Certificate Authority Review Checklist -- Part A

A. Documentation

Version 28Dec08-2.1.0

Verification of the requirements in this section will generally be done through a review of documents supplied by the certificate authority.

A.1 Configuration Control

A.2 Certificate Policy (CP)

A.3 Certification Practice Statement (CPS)

A.4 Privacy Policy

A.5 Security Manual

A.6 Declarations of Risks and Liability

NOTE: The allocation of requirements in this §A to a particular document is not restrictive. Requirements allocated to one document by this section may be satisfied in another document. Indeed, it is likely that some requirements allocated to the CP (§A.2) might instead be satisfied in the CPS (§A.3) and vice-versa. Further, some of the six distinct documents indicated in this section might be combined; for example, the security manual (§A.5) might be contained entirely within the CP or might be distributed between the CP and the CPS. References in other sections to documents or individual requirements in this section must take into account any such reallocations.

A.1 Configuration Control
Req. #	WT	Requirement
A.1.a	3, 39	A configuration-control specification exists.
A.1.b	39	The configuration-control specification provides for tracking versions of controlled specifications and certificates.
A.1.c	39	The configuration-control specification controls its own revision process.
A.1.d	39	The configuration-control specification controls the revision process for the certificate policy (CP, see §A.2).
A.1.e	39	The configuration-control specification controls the revision process for the certification practice statement (CPS, see §A.3).
A.1.f	39	The configuration-control specification controls the revision process for the subscriber privacy policy (see §A.4).
A.1.g	39	The configuration-control specification controls the revision process for the security manual (see §A.5).
A.1.h	39	The configuration-control specification controls the revision process for the declarations of risks and liability (see §A.6).
A.1.i	39	The configuration-control specification controls changes to software involved in: generating, signing, distributing, and otherwise handling certificates collecting and storing subscriber information communicating with subscribers and with the general public.
A.1.j	39	The configuration-control specification controls changes to hardware involved in: generating, signing, distributing, and otherwise handling certificates collecting and storing subscriber information communicating with subscribers and with the general public.
A.1.k	39, 45	The configuration-control specification describes the maintenance and archiving of logs and records of controlled changes to certificates, software, hardware, and documents.

A.1 Configuration Control

Req. #

Requirement

Verified

Comments

A.1.a

3, 39

A configuration-control specification exists.

A.1.b

The configuration-control specification provides for tracking versions of controlled specifications and certificates.

A.1.c

The configuration-control specification controls its own revision process.

A.1.d

The configuration-control specification controls the revision process for the certificate policy (CP, see §A.2).

A.1.e

The configuration-control specification controls the revision process for the certification practice statement (CPS, see §A.3).

A.1.f

The configuration-control specification controls the revision process for the subscriber privacy policy (see §A.4).

A.1.g

The configuration-control specification controls the revision process for the security manual (see §A.5).

A.1.h

The configuration-control specification controls the revision process for the declarations of risks and liability (see §A.6).

A.1.i

The configuration-control specification controls changes to software involved in:

generating, signing, distributing, and otherwise handling certificates
collecting and storing subscriber information
communicating with subscribers and with the general public.

A.1.j

The configuration-control specification controls changes to hardware involved in:

generating, signing, distributing, and otherwise handling certificates
collecting and storing subscriber information
communicating with subscribers and with the general public.

A.1.k

39, 45

The configuration-control specification describes the maintenance and archiving of logs and records of controlled changes to certificates, software, hardware, and documents.

A.2 Certificate Policy (CP)
Req. #	WT	Requirement	Comments
A.2.a	3	The CP is maintained in accord with the configuration control specification.
A.2.b	1, 2	The CP clearly specifies each class of issued certificate.
A.2.c	2, 10, 22	For each class of certificate, the CP identifies the subscriber population in terms of expected certificate use.
A.2.d	17, 22, 30, 36	For each class of certificate, the CA provides technical details of certificate generation: size algorithms allowed lifetime method of generation purpose indicators (e.g., site, mail, file signing) signing (by root or intermediate certificate) representation of domains ensuring uniqueness
A.2.e	10	The CP states any limitations imposed on the use of each class of issued certificates.
A.2.f	25	The CP clearly describes how the identity of each certificate subscriber is verified.
A.2.g	25	The CP clearly describes how the relationship of each subscriber for an E?mail certificate to the E-mail address is verified.
A.2.h	25	For a site certificate, the CP clearly describes how the relationship of the subscriber to the domain is verified, including a provision that a site certificate cannot be issued to a subscriber who does not own or otherwise control the registration of the affected domain.
A.2.i	None	For a subscriber's site certificate, the CP provides either: The certificate expires not later than the domain's renewal date. or else The domain's registration data is recorded; and the renewal of registration is verified by the CA not later than the recorded renewal date, with renewal registration data then recorded.
A.2.j	25	For a subscriber certificate to be used for authenticating files (e.g., code-signing certificates), the CP clearly describes how the relationship of the subscriber to the organization identified within the certificate is verified.
A.2.k	None	If the CP indicates that both direct and indirect (e.g., Web of Trust) methods are used to verify the relationship of the subscriber to the requested certificate (per §A.2.g, §A.2.h, or §A.2.j), the CP must also indicate how a user relying on the certificate can determine which method was used.
A.2.l	None	If the CA issues or signs subscriber certificates for more than one of the following purposes, the CP specifies that requirements cited in this checklist for each purpose shall be satisfied: site authentication and encryption E-mail signing and encryption file authentication (e.g., code-file signing)
A.2.m	25	For a commercial certificate subscriber, the CP clearly describes how the existence of an actual business entity is verified, including verifying that the entity is licensed or otherwise permitted to operate where it is located.
A.2.n	25	The CP clearly describes how a certificate domain is identified, including addressing how fraud based on homographic spoofing of internationalized domain names (IDNs) is avoided.	See Mozilla.org bugs #279099 and #280839.
A.2.o	33	The CP clearly describes how a subscriber may request its certificate to be revoked.
A.2.p	33	The CP details the process of revoking a subscriber certificate or the CA's signature thereon, including which personnel are authorized to perform that action and what records are made of that performance.
A.2.q	33	The CP clearly describes situations in which CA shall revoke a subscriber's certificate without the latter's request, which shall include the following: The registration of the domain for a subscriber's site certificate expires without renewal. The registration of the domain for a subscriber's site certificate indicates a change in ownership or other control of the registration of the domain. E-mail to a subscriber's last known E-mail address indicates the address is no longer functional.
A.2.r	24	The CP clearly describes the process of suspending a subscriber certificate, including how requests for suspensions are authenticated, which personnel are authorized to perform that action and what records are made of that performance.
A.2.s	27	The CP describes the differences between renewing a subscriber certificate about to expire, replacing a subscriber certificate that was already allowed to expire, and replacing a subscriber certificate that has been revoked.
A.2.t	20, 33	The CP details the maintenance of the root certificate, including: intended lifetime how revocation is authorized and processed notification to subscribers and the general public of revocation how the generation of a new root certificate is authorized and processed notification to subscribers and the general public of a new root certificate
A.2.u	39, 25, 26	The CP details the maintenance of any intermediate certificates, including: intended lifetimes how revocation is authorized and processed notification to subscribers and the general public of revocation how the generation of a replacement intermediate certificate is authorized and processed notification to subscribers and the general public of a new replacement intermediate certificate
A.2.v	12, 26	The CP details how external registration authorities (RAs) are approved.	For this and all other requirements, an external reseller of certificates operating under a CA's root certificate is considered to be an RA.
A.2.w	12, 25, 26	The CP details how RAs verify subscriber identities.
A.2.x	12, 25, 26	The CP details how RAs verifies authorization of individuals to represent organizational subscribers.
A.2.y	25, 26	The CP details how the CA verifies that RAs operate in accord with the CA's policies.
A.2.z	35, 39, 40	The CP details tasks to be performed if the CA terminates operations, including: revoking root and intermediate certificates notifying subscribers and the public providing for automated tools that detect revoked certificates (cf §B.2.k) ensuring private information about subscribers remains protected ensuring security of subscribers' private keys until subscriber certificates can be revoked

A.2 Certificate Policy (CP)

Req. #

Requirement

Verified

Comments

A.2.a

The CP is maintained in accord with the configuration control specification.

A.2.b

1, 2

The CP clearly specifies each class of issued certificate.

A.2.c

2, 10, 22

For each class of certificate, the CP identifies the subscriber population in terms of expected certificate use.

A.2.d

17, 22, 30, 36

For each class of certificate, the CA provides technical details of certificate generation:

size
algorithms
allowed lifetime
method of generation
purpose indicators (e.g., site, mail, file signing)
signing (by root or intermediate certificate)
representation of domains
ensuring uniqueness

A.2.e

The CP states any limitations imposed on the use of each class of issued certificates.

A.2.f

The CP clearly describes how the identity of each certificate subscriber is verified.

A.2.g

The CP clearly describes how the relationship of each subscriber for an E?mail certificate to the E-mail address is verified.

A.2.h

For a site certificate, the CP clearly describes how the relationship of the subscriber to the domain is verified, including a provision that a site certificate cannot be issued to a subscriber who does not own or otherwise control the registration of the affected domain.

A.2.i

None

For a subscriber's site certificate, the CP provides either:

The certificate expires not later than the domain's renewal date.
or else
The domain's registration data is recorded; and the renewal of registration is verified by the CA not later than the recorded renewal date, with renewal registration data then recorded.

A.2.j

For a subscriber certificate to be used for authenticating files (e.g., code-signing certificates), the CP clearly describes how the relationship of the subscriber to the organization identified within the certificate is verified.

A.2.k

None

If the CP indicates that both direct and indirect (e.g., Web of Trust) methods are used to verify the relationship of the subscriber to the requested certificate (per §A.2.g, §A.2.h, or §A.2.j), the CP must also indicate how a user relying on the certificate can determine which method was used.

A.2.l

None

If the CA issues or signs subscriber certificates for more than one of the following purposes, the CP specifies that requirements cited in this checklist for each purpose shall be satisfied:

site authentication and encryption
E-mail signing and encryption
file authentication (e.g., code-file signing)

A.2.m

For a commercial certificate subscriber, the CP clearly describes how the existence of an actual business entity is verified, including verifying that the entity is licensed or otherwise permitted to operate where it is located.

A.2.n

The CP clearly describes how a certificate domain is identified, including addressing how fraud based on homographic spoofing of internationalized domain names (IDNs) is avoided.

See Mozilla.org bugs #279099 and #280839.

A.2.o

The CP clearly describes how a subscriber may request its certificate to be revoked.

A.2.p

The CP details the process of revoking a subscriber certificate or the CA's signature thereon, including which personnel are authorized to perform that action and what records are made of that performance.

A.2.q

The CP clearly describes situations in which CA shall revoke a subscriber's certificate without the latter's request, which shall include the following:

The registration of the domain for a subscriber's site certificate expires without renewal.
The registration of the domain for a subscriber's site certificate indicates a change in ownership or other control of the registration of the domain.
E-mail to a subscriber's last known E-mail address indicates the address is no longer functional.

A.2.r

The CP clearly describes the process of suspending a subscriber certificate, including how requests for suspensions are authenticated, which personnel are authorized to perform that action and what records are made of that performance.

A.2.s

The CP describes the differences between renewing a subscriber certificate about to expire, replacing a subscriber certificate that was already allowed to expire, and replacing a subscriber certificate that has been revoked.

A.2.t

20, 33

The CP details the maintenance of the root certificate, including:

intended lifetime
how revocation is authorized and processed
notification to subscribers and the general public of revocation
how the generation of a new root certificate is authorized and processed
notification to subscribers and the general public of a new root certificate

A.2.u

39, 25, 26

The CP details the maintenance of any intermediate certificates, including:

intended lifetimes
how revocation is authorized and processed
notification to subscribers and the general public of revocation
how the generation of a replacement intermediate certificate is authorized and processed
notification to subscribers and the general public of a new replacement intermediate certificate

A.2.v

12, 26

The CP details how external registration authorities (RAs) are approved.

For this and all other requirements, an external reseller of certificates operating under a CA's root certificate is considered to be an RA.

A.2.w

12, 25, 26

The CP details how RAs verify subscriber identities.

A.2.x

12, 25, 26

The CP details how RAs verifies authorization of individuals to represent organizational subscribers.

A.2.y

25, 26

The CP details how the CA verifies that RAs operate in accord with the CA's policies.

A.2.z

35, 39, 40

The CP details tasks to be performed if the CA terminates operations, including:

revoking root and intermediate certificates
notifying subscribers and the public
providing for automated tools that detect revoked certificates (cf §B.2.k)
ensuring private information about subscribers remains protected
ensuring security of subscribers' private keys until subscriber certificates can be revoked

A.3 Certification Practice Statement (CPS)
Req. #	WT	Requirement	Comments
A.3.a	6, 39	The CPS is maintained in accord with the configuration control specification.
A.3.b	6	The CPS contains details of how disputes between subscribers and the CA or between the public and the CA are to be resolved.
A.3.c	6	The CPS describes potential consequences if the CA merges with another organization.
A.3.d	6	The CPS cites applicable laws.
A.3.e	14	The CPS details the obligations of subscribers regarding the management of their certificates.
A.3.f	7	The CPS contains a schedule of fees charged to subscribers.
A.3.g	7	The CPS describes the process for changing fees.
A.3.h	7	The CPS describes the notification process used when fees are changed.
A.3.i	7	The CPS describes the conditions and process for refunding fees.
A.3.j	23, 35	The CPS describes which aspects of the CA's operations involve protected intellectual property and what protections and licenses are involved. The property status of the following shall be addressed: CP, CPS, privacy policy, configuration-control specification, and declarations of risks and liability Root and intermediate certificates CA-generated subscriber certificates Lists of current and revoked certificates Software tools used in the CA's operations CRLs, OCSP data, or the equivalent (see §B.2.k) The CA's Web site
A.3.k	6, 42	The CPS describes how the CA handles its subscribers' intellectual property.
A.3.l	8, 39, 44	The CPS describes the CA's procedures for recovering from disasters and other operating interruptions, including the creation and securing of backup copies of root, intermediate, and subscriber certificates the creation and securing of backup copies of information used to authenticate subscriber identities the rehosting of CA servers informing subscribers and the general public of interruptions the replacement of authorized personnel and the hand-over of their knowledge of pass-phrases

A.3 Certification Practice Statement (CPS)

Req. #

Requirement

Verified

Comments

A.3.a

6, 39

The CPS is maintained in accord with the configuration control specification.

A.3.b

The CPS contains details of how disputes between subscribers and the CA or between the public and the CA are to be resolved.

A.3.c

The CPS describes potential consequences if the CA merges with another organization.

A.3.d

The CPS cites applicable laws.

A.3.e

The CPS details the obligations of subscribers regarding the management of their certificates.

A.3.f

The CPS contains a schedule of fees charged to subscribers.

A.3.g

The CPS describes the process for changing fees.

A.3.h

The CPS describes the notification process used when fees are changed.

A.3.i

The CPS describes the conditions and process for refunding fees.

A.3.j

23, 35

The CPS describes which aspects of the CA's operations involve protected intellectual property and what protections and licenses are involved. The property status of the following shall be addressed:

CP, CPS, privacy policy, configuration-control specification, and declarations of risks and liability
Root and intermediate certificates
CA-generated subscriber certificates
Lists of current and revoked certificates
Software tools used in the CA's operations
CRLs, OCSP data, or the equivalent (see §B.2.k)
The CA's Web site

A.3.k

6, 42

The CPS describes how the CA handles its subscribers' intellectual property.

A.3.l

8, 39, 44

The CPS describes the CA's procedures for recovering from disasters and other operating interruptions, including

the creation and securing of backup copies of root, intermediate, and subscriber certificates
the creation and securing of backup copies of information used to authenticate subscriber identities
the rehosting of CA servers
informing subscribers and the general public of interruptions
the replacement of authorized personnel and the hand-over of their knowledge of pass-phrases

A.4 Privacy Policy
Req. #	WT	Requirement	Comments
A.4.a	6, 41	The privacy policy is maintained in accord with the configuration control specification.
A.4.b	6, 41	The privacy policy specifically describes which subscriber data are kept confidential.
A.4.c	6, 41	The privacy policy specifically describes which subscriber data are made public.
A.4.d	6, 41	The privacy policy describes how an individual may obtain access to a subscriber's written acceptance of liability (see §A.6.d).
A.4.e	6, 41	The privacy policy identifies legal mandates regarding both securing and disclosing subscriber data.
A.4.f	6, 41	The privacy policy describes the CA's response to government warrants and civil subpoenas demanding disclosure of protected data.

A.4 Privacy Policy

Req. #

Requirement

Verified

Comments

A.4.a

6, 41

The privacy policy is maintained in accord with the configuration control specification.

A.4.b

6, 41

The privacy policy specifically describes which subscriber data are kept confidential.

A.4.c

6, 41

The privacy policy specifically describes which subscriber data are made public.

A.4.d

6, 41

The privacy policy describes how an individual may obtain access to a subscriber's written acceptance of liability (see §A.6.d).

A.4.e

6, 41

The privacy policy identifies legal mandates regarding both securing and disclosing subscriber data.

A.4.f

6, 41

The privacy policy describes the CA's response to government warrants and civil subpoenas demanding disclosure of protected data.

A.5 Security Manual
Req. #	WT	Requirement	Comments
A.5.a	18, 43	The CA maintains documentation of its procedures to ensure the electronic and physical security of its operations.
A.5.b	43	The security manual is maintained in accord with the configuration control specification.
A.5.c	43	The security manual describes how individuals are authorized to access computer equipment.
A.5.d	43	The security manual describes how individuals are authorized to change each of the following: safe combinations cipher lock combinations computer access passwords hardware encryption keys configuration-control logs and records (see §A.1.k)
A.5.e	43	The security manual describes the security of physical equipment. The following shall be addressed: personnel restrictions on access to cryptographic hardware logging access to secure containers frequency of changing combinations, cipher locks, etc
A.5.f	8, 18, 43	The security manual describes how computer systems are configured and updated to protect them against hostile intrusion, unauthorized electronic access, and "malware" and how individuals are authorized to perform those tasks.
A.5.g	8, 43	The security manual describes how computer systems and other hardware are protected against theft and unauthorized physical access.
A.5.h	6	The security manual identifies legal mandates for securing data, software, hardware, and communications.
A.5.i	18, 43	The security manual describes the necessary procedures for recovering from a breach of security, including such breaches as: compromised private keys for root or intermediate certificates theft of private data provided by subscribers

A.5 Security Manual

Req. #

Requirement

Verified

Comments

A.5.a

18, 43

The CA maintains documentation of its procedures to ensure the electronic and physical security of its operations.

A.5.b

The security manual is maintained in accord with the configuration control specification.

A.5.c

The security manual describes how individuals are authorized to access computer equipment.

A.5.d

The security manual describes how individuals are authorized to change each of the following:

safe combinations
cipher lock combinations
computer access passwords
hardware encryption keys
configuration-control logs and records (see §A.1.k)

A.5.e

The security manual describes the security of physical equipment. The following shall be addressed:

personnel restrictions on access to cryptographic hardware
logging access to secure containers
frequency of changing combinations, cipher locks, etc

A.5.f

8, 18, 43

The security manual describes how computer systems are configured and updated to protect them against hostile intrusion, unauthorized electronic access, and "malware" and how individuals are authorized to perform those tasks.

A.5.g

8, 43

The security manual describes how computer systems and other hardware are protected against theft and unauthorized physical access.

A.5.h

The security manual identifies legal mandates for securing data, software, hardware, and communications.

A.5.i

18, 43

The security manual describes the necessary procedures for recovering from a breach of security, including such breaches as:

compromised private keys for root or intermediate certificates
theft of private data provided by subscribers

A.6 Declarations of Risks and Liability
Req. #	WT	Requirement	Comments
A.6.a	4, 15	The CA maintains documentation of the risks to end-users created by their reliance upon subscriber certificates issued by the CA.
A.6.b	4, 5	The CA maintains documentation of the liability it assumes when issuing subscriber certificates.
A.6.c	5	The CA maintains documentation of the liability assumed by subscribers when they use certificates issued by the CA.
A.6.d	5	The CA obtains written acceptance from subscribers of the liability (cited in §A.6.c) they assume.

A.6 Declarations of Risks and Liability

Req. #

Requirement

Verified

Comments

A.6.a

4, 15

The CA maintains documentation of the risks to end-users created by their reliance upon subscriber certificates issued by the CA.

A.6.b

4, 5

The CA maintains documentation of the liability it assumes when issuing subscriber certificates.

A.6.c

The CA maintains documentation of the liability assumed by subscribers when they use certificates issued by the CA.

A.6.d

The CA obtains written acceptance from subscribers of the liability (cited in §A.6.c) they assume.

Last updated 28 December 2008

Certificate Authority Review Checklist

A. Documentation

Copyright © 2005, 2007, 2008 by David E. Ross