Skip to content.
|Networking government in New Zealand.
 
You are here: Home » Services » SEEMail » S.E.E. PKI: Paper 1 - Governance and Accreditation » Appendix 1 - Contract Issues

Appendix 1 - Contract Issues

Accreditation will require a contractual relationship between the CA and the e-government unit.

Certificate policy is the core of the contract.

Need to be able to remove accreditation of CA

Migration of no longer accredited CA customers to another CA should consider:

  • migration to another CA

  • avoidance of proprietary systems that prevent migration.

CA must be able to provide list of all certificates issued to an organisation, at any time. (is this a CPS?)

They must have a security policy - we must accept it - it must be audited to prove they are using it

Information must be held in NZ - a backup copy may be held offshore, but not used for any other purpose. (Privacy Act)

CA's must have good financial health and operating record.


[ Previous ]