from Entrust Datacard
Grant of Approval
tScheme Limited grants approval to the electronic trust service identified as:
Certificate Factory - a service designed to allow organisations to issue Digital Certificates, over which they have full control; to do so without the need to establish, maintain and operate a secure certificate generation facility. The organisation maintains control over all commercial aspects such as certificate policy, registration practice etc., whilst Entrust (Europe) Ltd operates the technical infrastructure at its secure Trust Service Centre.
as supplied by:
Entrust (Europe) Ltd
Napier Court, Napier Road, Reading, Berkshire, RG1 8BW
The management system used to deliver this service is certified by:
LR Lloyd's Register Quality Assurance Ltd.
of Trinity Park, 1 Bickenhill Lane, Birmingham B37 7ES
to satisfy the criteria defined in the following tScheme Approval Profiles:
|Base Approval Profile||tSd0111||3.00|
|Approval Profile for Certificate Generation*||tSd0104||3.01|
|Approval Profile for Certificate Dissemination||tSd0105||3.01|
|Approval Profile for Certificate Status Management||tSd0106||3.01|
*not including Qualified Certificates
This approval initially commenced on:
8th March 2002
and annual renewal against the current issue of these Approval Profiles was confirmed in:
Documents supporting this grant are available by clicking on the links in the table above.
This Grant of approval is issued by:
PO Box 3653
Company Number 4000985
Approved Service Description
Certificate Factory is designed to allow an organisation wishing to issue Digital Certificates, over which it has full control, to do so without the need to commit the significant investment required to establish a PKI. It allows the organisation to maintain complete control over all important commercial aspects such as the certificate policy; registration practices etc. while Entrust (Europe) Ltd runs the technical PKI infrastructure at its secure Trust Service Centre.
In the Certificate Factory each organisation’s Certificate Authority (used to manufacture the digital certificates) is separate from all others and is run in accordance with its requirements and specifications. The digital certificates produced are manufactured to the organisation’s specification and are internally identified as that organisation’s certificates.
Key features of the Certificate Factory are:
- Complete managed service;
- Customised Certificate Policy and Certificate Profile;
- Dedicated Certificate Authority;
- Registration Authorities installed in organisation’s location under their control;
- Organisation branded certificates;
- Standards compliant (for example X.509 v3)
- Secure infrastructure certified to ISO27001.
- Products selected which have undergone external evaluations against established criteria FIPS, Common Criteria etc.);
- Support of a variety of cryptographic key management methods including smart cards, tokens etc.;
- Operational 24/7 with physically remote secure contingency facility.
The Certificate Factory is designed to satisfy organisations operating in a wide variety of fields including Finance, Government (Local and Central), NHS, Manufacturing, IT, telecoms and law.