12 Accreditation for what?

12.1.1 CAs may seek S.E.E. Key accreditation primarily to add to their list of accreditations, and use the brand for marketing. This could prove burdensome for S.E.E.

12.1.2 The scope of S.E.E. Key is the authentication of public servants to web based applications, and therefore specifically excludes digital signature, and use outside of government.

12.1.3 CAs must not use the S.E.E. brand to endorse products and services outside of this scope.

12.2 Issuing and reliance

12.2.1 This accreditation scheme defines how we will accredit CAs that government agencies use to issue certificates.

12.2.2 It is expected that applications handling SENSITIVE information will be configured to trust only S.E.E. Accredited CAs.

12.2.3 However individual applications authenticating users outside of government must be allowed to be configured to trust other CAs in addition to the S.E.E. Accredited CAs, for example the health sector applications may be configured to trust both S.E.E. CAs and the HealthCert CA.

12.2.4 This delegation of responsibility to the application owner (relying party), does not affect the security of other S.E.E. agencies, and is compatible with the APEC E-Security Task Group's proposed cross-recognition model.

12.2.5 Application owners will need guidance in determining whether to trust a particular non-S.E.E. Accredited CA but this is outside the scope of this document.