Fuji Xerox Certification Authority 2 Certificate Policy and … · 2017-11-30 · 4.4. Certificate...

Fuji Xerox Certification Authority 2

Certificate Policy and Certification Practice Statement

Version 1.0

February 15, 2011

1. INTRODUCTION.........................................................................................................1 1.1. Overview ................................................................................................................1

1.1.1. Overview of Fuji Xerox Certification Authority 2...............................................1 1.1.2. Role of CP/CPS...............................................................................................1 1.1.3. An overview of the services of FX CA 2 ..........................................................1

1.2. Document name and identification .........................................................................2 1.3. PKI participants ......................................................................................................2

1.3.1. Certification authorities ....................................................................................2 1.3.2. Registration authorities....................................................................................2 1.3.3. Subscribers .....................................................................................................3 1.3.4. Relying parties.................................................................................................3 1.3.5. Other participants ............................................................................................3

1.4. Certificate usage ....................................................................................................3 1.4.1. Appropriate certificate uses .............................................................................3 1.4.2. Prohibited certificate users ..............................................................................3

1.5. Policy administration...............................................................................................3 1.5.1. Organization administering the document .......................................................3 1.5.2. Contact person ................................................................................................3 1.5.3. Person determining cps suitability for the policy ..............................................4 1.5.4. CPS approval procedures ...............................................................................4

1.6. Definitions and acronyms .......................................................................................5 2. PUBLICATION AND REPOSITORY RESPONSIBILITIES .....................................9

2.1. Repositories ...........................................................................................................9 2.2. Publication of certification information ....................................................................9 2.3. Time and frequency of publication ..........................................................................9 2.4. Access controls on repositories ..............................................................................9

3. IDENTIFICATION AND AUTHENTICATION ........................................................ 11 3.1. Naming ................................................................................................................. 11

3.1.1. Types of names ............................................................................................. 11 3.1.2. Need for names to be meaningful ................................................................. 11 3.1.3. Anonymity or pseudonymity of subscribers ................................................... 11 3.1.4. Rules for interpreting various name forms..................................................... 11 3.1.5. Uniqueness of names.................................................................................... 11 3.1.6. Recognition, authentication, and role of trademarks ..................................... 11

3.2. Initial identity validation......................................................................................... 11 3.2.1. Method to prove possession of private key ................................................... 11 3.2.2. Authentication of organization identity...........................................................12 3.2.3. Authentication of individual identity ...............................................................12 3.2.4. Non-verified subscriber information...............................................................12 3.2.5. Validation of authority ....................................................................................12 3.2.6. Criteria for interoperation...............................................................................12

3.3. Identification and authentication for re-key requests ............................................12 3.3.1. Identification and authentication for routine re-key ........................................12 3.3.2. Identification and authentication for re-key after revocation ..........................12

3.4. Identification and authentication for revocation request........................................12 4. CERTIFICATE LIFE-CYCLE OPERATIONAL EQUIREMENTS..........................13

4.1. Certificate Application ...........................................................................................13 4.1.1. Who can submit a certificate application .......................................................13 4.1.2. Enrollment process and responsibilities ........................................................13

4.2. Certificate application processing .........................................................................13 4.2.1. Performing identification and authentication functions ..................................13 4.2.2. Approval or rejection of certificate applications .............................................14

4.2.3. Time to process certificate applications.........................................................14 4.3. Certificate issuance ..............................................................................................14

4.3.1. CA actions during certificate issuance...........................................................14 4.3.2. Notification to subscriber by the CA of issuance of certificate .......................14

4.4. Certificate acceptance ..........................................................................................14 4.4.1. Conduct constituting certificate acceptance ..................................................14 4.4.2. Publication of the certificate by the CA..........................................................14 4.4.3. Notification of certificate issuance by the CA to other entities .......................14

4.5. Key pair and certificate usage ..............................................................................14 4.5.1. Subscriber private key and certificate usage .................................................14 4.5.2. Relying party public key and certificate usage...............................................14

4.6. Certificate renewal................................................................................................15 4.6.1. Circumstance for certificate renewal .............................................................15 4.6.2. Who may request renewal.............................................................................15 4.6.3. Processing certificate renewal requests ........................................................15 4.6.4. Conduct constituting acceptance of a renewal certificate ..............................15 4.6.5. Publication of the renewal certificate by the CA ............................................15 4.6.6. Notification of certificate issuance by the CA to other entities .......................15

4.7. Certificate re-key ..................................................................................................16 4.7.1. Circumstance for certificate re-key ................................................................16 4.7.2. Who may request certification of a new public key........................................16 4.7.3. Processing certificate re-keying requests ......................................................16 4.7.4. Notification of new certificate issuance to subscriber ....................................16 4.7.5. Conduct constituting acceptance of a re-keyed certificate ............................16 4.7.6. Publication of the re-keyed certificate by the CA ...........................................17 4.7.7. Notification of certificate issuance by the CA to other entities .......................17

4.8. Certificate modification .........................................................................................17 4.8.1. Circumstance for certificate modification .......................................................17 4.8.2. Who may request certificate modification ......................................................17 4.8.3. Processing certificate modification requests..................................................17 4.8.4. Notification of new certificate issuance to subscriber ....................................17 4.8.5. Conduct constituting acceptance of modified certificate ................................18 4.8.6. Publication of the modified certificate by the CA ...........................................18 4.8.7. Notification of certificate issuance by the CA to other entities .......................18

4.9. Certificate revocation and suspension..................................................................18 4.9.1. Circumstances for revocation ........................................................................18 4.9.2. Who can request revocation..........................................................................18 4.9.3. Procedure for revocation request ..................................................................18 4.9.4. Revocation request grace period...................................................................19 4.9.5. Time within which CA must process the revocation request..........................19 4.9.6. Revocation checking requirement for relying parties .....................................19 4.9.7. CRL/ARL issuance frequency (if applicable) .................................................19 4.9.8. Maximum latency for CRL/ARLs (if applicable) .............................................19 4.9.9. On-line revocation/status checking availability ..............................................19 4.9.10. On-line revocation checking requirements.................................................19 4.9.11. Other forms of revocation advertisements available ..................................19 4.9.12. Special requirements re-key compromise ..................................................19 4.9.13. Circumstances for suspension...................................................................20 4.9.14. Who can request suspension.....................................................................20 4.9.15. Procedure for suspension request .............................................................20 4.9.16. Limits on suspension period ......................................................................20

4.10. Certificate status services .................................................................................20

4.10.1. Operational characteristics ........................................................................20 4.10.2. Service availability .....................................................................................20 4.10.3. Optional features .......................................................................................20

4.11. End of subscription ...........................................................................................20 4.12. Key escrow and recovery..................................................................................20

4.12.1. Key escrow and recovery policy and practices ..........................................20 4.12.2. Session key encapsulation and recovery policy and practices ..................20

5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS..........................21 5.1. Physical controls ..................................................................................................21

5.1.1. Site location and construction .......................................................................21 5.1.2. Physical access.............................................................................................21 5.1.3. Power and air conditioning ............................................................................21 5.1.4. Water exposures ...........................................................................................21 5.1.5. Fire prevention and protection.......................................................................21 5.1.6. Media storage................................................................................................22 5.1.7. Waste disposal ..............................................................................................22 5.1.8. Off-site backup ..............................................................................................22

5.2. Procedural controls...............................................................................................22 5.2.1. Trusted roles .................................................................................................22 5.2.2. Number of persons required per task ............................................................25 5.2.3. Identification and authentication for each role ...............................................26 5.2.4. Roles requiring separation of duties ..............................................................26

5.3. Personnel controls................................................................................................26 5.3.1. Qualifications, experience, and clearance requirements ...............................26 5.3.2. Background check procedures ......................................................................27 5.3.3. Training requirements....................................................................................27 5.3.4. Retraining frequency and requirements ........................................................27 5.3.5. Job rotation frequency and sequence ...........................................................27 5.3.6. Sanctions for unauthorized actions ...............................................................27 5.3.7. Independent contractor requirements............................................................27 5.3.8. Documentation supplied to personnel ...........................................................27

5.4. Audit logging procedures......................................................................................28 5.4.1. Types of events recorded ..............................................................................28 5.4.2. Frequency of processing log .........................................................................28 5.4.3. Retention period for audit log ........................................................................28 5.4.4. Protection of audit log....................................................................................29 5.4.5. Audit log backup procedures .........................................................................29 5.4.6. Audit collection system (internal vs. external) ...............................................29 5.4.7. Notification to event-causing subject .............................................................29 5.4.8. Vulnerability assessments .............................................................................29

5.5. Records archival...................................................................................................29 5.5.1. Types of records archived .............................................................................30 5.5.2. Retention period for archive ..........................................................................30 5.5.3. Protection of archive......................................................................................30 5.5.4. Archive backup procedures ...........................................................................30 5.5.5. Requirements for time-stamping of records...................................................31 5.5.6. Archive collection system (internal vs. external)............................................31 5.5.7. Procedures to obtain and verify archive information......................................31

5.6. Key changeover ...................................................................................................31 5.7. Compromise and disaster recovery ......................................................................31

5.7.1. Incident and compromise handling procedures .............................................31 5.7.2. Computing resources, software, and/or data are corrupted...........................31

5.7.3. Entity private key compromise procedures....................................................32 5.7.4. Business continuity capabilities after a disaster ............................................32

5.8. CA or RA termination ............................................................................................32 6. TECHNICAL SECURITY CONTROLS ....................................................................33

6.1. Key pair generation and installation......................................................................33 6.1.1. Key pair generation .......................................................................................33 6.1.2. Private key delivery to subscriber..................................................................33 6.1.3. Public key delivery to certificate issuer ..........................................................33 6.1.4. CA public key delivery to relying parties ........................................................33 6.1.5. Key sizes .......................................................................................................33 6.1.6. Public key parameters generation and quality checking................................34 6.1.7. Key usage purposes (as per X.509 v3 key usage field) ................................34

6.2. Private Key Protection and Cryptographic Module Engineering Controls.............34 6.2.1. Cryptographic module standards and controls ..............................................34 6.2.2. Private key (n out of m) multi-person control .................................................35 6.2.3. Private key escrow ........................................................................................35 6.2.4. Private key backup ........................................................................................35 6.2.5. Private key archival .......................................................................................36 6.2.6. Private key transfer into or from a cryptographic module ..............................36 6.2.7. Private key storage on cryptographic module ...............................................36 6.2.8. Method of activating private key ....................................................................36 6.2.9. Method of deactivating private key ................................................................36 6.2.10. Method of destroying private key ...............................................................36 6.2.11. Cryptographic Module Rating ....................................................................37

6.3. Other aspects of key pair management ................................................................37 6.3.1. Public key archival.........................................................................................37 6.3.2. Certificate operational periods and key pair usage periods ...........................37

6.4. Activation data ......................................................................................................37 6.4.1. Activation data generation and installation ....................................................37 6.4.2. Activation data protection ..............................................................................37 6.4.3. Other aspects of activation data ....................................................................37

6.5. Computer security controls...................................................................................37 6.5.1. Specific computer security technical requirements........................................37 6.5.2. Computer security rating ...............................................................................38

6.6. Life cycle technical controls..................................................................................38 6.6.1. System development controls .......................................................................38 6.6.2. Security management controls ......................................................................39 6.6.3. Life cycle security controls ............................................................................39

6.7. Network security controls .....................................................................................39 6.8. Time-stamping ......................................................................................................39

7. CERTIFICATE, CRL/ARL, AND OCSP PROFILES ................................................40 7.1. Certificate profile ..................................................................................................40

7.1.1. Version number(s) .........................................................................................40 7.1.2. Certificate extensions ....................................................................................40 7.1.3. Algorithm object identifiers ............................................................................40 7.1.4. Name forms...................................................................................................40 7.1.5. Name constraints ..........................................................................................40 7.1.6. Certificate policy object identifier ...................................................................40 7.1.7. Usage of Policy Constraints extension ..........................................................40 7.1.8. Policy qualifiers syntax and semantics ..........................................................40 7.1.9. Processing semantics for the critical Certificate Policies extension...............40

7.2. CRL/ARL profile....................................................................................................40

7.2.1. Version number(s) .........................................................................................40 7.2.2. CRL/ARL and CRL/ARL entry extensions .....................................................40

7.3. OCSP profile.........................................................................................................40 7.3.1. Version number(s) .........................................................................................41 7.3.2. OCSP extensions ..........................................................................................41

8. COMPLIANCE AUDIT AND OTHER ASSESSMENTS ..........................................42 8.1. Frequency or circumstances of assessment ........................................................42 8.2. Identity/qualifications of assessor .........................................................................42 8.3. Assessor’s relationship to assessed entity ...........................................................42 8.4. Topics covered by assessment.............................................................................42 8.5. Actions taken as a result of deficiency..................................................................42 8.6. Communication of results .....................................................................................43

9. OTHER BUSINESS AND LEGAL MATTERS .........................................................44 9.1. Fees .....................................................................................................................44

9.1.1. Certificate issuance or renewal fees..............................................................44 9.1.2. Certificate access fees ..................................................................................44 9.1.3. Revocation or status information access fees ...............................................44 9.1.4. Fees for other services ..................................................................................44 9.1.5. Refund policy.................................................................................................44

9.2. Financial responsibility .........................................................................................44 9.2.1. Insurance coverage.......................................................................................44 9.2.2. Other assets ..................................................................................................44 9.2.3. Insurance or warranty coverage for end-entities ...........................................44

9.3. Confidentiality of business information .................................................................44 9.3.1. Scope of confidential information ..................................................................44 9.3.2. Information not within the scope of confidential information ..........................44 9.3.3. Responsibility to protect confidential information...........................................44

9.4. Privacy of personal information ............................................................................44 9.4.1. Privacy plan...................................................................................................45 9.4.2. Information treated as private........................................................................45 9.4.3. Information not deemed private.....................................................................45 9.4.4. Responsibility to protect private information ..................................................45 9.4.5. Notice and consent to use private information ..............................................45 9.4.6. Disclosure pursuant to judicial or administrative process ..............................45 9.4.7. Other information disclosure circumstances..................................................45

9.5. Intellectual property rights ....................................................................................45 9.6. Representations and warranties ...........................................................................45

9.6.1. CA representations and warranties ...............................................................45 9.6.2. RA representations and warranties ...............................................................45 9.6.3. Subscriber representations and warranties ...................................................45 9.6.4. Relying party representations and warranties ...............................................45 9.6.5. Representations and warranties of other participants....................................45

9.7. Disclaimers of warranties .....................................................................................45 9.8. Limitations of liability.............................................................................................45 9.9. Indemnities ...........................................................................................................46 9.10. Term and termination ........................................................................................46

9.10.1. Term...........................................................................................................46 9.10.2. Termination ................................................................................................46 9.10.3. Effect of termination and survival ...............................................................46

9.11. Individual notices and communications with participants ..................................46 9.12. Amendments.....................................................................................................46

9.12.1. Procedure for amendment .........................................................................46

9.12.2. Notification mechanism and period ............................................................46 9.12.3. Circumstances under which OID must be changed ...................................46

9.13. Dispute resolution provisions ............................................................................46 9.14. Governing law ...................................................................................................46 9.15. Compliance with applicable law ........................................................................46 9.16. Miscellaneous provisions ..................................................................................47

9.16.1. Entire agreement .......................................................................................47 9.16.2. Assignment ................................................................................................47 9.16.3. Severability ................................................................................................47 9.16.4. Enforcement (attorneys’ fees and waiver of rights) ....................................47 9.16.5. Force Majeure............................................................................................47

9.17. Other provisions................................................................................................47

1

1. INTRODUCTION

This document specifies the standards of certificates to be issued by Fuji Xerox Certification

Authority 2 (FX CA 2) and the procedures to be adopted for the series of tasks including issuance,

update, revocation and management of issued certificates.

This document is organized in conformity to RFC 3647 issued by IETF (Internet Engineering

Task Force), which is an international standardization organization for technologies to be used in

the Internet.

The formal title and the acquisition point of RFC 3647 are given as follows.

Certificate Policy and Certification Practices Framework, Internet Engineering Task Force,

Network Working Group, ftp://ftp.rfc-editor.org/in-notes/rfc3647.txt

1.1. Overview 1.1.1. Overview of Fuji Xerox Certification Authority 2 FX CA 2 aims at issuing certificates to multiple Specific Service Certification Authorities (SS CAs)

operated by Fuji Xerox Co., Ltd. (FX) and other Certification Authorities that provide support for

the operation of SS CAs.

Each SS CA shall be operated as a part of services that FX provides to its customers, and it shall

provide certification functionality required for the implementation of specific services.

FX CA 2 functions as a common basis of trust for SS CAs. The users of specific services shall

use the public key of FX CA 2. to verify the certificates individually issued by SS CAs.

1.1.2. Role of CP/CPS This CPS describes business, legal, and technical items in this service. Further, this CPS describes Certificate Policy (CP, standards for issuing certificates) and Certification Practice Statement (CPS, actual operating standards) for the persons engaged in this service.

1.1.3. An overview of the services of FX CA 2 FX CA 2 is an off-line certification authority, which does not connect to the Internet directly or

indirectly. FX CA 2 shall be manually activated only when its functions stated below are used.

1. Generation, backup and destruction of FX CA 2's public pair keys.

2. Generation of signatures to CA certificates to issue to FX ECA 2 or SS CA’s.

3. Generation of signatures to CRL/ARLs of CA certificate that FX CA 2 issues.

The following describe an outline of the three functions of FX CA 2 of (1) registration of

subscribers, (2) lifecycle management of certificates and (3) issuance of CRL/ARLs.

2

(1) Registration of subscribers

A subscriber of a certificate that FX CA 2 issues shall be a certification authority that FX

established and is operating in compliance with certain policies and regulations that FX

determines.

(2) Lifecycle management of certificates.

FX CAP Committee gives written instructions to FX Certification Authority Platform

Operating Group (FX CAP Operating Group) with respect to all the events constituting a

lifecycle of a certificate. Specifically, they issue, re-issue, re-key, changeover, destroy and

suspend the certificate.

(3) Issuance of CRL/ARLs

FX CAP Operating Group issues a CRL/ARL following this CPS. In addition to the routine

issuance of CRL/ARLs, FX CAP Operating Group issues a CRL/ARL as quickly as possible

with it revokes a certificate.

1.2. Document name and identification This document is entitled “Fuji Xerox Certification Authority 2: Certificate Policy and Certification

Practice Statement”.

The object identifier (OID) of this document is defined as follows:

1.3.6.1.4.1.297.1.5.1.12

1.3. PKI participants 1.3.1. Certification authorities This PKI is comprised of the single certification authority of FX CA 2.

To a certification authority that FX operates, as the Subscriber, FX CA 2 shall issue CA

certificates based on instructions from the FX CAP Committee. The CA certificates shall be used

only for the purpose of verifying the signatures associated with the certificates signed by the

subscribers (subordinate CAs).

The FX CA 2 may comply to issue a certificate from an external certification authority, if the

purpose of the issuance by a subordinate SSCA is compliant with the mission of FX CA 2.

1.3.2. Registration authorities The functions of FX CA 2 do not include that of a registration authority. Only FX retains the rights

to decide the opening and operating of CAs as Subscribers, and FX CA 2 does not participate in

the decision process. Only the FX CAP Committee is the registration authority.

3

1.3.3. Subscribers The subscribers of certificates issued by FX CA 2 are certified authorities that are operated by FX

and authorized by the FX CAP Committee.

1.3.4. Relying parties The first users of the certificates that are issued by the FX CA 2 are the customers of specific

services that are certified by the SS CA. These users uses the certificates that FX CA 2 issues in

order to verify the signatures associated with the certificates and CRL/ARLs that SS CA issues.

Verification of the signatures on certificates and CRL/ARLs that are issued by SS CA provides

the certification functionality required for utilizing specific services under a safe environment.

The second users of the certificates are the systems of FX CA 2, FX ECA 2 and SS CAs as well

as the operators of these systems. FX ECA 2 issued Membership Certificates are used for

certification of individuals in the access control to those systems but the FX CA 2 uses the

certificate issued by FX ECA 2 for the purpose of verification of the signatures contained in

Membership Certificates and the attached CRLs. The access control to the systems of the

relevant CAs shall be conducted based on the resulting authentication of individuals.

1.3.5. Other participants No stipulation.

1.4. Certificate usage 1.4.1. Appropriate certificate uses The certificates that are issued by FX CA 2 to its subordinate CAs shall be used for verification of

the signatures attached to the certificates issued by the CAs and the signatures attached to the

CRL/ARL by the CAs.

1.4.2. Prohibited certificate users The use of certificates is prohibited for purposes other than stipulated in section 1.4.1.

1.5. Policy administration 1.5.1. Organization administering the document FX CAP Committee is responsible for the repeal, amendment and approval of this document

(Certificate Policy and Certification Practice Statement).

1.5.2. Contact person The contact person of FX CAP Committee shall be in charge of inquiries regarding this document

and co-relational certification.

FX CAP Committee Contact Desk, Fuji Xerox Co., Ltd. E-Mail: [email protected]

4

1.5.3. Person determining cps suitability for the policy Since the CP and CPS are not separated in this document, the observance to the policy of the

CPS is deemed for consideration with the approval of this document.

1.5.4. CPS approval procedures The FX CAP Committee shall discuss the content of this document and Chair of FX CAP

Committee shall approve it.

The scope of the responsibility of FX CAP Committee includes amendment, repeal and approval

of this document, whereas the Chair of FX CAP Committee is responsible for final approval.

5

1.6. Definitions and acronyms Term Definition

Fuji Xerox Certification Authority Platform

System and operating body for FX CA 2 and relevant CAs

Fuji Xerox Certification Authority Platform Committee

Division of Fuji Xerox Co., Ltd. responsible for the operation of FX CA 2.

FX CAP Committee Organization of Fuji Xerox Co., Ltd. responsible for the operation and of FX CA 2, also the registration agent of FX CA 2

Chair of FX CAP Committee

Supervisor of FX CAP Committee.

FX Certification Authority Platform Operating Group

Organization responsible for the operation of FX Certification Authority 2.

FX CAP Operating Group Abbreviation of FX Certification Authority Platform Operating Group.

FX CAP Operating Manager

Supervisor of FX CAP Operating Group.

Repositories Database to record information necessary of performance of the operations of FX CA 2.

Certificate revocation Revoking a certificate.Identifier of a revoked certificate is specified in a Certificate Revocation List.

Certificate issuance To issue a certificate to its subscriber.

Certificate renewal To renew a certificate. A renewed certificate includes the same name, key and other information as the old one except the particular items (e.g. a new serial number) that Certificate Policy specifies to be changed.

Certificate re-key To change the public key pair of a certificate. A new certificate specifying the public key of a new public key pair is issued to the same subscriber.

Certificate modification The function issued a new certificate which changes a part or all of substances without a public key stated to the certificate after issue

Self-signed certification A certificate including a public key and a signature generated using the private signing key paired with the public key. CA issues a self-signed certificate to publish its public key to the users.

Link certificate A certificate issued when a CA’s private signing key is changed. A link certificate includes either a pair of the new public key and a signature generated using the old private signing key or a pair of the old public key and a signature generated using the new private key.

Certificate Revocation List Data object that includes a list of revoked certificates, signed using the CA’s private signing key.

6

Term Definition

Authority revocation list Data object that includes a list of revoked CA Certificates, signed using the CA’s private signing key.

Hardware Cryptographic Module

A hardware module for the protection of CA’s private signing keys. The functionality of the hardware cryptographic module includes generation, maintenance, usage and destruction of the private signing keys. The operation of the hardware cryptographic modules shall be performed under strict control by means of physical or electronic methods or both.

CA’s public key pair A pair of CA’s private signing key and the public key paired with the private signing key.

CA’s public key A public key that is used to verify the signature of a certificate, which CA generates using the CA’s private signing key paired with it.

CA's private signing key A private signing key that CA uses to sign certificates that it issues.

Audit logs A log recording the history of events, used to verify the validity of the activities of CA.

Audit collection system The system that collects audit logs relating to the activities of FX CA 2, which is a part of the FX CA 2 system.

Public key pair A pair of a public key and a private key of the public key cryptographic system.

Public key The private component of a public key pair that its owner securely retains. A public key is disclosed by being specified in a certificate.

A public key of a CA’s public key pair is used for verification of the signature of a certificate.

Private key The private component of a public key pair that its owner securely retains. A private key shall be stored so that no other than its owner can access it.

A private key of a CA’s public key pair is used for generation of a signature for a certificate, and therefore it may be called a private signing key.

Private signing key A private key whose usage is restricted to generation of signatures.

Signature verification keys A public key whose usage is restricted to verification of signatures.

Certificate A data object comprised of a public key and other information, which asserts that the owner of the public key has passed the registration process specified by the relevant certificate policy. The relevant CA signs it using its private signing key.

CA certificate A certificate that a CA issues to a subordinate CA, usage of which is restricted to verification of the signature of certificates that the subordinate CA issues.

7

Term Definition

Site certificate A certificate used to authenticate a site over networks. For example, when a SSL/TLS communication is established between a client and a server, the client authenticates the server based on a site certificate of the server.

Membership certificate A certificate issued to CA operator. The usage of a membership certificate is purpose of CA operator.

CA certificate For a CA certificate, a general term of a certificate that Product authority is issued from outside authority, and Product authority issues to outside authority.

Issuer The CA that issued the relevant certificate. It is the entity whose name appears as the issuer in the certificate.

Subscriber The owner of the public key that is specified in the relevant certificate. It is the entity whose name appears as the subject in the certificate. The subscriber of a certificate that FX CA 2 issues is either FX ECA 2 or an SS CA.

Relying party The entity that authenticates the subscriber of a certificate based on the public key specified in the certificate. For example, when a SSL/TLS connection is established between a client and a server, the client is a relying party of the site certificate that has been used for the establish of the connection.

Certificate Policy and Certification Practice Statement

A set of documents that describe policies and rules concerning the functions and operations of a CA. A relying party of a certificate may refer to the Certificate Policy and Certification Practice Statement to which the certificate is pursuant. It is recommended that documents of Certificate Policy and Certification Practice Statement is compliant to RFC 3647.

Certificate Policy and Certification Practice Statement is abbreviated to CP/CPS.

Activation To make an object such as a private key and a hardware cryptographic module ready for use.

For example, a private signing key can be used to generate a signature only when it is activated.

As another example, the operations to a hardware cryptographic module, including generation, destruction and use of a private key confined within the module, require prior activation of the module.

Inactivation To inactivate an object such as a private key and a hardware cryptographic module that has been activated.

FX Certification Authority 2 The certification authority that issues CA certificates to its subordinate CA’s including FX ECA 2 and Specific Service CA’s.

FX Endorsement Certification Authority 2

The certification authority that issues certificates necessary for the operation of the CA’s that FX operates. The certificates that FX ECA 2 issues include a Site Certificate issued to an SS CA and a Membership Certificate issued to an operator of a certification authority.

8

Term Definition

Specific Service Certification Authority

A certification authority that provides trust to the users of a particular service that FX operates. Division of FX that performs the operation of the relevant service also operates the corresponding Specific Service CA.

CP/CPS Abbreviation of Certificate Policy and Certification Practice Statement.

CSR Abbreviation of Certificate Signing Request. CSR includes information of the identity of the subject of the request and the public key to be specified in a requested certificate. CSR is compliant to a format standardized for usage in the Internet (e.g. PKCS #10).

CRL Abbreviation of Certificate Revocation List.

ARL Abbreviation of Authority Revocation List.

S/MIME A specification of a format and protocol for electronic mail, which provides the security functionality of encryption, integrity verification and non-repudiation of messages.

SSL Abbreviation of Secure Socket Layer.

A protocol of the network communication, that provides the security functionality of entity authentication, message encryption and prevention of unauthorized modification of messages.

Internet Draft The SSL Protocol Version 3.0, Netscape

TLS Abbreviation of Transport Layer Security.

TLS is an enhancement of SSL 3.0.

The latest version of the specification is as follows.

RFC 5246 The TLS Protocol Version 1.2, IETF

9

2. PUBLICATION AND REPOSITORY RESPONSIBILITIES

2.1. Repositories Repositories of FX CA 2 shall retain at least the following information items.

(1) Link certificates:

A certificate generated with an association to an event of the changeover of the FX CA 2’s

private signing key. Whenever the key changeover is performed, a pair of link certificates

shall be generated: one is a certificate that specifies the public key of the old key pair and is

signed using the private signing key of the new key pair; the other is a certificate that

specifies the public key of the new key pair and is signed using the private signing key of the

old key pair.

(2) CA Certificates

A certificate that FX CA 2 issues to a subordinate CA.

(3) Certificate revocation list:

A list of revoked CA certificates.

(4) Inter-authority certificate:

A certificate that another CA issues to FX CA 2.

(5) Authority revocation list:

A list of revoked self-signed certificates and revoked inter-authority certificates.

2.2. Publication of certification information FX CA 2 shall publish information concerning its activities including the following.

(1) The CRL’s retained by FX CA 2’s repositories.

(2) Certificate Policy and Certification Practice Statement specified by this document.

The publication shall be accessed by the following means.

http://www.fujixerox.co.jp/product/cap/fxca2.html

2.3. Time and frequency of publication FX CA 2 shall publish any update to the information specified in 2.2 as soon as the update is

made.

2.4. Access controls on repositories FX CA 2 shall protect any repository information by restricting access to the information,

including addition, deletion and modification of the information, to the operators who belong to

FX CAP Operating Group and are properly granted access rights.

10

However, the access control shall not apply to the public dissemination of the information

specified in 2.2 to be published.

11

3. IDENTIFICATION AND AUTHENTICATION

3.1. Naming 3.1.1. Types of names The name item to be specified in the issuer and subject fields of the certificates that FX CA 2

issues shall be an X.500 Distinguished Name (DN).

3.1.2. Need for names to be meaningful Names used in the certificates issued pursuant to this CP and CPS shall identify the person and

object in a meaningful way.

3.1.3. Anonymity or pseudonymity of subscribers Anonymity or pseudonymity of subscribers are not allowed in the certificates issued pursuant to

this CP and CPS.

3.1.4. Rules for interpreting various name forms No stipulation.

3.1.5. Uniqueness of names Names used in the certificates issued pursuant to this document shall uniquely identify the

person or object.

3.1.6. Recognition, authentication, and role of trademarks No stipulation.

3.2. Initial identity validation 3.2.1. Method to prove possession of private key Issuance of any certificate shall be based on a written direction (Certification Issuance

Instruction) by FX CAP Committee. FX CA 2 shall verify the validity of the Certificate Issuance

Instruction to verify possession of the private key by the subscriber.

The verification of the Certificate Issuance Instruction shall include the following items.

The Certificate Issuance Instruction is compliant to the format that FX CA 2 specifies.

The Certificate Issuance Instruction is approved by the Chair of FX CAP Committee.

FX CA 2 has not processed Certificate Issuance Instruction in the past.

The date of approval of the Certificate Issuance Instruction is not more than 10 days from the

date of acceptance of the Certificate Issuance Instruction by FX CA 2.

The expiration date of the certificate shall be later than the receipt date of the Certificate

Issuance Instruction.

12

The Certificate Signing Request mailed with Certificate Issuance Instruction is not changed

and altered.

The contents of the Certificate Issuance Instruction shall abide by the rules described herein.

3.2.2. Authentication of organization identity The subscribers of the certificates that FX CA 2 issues shall be certification authorities operated

by FX.

For the purpose of authenticating the organizational identity of the subscriber, FX CA 2 shall

verify the validity of the Certificate Issuance Instruction that FX CAP Committee submitted.

3.2.3. Authentication of individual identity For the purpose of authenticating the identity of the subscriber, FX CA 2 shall verify the validity of

the Certificate Issuance Instruction that FX CAP Committee submitted.

3.2.4. Non-verified subscriber information No stipulation.

3.2.5. Validation of authority No stipulation.

3.2.6. Criteria for interoperation No stipulation.

3.3. Identification and authentication for re-key requests 3.3.1. Identification and authentication for routine re-key The same as the specification of 3.2 applies.

3.3.2. Identification and authentication for re-key after revocation The same as the specification of 3.2 applies.

3.4. Identification and authentication for revocation request The same as the specification of 3.2 applies.

13

4. CERTIFICATE LIFE-CYCLE OPERATIONAL EQUIREMENTS

4.1. Certificate Application 4.1.1. Who can submit a certificate application The subscriber or FX shall request certificate issuance through the FX CAP Committee.

When the FX CAP Committee approves the certificate issuance, a Certificate Issuance

Instruction is sent to FX CA 2 in a safe manner after being approved by the Chair of the FX CAP

Committee.

4.1.2. Enrollment process and responsibilities When submitting a Certificate Issuance Instruction to FX CA 2, the FX CAP Committee shall be

responsible in ensuring that Subscriber CA fulfills the requirements specified in 1.3.2.

In addition, FX CA 2 shall verify the following items with respect to Certificate Issuance

Instruction that FX CAP Committee issues.

The Certificate Issuance Instruction is compliant to the format that FX CA 2 specifies.

The Certificate Issuance Instruction is properly approved by the Chair of FX CAP Committee.

Issuance or refusal of issuance has never been performed for Certificate Issuance

Instruction having the same contents, in the past.

The date of approval described in the Certificate Issuance Instruction is not more than 10

days prior to the date of acceptance of the Certificate Issuance Instruction by FX CA 2.

The due date of certificate issuance described in the Certificate Issuance Instruction is after

the date of acceptance.

CSR enclosed with Certificate Issuance Instruction is not replaced or falsified.

The contents of the Certificate Issuance Instruction are pursuant to the specifications of this

document.

As far as FX CA 2 succeeds in the verification specified above, FX CA 2 is exempted from liability

for any damages caused from the issuance and usage of the certificate.

4.2. Certificate application processing 4.2.1. Performing identification and authentication functions FX CA 2 identifies and authenticates the subscriber certification authority by verifying Certificate

Issuance Instruction authorized by FX CAP Committee.

14

4.2.2. Approval or rejection of certificate applications FX CA 2 shall issue the requested certificate as far as it succeeds in verification of the validity of

the Certificate Issuance Instruction as set forth in 4.1.2.

4.2.3. Time to process certificate applications FX CA 2 shall issue the requested certificate within 30 days after the acceptance of the

Certificate Issuance Instruction based on the verification of its validity.

4.3. Certificate issuance 4.3.1. CA actions during certificate issuance Root CA shall identify the public key and the subscriber specified in CSR, and shall generate the

requested certificate in compliance with the contents of Certificate Issuance Instruction.

FX CA 2 shall deliver the generated certificate to the destination specified in Certificate Issuance

Instruction.

4.3.2. Notification to subscriber by the CA of issuance of certificate FX CA 2 does not assume the obligation of notifying the issuance of a certificate.

4.4. Certificate acceptance 4.4.1. Conduct constituting certificate acceptance FX CA 2 assumes acceptance of a certificate by the recipient at the moment when sending it to

the recipient.

4.4.2. Publication of the certificate by the CA No stipulation.

4.4.3. Notification of certificate issuance by the CA to other entities No stipulation.

4.5. Key pair and certificate usage 4.5.1. Subscriber private key and certificate usage The subordinate certification authority shall use its private signing key only for the purpose of

generating signatures to the certificates and the CRL/ARLs that the subordinate certification

authority issues.

On the other hand, a certificate that FX CA 2 issues is used to verify the signature that the

certification authority generated.

4.5.2. Relying party public key and certificate usage A relying party of a certificate that FX CA 2 issues uses the certificate to verify the signatures to

the certificates and CRL/ARLs that the subordinate certification authority, which is identical with

the subscriber of the certificate, generated.

15

A Relying Party is responsible for determining whether to rely upon a certificate.

4.6. Certificate renewal 4.6.1. Circumstance for certificate renewal FX CAP Committee may instruct renewal of a certificate that FX CA 2 issued based on rational

reasons.

4.6.2. Who may request renewal FX CAP Committee shall request certificate renewal on behalf of the subscriber of a certificate or

FX.

4.6.3. Processing certificate renewal requests The renewal of a certificate requires that FX CA 2 verifies the validity of the document to request

the renewal at least in the following items.

The document is generated in compliance with the format that FX CA 2 specified.

The document was properly approved by FX CAP Committee Chair.

FX CA 2 did not accept a document requesting certificate renewal with the same contents in

the past.

The date of approval of the document is not more than 10 days prior to the date of

acceptance of the Certificate Issuance Instruction by FX CA 2.

The time of certificate renewal specified in the document is after the next operating day of

the date of acceptance.

CSR associated with the document is not replaced or tampered with.

The contents of the document are pursuant to the specification of this document.

FX CA 2 shall deliver the renewed certificate to the destination specified in the document

requesting the renewal.

4.6.4. Conduct constituting acceptance of a renewal certificate FX CA 2 assumes acceptance of the renewed certificate by the recipient at the moment when

sending it to the recipient.

4.6.5. Publication of the renewal certificate by the CA No stipulation.


16

4.7. Certificate re-key 4.7.1. Circumstance for certificate re-key FX CAP Committee may instruct re-key of a certificate that FX CA 2 issued based on rational

reasons.

For example, FX CAP Committee can instruct certificate re-key for the following reasons.

The subscriber of the certificate requests the re-key.

The private key of the subscriber is judged to be compromised.

4.7.2. Who may request certification of a new public key FX CAP Committee shall request certificate re-key on behalf of the subscriber of a certificate or

FX.

4.7.3. Processing certificate re-keying requests The re-key of a certificate requires that FX CA 2 verifies the validity of the document to request

the re-key at least in the following items.



FX CA 2 did not accept a document requesting certificate re-key with the same contents in

the past.



The time of certificate re-key specified in the document is after the next operating day of the

date of acceptance.

CSR associated with the document is not replaced or tampered with.


FX CA 2 shall deliver the re-keyed certificate to the destination specified in the document

requesting the re-key.

4.7.4. Notification of new certificate issuance to subscriber FX CA 2 assumes acceptance of the re-keyed certificate by the recipient at the moment when


4.7.5. Conduct constituting acceptance of a re-keyed certificate FX CA 2 assumes acceptance of the re-keyed certificate by the recipient at the moment when


17

4.7.6. Publication of the re-keyed certificate by the CA No stipulation.


4.8. Certificate modification 4.8.1. Circumstance for certificate modification FX CAP Committee may instruct modification of a certificate that FX CA 2 issued based on

rational reasons.

For example, FX CAP Committee can instruct certificate modification for the following reasons.

The subscriber of the certificate requests the re-key.

4.8.2. Who may request certificate modification FX CAP Committee shall request certificate modification on behalf of the subscriber of a

certificate or FX.

4.8.3. Processing certificate modification requests Modification of a certificate requires that FX CA 2 verifies the validity of the document to request

the re-key at least in the following items.



FX CA 2 did not accept a document requesting certificate modification with the same

contents in the past.



The time of certificate re-key specified in the document is after the next operating day of the

date of acceptance.


FX CA 2 shall deliver the modified certificate to the destination specified in the document

requesting the re-key.

4.8.4. Notification of new certificate issuance to subscriber FX CA 2 assumes acceptance of the modified certificate by the recipient at the moment when


18

4.8.5. Conduct constituting acceptance of modified certificate FX CA 2 assumes acceptance of the modified certificate by the recipient at the moment when


4.8.6. Publication of the modified certificate by the CA No stipulation.


4.9. Certificate revocation and suspension FX CA 2 shall not support the function of certificate suspension.

4.9.1. Circumstances for revocation FX CAP Committee may instruct revocation of a certificate that FX CA 2 issued based on rational

reasons.

For example, FX CAP Committee can instruct certificate revocation for the following reasons.

The subscriber of the certificate requests the revocation.

The private key of the subscriber is judged to be compromised.

4.9.2. Who can request revocation FX CAP Committee shall request revocation of a certificate on behalf of the subscriber of the

certificate or FX.

4.9.3. Procedure for revocation request Revocation of a certificate requires that FX CA 2 verifies the validity of the document to request

the revocation at least in the following items.



A certificate revocation and the revocation denial are not done on the basis for substances

which identify certificate revocation in history.

FX CA 2 did not accept a document requesting certificate revocation with the same contents

in the past.




19

4.9.4. Revocation request grace period FX CAP Committee shall request revocation of a certificate as quickly as possible after it

recognizes the necessity of the certificate revocation.

4.9.5. Time within which CA must process the revocation request FX CA 2 shall complete the revocation within one operating day after it accepts the document

requesting revocation of a certificate.

4.9.6. Revocation checking requirement for relying parties A relying party identifies revoked certificates by conferring CRL/ ARLs that FX CA 2 discloses.

4.9.7. CRL/ARL issuance frequency (if applicable) FX CA 2 shall issue a CRL/ARL with the validity period of 12 months once a half year on a

predetermined day.

In addition to the routine issuance of CRL/ARL, FX CA 2 shall issue a CRL/ARL within one

operating day after it revokes a certificate. The on-demand issuance of CRL/ARL shall never

influence the routine issuance of CRL/ARL.

4.9.8. Maximum latency for CRL/ARLs (if applicable) No stipulation.

4.9.9. On-line revocation/status checking availability FX CA 2 shall disclose CRL/ARL’s so that an arbitrary user may access it 24 hours a day, every

day.

However, it may not be accessible even within available hours due to system maintenance and

requirements for each CA.

The access to CRL/ARL shall be by means as set forth in 2.2.

4.9.10. On-line revocation checking requirements No stipulation.

4.9.11. Other forms of revocation advertisements available No stipulation.

4.9.12. Special requirements re-key compromise In addition to the stipulation stated above, FX CAP Committee shall hold a committee meeting to

determine measures to be taken as quickly as possible when the FX CA 2’s private signing keys

are recognized to be compromised. FX CAP Committee may take measures including the

following.

Termination of FX CA 2.

Changeover of FX CA 2 private signing keys.

20

Revocation of related certificates

Issuance of new certificates.

FX CA 2 shall disclose the fact of the compromise of its private signing keys and the measures

that it took in response to the emergency.

4.9.13. Circumstances for suspension No stipulation.

4.9.14. Who can request suspension No stipulation.

4.9.15. Procedure for suspension request No stipulation.

4.9.16. Limits on suspension period No stipulation.

4.10. Certificate status services FX CA 2 shall not assume the obligation to provide certificate status services except disclosure

of CRL.

4.10.1. Operational characteristics No stipulation.

4.10.2. Service availability No stipulation.

4.10.3. Optional features No stipulation.

4.11. End of subscription No stipulation.

4.12. Key escrow and recovery FX CA 2 shall not perform key escrow and recovery.

4.12.1. Key escrow and recovery policy and practices No stipulation.

4.12.2. Session key encapsulation and recovery policy and practices No stipulation.

21

5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS

5.1. Physical controls 5.1.1. Site location and construction The site location and construction, combined with other physical security protection

mechanisms, shall provide robust protection to minimize the damages by flood, earthquake, fire

and other disasters.

5.1.2. Physical access The FX CA 2 equipment shall always be protected from unauthorized access and entering and

leaving the facility housing the FX CA 2 equipment shall be appropriately restricted.

Access to each chamber housing the whole and a part of the FX CA 2 equipment as well as each

hardware of the FX CA 2 equipment shall be restricted by appropriate means including

multi-person control.

In particular, FX CAP Operating Manager shall permit requisite minimum personnel to access the

FX CAP equipment and the facility housing it, and shall always have clear recognition of the

personnel.

The facility housing the FX CA 2 equipment shall be monitored for unauthorized intrusion by

means of 24 hour, 365 day per year monitoring methods. In case of suspension of the monitoring

methods for the sake of maintenance and the like, appropriate alternative methods shall be

provided.

5.1.3. Power and air conditioning FX CA 2 shall have capability to provide electric power sufficient for the operation of its

equipment and have tolerance to momentary and temporary blackout, ground leakage and

fluctuation of voltage and frequency.

5.1.4. Water exposures The facility housing the FX CA 2 equipment shall be located so that it is safe from deluge,

typhoon and so forth. For example, the facility may be located at high stories of a building.

In addition, the FX CA 2 shall isolate the equipment from water supply facility and shall be protect

it against water exposure by additional waterproofing means.

5.1.5. Fire prevention and protection The facility housing the FX CA 2 equipment shall be equipped with fire resistant construction,

compartments, fire detecting devices and fire control equipment.

22

In addition, FX CA 2 shall isolate its equipment from any fire-relating facility such as gas pipes

and hot water apparatus, and shall prohibit any action causing fire including smoking in the

vicinity of its equipment.

5.1.6. Media storage Media that contain important data such as backup information shall be stored in cabinets which

are independently locked and protected from fire and water damage. In addition, the cabinets

shall be installed in access controlled areas.

Unlock of the cabinets and access to the media shall be performed pursuant to authorized

stipulation that belongs to FX CAP Operating Group under multi-person control.

5.1.7. Waste disposal Documents and media that contain confidential information shall be disposed by means such

that retrieval of the information from the disposed documents and media is practically impossible

(electromagnetic erasure and physical fracture).

5.1.8. Off-site backup No stipulation.

5.2. Procedural controls 5.2.1. Trusted roles In the following, a description of FX CAP Committee, FX CAP Operating Group and Auditor

Group is given. In summary, FX CAP Committee is a supervising organization of FX CA 2 and

retains rights decide important matters (e.g. policies) with respect to the activities of FX CA 2.

Also, FX CA 2 Operating Group performs actual operations of FX CA 2, and Auditor Group does

audits over the activities and the compliance of FX CA 2. Although FX CAP Committee is not a

part of FX CA 2, a brief description will be given here since it plays an important role in this PKI.

23

FX CAP CommitteeChair

FX CAP Operating ManagerLiaisons from:

Division operating specific servicesDivision responsible for quality control

(Legal section)

FX CAP Operating GroupOperating Manager

Private Key AdministratorsOperators

Auditor GroupAuditors

Operation audit

Operation assignment check

Auditresultsreport

Figure 1: Organization

5.2.1.1. FX CAP Committee FX CAP Committee is responsible for supervising the operation of FX CA 2 pursuant to the

specification of this document and other documents derived from this document.

FX CAP Committee shall have the rights to make final decision regarding the following issues

and shall be externally responsible for the decision.

1. Issues regarding the opening and termination of specific service authority.

2. Issues relating approval, lapse and update of this document and other documents derived

from this document.

3. Issues regarding mutual authentication of other CA’s, in particular issues regarding approval

of CP/CPS of other CA’s.

4. Issues regarding personnel affairs of FX CA 2.

5. Issues regarding information to be externally publicized.

24

6. Issues regarding personnel education including approval of the material, program and

schedule.

7. Other important issues relating the operation of FX CA 2.

8. Issues relating compromise of FX CA 2’s private signing keys.

9. Issues regarding approval of the results of audits of FX CA 2.

10. Issues regarding approval of the result of CA audits for policy compliance pursuant to this

document and other documents derived from this document.

11. Other important issues relating the safeness of FX CA 2.

The organization of FX CAP Committee shall at least fulfill the following requisite conditions.

The chair of FX CAP Committee shall be either the operating officer who is responsible for

FX's information policies or one to whom authority is transferred from the officer.

FX CAP Committee shall include the managers of Operating Group and Auditor Group.

FX CAP Committee shall include liaisons from divisions that operate specific services.

FX CAP Committee shall include liaisons from divisions that are responsible for quality

control of subordinate CA’s.

5.2.1.2. FX CAP Operating Group The scope of the responsibility of FX CAP Operating Group shall include the following issues:

1. Administration and maintenance of the FX CA 2 equipment.

2. Activities relating to certificate issuance based on instructions by FX CAP Committee.

3. Other activities based on instructions by FX CAP Committee.

FX CAP Operating Manager

FX CAP Operating Manager is responsible for supervising overall activities of FX CAP Operating

Group and shall have the following rights and responsibilities.

Selection of FX CAP Operating Group members

Call of FX CAP Operating Group meetings

Final decision on issues discussed in FX CAP Operating Group meetings.

Decision of actions against emergencies and supervision of performing them.

Operation to enroll, change and delete access rights of operating personnel.

Instructions and supervision of other activities relating to the operation of FX CA 2.

25

The Chair of FX CAP Committee shall be responsible for assignment of FX CAP Operating

Manager.

Private Key Administrator

The private key administrators shall be responsible for maintenance, administration and usage of

the FX CA 2’s private signing keys and shall perform the following:

Administration and usage of the physical keys to unlock the cabinets that contain hardware

cryptographic modules.

Administration and usage of the smartcards to activate the functions of hardware

cryptographic modules.

Operation of hardware cryptographic modules including generation, changeover, activation,

deactivation, usage (i.e. signing certificates), backup and restoring of FX CA 2’s private

signing keys.

Operator

Operators shall engage in actual operation of the systems of the FX CA 2 equipment including

the following.

Operation of the systems of the FX CA 2 equipment except for activation, suspension and

configuration change of the systems.

Maintenance of the systems of the FX CA 2 equipment.

Maintenance of the environment of the operation of FX CA 2.

Generation of archival.

Administration of operations

5.2.1.3. Auditor group Auditor Group is independent of Operating Group. Auditors shall engage in audit activities

including the following:

Maintaining audit logs and performing internal audits of FX CA 2.

The Auditor Group shall perform an internal audit regularly and shall report the results to FX CAP

Committee.

5.2.2. Number of persons required per task The numbers of personnel belonging to FX CAP Operating Group and Auditor Group shall fulfill

the following requisite conditions.

26

Table 1: Number of personnel and role separation

Role Number of personnel Roles not to be combined

Operating Officer 1 Auditor

Private Key Administrator No less than 2 Auditor

Operator No less than 2 Auditor

Auditor group No less than 2 Operating Officer, Private Key

Administrator, Operator

5.2.3. Identification and authentication for each role The entry/exit to the CA facilities and access to the CA system can be controlled, depending on

individual roles. In addition, the entry/exit to the CA facilities and access to the CA system shall

be based on authentication of individual personnel.

5.2.4. Roles requiring separation of duties Personnel belonging to Auditor Group shall abide by the rules of Table 1 when assigned with

other roles in FX CAP Operating Group, since he/she is required to ensure the neutrality as an

Auditor.

5.3. Personnel controls 5.3.1. Qualifications, experience, and clearance requirements Personnel assigned to each role of FX CAP Operating Group and Auditor Group shall fulfill the

following requisite conditions.

Operating Manager and Auditor shall have a detailed knowledge of the contents of this

document and other documents derived from this document and shall keep high morals as a

member of industry.

Private Key Administrator shall understand the social responsibility posed on CA, shall have

a detailed knowledge of the contents of this document and other documents derived from

this document and shall keep high morals as a member of industry. In addition, Auditor shall

have a knowledge, at least in principle, of the technologies relating to the activities of CA.

Operator shall have a detailed knowledge of the part of the contents of this document and

other documents derived from this document that specifies or is related to the operations by

Operator. In addition, Operator shall have a detailed knowledge of the technologies

necessary for the operation of the FX CA 2 equipment.

27

FX CAP Committee shall appoint personnel for the roles of Operating Manager and Auditor, and

FX CAP Committee Chair shall authorize the appointment. Operating Manager shall appoint

personnel for the roles of Private Key Administrator and FX CAP Committee shall authorize the

appointment..Also, Operating Manager shall appoint personnel for the roles of Operator.

5.3.2. Background check procedures Detailed requirements for assigning personnel of FXCAP CA operation group and audit group

shall be provided in FX internal rules.

5.3.3. Training requirements All personnel performing duties with respect to the operation of the FX CA 2 shall receive

comprehensive training based on programs authorized by FX CAP Committee. Training shall be

conducted in the following areas.

A. Social responsibilities of Certification Authority.

B. Stipulations specified by this document and other documents derived from this document.

C. Technologies relating to the operations of Certification Authorities.

5.3.4. Retraining frequency and requirements All the personnel performing duties with respect to the operation of FX CA 2 shall receive training

before they initially start to perform the duties as well as at least once per year.

All the personnel belonging to Operating Group or Auditor Group shall be informed of any

authorized changes to the contents of this document and other documents derived from this

document as quickly as possible.

5.3.5. Job rotation frequency and sequence No stipulation.

5.3.6. Sanctions for unauthorized actions No stipulation.

5.3.7. Independent contractor requirements Requirements relating to an event of consignment of business activities shall be written in a

contract that the FX legal division authorizes.

The contract shall include at least stipulations specifying confidentiality obligation, compliance to

FX bylaws and compensation for damage from non-compliance with contractual obligations.

5.3.8. Documentation supplied to personnel No stipulation.

28

5.4. Audit logging procedures Audit Group shall perform log auditing in order to confirm safety and reliability of FX CA 2

operations. When a significant event occurs in the events recorded in audit logs, Audit Group

shall verify the audit logs with relevant records to confirm whether a wrong operation or an

incorrect service is not performed.

An external Auditor Group shall conduct regular audits of compliance for FX CAP Committee and

FXCAP entire operations. The external Auditor Group shall also conduct an extra audit of

compliance, when it judges the requirement.

5.4.1. Types of events recorded From a wide variety of events that occurs in the activities of FX CA 2, all the events that may

have an important impact to the operation of FX CA 2 shall be recorded in the audit logs.

Accordingly, the audit logs shall include at a minimum the following:

Generation, destruction and use of FX CA 2’s private signing keys

Events relating to the lifecycle management of certificates that FX CA 2 issues

The following information relevant to each event shall be recorded:

The type of the event.

Date and time when the event occurred.

Results of the event.

Causes of the event (instruction, operator, system names, etc.)

5.4.2. Frequency of processing log Auditor Group shall review audit logs with the frequency as set forth in Table 2.

5.4.3. Retention period for audit log Audit logs may be retained in storages of the FX CA 2 equipment and/or in external storage

media such as CD-R.

Audit logs shall be automatically recorded in storages of the FX CA 2 equipment at the moment

when the event to be recorded occurred. Audit logs that are retained in storage of the FX CA 2

equipment is referred to as onsite logs. In addition, Auditor shall retain audit logs onsite for at

least the duration specified in Table 3 and shall copy them to external storage media in cycles of

the same duration. The audit logs to be copied shall include the audit logs that were recorded

after the time point when copies of audit logs had been made last time. The audit logs retained

on external storage media are referred to as offsite logs. Table 3 specifies the retention periods

for the onsite and offsite logs.

29

5.4.4. Protection of audit log FX CA 2 shall take measures so that audit logs shall not be lost for any reasons such as disaster

and theft or shall not be modified.

5.4.5. Audit log backup procedures Backup of audit logs shall be performed in the presence of at least two Auditors, through cross

checking of each other’s work and supervision of actions.

Backup of audit logs shall be performed according to the specified procedures.

Table 3 specifies the retention period of backups.

5.4.6. Audit collection system (internal vs. external) The audit collection system shall be a part of the FX CA 2 equipment.

5.4.7. Notification to event-causing subject The notice that an event was audited shall not provided to the operator who caused the event.

5.4.8. Vulnerability assessments When vulnerability was found in security inspection, the audit procedures shall include

vulnerability assessments regarding the operation.

Table 2: Time restriction relating to audit issues

Duties Time restrictions

Inspection of audit logs When an important event occurs, an audit shall be conducted on

the date specified in the procedures. If the specified date is a

non-business day, it shall be conducted on a closest business day.

Retention period of onsite

audit logs

No shorter than a month.

Retention period of offsite

audit logs

No shorter than 3 years.

Retention period of backup of

audit logs

No shorter than 3 years.

5.5. Records archival Operator shall archive the data hereinafter set forth on a routine basis for the following purposes.

30

To retroactively check the operation history in response to an inquiry or a claim by a

customer or others.

To re-issue the certificates and CRL that are valid at the moment when the data necessary

for the operations of FX CA 2 are lost due to a disaster, incident and so forth.

5.5.1. Types of records archived The following information shall be archived, at a minimum, in order to achieve the purposes

stated in above.

This CP/CPS

Certificate

CRL/ARL

Audit logs

The FX CA 2 private signing keys shall not be archived.

5.5.2. Retention period for archive The archive shall be retained as far as this service continues. However, regarding for the audit

logs, the description of 5.4.3 in this CPS shall be followed.

Table 3: Time restriction relating to archive records

Duties Time restrictions

Generation of archives When an important event occurs, an audit shall be conducted on the

date specified in the procedures. If the specified date is a

non-business day, it shall be conducted on a closest business day.

Inspection of archives Archive shall be inspected on the date scheduled in the fiscal year

plan. Inspection shall be conducted, whenever it is required.

Retention of archives 10 years or more.

5.5.3. Protection of archive FX CA 2 shall take measures so that archive records shall not be lost for any reasons such as

disaster and theft or shall not be modified.

5.5.4. Archive backup procedures No stipulation.

31

5.5.5. Requirements for time-stamping of records No stipulation.

5.5.6. Archive collection system (internal vs. external) No stipulation.

5.5.7. Procedures to obtain and verify archive information The inspection of loss and falsification of archive records shall be conducted at least once a year,

at the discretion of Audit Group.

5.6. Key changeover When an FX CA 2’s private signing key is to be changed, FX CAP Committee shall give a written

instruction to FX CA 2.

FX CA 2 shall verify the document requesting the key changeover at least for the items stated

below.



FX CA 2 did not accept a document requesting key changeover with the same contents in

the past.



The time of key changeover specified in the document is after the next operating day of the

date of acceptance.


When FX CA 2 performs key changeover, it shall revoke the certificates that were signed using

the old key.

5.7. Compromise and disaster recovery 5.7.1. Incident and compromise handling procedures FX CAP Chair shall recognize the facts of incident and compromise and shall order FX CA 2 to

take necessary measures.

5.7.2. Computing resources, software, and/or data are corrupted FX CA 2 shall retain spares of equipments and machineries as well as backup of software and

data, and shall reestablish its operation using the spares and backup as quickly as possible in

case that the equipments, machineries, software or data are destroyed.

32

5.7.3. Entity private key compromise procedures In case of compromise of FX CA 2’s private signing keys, FX CAP Committee Chair shall call a

meeting at soon and recognize the fact of the compromise and shall identify necessary

measures to be taken. FX CAP Committee may take measures including the following.

Termination of FX CA 2.

Changeover of FX CA 2’s private signing keys.

Revocation of related certificates

Issue of new certificate.

FX CA 2 shall disclose the fact of the compromise of its private signing keys and the measures

that FX CA 2 took.

5.7.4. Business continuity capabilities after a disaster FX CA 2 shall reestablish its operation as quickly as possible using spares of equipments and

machineries and backup of software and data.

5.8. CA or RA termination FX CAP Committee retains the rights to make final decision regarding the termination of FX CA

2.

FX CA 2 Operating Group shall perform the following tasks in response to the decision of the

termination.

Backup software and data.

Reposit backup and archive records.

In addition, FX CAP Committee shall specify the following.

Organization that performs administration of backup and archive records and responds to

inquiries and claims.

33

6. TECHNICAL SECURITY CONTROLS

6.1. Key pair generation and installation 6.1.1. Key pair generation Private Key Administrator of Operating Group shall generate FX CA 2’s public key pairs utilizing

functions of cryptographic modules.

The generation of FX CA 2’s public key pairs shall be under the multiple-person control, and

hence it shall be performed in the presence of plural Private Key Administrators.

The private signing keys of the key pairs shall be confined within the cryptographic modules

except for their backup generated in accordance with the authorized procedures.

A subscriber is responsible for generation of public key pairs that the subscriber uses for its own

sake. However, the generation of public key pairs shall never be subject to less secure hardware

cryptographic modules or less secure operation regulation than FX CA 2.

6.1.2. Private key delivery to subscriber No private key delivery of Root private keys shall not be performed, since the receiver of a Root

private key generates it utilizing functions of Root.

6.1.3. Public key delivery to certificate issuer FX CAP Committee shall send the public key of a generated public key pair specifying it in a

message in accordance with CSR.

The CSR may be specified in a document requesting issuance of the related certificate, may be

recorded in storage media that is to be attached to the document, and may be transferred

through secured communication channels. In any case, FX CAP Committee shall employ

measures to prevent the CSR from being replaced or being tampered with.

6.1.4. CA public key delivery to relying parties FX CA 2’s public keys shall be disclosed via the repositories of FX CA 2 by appropriate means

with functions to prevent unauthorized modification and replacement of the keys. In addition, FX

CA 2 shall verify the validity of the public keys disclosed via the repositories on a regular basis.

A subordinate CA may deploy arbitrary means to deliver the public key in addition to delivery via

FX CA 2’s repositories. Even in the case, the public key shall be protected from replacement

and tampering at least at the same level as FX CA 2. FX CAP Committee shall assume the

obligation of confirming that the subordinate CA is taking measures to keep the security of the

public key.

6.1.5. Key sizes A CA’s public key pair of FX CA 2 shall comply fully with the RSA public key algorithm identified

34

and shall include a 2048-bit-long modulus.

6.1.6. Public key parameters generation and quality checking The modulus of an RSA public key pair shall be generated using a pseudo-random number

generating algorithm whose output clears high-level criteria of randomness, and further shall not

be subject to known attacks that take advantage of vulnerability of module such as those attacks

based on the Fermat method of factoring numbers.

6.1.7. Key usage purposes (as per X.509 v3 key usage field) The purposes of usage of FX CA 2’s public key pairs shall be restricted to the following.

Generation of signature to certificates that FX CA 2 issues to subordinate CA’s and

verification of the signature.

Generation of signature to CRL/ARL that FX CA 2 issues to subordinate CA’s and verification

of the signature.

6.2. Private Key Protection and Cryptographic Module Engineering Controls

6.2.1. Cryptographic module standards and controls All of generation, backup, restoring, destruction and changeover of FX CA 2’s private signing

keys shall be performed by functions of cryptographic modules.

The cryptographic modules that FX CA 2 deploys shall fulfill the requisites stated below.

The processes of generation and use of private keys shall be throughout confined within the

modules.

In particular, the private keys shall be protect to unauthorized accesses by means such as

encryption and tamper-resistant techniques.

The functions of the modules, except for backup and restore of the private keys, shall not

require output of the private keys to the outside of the modules or input of the private keys

into the modules.

Activation of hardware cryptographic modules shall require 2 separate smartcards to be

inserted.

The FX CA 2 equipment shall be equipped with means to restrict access to the operations

performance of which necessarily involves access to FX CA 2’s private signing key, and the

restriction of the access shall be performed based on authentication of identity and rights.

The modules shall be validated in accordance with the FIPS 140 Level 3 requirements.

35

FX CA 2 shall verify that the manufacturers of the modules performed appropriate quality

management including the document-based process management when they manufactured

the modules.

FX CA 2 shall select trusted traders for purchase and transportation of the cryptographic

modules.

The cryptographic modules shall be installed in locked cabinets placed in rooms access to which

is restricted based on authentication of identity and rights.

In case of disposal, the cryptographic modules shall be destroyed by means of electromagnetic

erasure, physical fracture and so forth so that the stored data including private keys shall not be

retrieved any longer.

Personnel of FX CAP Operating Group shall supervise the events of purchase, transportation,

installation and disposal of cryptographic modules, and shall generate records of the processes

and results of the events.

6.2.2. Private key (n out of m) multi-person control Any operation to FX CA 2’s private signing keys shall be performed in the presence of plural

Private Key Administrator.

To enforce the multi-person control, hardware cryptographic modules shall be designed so that

its activation shall require 2 separate smartcards to be inserted.

6.2.3. Private key escrow Private key escrow shall not be performed.

6.2.4. Private key backup Backup of FX CA 2’s private signing keys shall be generated and shall be stored in external

storage media in case where the keys stored in the cryptographic modules are lost or damaged.

The backup of FX CA 2’s private signing keys stored in external storage media shall be protected

by means including the following.

The keys shall be encrypted.

The format of the storage media shall not allow modification, deletion or addition of data

recorded on them

Decryption (restoring) of the encrypted keys shall be performed inside the cryptographic

modules.

Restoring of private signing keys shall be performed only by utilizing the corresponding function

of the hardware cryptographic modules in which the keys are restored, and the performance of

the function shall be activated only when the modules recognize two separate smartcards.

36

At least a single set of the storage media that store the backup of private keys shall be kept in a

locked safe such that it is opened in the presence of multiple personnel including at least one

Private Key Administrator.

6.2.5. Private key archival Private key archival shall not be performed.

6.2.6. Private key transfer into or from a cryptographic module FX CA 2’s private signing keys shall be generated inside the cryptographic modules only using

functions of the modules, and hence input of private keys into the modules shall be restricted to

the case of restoring the keys from backup in case of loss of the private key stored in the

modules.

In the same way, output of the private key from the cryptographic modules shall be restricted to

the case of generating backup of the keys.

Input and output of FX CA 2’s private signing keys to and from the cryptographic modules shall

require the presence of multiple Private Key Administrators.

6.2.7. Private key storage on cryptographic module FX CA 2’s private signing keys shall be stored inside the cryptographic modules.

6.2.8. Method of activating private key Activation of FX CA 2’s private signing keys requires an operation of the cryptographic modules,

and none other than Private Key Administrator shall not perform the operation necessary to

activate the keys.

The operation of the cryptographic modules to activate FX CA 2’s private keys shall require the

presence of multiple Private Key Administrators.

Once a FX CA 2’s private signing key is activated, it shall continue to be active until it is explicitly

deactivated.

6.2.9. Method of deactivating private key Private Key Administrators may deactivate private signing keys of FX CA 2 by utilizing functions

of hardware cryptographic modules.

6.2.10. Method of destroying private key Destruction of FX CA 2’s private signing keys shall require the presence of multiple Private Key

Administrators operating the cryptographic modules.

In case of disposal of storage media storing backup of FX CA 2’s private signing keys, the media

shall be destroyed by means such as electromagnetic erasure, physical fracture and so forth so

that the keys shall not be retrieved from the disposed media.

37

6.2.11. Cryptographic Module Rating The cryptographic modules that FX CA 2 deploys shall meet or exceed Security Level 3 specified

by FIPS 140-2.

6.3. Other aspects of key pair management 6.3.1. Public key archival No stipulation.

6.3.2. Certificate operational periods and key pair usage periods The expiration date of a certificate that FX CA 2 issues shall not exceed that of the FX CA 2’s

public key pair that FX CA 2 used to sign the certificate.

In addition, the validity period of FX CA 2’s public key pairs shall be 10 years.

6.4. Activation data 6.4.1. Activation data generation and installation In FX CA 2 system, access to hardware cryptographic modules shall be controlled based on

authentication of individuals and rights.

In fact, access to hardware cryptographic modules shall require authentication based on

smartcards to be inserted, retained by Private Key Administrators, and passwords to activate the

smartcards.

6.4.2. Activation data protection Access to activation data recorded in a smartcard shall be restricted by the access control

functionality of the smartcard.

The password to activate the smartcard shall have sufficient length and sufficient variety in

characters so that it shall not be subject to attacks of guessing it (e.g. the dictionary attack). The

length, character variety, validity period and other administrative factors of the password shall be

pursuant to written stipulations, which may be in conformance with standards such as FIPS 112.

6.4.3. Other aspects of activation data No stipulation.

6.5. Computer security controls 6.5.1. Specific computer security technical requirements The following computer security functions may be provided by the operating system, or through a

combination of operating system, software and hardware. The computers used to perform

duties with respect to the operation of FX CA 2 and its ancillary parts shall include the following

functionality.

Require authenticated logins.

38

Provide Discretionary Access Control.

Provide a security audit capability.

Restrict access control to FX CA 2 services.

Enforce separation of duties for roles.

Require use of cryptography for session communication and database security.

Provide a capability for audits of the operation of FX CA 2.

6.5.2. Computer security rating No stipulation.

6.6. Life cycle technical controls 6.6.1. System development controls System development for services of FX CA 2 and its ancillary parts shall fulfill the requisites

stated below.

Use software and equipments that have been designed and developed with appropriate

quality management based on, for example, a formal, documented development

methodology

Hardware and software developed specifically for FX CA 2 shall be developed under control

with respect to personnel, organization and environment (e.g. network, software and

equipments for development, physical environment) aspects, and the development process

shall be defined and documented. In particular, to prevent leak of confidential information

relating to the development, FX CA 2 shall assign trusted developers, enforce training to

them, restrict access to documents and restrict entering and leaving of the development

spaces.

FX CA 2 shall select trusted traders for purchase and transportation of hardware

equipments.

Software and hardware equipments of FX CA 2 and its ancillary parts shall not be used for

purposes other than their initially planned ones.

Proper care shall be taken to prevent malicious software from being installed. For example,

FX CA 2 shall assign trusted vender for purchase of software and shall scan purchased

software for malicious code.

The same stipulations as the above shall apply to the operation of maintenance and update of

the systems of FX CA 2 and its ancillary parts.

39

6.6.2. Security management controls The configuration of the FX CA 2 system and any modification and upgrades shall be

documented and stored for a predetermined time period.

The FX CA 2 software, when first installed, shall be verified as being the version intended for use

and being that supplied from the vender with no modifications.

6.6.3. Life cycle security controls No stipulation.

6.7. Network security controls The FX CA 2 equipment shall be isolated from any networks including the FX intranet.

6.8. Time-stamping No stipulation.

40

7. CERTIFICATE, CRL/ARL, AND OCSP PROFILES

7.1. Certificate profile 7.1.1. Version number(s) FX CA 2 shall issue X.509 v3 certificates.

7.1.2. Certificate extensions No stipulation.

7.1.3. Algorithm object identifiers FX CA 2 shall generate signatures to the certificates that it issues in accordance with the

algorithm identified by the following OID.

sha-1WithRSAEncryption {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 5}

7.1.4. Name forms The issuer and subject fields shall be populated with an X.500 Distinguished Name.

7.1.5. Name constraints No stipulation.

7.1.6. Certificate policy object identifier The certificates that FX CA 2 issues shall assert the following certificate policy object identifier.

CP and CPS for FX CA 2 1.3.6.1.4.1.297.1.5.1.12

7.1.7. Usage of Policy Constraints extension No stipulation.

7.1.8. Policy qualifiers syntax and semantics No stipulation.

7.1.9. Processing semantics for the critical Certificate Policies extension No stipulation.

7.2. CRL/ARL profile 7.2.1. Version number(s) FX CA 2 shall issue X.509 v2 CRL’s.

7.2.2. CRL/ARL and CRL/ARL entry extensions No stipulation.

7.3. OCSP profile FX CA 2 does not support the service of OCSP.

41

7.3.1. Version number(s) No stipulation.

7.3.2. OCSP extensions No stipulation.

42

8. COMPLIANCE AUDIT AND OTHER ASSESSMENTS

8.1. Frequency or circumstances of assessment Audits to ensure that the operations and ancillary activities of FX CA 2 are compliant to the

requirements of CP and CPS of this document, shall be performed at the following points of time:

Once a year on a predetermined date.

Whenever a serious violation is found in FX CA 2 certification activities.

Whenever FX CAP Committee recognizes necessity of the performance.

8.2. Identity/qualifications of assessor An auditor who belongs to an external Auditor Group shall perform the compliance audit.

8.3. Assessor’s relationship to assessed entity An auditor shall be independent of all of the operations of certification activities specified in this

document.

8.4. Topics covered by assessment All the operations specified in this CPS, except for the audit activities, shall be in the scope of

the assessment.

8.5. Actions taken as a result of deficiency The external Auditor Group shall present the results of the compliance audits to FX CAP

Committee.

On receipt of the report, FX CAP Committee shall review the report, and, in case where it

recognizes a violation, appropriate measures are to be taken to correct the reported violation as

quickly as possible.

FX CAP Committee may take the following measures to correct the violation.

Closing of FX CA 2.

Limited-term or unlimited-term suspension of a part or the whole of the operation of FX CA 2.

Questioning to Operating Manager or a responsible individuals by FX CAP Committee.

Replacement of Operating Manager or responsible individuals.

Further assessment by a committee comprised of individuals who are fully independent of

the operation of FX CA 2.

43

8.6. Communication of results The external Auditor Group shall create a documentation of the audit results and shall submit the

report to the Chair of FX CAP Committee. Reporting by Auditor shall be performed directly, not

indirectly through other people.

On receipt of the report, the Chair of FX CAP Committee shall summon a meeting of FX CAP

Committee to examine the contents of the report.

If the compliance to CP/CPS is recognized as the result of the evaluation, the FX CAP

Committee shall authorize the report.

On the contrary, if any violation against this CP/CPS is recognized, corrective measures shall be

discussed and instructed by FX CAP Committee.

In case of emergency, the Chair of FX CAP Committee may order the implementation of

temporary measures prior to holding of FX CAP Committee meeting. Even in such case, the

Chair of FX CAP Committee is not exempted from holding an FX CAP Committee meeting, and

the final measures, in resolving the violation, shall be agreed by FX CAP Committee.

44

9. OTHER BUSINESS AND LEGAL MATTERS

9.1. Fees 9.1.1. Certificate issuance or renewal fees No stipulation.

9.1.2. Certificate access fees No stipulation.

9.1.3. Revocation or status information access fees No stipulation.

9.1.4. Fees for other services No stipulation.

9.1.5. Refund policy No stipulation.

9.2. Financial responsibility 9.2.1. Insurance coverage No stipulation.

9.2.2. Other assets No stipulation.

9.2.3. Insurance or warranty coverage for end-entities No stipulation.

9.3. Confidentiality of business information Since FX CA 2 does not acquire business information from any entities other than FX, no

stipulation is given to this issue.

9.3.1. Scope of confidential information No stipulation.

9.3.2. Information not within the scope of confidential information No stipulation.

9.3.3. Responsibility to protect confidential information No stipulation.

9.4. Privacy of personal information Since FX CA 2 does not acquire any personal information, no stipulation is given to this issue.

45

9.4.1. Privacy plan No stipulation.

9.4.2. Information treated as private No stipulation.

9.4.3. Information not deemed private No stipulation.

9.4.4. Responsibility to protect private information No stipulation.

9.4.5. Notice and consent to use private information No stipulation.

9.4.6. Disclosure pursuant to judicial or administrative process No stipulation.

9.4.7. Other information disclosure circumstances No stipulation.

9.5. Intellectual property rights No stipulation.

9.6. Representations and warranties 9.6.1. CA representations and warranties No stipulation.

9.6.2. RA representations and warranties No stipulation.

9.6.3. Subscriber representations and warranties No stipulation.

9.6.4. Relying party representations and warranties No stipulation.

9.6.5. Representations and warranties of other participants No stipulation.

9.7. Disclaimers of warranties No stipulation.

9.8. Limitations of liability No stipulation.

46

9.9. Indemnities No stipulation.

9.10. Term and termination 9.10.1. Term No stipulation.

9.10.2. Termination No stipulation.

9.10.3. Effect of termination and survival No stipulation.

9.11. Individual notices and communications with participants No stipulation.

9.12. Amendments 9.12.1. Procedure for amendment FX CAP Committee retains rights to amend this document.

After FX CAP Committee authorizes amendment of this document, the amended version shall be

disclosed by means specified 2.2 of this document. Moreover, the amended version becomes

valid at the moment of the disclosure.

9.12.2. Notification mechanism and period In principle, amendment of this document need not to be notified to clients of FX prior to its

disclosure as specified in 2.2 of this document.

However, if FX CAP Committee recognizes that the amendment would have a significant impact

to existing clients of FX, FX CAP Committee may notify the amendment prior to its disclosure by

any means.

9.12.3. Circumstances under which OID must be changed No stipulation.

9.13. Dispute resolution provisions No stipulation.

9.14. Governing law No stipulation.

9.15. Compliance with applicable law No stipulation.

47

9.16. Miscellaneous provisions 9.16.1. Entire agreement No stipulation.

9.16.2. Assignment No stipulation.

9.16.3. Severability No stipulation.

9.16.4. Enforcement (attorneys’ fees and waiver of rights) No stipulation.

9.16.5. Force Majeure No stipulation.

9.17. Other provisions No stipulation.

Fuji Xerox Certification Authority 2 Certificate Policy and … · 2017-11-30 · 4.4. Certificate...

Documents

Transcript of Fuji Xerox Certification Authority 2 Certificate Policy and … · 2017-11-30 · 4.4. Certificate...