ACP 185
ACP 185
ACP 185
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
UNCLASSIFIED<br />
ANNEX A TO<br />
<strong>ACP</strong> <strong>185</strong><br />
1.21.6 Publication of the renewal certificate by the CA<br />
CA Certificates and Subscriber appropriate certificates shall be published to appropriate<br />
repositories, including those needed to support cross-certification with the NDPKI of another<br />
CCEB nation.<br />
1.21.7 Notification of certificate issuance by the CA to other entities<br />
NDPKI shall notify other NDPKIs when renewing a cross-certificate.<br />
1.22 Certificate Re-Key<br />
1.22.1 Circumstance for certificate re-key<br />
Circumstances for certificate re-key, shall be defined by the NDPKI PMA.<br />
The NDPKI PMA shall define which circumstances initiating re-key require revocation of the<br />
current certificate.<br />
1.22.2 Who may request certification of a new public key<br />
Certificate re-key may be requested by the:<br />
• NDPKI PMA.<br />
• Subscriber or the PKI Sponsor<br />
• CMA on behalf of the Subscriber.<br />
1.22.3 Processing certificate re-keying requests<br />
The certificate rekey processes shall be dealt with in accordance with NDPKI CP .<br />
1.22.4 Notification of new certificate issuance to Subscriber<br />
If the Subscriber does not directly participate in the process, the PKI shall notify the Subscriber<br />
of the issuance of a new certificate. Where the Subscriber directly participates in the issue of the<br />
renewed certificate there is no stipulation.<br />
1.22.5 Conduct constituting acceptance of a re-keyed certificate<br />
The Subscriber’s failure to object to the issuance of the rekeyed certificate shall constitute<br />
acceptance. Use of the certificate constitutes acceptance.<br />
Uncontrolled copy when printed<br />
1.22.6 Publication of the re-keyed certificate by the CA<br />
Re-keyed CA Certificates and Subscriber appropriate certificates shall be published to<br />
appropriate repositories, including those needed to support cross-certification with the NDPKI of<br />
another CCEB nation.<br />
A-13<br />
UNCLASSIFIED