en:st-cca-services.html

Toto je starší verze dokumentu!


Services provided by the CESNET CA

Services provided by the CESNET CA are described in certificate policies and Certificate Practice Statement CESNET CA available in the chapter Certificate Policies and Certificate Practice Statement.

CESNET CA provides the following services:

Personal Certificates Issuance

Personal certificate issued by the CESNET CA can be used for authentication, digital signature, and data encryption.

The personal certificates validity is 13 months maximum.

due to capacity and organizational reasons, personal certificates can be issued only to

  • persons participating in CESNET's research activities, <
  • administrators of hosts and services operated by members of CESNET, a. l. e. and by insitutions participating in CESNET's research activities, and <
  • CESNET employees. <

Server Certificates Issuance

Server certificates can be used for authenticating network hosts and services.

Server certificates are issued for hosts and services operated by

  • institutions participating in CESNET's research activities, <
  • members of CESNET, a. l. e., <
  • CESNET itself. <

Server Certificates SureServer EDU

CESNET CA mediates issuance of server certificates SureServer EDU. These certificates are issued by GlobalSign, whose root certificates are implicitly trusted by most internet browsers.

Establishing of Registration Authorities

CESNET CA operates a Registration Authority on its own.

Any member of CESNET, a. l. e. can ask for certification of its own Registration Authority. a signed contract between CESNET, a. l. e. and the RA operator is required.

Operation of CESNET CA RAs is governed by rules described in the appropriate certificate policy issued by the CESNET CA.

Certification of other Certificate Authorities

CESNET CA supports establishing of CAs operated by members of CESNET, a. l. e. and offers their certification. The CA must comply with a certificate policy of CESNET CA. A legal contract between CESNET, a. l. e. and the institution operating the CA is required.

Poslední úprava:: 2011/12/15 01:16