DS/EN 319 411-1 V1.1.1:2016

Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements



The present document specifies generally applicable policy and security requirements for Trust Service Providers (TSP)
issuing public key certificates, including trusted web site certificates.
The policy and security requirements are defined in terms of requirements for the issuance, maintenance and life-cycle
management of certificates. These policy and security requirements support six reference certificate policies, defined in
clause 5.
A framework for the definition of policy requirements for TSPs issuing certificates in a specific context where
particular requirements apply is defined in clause 7.
The present document is applicable to:
• the general requirements of certification in support of cryptographic mechanisms, including digital signatures
and seals;
• the general requirements of certification authorities issuing TLS/SSL certificates;
• the general requirements of the use of cryptography for authentication and encryption.
The present document does not specify how the requirements identified can be assessed by an independent party,
including requirements for information to be made available to such independent assessors, or requirements on such
NOTE: See ETSI EN 319 403 [i.2] for guidance on assessment of TSP processes and services. The present
document references ETSI EN 319 401 [8] for general policy requirements common to all classes of TSP
The present document however provides in annex C, a check list of the policy requirements specific to TSP issuing
certificates (as expressed in the present document) including the generic requirements which are independent of the type
of service (as expressed in ETSI EN 319 401 [8]).
The present document includes provisions consistent with the requirements from the CA/Browser Forum in EVCG [4]
and BRG [5].

Number of pages: 48

Published: 2016-06-02

Date of approval: 2016-05-27

International relationships :

ICS: 35.240.99 - IT applications in other fields

Item number: M299626



  • ETSI/TN & TT

Danish committee