Docstoc

Fuji Xerox Certification Authority Certificate Policy and Certification

Document Sample
Fuji Xerox Certification Authority Certificate Policy and Certification Powered By Docstoc
					          Fuji Xerox Certification Authority
Certificate Policy and Certification Practice Statement
                      Version 2




                      April 27, 2007
1.  INTRODUCTION......................................................................................................... 8
  1.1. Overview ................................................................................................................ 8
    1.1.1. Overview of Fuji Xerox Certification Authority ................................................. 8
    1.1.2. Role of CP/CPS............................................................................................... 8
    1.1.3. An overview of the services of FX CA ............................................................. 8
  1.2. Document name and identification ......................................................................... 9
  1.3. PKI participants ...................................................................................................... 9
    1.3.1. Certification authorities.................................................................................... 9
    1.3.2. Registration authorities.................................................................................... 9
    1.3.3. Subscribers ................................................................................................... 10
    1.3.4. Relying parties............................................................................................... 10
    1.3.5. Other participants .......................................................................................... 10
  1.4. Certificate usage .................................................................................................. 10
    1.4.1. Appropriate certificate uses ........................................................................... 10
    1.4.2. Prohibited certificate users ............................................................................ 10
  1.5. Policy administration............................................................................................. 10
    1.5.1. Organization administering the document ..................................................... 10
    1.5.2. Contact person .............................................................................................. 10
    1.5.3. Person determining cps suitability for the policy............................................ 11
    1.5.4. CPS approval procedures ............................................................................. 11
  1.6. Definitions and acronyms ..................................................................................... 12
2. PUBLICATION AND REPOSITORY RESPONSIBILITIES ................................... 16
  2.1. Repositories ......................................................................................................... 16
  2.2. Publication of certification information .................................................................. 16
  2.3. Time and frequency of publication........................................................................ 16
  2.4. Access controls on repositories ............................................................................ 17
3. IDENTIFICATION AND AUTHENTICATION ........................................................ 18
  3.1. Naming ................................................................................................................. 18
    3.1.1. Types of names ............................................................................................. 18
    3.1.2. Need for names to be meaningful ................................................................. 18
    3.1.3. Anonymity or pseudonymity of subscribers ................................................... 18
    3.1.4. Rules for interpreting various name forms..................................................... 18
    3.1.5. Uniqueness of names.................................................................................... 18
    3.1.6. Recognition, authentication, and role of trademarks ..................................... 18
  3.2. Initial identity validation......................................................................................... 18
    3.2.1. Method to prove possession of private key ................................................... 18
    3.2.2. Authentication of organization identity........................................................... 19
    3.2.3. Authentication of individual identity ............................................................... 19
    3.2.4. Non-verified subscriber information............................................................... 19
    3.2.5. Validation of authority .................................................................................... 19
    3.2.6. Criteria for interoperation............................................................................... 19
  3.3. Identification and authentication for re-key requests ............................................ 19
    3.3.1. Identification and authentication for routine re-key ........................................ 19
    3.3.2. Identification and authentication for re-key after revocation .......................... 19
  3.4. Identification and authentication for revocation request........................................ 19
4. CERTIFICATE LIFE-CYCLE OPERATIONAL EQUIREMENTS .......................... 20
  4.1. Certificate Application ........................................................................................... 20
    4.1.1. Who can submit a certificate application ....................................................... 20
    4.1.2. Enrollment process and responsibilities ........................................................ 20
  4.2. Certificate application processing ......................................................................... 20
    4.2.1. Performing identification and authentication functions .................................. 20

                                                                                                                                2
  4.2.2. Approval or rejection of certificate applications ............................................. 21
  4.2.3. Time to process certificate applications......................................................... 21
4.3. Certificate issuance .............................................................................................. 21
  4.3.1. CA actions during certificate issuance........................................................... 21
  4.3.2. Notification to subscriber by the CA of issuance of certificate ....................... 21
4.4. Certificate acceptance .......................................................................................... 21
  4.4.1. Conduct constituting certificate acceptance .................................................. 21
  4.4.2. Publication of the certificate by the CA.......................................................... 21
  4.4.3. Notification of certificate issuance by the CA to other entities ....................... 21
4.5. Key pair and certificate usage .............................................................................. 21
  4.5.1. Subscriber private key and certificate usage ................................................. 21
  4.5.2. Relying party public key and certificate usage............................................... 21
4.6. Certificate renewal................................................................................................ 22
  4.6.1. Circumstance for certificate renewal ............................................................. 22
  4.6.2. Who may request renewal............................................................................. 22
  4.6.3. Processing certificate renewal requests ........................................................ 22
  4.6.4. Conduct constituting acceptance of a renewal certificate.............................. 22
  4.6.5. Publication of the renewal certificate by the CA ............................................ 22
  4.6.6. Notification of certificate issuance by the CA to other entities ....................... 22
4.7. Certificate re-key .................................................................................................. 23
  4.7.1. Circumstance for certificate re-key ................................................................ 23
  4.7.2. Who may request certification of a new public key........................................ 23
  4.7.3. Processing certificate re-keying requests ...................................................... 23
  4.7.4. Notification of new certificate issuance to subscriber .................................... 23
  4.7.5. Conduct constituting acceptance of a re-keyed certificate ............................ 23
  4.7.6. Publication of the re-keyed certificate by the CA ........................................... 24
  4.7.7. Notification of certificate issuance by the CA to other entities ....................... 24
4.8. Certificate modification ......................................................................................... 24
  4.8.1. Circumstance for certificate modification ....................................................... 24
  4.8.2. Who may request certificate modification ...................................................... 24
  4.8.3. Processing certificate modification requests.................................................. 24
  4.8.4. Notification of new certificate issuance to subscriber .................................... 24
  4.8.5. Conduct constituting acceptance of modified certificate................................ 25
  4.8.6. Publication of the modified certificate by the CA ........................................... 25
  4.8.7. Notification of certificate issuance by the CA to other entities ....................... 25
4.9. Certificate revocation and suspension.................................................................. 25
  4.9.1. Circumstances for revocation ........................................................................ 25
  4.9.2. Who can request revocation.......................................................................... 25
  4.9.3. Procedure for revocation request .................................................................. 25
  4.9.4. Revocation request grace period................................................................... 26
  4.9.5. Time within which CA must process the revocation request.......................... 26
  4.9.6. Revocation checking requirement for relying parties..................................... 26
  4.9.7. CRL/ARL issuance frequency (if applicable) ................................................. 26
  4.9.8. Maximum latency for CRL/ARLs (if applicable) ............................................. 26
  4.9.9. On-line revocation/status checking availability .............................................. 26
  4.9.10.    On-line revocation checking requirements................................................. 26
  4.9.11.    Other forms of revocation advertisements available .................................. 26
  4.9.12.    Special requirements re key compromise .................................................. 26
  4.9.13.    Circumstances for suspension................................................................... 27
  4.9.14.    Who can request suspension..................................................................... 27
  4.9.15.    Procedure for suspension request ............................................................. 27
  4.9.16.    Limits on suspension period ...................................................................... 27

                                                                                                                           3
  4.10.    Certificate status services ................................................................................. 27
    4.10.1.     Operational characteristics ........................................................................ 27
    4.10.2.     Service availability ..................................................................................... 27
    4.10.3.     Optional features ....................................................................................... 27
  4.11.    End of subscription ........................................................................................... 27
  4.12.    Key escrow and recovery.................................................................................. 27
    4.12.1.     Key escrow and recovery policy and practices .......................................... 27
    4.12.2.     Session key encapsulation and recovery policy and practices .................. 27
5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS .......................... 28
  5.1. Physical controls .................................................................................................. 28
    5.1.1. Site location and construction ....................................................................... 28
    5.1.2. Physical access............................................................................................. 28
    5.1.3. Power and air conditioning ............................................................................ 28
    5.1.4. Water exposures ........................................................................................... 28
    5.1.5. Fire prevention and protection....................................................................... 28
    5.1.6. Media storage................................................................................................ 29
    5.1.7. Waste disposal .............................................................................................. 29
    5.1.8. Off-site backup .............................................................................................. 29
  5.2. Procedural controls............................................................................................... 29
    5.2.1. Trusted roles ................................................................................................. 29
    5.2.2. Number of persons required per task ............................................................ 32
    5.2.3. Identification and authentication for each role ............................................... 33
    5.2.4. Roles requiring separation of duties .............................................................. 33
  5.3. Personnel controls................................................................................................ 33
    5.3.1. Qualifications, experience, and clearance requirements ............................... 33
    5.3.2. Background check procedures ...................................................................... 34
    5.3.3. Training requirements.................................................................................... 34
    5.3.4. Retraining frequency and requirements ........................................................ 34
    5.3.5. Job rotation frequency and sequence ........................................................... 34
    5.3.6. Sanctions for unauthorized actions ............................................................... 34
    5.3.7. Independent contractor requirements............................................................ 34
    5.3.8. Documentation supplied to personnel ........................................................... 34
  5.4. Audit logging procedures...................................................................................... 35
    5.4.1. Types of events recorded .............................................................................. 35
    5.4.2. Frequency of processing log ......................................................................... 35
    5.4.3. Retention period for audit log ........................................................................ 35
    5.4.4. Protection of audit log.................................................................................... 36
    5.4.5. Audit log backup procedures ......................................................................... 36
    5.4.6. Audit collection system (internal vs. external) ............................................... 36
    5.4.7. Notification to event-causing subject ............................................................. 36
    5.4.8. Vulnerability assessments ............................................................................. 36
  5.5. Records archival................................................................................................... 36
    5.5.1. Types of records archived ............................................................................. 37
    5.5.2. Retention period for archive .......................................................................... 37
    5.5.3. Protection of archive...................................................................................... 37
    5.5.4. Archive backup procedures ........................................................................... 37
    5.5.5. Requirements for time-stamping of records................................................... 38
    5.5.6. Archive collection system (internal vs. external)............................................ 38
    5.5.7. Procedures to obtain and verify archive information...................................... 38
  5.6. Key changeover ................................................................................................... 38
  5.7. Compromise and disaster recovery ...................................................................... 38
    5.7.1. Incident and compromise handling procedures ............................................. 38

                                                                                                                            4
    5.7.2. Computing resources, software, and/or data are corrupted........................... 38
    5.7.3. Entity private key compromise procedures.................................................... 39
    5.7.4. Business continuity capabilities after a disaster ............................................ 39
  5.8. CA or RA termination ............................................................................................ 39
6. TECHNICAL SECURITY CONTROLS .................................................................... 40
  6.1. Key pair generation and installation...................................................................... 40
    6.1.1. Key pair generation ....................................................................................... 40
    6.1.2. Private key delivery to subscriber.................................................................. 40
    6.1.3. Public key delivery to certificate issuer.......................................................... 40
    6.1.4. CA public key delivery to relying parties ........................................................ 40
    6.1.5. Key sizes....................................................................................................... 40
    6.1.6. Public key parameters generation and quality checking................................ 41
    6.1.7. Key usage purposes (as per X.509 v3 key usage field) ................................ 41
  6.2. Private Key Protection and Cryptographic Module Engineering Controls............. 41
    6.2.1. Cryptographic module standards and controls .............................................. 41
    6.2.2. Private key (n out of m) multi-person control ................................................. 42
    6.2.3. Private key escrow ........................................................................................ 42
    6.2.4. Private key backup ........................................................................................ 42
    6.2.5. Private key archival ....................................................................................... 43
    6.2.6. Private key transfer into or from a cryptographic module .............................. 43
    6.2.7. Private key storage on cryptographic module ............................................... 43
    6.2.8. Method of activating private key .................................................................... 43
    6.2.9. Method of deactivating private key ................................................................ 43
    6.2.10.    Method of destroying private key ............................................................... 43
    6.2.11.    Cryptographic Module Rating .................................................................... 43
  6.3. Other aspects of key pair management................................................................ 44
    6.3.1. Public key archival......................................................................................... 44
    6.3.2. Certificate operational periods and key pair usage periods ........................... 44
  6.4. Activation data ...................................................................................................... 44
    6.4.1. Activation data generation and installation .................................................... 44
    6.4.2. Activation data protection .............................................................................. 44
    6.4.3. Other aspects of activation data .................................................................... 44
  6.5. Computer security controls................................................................................... 44
    6.5.1. Specific computer security technical requirements........................................ 44
    6.5.2. Computer security rating ............................................................................... 45
  6.6. Life cycle technical controls.................................................................................. 45
    6.6.1. System development controls ....................................................................... 45
    6.6.2. Security management controls ...................................................................... 45
    6.6.3. Life cycle security controls ............................................................................ 46
  6.7. Network security controls ..................................................................................... 46
  6.8. Time-stamping...................................................................................................... 46
7. CERTIFICATE, CRL/ARL, AND OCSP PROFILES ................................................ 47
  7.1. Certificate profile .................................................................................................. 47
    7.1.1. Version number(s) ......................................................................................... 47
    7.1.2. Certificate extensions .................................................................................... 47
    7.1.3. Algorithm object identifiers ............................................................................ 47
    7.1.4. Name forms................................................................................................... 47
    7.1.5. Name constraints .......................................................................................... 47
    7.1.6. Certificate policy object identifier ................................................................... 47
    7.1.7. Usage of Policy Constraints extension .......................................................... 47
    7.1.8. Policy qualifiers syntax and semantics .......................................................... 47
    7.1.9. Processing semantics for the critical Certificate Policies extension............... 47

                                                                                                                              5
  7.2. CRL/ARL profile.................................................................................................... 47
    7.2.1. Version number(s) ......................................................................................... 47
    7.2.2. CRL/ARL and CRL/ARL entry extensions ..................................................... 47
  7.3. OCSP profile......................................................................................................... 47
    7.3.1. Version number(s) ......................................................................................... 48
    7.3.2. OCSP extensions .......................................................................................... 48
8. COMPLIANCE AUDIT AND OTHER ASSESSMENTS .......................................... 49
  8.1. Frequency or circumstances of assessment ........................................................ 49
  8.2. Identity/qualifications of assessor......................................................................... 49
  8.3. Assessor’s relationship to assessed entity ........................................................... 49
  8.4. Topics covered by assessment............................................................................. 49
  8.5. Actions taken as a result of deficiency.................................................................. 49
  8.6. Communication of results ..................................................................................... 50
9. OTHER BUSINESS AND LEGAL MATTERS ......................................................... 51
  9.1. Fees ..................................................................................................................... 51
    9.1.1. Certificate issuance or renewal fees.............................................................. 51
    9.1.2. Certificate access fees .................................................................................. 51
    9.1.3. Revocation or status information access fees ............................................... 51
    9.1.4. Fees for other services.................................................................................. 51
    9.1.5. Refund policy................................................................................................. 51
  9.2. Financial responsibility ......................................................................................... 51
    9.2.1. Insurance coverage....................................................................................... 51
    9.2.2. Other assets .................................................................................................. 51
    9.2.3. Insurance or warranty coverage for end-entities ........................................... 51
  9.3. Confidentiality of business information ................................................................. 51
    9.3.1. Scope of confidential information .................................................................. 51
    9.3.2. Information not within the scope of confidential information .......................... 51
    9.3.3. Responsibility to protect confidential information........................................... 51
  9.4. Privacy of personal information ............................................................................ 51
    9.4.1. Privacy plan................................................................................................... 52
    9.4.2. Information treated as private........................................................................ 52
    9.4.3. Information not deemed private..................................................................... 52
    9.4.4. Responsibility to protect private information.................................................. 52
    9.4.5. Notice and consent to use private information .............................................. 52
    9.4.6. Disclosure pursuant to judicial or administrative process .............................. 52
    9.4.7. Other information disclosure circumstances.................................................. 52
  9.5. Intellectual property rights .................................................................................... 52
  9.6. Representations and warranties ........................................................................... 52
    9.6.1. CA representations and warranties ............................................................... 52
    9.6.2. RA representations and warranties ............................................................... 52
    9.6.3. Subscriber representations and warranties ................................................... 52
    9.6.4. Relying party representations and warranties ............................................... 52
    9.6.5. Representations and warranties of other participants.................................... 52
  9.7. Disclaimers of warranties ..................................................................................... 52
  9.8. Limitations of liability............................................................................................. 52
  9.9. Indemnities ........................................................................................................... 53
  9.10.    Term and termination ........................................................................................ 53
    9.10.1.     Term........................................................................................................... 53
    9.10.2.     Termination ................................................................................................ 53
    9.10.3.     Effect of termination and survival............................................................... 53
  9.11.    Individual notices and communications with participants .................................. 53
  9.12.    Amendments..................................................................................................... 53

                                                                                                                                  6
  9.12.1.    Procedure for amendment ......................................................................... 53
  9.12.2.    Notification mechanism and period............................................................ 53
  9.12.3.    Circumstances under which OID must be changed ................................... 53
9.13.    Dispute resolution provisions ............................................................................ 53
9.14.    Governing law ................................................................................................... 53
9.15.    Compliance with applicable law ........................................................................ 53
9.16.    Miscellaneous provisions .................................................................................. 54
  9.16.1.    Entire agreement ....................................................................................... 54
  9.16.2.    Assignment ................................................................................................ 54
  9.16.3.    Severability ................................................................................................ 54
  9.16.4.    Enforcement (attorneys’ fees and waiver of rights) .................................... 54
  9.16.5.    Force Majeure............................................................................................ 54
9.17.    Other provisions................................................................................................ 54




                                                                                                                           7
1. INTRODUCTION
This document specifies the standards of certificates to be issued by Fuji Xerox Certification
Authority (FX CA) and the procedures to be adopted for the series of tasks including issuance,
update, revocation and management of issued certificates.

This document is organized in conformity to RFC 3647 issued by IETF (Internet Engineering
Task Force), which is an international standardization organization for technologies to be used in
the Internet.

The formal title and the acquisition point of RFC 3647 are given as follows.

 Certificate Policy and Certification Practices Framework, Internet Engineering Task Force,
          Network Working Group, ftp://ftp.rfc-editor.org/in-notes/rfc3647.txt

A PDF file for the document can be acquired from http://www.faqs.org/rfcs/rfc3647 (24.09.04).


1.1.       Overview
1.1.1.   Overview of Fuji Xerox Certification Authority
FX CA aims at issuing certificates to multiple Specific Service Certification Authorities (SS CAs)
operated by Fuji Xerox Co., Ltd. (FX) and other Certification Authorities that provide support for
the operation of SS CAs.

Each SS CA shall be operated as a part of services that FX provides to its customers, and it shall
provide certification functionality required for the implementation of specific services.

FX CA functions as a common basis of trust for SS CAs. The users of specific services shall use
the public key of FX CA. to verify the certificates individually issued by SS CAs.


1.1.2.   Role of CP/CPS
This CPS describes business, legal, and technical items in this service. Further, this CPS
describes Certificate Policy (CP, standards for issuing certificates) and Certification Practice
Statement (CPS, actual operating standards) for the persons engaged in this service.

1.1.3.   An overview of the services of FX CA
FX CA is an off-line certification authority, which does not connect to the Internet directly or
indirectly. FX CA shall be manually activated only when its functions stated below are used.

1.   Generation, backup and destruction of FX CA's public pair keys.

2.   Generation of signatures to CA certificates to issue to FX ECA or SS CA’s.

3.   Generation of signatures to CRL/ARLs of CA certificate that FX CA issues.



                                                                                                   8
The following describe an outline of the three functions of FX CA of (1) registration of
subscribers, (2) lifecycle management of certificates and (3) issuance of CRL/ARLs.

(1) Registration of subscribers
       A subscriber of a certificate that FX CA issues shall be a certification authority that FX
       established and is operating in compliance with certain policies and regulations that FX
       determines.

(2) Lifecycle management of certificates.
       FX CAP Committee gives written instructions to FX Certification Authority Platform
       Operating Group (FX CAP Operating Group) with respect to all the events constituting a
       lifecycle of a certificate. Specifically, they issue, re-issue, re-key, changeover, destroy and
       suspend the certificate.

(3) Issuance of CRL/ARLs
       FX CAP Operating Group issues a CRL/ARL following this CPS. In addition to the routine
       issuance of CRL/ARLs, FX CAP Operating Group issues a CRL/ARL as quickly as possible
       with it revokes a certificate.



1.2.         Document name and identification
This document is entitled “Fuji Xerox Certification Authority: Certificate Policy and Certification
Practice Statements”.

The object identifier (OID) of this document is defined as follows:

                                        1.3.6.1.4.1.297.1.5.1.1

1.3.         PKI participants
1.3.1.     Certification authorities
This PKI is comprised of the single certification authority of FX CA.

To a certification authority that FX operates, as the Subscriber, FX CA shall issue CA certificates
based on instructions from the FX CAP Committee. The CA certificates shall be used only for the
purpose of verifying the signatures associated with the certificates signed by the subscribers
(subordinate CAs).

The FX CA may comply to issue a certificate from an external certification authority, if the
purpose of the issuance by a subordinate SSCA is compliant with the mission of FX CA.

1.3.2.     Registration authorities
The functions of FX CA do not include that of a registration authority. Only FX retains the rights to
decide the opening and operating of CAs as Subscribers, and FX CA does not participate in the
decision process. Only the FX CAP Committee is the registration authority.


                                                                                                    9
1.3.3.   Subscribers
The subscribers of certificates issued by FX CA are certified authorities that are operated by FX
and authorized by the FX CAP Committee.

1.3.4.   Relying parties
The first users of the certificates that are issued by the FX CA are the customers of specific
services that are certified by the SS CA. These users uses the certificates that FX CA issues in
order to verify the signatures associated with the certificates and CRL/ARLs that SS CA issues.
Verification of the signatures on certificates and CRL/ARLs that are issued by SS CA provides
the certification functionality required for utilizing specific services under a safe environment.

The second users of the certificates are the systems of FX CA, FX ECA and SS CAs as well as
the operators of these systems. FX ECA issued Membership Certificates are used for
certification of individuals in the access control to those systems but the FX CA uses the
certificate issued by FX ECA for the purpose of verification of the signatures contained in
Membership Certificates and the attached CRLs. The access control to the systems of the
relevant CAs shall be conducted based on the resulting authentication of individuals.

1.3.5.   Other participants
No stipulation.

1.4.       Certificate usage
1.4.1.   Appropriate certificate uses
The certificates that are issued by FX CA to its subordinate CAs shall be used for verification of
the signatures attached to the certificates issued by the CAs and the signatures attached to the
CRL/ARL by the CAs.

1.4.2.   Prohibited certificate users
The use of certificates is prohibited for purposes other than stipulated in section 1.4.1.

1.5.       Policy administration
1.5.1.   Organization administering the document
FX CAP Committee is responsible for the repeal, amendment and approval of this document
(Certificate Policy and Certification Practice Statement).

1.5.2.   Contact person
The contact person of FX CAP Committee shall be in charge of inquiries regarding this document
and co-relational certification.

         FX CAP Committee Contact Desk, Fuji Xerox Co., Ltd.
         E-Mail: fxca-contact@fujixerox.co.jp




                                                                                                     10
1.5.3.   Person determining cps suitability for the policy
Since the CP and CPS are not separated in this document, the observance to the policy of the
CPS is deemed for consideration with the approval of this document.

1.5.4.   CPS approval procedures
The FX CAP Committee shall discuss the content of this document and Chair of FX CAP
Committee shall approve it.

The scope of the responsibility of FX CAP Committee includes amendment, repeal and approval
of this document, whereas the Chair of FX CAP Committee is responsible for final approval.




                                                                                             11
1.6.      Definitions and acronyms
            Term                                                                             Definition
Fuji Xerox Certification           System and operating body for FX CA and relevant CAs
Authority Platform
Fuji Xerox         Certification   Division of Fuji Xerox Co., Ltd. responsible for the operation of
Authority             Platform     FX CA.
Committee
FX CAP Committee                   Organization of Fuji Xerox Co., Ltd. responsible for the operation
                                   and of FX CA, also the registration agent of FX CA
Chair   of         FX      CAP     Supervisor of FX CAP Committee.
Committee
FX Certification Authority         Organization responsible for the operation of FX Certification
Platform Operating Group           Authority.
FX CAP Operating Group             Abbreviation of FX      Certification Authority Platform Operating
                                   Group.
FX    CAP            Operating     Supervisor of FX CAP Operating Group.
Manager
Repositories                       Database to record information necessary of performance of the
                                   operations of FX CA.
Certificate revocation             Revoking a certificate.Identifier of a revoked certificate is
                                   specified in a Certificate Revocation List.
Certificate issuance               To issue a certificate to its subscriber.
Certificate renewal                To renew a certificate. A renewed certificate includes the same
                                   name, key and other information as the old one except the
                                   particular items (e.g. a new serial number) that Certificate Policy
                                   specifies to be changed.
Certificate re-key                 To change the public key pair of a certificate. A new certificate
                                   specifying the public key of a new public key pair is issued to the
                                   same subscriber.
Certificate modification           The function issued a new certificate which changes a part or all
                                   of substances without a public key stated to the certificate after
                                   issue
Self-signed certification          A certificate including a public key and a signature generated
                                   using the private signing key paired with the public key. CA
                                   issues a self-signed certificate to publish its public key to the
                                   users.
Link certificate                   A certificate issued when a CA’s private signing key is changed.
                                   A link certificate includes either a pair of the new public key and a
                                   signature generated using the old private signing key or a pair of
                                   the old public key and a signature generated using the new
                                   private key.
Certificate Revocation List        Data object that includes a list of revoked certificates, signed
                                   using the CA’s private signing key.




                                                                                                 12
              Term                                                                          Definition
Authority revocation list        Data object that includes a list of revoked CA Certificates, signed
                                 using the CA’s private signing key.
Hardware         Cryptographic   A hardware module for the protection of CA’s private signing
Module                           keys. The functionality of the hardware cryptographic module
                                 includes generation, maintenance, usage and destruction of the
                                 private signing keys. The operation of the hardware
                                 cryptographic modules shall be performed under strict control by
                                 means of physical or electronic methods or both.
CA’s public key pair             A pair of CA’s private signing key and the public key paired with
                                 the private signing key.
CA’s public key                  A public key that is used to verify the signature of a certificate,
                                 which CA generates using the CA’s private signing key paired
                                 with it.
CA's private signing key         A private signing key that CA uses to sign certificates that it
                                 issues.
Audit logs                       A log recording the history of events, used to verify the validity of
                                 the activities of CA.
Audit collection system          The system that collects audit logs relating to the activities of FX
                                 CA, which is a part of the FX CA system.
Public key pair                  A pair of a public key and a private key of the public key
                                 cryptographic system.
Public key                       The private component of a public key pair that its owner
                                 securely retains. A public key is disclosed by being specified in a
                                 certificate.
                                 A public key of a CA’s public key pair is used for verification of the
                                 signature of a certificate.
Private key                      The private component of a public key pair that its owner
                                 securely retains. A private key shall be stored so that no other
                                 than its owner can access it.
                                 A private key of a CA’s public key pair is used for generation of a
                                 signature for a certificate, and therefore it may be called a private
                                 signing key.
Private signing key              A private key whose usage is restricted to generation of
                                 signatures.
Signature verification keys      A public key whose usage is restricted to verification of
                                 signatures.
Certificate                      A data object comprised of a public key and other information,
                                 which asserts that the owner of the public key has passed the
                                 registration process specified by the relevant certificate policy.
                                 The relevant CA signs it using its private signing key.
CA certificate                   A certificate that a CA issues to a subordinate CA, usage of
                                 which is restricted to verification of the signature of certificates
                                 that the subordinate CA issues.



                                                                                                13
               Term                                                                       Definition
Site certificate               A certificate used to authenticate a site over networks. For
                               example, when a SSL/TLS communication is established
                               between a client and a server, the client authenticates the server
                               based on a site certificate of the server.
Membership certificate         A certificate issued to CA operator. The usage of a membership
                               certificate is purpose of CA operator.
CA certificate                 For a CA certificate, a general term of a certificate that Product
                               authority is issued from outside authority, and Product authority
                               issues to outside authority.
Issuer                         The CA that issued the relevant certificate. It is the entity whose
                               name appears as the issuer in the certificate.
Subscriber                     The owner of the public key that is specified in the relevant
                               certificate. It is the entity whose name appears as the subject in
                               the certificate. The subscriber of a certificate that FX CA issues is
                               either FX ECA or an SS CA.
Relying party                  The entity that authenticates the subscriber of a certificate based
                               on the public key specified in the certificate. For example, when a
                               SSL/TLS connection is established between a client and a
                               server, the client is a relying party of the site certificate that has
                               been used for the establish of the connection.
Certificate   Policy    and    A set of documents that describe policies and rules concerning
Certification       Practice   the functions and operations of a CA. A relying party of a
Statement                      certificate may refer to the Certificate Policy and Certification
                               Practice Statement to which the certificate is pursuant. It is
                               recommended that documents of Certificate Policy and
                               Certification Practice Statement is compliant to RFC 3647.
                               Certificate Policy and Certification Practice Statement is
                               abbreviated to CP/CPS.
Activation                     To make an object such as a private key and a hardware
                               cryptographic module ready for use.
                               For example, a private signing key can be used to generate a
                               signature only when it is activated.
                               As another example, the operations to a hardware cryptographic
                               module, including generation, destruction and use of a private
                               key confined within the module, require prior activation of the
                               module.
Inactivation                   To inactivate an object such as a private key and a hardware
                               cryptographic module that has been activated.
FX Certification Authority     The certification authority that issues CA certificates to its
                               subordinate CA’s including FX ECA and Specific Service CA’s.
FX             Endorsement     The certification authority that issues certificates necessary for
Certification Authority        the operation of the CA’s that FX operates. The certificates that
                               FX ECA issues include a Site Certificate issued to an SS CA and
                               a Membership Certificate issued to an operator of a certification
                               authority.


                                                                                              14
           Term                                                                          Definition
Specific              Service   A certification authority that provides trust to the users of a
Certification Authority         particular service that FX operates. Division of FX that performs
                                the operation of the relevant service also operates the
                                corresponding Specific Service CA.
CP/CPS                          Abbreviation of Certificate Policy and Certification Practice
                                Statement.
CSR                             Abbreviation of Certificate Signing Request. CSR includes
                                information of the identity of the subject of the request and the
                                public key to be specified in a requested certificate. CSR is
                                compliant to a format standardized for usage in the Internet (e.g.
                                PKCS #10).
CRL                             Abbreviation of Certificate Revocation List.
ARL                             Abbreviation of Authority Revocation List.
S/MIME                          A specification of a format and protocol for electronic mail, which
                                provides the security functionality of encryption, integrity
                                verification and non-repudiation of messages.
SSL                             Abbreviation of Secure Socket Layer.
                                A protocol of the network communication, that provides the
                                security functionality of entity authentication, message encryption
                                and prevention of unauthorized modification of messages.
                                Internet Draft The SSL Protocol Version 3.0, Netscape
TLS                             Abbreviation of Transport Layer Security.
                                TLS is an enhancement of SSL 3.0.
                                The latest version of the specification is as follows.
                                RFC 2246 The TLS Protocol Version 1.0, IETF




                                                                                            15
2. PUBLICATION AND REPOSITORY RESPONSIBILITIES
2.1.         Repositories
Repositories of FX CA shall retain at least the following information items.

(1) Link certificates:
       A certificate generated with an association to an event of the changeover of the FX CA’s
       private signing key. Whenever the key changeover is performed, a pair of link certificates
       shall be generated: one is a certificate that specifies the public key of the old key pair and is
       signed using the private signing key of the new key pair; the other is a certificate that
       specifies the public key of the new key pair and is signed using the private signing key of the
       old key pair.

(2) CA Certificates
       A certificate that FX CA issues to a subordinate CA.

(3) Certificate revocation list:
       A list of revoked CA certificates.

(4) Inter-authority certificate:
       A certificate that another CA issues to FX CA.

(5) Authority revocation list:
       A list of revoked self-signed certificates and revoked inter-authority certificates.

2.2.         Publication of certification information
FX CA shall publish information concerning its activities including the following.

(1) The link certificates retained by the FX CA’s repositories.

(2) The CRL’s retained by FX CA’s repositories.

(3) The inter-authority certificates retained by FX CA’s repositories.

(4) The ARL’s retained by FX CA’s repositories.

(5) Information concerning compromise of the FX CA’s private signing keys.

(6) Certificate Policy and Certification Practice Statement specified by this document.

The publication shall be accessed by the following means.

                          http://www.fujixerox.co.jp/product/cap/fxca.html

2.3.         Time and frequency of publication
FX CA shall publish any update to the information specified in 2.2 as soon as the update is
made.



                                                                                                     16
2.4.      Access controls on repositories
FX CA shall protect any repository information by restricting access to the information, including
addition, deletion and modification of the information, to the operators who belong to FX CAP
Operating Group and are properly granted access rights.

However, the access control shall not apply to the public dissemination of the information
specified in 2.2 to be published.




                                                                                               17
3. IDENTIFICATION AND AUTHENTICATION
3.1.         Naming
3.1.1.     Types of names
The name item to be specified in the issuer and subject fields of the certificates that FX CA
issues shall be an X.500 Distinguished Name (DN).

3.1.2.     Need for names to be meaningful
Names used in the certificates issued pursuant to this CP and CPS shall identify the person and
object in a meaningful way.

3.1.3.     Anonymity or pseudonymity of subscribers
Anonymity or pseudonymity of subscribers are not allowed in the certificates issued pursuant to
this CP and CPS.

3.1.4.     Rules for interpreting various name forms
No stipulation.

3.1.5.     Uniqueness of names
Names used in the certificates issued pursuant to this document shall uniquely identify the
person or object.

3.1.6.     Recognition, authentication, and role of trademarks
No stipulation.

3.2.         Initial identity validation
3.2.1.     Method to prove possession of private key
Issuance of any certificate shall be based on a written direction (Certification Issuance
Instruction) by FX CAP Committee. FX CA shall verify the validity of the Certificate Issuance
Instruction to verify possession of the private key by the subscriber.

The verification of the Certificate Issuance Instruction shall include the following items.

    The Certificate Issuance Instruction is compliant to the format that FX CA specifies.

    The Certificate Issuance Instruction is approved by the Chair of FX CAP Committee.

    FX CA has not processed Certificate Issuance Instruction in the past.

       The date of approval of the Certificate Issuance Instruction is not more than 10 days from the
       date of acceptance of the Certificate Issuance Instruction by FX CA.

    The expiration date of the certificate shall be later than the receipt date of the Certificate
    Issuance Instruction.




                                                                                                  18
      The Certificate Signing Request mailed with Certificate Issuance Instruction is not changed
      and altered.

      The contents of the Certificate Issuance Instruction shall abide by the rules described herein.

3.2.2.      Authentication of organization identity
The subscribers of the certificates that FX CA issues shall be certification authorities operated by
FX.

For the purpose of authenticating the organizational identity of the subscriber, FX CA shall verify
the validity of the Certificate Issuance Instruction that FX CAP Committee submitted.

3.2.3.    Authentication of individual identity
For the purpose of authenticating the identity of the subscriber, FX CA shall verify the validity of
the Certificate Issuance Instruction that FX CAP Committee submitted.

3.2.4.    Non-verified subscriber information
No stipulation.

3.2.5.    Validation of authority
No stipulation.

3.2.6.    Criteria for interoperation
No stipulation.

3.3.        Identification and authentication for re-key requests
3.3.1.      Identification and authentication for routine re-key
The same as the specification of 3.2 applies.

3.3.2.      Identification and authentication for re-key after revocation
The same as the specification of 3.2 applies.

3.4.        Identification and authentication for revocation request
The same as the specification of 3.2 applies.




                                                                                                  19
4. CERTIFICATE LIFE-CYCLE OPERATIONAL EQUIREMENTS
4.1.      Certificate Application
4.1.1.    Who can submit a certificate application
The subscriber or FX shall request certificate issuance through the FX CAP Committee.

When the FX CAP Committee approves the certificate issuance, a Certificate Issuance
Instruction is sent to FX CA in a safe manner after being approved by the Chair of the FX CAP
Committee.

4.1.2.    Enrollment process and responsibilities
 When submitting a Certificate Issuance Instruction to FX CA, the FX CAP Committee shall be
responsible in ensuring that Subscriber CA fulfills the requirements specified in 1.3.2.

In addition, FX CA shall verify the following items with respect to Certificate Issuance Instruction
that FX CAP Committee issues.

    The Certificate Issuance Instruction is compliant to the format that FX CA specifies.

    The Certificate Issuance Instruction is properly approved by the Chair of FX CAP Committee.

    Issuance or refusal of issuance has never been performed for Certificate Issuance
    Instruction having the same contents, in the past.

    The date of approval described in the Certificate Issuance Instruction is not more than 10
    days prior to the date of acceptance of the Certificate Issuance Instruction by FX CA.

    The due date of certificate issuance described in the Certificate Issuance Instruction is after
    the date of acceptance.

    CSR enclosed with Certificate Issuance Instruction is not replaced or falsified.

    The contents of the Certificate Issuance Instruction are pursuant to the specifications of this
    document.

As far as FX CA succeeds in the verification specified above, FX CA is exempted from liability for
any damages caused from the issuance and usage of the certificate.

4.2.      Certificate application processing
4.2.1.    Performing identification and authentication functions
FX CA identifies and authenticates the subscriber certification authority by verifying Certificate
Issuance Instruction authorized by FX CAP Committee.




                                                                                                 20
4.2.2.     Approval or rejection of certificate applications
FX CA shall issue the requested certificate as far as it succeeds in verification of the validity of
the Certificate Issuance Instruction as set forth in 0.

4.2.3.     Time to process certificate applications
FX CA shall issue the requested certificate within 30 days after the acceptance of the Certificate
Issuance Instruction based on the verification of its validity.

4.3.       Certificate issuance
4.3.1.     CA actions during certificate issuance
Root CA shall identify the public key and the subscriber specified in CSR, and shall generate the
requested certificate in compliance with the contents of Certificate Issuance Instruction.

FX CA shall deliver the generated certificate to the destination specified in Certificate Issuance
Instruction.

4.3.2.     Notification to subscriber by the CA of issuance of certificate
FX CA does not assume the obligation of notifying the issuance of a certificate.

4.4.       Certificate acceptance
4.4.1.     Conduct constituting certificate acceptance
FX CA assumes acceptance of a certificate by the recipient at the moment when sending it to the
    recipient.


4.4.2.     Publication of the certificate by the CA
No stipulation.

4.4.3.     Notification of certificate issuance by the CA to other entities
No stipulation.

4.5.       Key pair and certificate usage
4.5.1.     Subscriber private key and certificate usage
The subordinate certification authority shall use its private signing key only for the purpose of
generating signatures to the certificates and the CRL/ARLs that the subordinate certification
authority issues.

On the other hand, a certificate that FX CA issues is used to verify the signature that the
certification authority generated.

4.5.2.     Relying party public key and certificate usage
A relying party of a certificate that FX CA issues uses the certificate to verify the signatures to the
certificates and CRL/ARLs that the subordinate certification authority, which is identical with the
subscriber of the certificate, generated.


                                                                                                    21
A Relying Party is responsible for determining whether to rely upon a certificate.

4.6.        Certificate renewal
4.6.1.      Circumstance for certificate renewal
FX CAP Committee may instruct renewal of a certificate that FX CA issued based on rational
reasons.

4.6.2.      Who may request renewal
FX CAP Committee shall request certificate renewal on behalf of the subscriber of a certificate or
FX.

4.6.3.      Processing certificate renewal requests
The renewal of a certificate requires that FX CA verifies the validity of the document to request
the renewal at least in the following items.

      The document is generated in compliance with the format that FX CA specified.

      The document was properly approved by FX CAP Committee Chair.

      FX CA did not accept a document requesting certificate renewal with the same contents in
      the past.

      The date of approval of the document is not more than 10 days prior to the date of
      acceptance of the Certificate Issuance Instruction by FX CA.

      The time of certificate renewal specified in the document is after the next operating day of
      the date of acceptance.

      CSR associated with the document is not replaced or tampered with.

      The contents of the document are pursuant to the specification of this document.

FX CA shall deliver the renewed certificate to the destination specified in the document
requesting the renewal.

4.6.4.      Conduct constituting acceptance of a renewal certificate
FX CA assumes acceptance of the renewed certificate by the recipient at the moment when
sending it to the recipient.

4.6.5.      Publication of the renewal certificate by the CA
No stipulation.

4.6.6.      Notification of certificate issuance by the CA to other entities
No stipulation.




                                                                                               22
4.7.          Certificate re-key
4.7.1.        Circumstance for certificate re-key
FX CAP Committee may instruct re-key of a certificate that FX CA issued based on rational
reasons.

For example, FX CAP Committee can instruct certificate re-key for the following reasons.

      The subscriber of the certificate requests the re-key.

       The private key of the subscriber is judged to be compromised.

4.7.2.        Who may request certification of a new public key
FX CAP Committee shall request certificate re-key on behalf of the subscriber of a certificate or
FX.

4.7.3.        Processing certificate re-keying requests
The re-key of a certificate requires that FX CA verifies the validity of the document to request the
re-key at least in the following items.

      The document is generated in compliance with the format that FX CA specified.

      The document was properly approved by FX CAP Committee Chair.

      FX CA did not accept a document requesting certificate re-key with the same contents in the
      past.

      The date of approval of the document is not more than 10 days prior to the date of
      acceptance of the Certificate Issuance Instruction by FX CA.

      The time of certificate re-key specified in the document is after the next operating day of the
      date of acceptance.

      CSR associated with the document is not replaced or tampered with.

      The contents of the document are pursuant to the specification of this document.

FX CA shall deliver the re-keyed certificate to the destination specified in the document
requesting the re-key.

4.7.4.        Notification of new certificate issuance to subscriber
FX CA assumes acceptance of the re-keyed certificate by the recipient at the moment when
sending it to the recipient.

4.7.5.        Conduct constituting acceptance of a re-keyed certificate
FX CA assumes acceptance of the re-keyed certificate by the recipient at the moment when
sending it to the recipient.




                                                                                                  23
4.7.6.     Publication of the re-keyed certificate by the CA
No stipulation.

4.7.7.     Notification of certificate issuance by the CA to other entities
No stipulation.

4.8.       Certificate modification
4.8.1.     Circumstance for certificate modification
FX CAP Committee may instruct modification of a certificate that FX CA issued based on rational
reasons.

For example, FX CAP Committee can instruct certificate modification for the following reasons.
    The subscriber of the certificate requests the re-key.

4.8.2.     Who may request certificate modification
FX CAP Committee shall request certificate modification on behalf of the subscriber of a
certificate or FX.


4.8.3.     Processing certificate modification requests
Modification of a certificate requires that FX CA verifies the validity of the document to request
the re-key at least in the following items.

    The document is generated in compliance with the format that FX CA specified.

    The document was properly approved by FX CAP Committee Chair.

    FX CA did not accept a document requesting certificate modification with the same contents
    in the past.

    The date of approval of the document is not more than 10 days prior to the date of
    acceptance of the Certificate Issuance Instruction by FX CA.

    The time of certificate re-key specified in the document is after the next operating day of the
    date of acceptance.

    The contents of the document are pursuant to the specification of this document.

FX CA shall deliver the modified certificate to the destination specified in the document
requesting the re-key.

4.8.4.     Notification of new certificate issuance to subscriber
FX CA assumes acceptance of the modified certificate by the recipient at the moment when
sending it to the recipient.




                                                                                                24
4.8.5.     Conduct constituting acceptance of modified certificate
FX CA assumes acceptance of the modified certificate by the recipient at the moment when
sending it to the recipient.

4.8.6.     Publication of the modified certificate by the CA
No stipulation.

4.8.7.     Notification of certificate issuance by the CA to other entities
No stipulation.

4.9.       Certificate revocation and suspension
FX CA shall not support the function of certificate suspension.

4.9.1.     Circumstances for revocation
FX CAP Committee may instruct revocation of a certificate that FX CA issued based on rational
reasons.

For example, FX CAP Committee can instruct certificate revocation for the following reasons.

    The subscriber of the certificate requests the revocation.

    The private key of the subscriber is judged to be compromised.

4.9.2.     Who can request revocation
FX CAP Committee shall request revocation of a certificate on behalf of the subscriber of the
certificate or FX.

4.9.3.     Procedure for revocation request
Revocation of a certificate requires that FX CA verifies the validity of the document to request the
revocation at least in the following items.

    The document is generated in compliance with the format that FX CA specified.

    The document was properly approved by FX CAP Committee Chair.

    A certificate revocation and the revocation denial are not done on the basis for substances
    which identify certificate revocation in history.

    FX CA did not accept a document requesting certificate revocation with the same contents in
    the past.

    The date of approval of the document is not more than 10 days prior to the date of
    acceptance of the Certificate Issuance Instruction by FX CA.

    The contents of the document are pursuant to the specification of this document.




                                                                                                 25
4.9.4.       Revocation request grace period
FX CAP Committee shall request revocation of a certificate as quickly as possible after it
recognizes the necessity of the certificate revocation.

4.9.5.       Time within which CA must process the revocation request
FX CA shall complete the revocation within one operating day after it accepts the document
requesting revocation of a certificate.

4.9.6.       Revocation checking requirement for relying parties
A relying party identifies revoked certificates by conferring CRL/ ARLs that FX CA discloses.

4.9.7.       CRL/ARL issuance frequency (if applicable)
FX CA shall issue a CRL/ARL with the validity period of 12 months once a half year on a
predetermined day.

In addition to the routine issuance of CRL/ARL, FX CA shall issue a CRL/ARL within one
operating day after it revokes a certificate. The on-demand issuance of CRL/ARL shall never
influence the routine issuance of CRL/ARL.

4.9.8.       Maximum latency for CRL/ARLs (if applicable)
No stipulation.

4.9.9.       On-line revocation/status checking availability
FX CA shall disclose CRL/ARL’s so that an arbitrary user may access it 24 hours a day, every
day without any access restriction.

The access to CRL/ARL shall be by means as set forth in 2.2.

4.9.10.      On-line revocation checking requirements
No stipulation.

4.9.11.      Other forms of revocation advertisements available
No stipulation.

4.9.12.      Special requirements re key compromise
In addition to the stipulation stated above, FX CAP Committee shall hold a committee meeting to
determine measures to be taken as quickly as possible when the FX CA’s private signing keys
are recognized to be compromised. FX CAP Committee may take measures including the
following.

    Termination of FX CA.

    Changeover of FX CA private signing keys.

    Revocation of related certificates



                                                                                                26
    Issuance of new certificates.

FX CA shall disclose the fact of the compromise of its private signing keys and the measures that
it took in response to the emergency.


4.9.13.   Circumstances for suspension
No stipulation.

4.9.14.   Who can request suspension
No stipulation.

4.9.15.   Procedure for suspension request
No stipulation.

4.9.16.   Limits on suspension period
No stipulation.

4.10.     Certificate status services
FX CA shall not assume the obligation to provide certificate status services except disclosure of
CRL.

4.10.1.   Operational characteristics
No stipulation.

4.10.2.   Service availability
No stipulation.

4.10.3.   Optional features
No stipulation.

4.11.     End of subscription
No stipulation.

4.12.     Key escrow and recovery
FX CA shall not perform key escrow and recovery.

4.12.1.   Key escrow and recovery policy and practices
No stipulation.

4.12.2. Session key encapsulation and recovery policy and practices
No stipulation.




                                                                                              27
5. FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS
5.1.        Physical controls
5.1.1.   Site location and construction
The site location and construction, combined with other physical security protection
mechanisms, shall provide robust protection to minimize the damages by flood, earthquake, fire
and other disasters.

5.1.2.   Physical access
The FX CA equipment shall always be protected from unauthorized access and entering and
leaving the facility housing the FX CA equipment shall be appropriately restricted.

Access to each chamber housing the whole and a part of the FX CA equipment as well as each
hardware of the FX CA equipment shall be restricted by appropriate means including
multi-person control.

In particular, FX CAP Operating Manager shall permit requisite minimum personnel to access the
FX CAP equipment and the facility housing it, and shall always have clear recognition of the
personnel.

The facility housing the FX CA equipment shall be monitored for unauthorized intrusion by
means of 24 hour, 365 day per year monitoring methods. In case of suspension of the monitoring
methods for the sake of maintenance and the like, appropriate alternative methods shall be
provided.

5.1.3.   Power and air conditioning
FX CA shall have capability to provide electric power sufficient for the operation of its equipment
and have tolerance to momentary and temporary blackout, ground leakage and fluctuation of
voltage and frequency.

5.1.4.   Water exposures
The facility housing the FX CA equipment shall be located so that it is safe from deluge, typhoon
and so forth. For example, the facility may be located at high stories of a building.

In addition, the FX CA shall isolate the equipment from water supply facility and shall be protect it
against water exposure by additional waterproofing means.

5.1.5.   Fire prevention and protection
The facility housing the FX CA equipment shall be equipped with fire resistant construction,
compartments, fire detecting devices and fire control equipment.




                                                                                                  28
In addition, FX CA shall isolate its equipment from any fire-relating facility such as gas pipes and
hot water apparatus, and shall prohibit any action causing fire including smoking in the vicinity of
its equipment.

5.1.6.   Media storage
Media that contains audit, archive or backup information shall be stored in locked cabinets so as
to protect it from accidental damage such as water and fire. In addition, the cabinets shall be
installed in rooms access to which is restricted so that it is practically impossible to carry them
out.

Unlock of the cabinets and access to the media shall be performed pursuant to authorized
stipulation that belongs to FX CAP Operating Group under multi-person control.

5.1.7.   Waste disposal
Documents and media that contain confidential information shall be disposed by means such
that retrieval of the information from the disposed documents and media is practically impossible
(electromagnetic erasure and physical fracture).

5.1.8.   Off-site backup
No stipulation.

5.2.      Procedural controls
5.2.1.   Trusted roles
In the following, a description of FX CAP Committee, FX CAP Operating Group and Auditor
Group is given. In summary, FX CAP Committee is a supervising organization of FX CA and
retains rights decide important matters (e.g. policies) with respect to the activities of FX CA.
Also, FX CA Operating Group performs actual operations of FX CA, and Auditor Group does
audits over the activities and the compliance of FX CA. Although FX CAP Committee is not a part
of FX CA, a brief description will be given here since it plays an important role in this PKI.




                                                                                                 29
                                     FX CAP Committee
                                                   Chair
         Operation assignment           FX CAP Operating Manager
                 check               Liaisons from:
                                    Division operating specific services
                                   Division responsible for quality control
                                                                                                Audit
                                               (Legal section)
                                                                                              results
                                                                                               report




     FX CAP Operating Group
                Operating Manager                      Operation audit
                                                                              Auditor Group
            Private Key Administrators                                             Auditors
                    Operators




                                     Figure 1: Organization


5.2.1.1. FX CAP Committee
FX CAP Committee is responsible for supervising the operation of FX CA pursuant to the
specification of this document and other documents derived from this document.

FX CAP Committee shall have the rights to make final decision regarding the following issues
and shall be externally responsible for the decision.

1.   Issues regarding the opening and termination of specific service authority.

2.   Issues relating approval, lapse and update of this document and other documents derived
     from this document.

3.   Issues regarding mutual authentication of other CA’s, in particular issues regarding approval
     of CP/CPS of other CA’s.

4.   Issues regarding personnel affairs of FX CA.

5.   Issues regarding information to be externally publicized.



                                                                                                    30
6.   Issues regarding personnel education including approval of the material, program and
     schedule.

7.   Other important issues relating the operation of FX CA.

8.   Issues relating compromise of FX CA’s private signing keys.

9.   Issues regarding approval of the results of audits of FX CA.

10. Issues regarding approval of the result of CA audits for policy compliance pursuant to this
     document and other documents derived from this document.

11. Other important issues relating the safeness of FX CA.

The organization of FX CAP Committee shall at least fulfill the following requisite conditions.

     The chair of FX CAP Committee shall be either the operating officer who is responsible for
     FX's information policies or one to whom authority is transferred from the officer.

     FX CAP Committee shall include the managers of Operating Group and Auditor Group.

     FX CAP Committee shall include liaisons from divisions that operate specific services.

     FX CAP Committee shall include liaisons from divisions that are responsible for quality
     control of subordinate CA’s.

5.2.1.2. FX CAP Operating Group
The scope of the responsibility of FX CAP Operating Group shall include the following issues:

1.   Administration and maintenance of the FX CA equipment.

2.   Activities relating to certificate issuance based on instructions by FX CAP Committee.

3.   Other activities based on instructions by FX CAP Committee.

FX CAP Operating Manager

FX CAP Operating Manager is responsible for supervising overall activities of FX CAP Operating
Group and shall have the following rights and responsibilities.

     Selection of FX CAP Operating Group members

     Call of FX CAP Operating Group meetings

     Final decision on issues discussed in FX CAP Operating Group meetings.

     Decision of actions against emergencies and supervision of performing them.

     Operation to enroll, change and delete access rights of operating personnel.

     Instructions and supervision of other activities relating to the operation of FX CA.




                                                                                                  31
The Chair of FX CAP Committee shall be responsible for assignment of FX CAP Operating
Manager.

Private Key Administrator

The private key administrators shall be responsible for maintenance, administration and usage of
the FX CA’s private signing keys and shall perform the following:

    Administration and usage of the physical keys to unlock the cabinets that contain hardware
    cryptographic modules.

    Administration and usage of the smartcards to activate the functions of hardware
    cryptographic modules.

    Operation of hardware cryptographic modules including generation, changeover, activation,
    deactivation, usage (i.e. signing certificates), backup and restoring of FX CA’s private signing
    keys.

Operator

Operators shall engage in actual operation of the systems of the FX CA equipment including the
following.

    Operation of the systems of the FX CA equipment except for activation, suspension and
    configuration change of the systems.

    Maintenance of the systems of the FX CA equipment.

    Maintenance of the environment of the operation of FX CA.

    Generation of archival.

    Administration of operations

5.2.1.3. Auditor group
Auditor Group is independent of Operating Group. Auditors shall engage in audit activities
including the following:

    Maintaining audit logs and performing internal audits of FX CA.

The Auditor Group shall perform an internal audit regularly and shall report the results to FX CAP
Committee.

5.2.2.   Number of persons required per task
The numbers of personnel belonging to FX CAP Operating Group and Auditor Group shall fulfill
the following requisite conditions.




                                                                                                 32
                       Table 1: Number of personnel and role separation

               Role               Number of personnel             Roles not to be combined


 Operating Officer                1                        Auditor

 Private Key Administrator        No less than 2           Auditor

 Operator                         No less than 2           Auditor

 Auditor group                    No less than 2           Operating     Officer,    Private     Key
                                                           Administrator, Operator




5.2.3.     Identification and authentication for each role
The entry/exit to the CA facilities and access to the CA system can be controlled, depending on
individual roles. In addition, the entry/exit to the CA facilities and access to the CA system shall
be based on authentication of individual personnel.

5.2.4.     Roles requiring separation of duties
Personnel belonging to Auditor Group shall abide by the rules of Table 1 when assigned with
other roles in FX CAP Operating Group, since he/she is required to ensure the neutrality as an
Auditor.

5.3.        Personnel controls
5.3.1.     Qualifications, experience, and clearance requirements
Personnel assigned to each role of FX CAP Operating Group and Auditor Group shall fulfill the
following requisite conditions.

    Operating Manager and Auditor shall have a detailed knowledge of the contents of this
    document and other documents derived from this document and shall keep high morals as a
    member of industry.

    Private Key Administrator shall understand the social responsibility posed on CA, shall have
    a detailed knowledge of the contents of this document and other documents derived from
    this document and shall keep high morals as a member of industry. In addition, Auditor shall
    have a knowledge, at least in principle, of the technologies relating to the activities of CA.

    Operator shall have a detailed knowledge of the part of the contents of this document and
    other documents derived from this document that specifies or is related to the operations by
    Operator. In addition, Operator shall have a detailed knowledge of the technologies
    necessary for the operation of the FX CA equipment.



                                                                                                     33
FX CAP Committee shall appoint personnel for the roles of Operating Manager and Auditor, and
FX CAP Committee Chair shall authorize the appointment. Operating Manager shall appoint
personnel for the roles of Private Key Administrator and FX CAP Committee shall authorize the
appointment..Also, Operating Manager shall appoint personnel for the roles of Operator.

5.3.2.   Background check procedures
Background check procedures, in particular procedures to check criminal records, shall be
pursuant to the corresponding stipulations specified by FX.

5.3.3.   Training requirements
All personnel performing duties with respect to the operation of the FX CA shall receive
comprehensive training based on programs authorized by FX CAP Committee. Training shall be
conducted in the following areas.

A. Social responsibilities of Certification Authority.

B. Stipulations specified by this document and other documents derived from this document.

C. Technologies relating to the operations of Certification Authorities.

5.3.4.   Retraining frequency and requirements
All the personnel performing duties with respect to the operation of FX CA shall receive training
before they initially start to perform the duties as well as at least once per year.

All the personnel belonging to Operating Group or Auditor Group shall be informed of any
authorized changes to the contents of this document and other documents derived from this
document as quickly as possible.

5.3.5.   Job rotation frequency and sequence
No stipulation.

5.3.6.   Sanctions for unauthorized actions
No stipulation.

5.3.7.   Independent contractor requirements
Requirements relating to an event of consignment of business activities shall be written in a
contract that the FX legal division authorizes.

The contract shall include at least stipulations specifying confidentiality obligation, compliance to
FX bylaws and sanction for unauthorized activities.

5.3.8.   Documentation supplied to personnel
No stipulation.




                                                                                                  34
5.4.         Audit logging procedures
 Audit Group shall perform log auditing in order to confirm safety and reliability of FX CA
operations. When a significant event occurs in the events recorded in audit logs, Audit Group
shall verify the audit logs with relevant records to confirm whether a wrong operation or an
incorrect service is not performed.

An external Auditor Group shall conduct regular audits of compliance for FX CAP Committee and
FXCAP entire operations. The external Auditor Group shall also conduct an extra audit of
compliance, when it judges the requirement.

5.4.1.     Types of events recorded
From a wide variety of events that occurs in the activities of FX CA, all the events that may have
an important impact to the operation of FX CA shall be recorded in the audit logs. Accordingly,
the audit logs shall include at a minimum the following:

       Generation, destruction and use of FX CA’s private signing keys

       Events relating to the lifecycle management of certificates that FX CA issues

The following information relevant to each event shall be recorded:

       The type of the event.

       Date and time when the event occurred.

       Results of the event.

       Causes of the event (instruction, operator, system names, etc.)

5.4.2.      Frequency of processing log
Auditor Group shall review audit logs with the frequency as set forth in Table 2.

5.4.3.     Retention period for audit log
Audit logs may be retained in storages of the FX CA equipment and/or in external storage media
such as CD-R.

Audit logs shall be automatically recorded in storages of the FX CA equipment at the moment
when the event to be recorded occurred. Audit logs that are retained in storage of the FX CA
equipment is referred to as onsite logs. In addition, Auditor shall retain audit logs onsite for at
least the duration specified in Table 3 and shall copy them to external storage media in cycles of
the same duration. The audit logs to be copied shall include the audit logs that were recorded
after the time point when copies of audit logs had been made last time. The audit logs retained
on external storage media are referred to as offsite logs. Table 3 specifies the retention periods
for the onsite and offsite logs.




                                                                                                35
5.4.4.   Protection of audit log
FX CA shall take measures so that audit logs shall not be lost for any reasons such as disaster
and theft or shall not be modified.

5.4.5.   Audit log backup procedures
Backup of audit logs shall be performed in the presence of at least two Auditors, through cross
checking of each other’s work and supervision of actions.

Backup of audit logs shall be performed according to the specified procedures.

Table 3 specifies the retention period of backups.

5.4.6.   Audit collection system (internal vs. external)
The audit collection system shall be a part of the FX CA equipment.

5.4.7.   Notification to event-causing subject
The notice that an event was audited shall not provided to the operator who caused the event.

5.4.8.   Vulnerability assessments
When vulnerability was found in security inspection, the audit procedures shall include
vulnerability assessments regarding the operation.

                       Table 2:   Time restriction relating to audit issues

              Duties                                             Time restrictions


 Inspection of audit logs             When an important event occurs, an audit shall be conducted on
                                      the date specified in the procedures. If the specified date is a
                                      non-business day, it shall be conducted on a closest business day.

 Retention period of onsite           No shorter than a month.
 audit logs

 Retention period of offsite          No shorter than 3 years.
 audit logs

 Retention period of backup of        No shorter than 3 years.
 audit logs




5.5.      Records archival
Operator shall archive the data hereinafter set forth on a routine basis for the following purposes.




                                                                                                 36
         To retroactively check the operation history in response to an inquiry or a claim by a
         customer or others.

         To re-issue the certificates and CRL that are valid at the moment when the data necessary
         for the operations of FX CA are lost due to a disaster, incident and so forth.

5.5.1.     Types of records archived
The following information shall be archived, at a minimum, in order to achieve the purposes
stated in above.

    This CP/CPS

    Certificate

    CRL/ARL

    Audit logs

The FX CA private signing keys shall not be archived.

5.5.2.     Retention period for archive
The archive shall be retained as far as this service continues. However, regarding for the audit
logs, the description of 5.4.3 in this CPS shall be followed.

                         Table 3: Time restriction relating to archive records

            Duties                                        Time restrictions


 Generation of archives        When an important event occurs, an audit shall be conducted on the
                               date specified in the procedures. If the specified date is a
                               non-business day, it shall be conducted on a closest business day.

 Inspection of archives        Archive shall be inspected on the date scheduled in the fiscal year
                               plan. Inspection shall be conducted, whenever it is required.

 Retention of archives         10 years or more.


5.5.3.     Protection of archive
FX CA shall take measures so that archive records shall not be lost for any reasons such as
disaster and theft or shall not be modified.

5.5.4.     Archive backup procedures
No stipulation.




                                                                                                    37
5.5.5.     Requirements for time-stamping of records
No stipulation.

5.5.6.     Archive collection system (internal vs. external)
No stipulation.

5.5.7.     Procedures to obtain and verify archive information
The inspection of loss and falsification of archive records shall be conducted at least once a year,
at the discretion of Audit Group.

5.6.        Key changeover
When an FX CA’s private signing key is to be changed, FX CAP Committee shall give a written
instruction to FX CA.

FX CA shall verify the document requesting the key changeover at least for the items stated
below.

    The document is generated in compliance with the format that FX CA specified.

    The document was properly approved by FX CAP Committee Chair.

    FX CA did not accept a document requesting key changeover with the same contents in the
    past.

    The date of approval of the document is not more than 10 days prior to the date of
    acceptance of the Certificate Issuance Instruction by FX CA.

    The time of key changeover specified in the document is after the next operating day of the
    date of acceptance.

    The contents of the document are pursuant to the specification of this document.

When FX CA performs key changeover, it shall revoke the certificates that were signed using the
old key.

5.7.        Compromise and disaster recovery
5.7.1.     Incident and compromise handling procedures
FX CAP Chair shall recognize the facts of incident and compromise and shall order FX CA to
take necessary measures.

5.7.2.     Computing resources, software, and/or data are corrupted
FX CA shall retain spares of equipments and machineries as well as backup of software and
data, and shall reestablish its operation using the spares and backup as quickly as possible in
case that the equipments, machineries, software or data are destroyed.




                                                                                                 38
5.7.3.   Entity private key compromise procedures
In case of compromise of FX CA’s private signing keys, FX CAP Committee Chair shall call a
meeting at soon and recognize the fact of the compromise and shall identify necessary
measures to be taken. FX CAP Committee may take measures including the following.

    Termination of FX CA.

    Changeover of FX CA’s private signing keys.

    Revocation of related certificates

    Issue of new certificate.

FX CA shall disclose the fact of the compromise of its private signing keys and the measures that
FX CA took.


5.7.4.   Business continuity capabilities after a disaster
FX CA shall reestablish its operation as quickly as possible using spares of equipments and
machineries and backup of software and data.

5.8.      CA or RA termination
FX CAP Committee retains the rights to make final decision regarding the termination of FX CA.

FX CA Operating Group shall perform the following tasks in response to the decision of the
termination.

    Backup software and data.

    Reposit backup and archive records.

In addition, FX CAP Committee shall specify the following.

    Organization that performs administration of backup and archive records and responds to
    inquiries and claims.




                                                                                              39
6. TECHNICAL SECURITY CONTROLS
6.1.      Key pair generation and installation
6.1.1.   Key pair generation
Private Key Administrator of Operating Group shall generate FX CA’s public key pairs utilizing
functions of cryptographic modules.

The generation of FX CA’s public key pairs shall be under the multiple-person control, and hence
it shall be performed in the presence of plural Private Key Administrators.

The private signing keys of the key pairs shall be confined within the cryptographic modules
except for their backup generated in accordance with the authorized procedures.

A subscriber is responsible for generation of public key pairs that the subscriber uses for its own
sake. However, the generation of public key pairs shall never be subject to less secure hardware
cryptographic modules or less secure operation regulation than FX CA.

6.1.2.   Private key delivery to subscriber
No private key delivery of Root private keys shall not be performed, since the receiver of a Root
private key generates it utilizing functions of Root.

6.1.3.   Public key delivery to certificate issuer
FX CAP Committee shall send the public key of a generated public key pair specifying it in a
message in accordance with CSR.

The CSR may be specified in a document requesting issuance of the related certificate, may be
recorded in storage media that is to be attached to the document, and may be transferred
through secured communication channels. In any case, FX CAP Committee shall employ
measures to prevent the CSR from being replaced or being tampered with.

6.1.4.   CA public key delivery to relying parties
FX CA’s public keys shall be disclosed via the repositories of FX CA by appropriate means with
functions to prevent unauthorized modification and replacement of the keys. In addition, FX CA
shall verify the validity of the public keys disclosed via the repositories on a regular basis.

A subordinate CA may deploy arbitrary means to deliver the public key in addition to delivery via
FX CA’s repositories. Even in the case, the public key shall be protected from replacement and
tampering at least at the same level as FX CA. FX CAP Committee shall assume the obligation
of confirming that the subordinate CA is taking measures to keep the security of the public key.

6.1.5.   Key sizes
A CA’s public key pair of FX CA shall comply fully with the RSA public key algorithm identified
and shall include a 2048-bit-long modulus.



                                                                                                  40
6.1.6.     Public key parameters generation and quality checking
The modulus of an RSA public key pair shall be generated using a pseudo-random number
generating algorithm whose output clears high-level criteria of randomness, and further shall not
be subject to known attacks that take advantage of vulnerability of module such as those attacks
based on the Fermat method of factoring numbers.

6.1.7.     Key usage purposes (as per X.509 v3 key usage field)
The purposes of usage of FX CA’s public key pairs shall be restricted to the following.

    Generation of signature to certificates that FX CA issues to subordinate CA’s and verification
    of the signature.

    Generation of signature to CRL/ARL that FX CA issues to subordinate CA’s and verification
    of the signature.

6.2.         Private Key Protection and Cryptographic Module Engineering
             Controls
6.2.1.     Cryptographic module standards and controls
All of generation, backup, restoring, destruction and changeover of FX CA’s private signing keys
shall be performed by functions of cryptographic modules.

The cryptographic modules that FX CA deploys shall fulfill the requisites stated below.

       The processes of generation and use of private keys shall be throughout confined within the
       modules.

       In particular, the private keys shall be protect to unauthorized accesses by means such as
       encryption and tamper-resistant techniques.

       The functions of the modules, except for backup and restore of the private keys, shall not
       require output of the private keys to the outside of the modules or input of the private keys
       into the modules.

       Activation of hardware cryptographic modules shall require 2 separate smartcards to be
       inserted.

       The FX CA equipment shall be equipped with means to restrict access to the operations
       performance of which necessarily involves access to FX CA’s private signing key, and the
       restriction of the access shall be performed based on authentication of identity and rights.

       The modules shall be validated in accordance with the FIPS 140 Level 3 requirements.

       FX CA shall verify that the manufacturers of the modules performed appropriate quality
       management including the document-based process management when they manufactured
       the modules.



                                                                                                      41
FX CA shall select trusted traders for purchase and transportation of the cryptographic modules.

The cryptographic modules shall be installed in locked cabinets placed in rooms access to which
is restricted based on authentication of identity and rights.

In case of disposal, the cryptographic modules shall be destroyed by means of electromagnetic
erasure, physical fracture and so forth so that the stored data including private keys shall not be
retrieved any longer.

Personnel of FX CAP Operating Group shall supervise the events of purchase, transportation,
installation and disposal of cryptographic modules, and shall generate records of the processes
and results of the events.

6.2.2.   Private key (n out of m) multi-person control
Any operation to FX CA’s private signing keys shall be performed in the presence of plural
Private Key Administrator.

To enforce the multi-person control, hardware cryptographic modules shall be designed so that
its activation shall require 2 separate smartcards to be inserted.

6.2.3.   Private key escrow
Private key escrow shall not be performed.

6.2.4.   Private key backup
Backup of FX CA’s private signing keys shall be generated and shall be stored in external
storage media in case where the keys stored in the cryptographic modules are lost or damaged.
The backup of FX CA’s private signing keys stored in external storage media shall be protected
by means including the following.

    The keys shall be encrypted.

    The format of the storage media shall not allow modification, deletion or addition of data
    recorded on them

    Decryption (restoring) of the encrypted keys shall be performed inside the cryptographic
    modules.

Restoring of private signing keys shall be performed only by utilizing the corresponding function
of the hardware cryptographic modules in which the keys are restored, and the performance of
the function shall be activated only when the modules recognize two separate smartcards.

At least a single set of the storage media that store the backup of private keys shall be kept in a
locked safe such that it is opened in the presence of multiple personnel including at least one
Private Key Administrator.




                                                                                                42
6.2.5.   Private key archival
Private key archival shall not be performed.

6.2.6.   Private key transfer into or from a cryptographic module
FX CA’s private signing keys shall be generated inside the cryptographic modules only using
functions of the modules, and hence input of private keys into the modules shall be restricted to
the case of restoring the keys from backup in case of loss of the private key stored in the
modules.

In the same way, output of the private key from the cryptographic modules shall be restricted to
the case of generating backup of the keys.

Input and output of FX CA’s private signing keys to and from the cryptographic modules shall
require the presence of multiple Private Key Administrators.

6.2.7.   Private key storage on cryptographic module
FX CA’s private signing keys shall be stored inside the cryptographic modules.

6.2.8.   Method of activating private key
Activation of FX CA’s private signing keys requires an operation of the cryptographic modules,
and none other than Private Key Administrator shall not perform the operation necessary to
activate the keys.

The operation of the cryptographic modules to activate FX CA’s private keys shall require the
presence of multiple Private Key Administrators.

Once a FX CA’s private signing key is activated, it shall continue to be active until it is explicitly
deactivated.

6.2.9.   Method of deactivating private key
Private Key Administrators may deactivate private signing keys of FX CA by utilizing functions of
hardware cryptographic modules.

6.2.10. Method of destroying private key
Destruction of FX CA’s private signing keys shall require the presence of multiple Private Key
Administrators operating the cryptographic modules.

In case of disposal of storage media storing backup of FX CA’s private signing keys, the media
shall be destroyed by means such as electromagnetic erasure, physical fracture and so forth so
that the keys shall not be retrieved from the disposed media.

6.2.11. Cryptographic Module Rating
The cryptographic modules that FX CA deploys shall meet or exceed Security Level 3 specified
by FIPS 140-2.



                                                                                                   43
6.3.       Other aspects of key pair management
6.3.1.   Public key archival
No stipulation.

6.3.2.   Certificate operational periods and key pair usage periods
The expiration date of a certificate that FX CA issues shall not exceed that of the FX CA’s public
key pair that FX CA used to sign the certificate.

In addition, the validity period of FX CA’s public key pairs shall be 10 years.

6.4.       Activation data
6.4.1.   Activation data generation and installation
In FX CA system, access to hardware cryptographic modules shall be controlled based on
authentication of individuals and rights.

In fact, access to hardware cryptographic modules shall require authentication based on
smartcards to be inserted, retained by Private Key Administrators, and passwords to activate the
smartcards.

6.4.2.   Activation data protection
Access to activation data recorded in a smartcard shall be restricted by the access control
functionality of the smartcard.

The password to activate the smartcard shall have sufficient length and sufficient variety in
characters so that it shall not be subject to attacks of guessing it (e.g. the dictionary attack). The
length, character variety, validity period and other administrative factors of the password shall be
pursuant to written stipulations, which may be in conformance with standards such as FIPS 112.

6.4.3.   Other aspects of activation data
No stipulation.

6.5.       Computer security controls
6.5.1.   Specific computer security technical requirements
The following computer security functions may be provided by the operating system, or through a
combination of operating system, software and hardware. The computers used to perform
duties with respect to the operation of FX CA and its ancillary parts shall include the following
functionality.

    Require authenticated logins.

    Provide Discretionary Access Control.

    Provide a security audit capability.



                                                                                                   44
    Restrict access control to FX CA services.

    Enforce separation of duties for roles.

    Require use of cryptography for session communication and database security.

    Provide a capability for audits of the operation of FX CA.


6.5.2.     Computer security rating
No stipulation.

6.6.         Life cycle technical controls
6.6.1.     System development controls
System development for services of FX CA and its ancillary parts shall fulfill the requisites stated
below.

    Use software and equipments that have been designed and developed with appropriate
    quality management based on, for example, a formal, documented development
    methodology

    Hardware and software developed specifically for FX CA shall be developed under control
    with respect to personnel, organization and environment (e.g. network, software and
    equipments for development, physical environment) aspects, and the development process
    shall be defined and documented. In particular, to prevent leak of confidential information
    relating to the development, FX CA shall assign trusted developers, enforce training to them,
    restrict access to documents and restrict entering and leaving of the development spaces.

       FX CA shall select trusted traders for purchase and transportation of hardware equipments.

       Software and hardware equipments of FX CA and its ancillary parts shall not be used for
       purposes other than their initially planned ones.

       Proper care shall be taken to prevent malicious software from being installed. For example,
       FX CA shall assign trusted vender for purchase of software and shall scan purchased
       software for malicious code.

The same stipulations as the above shall apply to the operation of maintenance and update of
the systems of FX CA and its ancillary parts.

6.6.2.     Security management controls
The configuration of the FX CA system and any modification and upgrades shall be documented
and stored for a predetermined time period.




                                                                                                 45
The FX CA software, when first installed, shall be verified as being the version intended for use
and being that supplied from the vender with no modifications.

6.6.3.   Life cycle security controls
No stipulation.

6.7.      Network security controls
The FX CA equipment shall be isolated from any networks including the FX intranet.

6.8.      Time-stamping
No stipulation.




                                                                                              46
7. CERTIFICATE, CRL/ARL, AND OCSP PROFILES
7.1.      Certificate profile
7.1.1.   Version number(s)
FX CA shall issue X.509 v3 certificates.

7.1.2.   Certificate extensions
No stipulation.

7.1.3.   Algorithm object identifiers
FX CA shall generate signatures to the certificates that it issues in accordance with the algorithm
identified by the following OID.

sha-1WithRSAEncryption        {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 5}


7.1.4.   Name forms
The issuer and subject fields shall be populated with an X.500 Distinguished Name.

7.1.5.   Name constraints
No stipulation.

7.1.6.   Certificate policy object identifier
The certificates that FX CA issues shall assert the following certificate policy object identifier.

CP and CPS for FX CA                                         1.3.6.1.4.1.297.1.5.1.1


7.1.7.   Usage of Policy Constraints extension
No stipulation.

7.1.8.   Policy qualifiers syntax and semantics
No stipulation.

7.1.9.   Processing semantics for the critical Certificate Policies extension
No stipulation.

7.2.      CRL/ARL profile
7.2.1.   Version number(s)
FX CA shall issue X.509 v2 CRL’s.

7.2.2.   CRL/ARL and CRL/ARL entry extensions
No stipulation.

7.3.      OCSP profile
FX CA does not support the service of OCSP.


                                                                                                      47
7.3.1.   Version number(s)
No stipulation.

7.3.2.   OCSP extensions
No stipulation.




                             48
8. COMPLIANCE AUDIT AND OTHER ASSESSMENTS
8.1.      Frequency or circumstances of assessment
Audits to ensure that the operations and ancillary activities of FX CA are compliant to the
requirements of CP and CPS of this document, shall be performed at the following points of time:

    Once a year on a predetermined date.

    Whenever a serious violation is found in FX CA certification activities.

    Whenever FX CAP Committee recognizes necessity of the performance.


8.2.      Identity/qualifications of assessor
An auditor who belongs to an external Auditor Group shall perform the compliance audit.

8.3.      Assessor’s relationship to assessed entity
An auditor shall be independent of all of the operations of certification activities specified in this
document.

8.4.      Topics covered by assessment
 All the operations specified in this CPS, except for the audit activities, shall be in the scope of
the assessment.

8.5.      Actions taken as a result of deficiency
The external Auditor Group shall present the results of the compliance audits to FX CAP
Committee.

On receipt of the report, FX CAP Committee shall review the report, and, in case where it
recognizes a violation, appropriate measures are to be taken to correct the reported violation as
quickly as possible.

FX CAP Committee may take the following measures to correct the violation.

    Closing of FX CA.

    Limited-term or unlimited-term suspension of a part or the whole of the operation of FX CA.

    Questioning to Operating Manager or a responsible individuals by FX CAP Committee.

    Replacement of Operating Manager or responsible individuals.

    Further assessment by a committee comprised of individuals who are fully independent of
    the operation of FX CA.




                                                                                                   49
8.6.      Communication of results
The external Auditor Group shall create a documentation of the audit results and shall submit the
report to the Chair of FX CAP Committee. Reporting by Auditor shall be performed directly, not
indirectly through other people.

On receipt of the report, the Chair of FX CAP Committee shall summon a meeting of FX CAP
Committee to examine the contents of the report.

If the compliance to CP/CPS is recognized as the result of the evaluation, the FX CAP
Committee shall authorize the report.

On the contrary, if any violation against this CP/CPS is recognized, corrective measures shall be
discussed and instructed by FX CAP Committee.

In case of emergency, the Chair of FX CAP Committee may order the implementation of
temporary measures prior to holding of FX CAP Committee meeting. Even in such case, the
Chair of FX CAP Committee is not exempted from holding an FX CAP Committee meeting, and
the final measures, in resolving the violation, shall be agreed by FX CAP Committee.




                                                                                              50
9. OTHER BUSINESS AND LEGAL MATTERS
9.1.       Fees
9.1.1.   Certificate issuance or renewal fees
No stipulation.

9.1.2.   Certificate access fees
No stipulation.

9.1.3.   Revocation or status information access fees
No stipulation.

9.1.4.   Fees for other services
No stipulation.

9.1.5.   Refund policy
No stipulation.

9.2.       Financial responsibility
9.2.1.   Insurance coverage
No stipulation.

9.2.2.   Other assets
No stipulation.

9.2.3.   Insurance or warranty coverage for end-entities
No stipulation.

9.3.       Confidentiality of business information
Since FX CA does not acquire business information from any entities other than FX, no
stipulation is given to this issue.

9.3.1.   Scope of confidential information
No stipulation.

9.3.2.   Information not within the scope of confidential information
No stipulation.

9.3.3.   Responsibility to protect confidential information
No stipulation.

9.4.       Privacy of personal information
Since FX CA does not acquire any personal information, no stipulation is given to this issue.




                                                                                                51
9.4.1.   Privacy plan
No stipulation.

9.4.2.   Information treated as private
No stipulation.

9.4.3.   Information not deemed private
No stipulation.

9.4.4.   Responsibility to protect private information
No stipulation.

9.4.5.   Notice and consent to use private information
No stipulation.

9.4.6.   Disclosure pursuant to judicial or administrative process
No stipulation.

9.4.7.   Other information disclosure circumstances
No stipulation.

9.5.      Intellectual property rights
No stipulation.

9.6.      Representations and warranties
9.6.1.   CA representations and warranties
No stipulation.

9.6.2.   RA representations and warranties
No stipulation.

9.6.3.   Subscriber representations and warranties
No stipulation.

9.6.4.   Relying party representations and warranties
No stipulation.

9.6.5.   Representations and warranties of other participants
No stipulation.

9.7.      Disclaimers of warranties
No stipulation.

9.8.      Limitations of liability
No stipulation.



                                                                     52
9.9.      Indemnities
No stipulation.

9.10.     Term and termination
9.10.1. Term
No stipulation.

9.10.2. Termination
No stipulation.

9.10.3. Effect of termination and survival
No stipulation.

9.11.     Individual notices and communications with participants
No stipulation.

9.12.     Amendments
9.12.1. Procedure for amendment
FX CAP Committee retains rights to amend this document.

After FX CAP Committee authorizes amendment of this document, the amended version shall be
disclosed by means specified 2.2 of this document.   Moreover, the amended version becomes
valid at the moment of the disclosure.

9.12.2. Notification mechanism and period
In principle, amendment of this document need not to be notified to clients of FX prior to its
disclosure as specified in 2.2 of this document.

However, if FX CAP Committee recognizes that the amendment would have a significant impact
to existing clients of FX, FX CAP Committee may notify the amendment prior to its disclosure by
any means.

9.12.3. Circumstances under which OID must be changed
No stipulation.

9.13.     Dispute resolution provisions
No stipulation.

9.14.     Governing law
No stipulation.

9.15.     Compliance with applicable law
No stipulation.




                                                                                            53
9.16.     Miscellaneous provisions
9.16.1. Entire agreement
No stipulation.

9.16.2. Assignment
No stipulation.

9.16.3. Severability
No stipulation.

9.16.4. Enforcement (attorneys’ fees and waiver of rights)
No stipulation.

9.16.5. Force Majeure
No stipulation.

9.17.     Other provisions
No stipulation.




                                                             54

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:2
posted:11/23/2012
language:English
pages:54