Provides Certificate Authority, Revocation and Lifecycle Management of digital certificates/entities, including the appropriate training of registration authority personnel (PKI Structures).
Certificate Authority Services for Network Customer: A service used for the creation and issuance of digital certificates to end-user (both human and non-human). This service will be provided from a Registration Authority (RA) installed internally or externally (third-party). The RA will be only interface to the Customer PKI system to create and issue digital certificates. The service provided also includes the revocation process. RA's will be installed locally to provide services to the end user both human and non-human. Manpower to operate Registration Authorities situated outside of the Customer Networks Structure is not included within this service. Manpower to operate Registration Authorities for non-eligible entities or exceptional-eligible entities not co-located with customer sites are provided by those external multinational entities.
Revocation services for Network Customer: CRL and OCSP services to customer services networks is a service used for providing a valid Certificate Revocation List and OCSP responses to end users, both human and non-human. The CRL provides a list of revoked certificates, this list will be checked, every time an end user uses digital certificates to establish a secure connection, or to authenticate to a system the CRL is checked. As soon as a certificate is on the CRL the connection, authentication is denied. OCSP responses provide the validity of a single end entity including the full chain in response to a specific query. The OCSP and CRL services to the networks are a vital and critical service.
Lifecycle Management of Digital Certificates / Entities: Lifecycle Management of Digital Certificates / Entities is a service which contains the creation, issuance, management, maintenance, re-issuance, key recovery, revocation and deletion of an end-user (both human and non-human). The lifecycle management of digital certificates / entities also includes the partial management, maintenance of the meta directory on which the users are created.
Training of Registration Authority Personnel: Training of Registration Authority personnel is a service used for on-the-job training of Registration Authority Operators (RA Operators). On the job training takes place after the local site received a RA and the RA is configured and operational.
Specifically, a digital certificate and the infrastructure under which the digital certificate is issued provide the information and structure needed to: