1.3. PKI – processes and roles | Managed PKI - Setup & Support

Navigate on SwissID

A data security specialist by Swiss Post

1.3. PKI – processes and roles

Certificates have two key jobs – they are a container for the public key and they also connect the public key to the certificate issuer/key holder. The role of a certificate service provider is to confirm and guarantee this connection as an independent third party at the level that is in line with the CP/CPS. The following services, activities and roles are required to guarantee this:

Registration service

  • Certificate request from the applicant

  • Certificate request review by the registration authority officer (RAO), hereinafter referred to as the access manager.

  • Approval of the certificate request by the access manager (RAO)

Certificate generation service

  • Certificate generation

Revocation service (service to declare invalidity)

  • Online invalidity declaration by the certificate holder

  • Offline invalidity declaration by the access manager (RAO)

Dissemination services (dissemination of information)

  • CP/CPS

  • OCSP (Online Certificate Status Protocol) – online status of the certificate’s validity

  • CRL (Certificate Revocation List) – invalidity list (offline) for certificates

  • LDAP (Lightweight Directory Access Protocol)

Back to "Managed PKI – Setup & Support" main page

SwissSign

Ressources

Knowledge

Support

A data security specialist
by Swiss Post

The ‘Die Post’ logo takes you to the ‘Die Post’ website.