appendix B - Sample Legal Opinion Confirming Specified Information (Informative) (42)
Appendix C - Sample Accountant Letters Confirming Specified Information (Informative) (44)
Appendix D - Country-Specific Interpretative Guidelines (Normative) (48)
Appendix E - Sample Contract Signer's Representation/Warranty (Informative) (50)

We are an Authorized Reseller for DigiCert™ SSL a WebTrust Certified
SSL Certificate Authority.

Руководство по выпуску и управлению EV SSL сертификатов с расширенной валидацией

14 Employee and third party issues

14.1 Trustworthiness and Competence

14.1.1 Identity and Background Verification

Prior to the commencement of employment of any person by the CA for engagement in the EV Processes, whether as an employee, agent, or an independent contractor of the CA, the CA MUST:
(1) Verify the Identity of Such Person: Verification of identity MUST be performed through:
(A) The personal (physical) presence of such person before trusted persons who perform human resource or security functions, and
(B) The verification of well-recognized forms of government-issued photo identification (e.g., passports and/or drivers licenses);
and
(2) Verify the Trustworthiness of Such Person: Verification of trustworthiness SHALL include background checks, which address at least the following, or their equivalent:
(A) Confirmation of previous employment,
(B) Check of professional references;
(C) Confirmation of the highest or most-relevant educational qualification obtained;
(D) Search of criminal records (local, state or provincial, and national) where allowed by the jurisdiction in which the person will be employed;
and
(3) In the case of employees already in the employ of the CA at the time of adoption of these Guidelines whose identity and background has not previously been verified as set forth above, the CA SHALL conduct such verification within three months of the date of adoption of these Guidelines.

14.1.2 Training and Skills Level

The requirements in Section 14.1.2 of the Baseline Requirements apply equally to EV Certificates and these Guidelines. The required internal examination must relate to the EV Certificate validation criteria outlined in these Guidelines.

14.1.3 Separation of Duties

(1) The CA MUST enforce rigorous control procedures for the separation of validation duties to ensure that no one person can single-handedly validate and authorize the issuance of an EV Certificate. The Final Cross-Correlation and Due Diligence steps, as outlined in Section 11.12, MAY be performed by one of the persons. For example, one Validation Specialist MAY review and verify all the Applicant information and a second Validation Specialist MAY approve issuance of the EV Certificate.
(2) Such controls MUST be auditable.

14.2 Delegation of Functions to Registration Authorities and Subcontractors

14.2.1 General

The CA MAY delegate the performance of all or any part of a requirement of these Guidelines to an Affiliate or a Registration Authority (RA) or subcontractor, provided that the process employed by the CA fulfills all of the requirements of Section 11.12. Affiliates and/or RAs must comply with the qualification requirements of Section 14.1 of these Guidelines.

The CA SHALL verify that the Delegated Third Party’s personnel involved in the issuance of a Certificate meet the training and skills requirements of Section 14 and the document retention and event logging requirements of Section 15.

14.2.2 Enterprise RAs

The CA MAY contractually authorize the Subject of a specified Valid EV Certificate to perform the RA function and authorize the CA to issue additional EV Certificates at third and higher domain levels that are contained within the domain of the original EV Certificate (also known as an Enterprise EV Certificate). In such case, the Subject SHALL be considered an Enterprise RA, and the following requirements SHALL apply:
(1) An Enterprise RA SHALL NOT authorize the CA to issue an Enterprise EV Certificate at the third or higher domain levels to any Subject other than the Enterprise RA or a business that is owned or directly controlled by the Enterprise RA;
(2) In all cases, the Subject of an Enterprise EV Certificate MUST be an organization verified by the CA in accordance with these Guidelines;
(3) The CA MUST impose these limitations as a contractual requirement with the Enterprise RA and monitor compliance by the Enterprise RA;
(4) The Final Cross-Correlation and Due Diligence requirements of Section 11.12 of these Guidelines MAY be performed by a single person representing the Enterprise RA; and
(5) The audit requirements of Section 17.1 of these Guidelines SHALL apply to the Enterprise RA, except in the case where the CA maintains control over the Root CA Private Key or Subordinate CA Private Key used to issue the Enterprise EV Certificates, in which case, the Enterprise RA MAY be exempted from the audit requirements.

14.2.3 Guidelines Compliance Obligation

In all cases, the CA MUST contractually obligate each Affiliate, RA, subcontractor, and Enterprise RA to comply with all applicable requirements in these Guidelines and to perform them as required of the CA itself. The CA SHALL enforce these obligations and internally audit each Affiliate’s, RA’s, subcontractor’s, and Enterprise RA’s compliance with these Requirements on an annual basis.

14.2.4 Allocation of Liability

As specified in Section 14.2.4 of the Baseline Requirements. 


 DV SSL OV Сертификаты подтверждающие только Домен OV SSL OV Сертификаты подтверждающие Домен и Организацию EV SSL EV Зеленые усиленные сертификаты с указанием названия Организации подтверждают Домен и Организацию WC SSL wildcard Сертификаты защищающие все субдомены. Класс DV OV и EV SAN SSL SAN Мульти доменные  сертификаты защищающие несколько FQDN Доменов. Класс DV OV и EV PRO SSL SGC PRO сертификаты с технологией  Server Gated Cryptography. Класс  OV и EV CodeSign Сертификаты для подписи приложений и програмного кода MS, Java. Класс  OV и EV Email Сертификаты для подписи емаил smime. Класс  DV OV PDF Сертификаты для подписи документов PDF. Класс  OV PV Wi-Fi Сертификаты DigiCert для IoT и Wi Fi IoT Сертификаты DigiCert для IIoT ALL Все сертификаты Symantec Familie: Symantec, thawte, GeoTrust, DigiCert Купить сертификат

NO russia - мы не осблуживаем резидентов из россии Copyright © 1997-2018 adgrafics