Treasury Board of Canada, Secretariat - Government of Canada
Skip all menus Skip first menu
,  Français  Contact Us  Help  Search  Canada Site
     What's New  About Us  Policies  Documents  TBS Site
   Calendar  Links  FAQs  Presentations  Home
,
Chief Information Officer Branch
Enterprise Architecture and Standards
Information Technology Security
Public Key Infrastructure
PKI for Beginners
Government of Canada PKI
PKI in Practice
Cross-Certification
PKI Guidance Documents
Secure Electronic Signatures and Recognized Certification Authorities
ÿ Recognized Certification Authorities
ÿ Recognition Process

Find Information:
by Subject [ A to Z ] by Sub-site
Versions:  
Print Version Print Version
Related Subjects:
Authentication
Electronic Commerce
Electronic Service Delivery
Information Technology
Internet
Privacy
Public Key Infrastructure
Risk Management
Security
Feedback on Website
, 		,
Secure Electronic Signature Regulations Recognition Process
,

Before recognizing a person or entity as a certification authority, the President of the Treasury Board must verify that the person or entity has the capacity to issue digital signature certificates in a secure and reliable manner.

The Recognition Process includes the following phases:

  • Initiation: Establish the business reasons to have a Certification Authority (CA) recognized under the Secure Electronic Signature Regulations (SESRegs) and to perform the recognition - this may include some financial arrangements. Any Government of Canada (GC) CAs wanting to be recognized must cross-certify with the Canadian Federal PKI Bridge (CFPB). If the candidate CA is external to the Government of Canada (GC), a GC sponsor (a federal government department or agency) is normally required.
  • Examination: The candidate CA must demonstrate that their policies and practices are compliant with criteria. The GC cross certification process is the criteria used to establish the required assurance and continued compliance with the SESRegs. Recognition status will be reviewed/renewed annually. At each review/renewal, the candidate CA must re-affirm their continued risk management of their environment. Evidence should be of sufficient detail to satisfy the GC that risks are being appropriately mitigated.
  • Arrangement: The owner of the Certification Authority and Treasury Board Secretariat (TBS) will negotiate the terms and conditions of the mutually acceptable arrangement that will spell out respective responsibilities and expectations. This would include the usual clauses about periodic independent audits, no material changes without notice, time permitted to cure non-compliance, arbitration of disputes, etc. The signature of the Chief Information Officer (CIO) of the Government of Canada on the arrangement document will signify that the CA has the capacity to issue digital signature certificates in a secure and reliable manner and hence may be listed on the web site of the Treasury Board Secretariat as being recognized under the Secure Electronic Signature regulations. The posting on TBS web site will include the CA's name and its operator, the "certificate policy" examined for this compliance (not all types of certificates issued by a CA will be recognized) and the validity period or expiry for the recognition. For the GC CAs, the cross certification MOU will be relied upon as the arrangement.
  • Maintenance: Ensures that, once the arrangement is in place, the compliancy and level of trust are maintained over time. Each recognition is governed by the agreement that was created in the Arrangement phase.

  ,
Date published: 2007-05-31
Date modified: 2007-03-09
Date reviewed: 2007-03-09
 Return to
Top of Page		 Important Notices