8 The three types of S.E.E. Key

8.1.1 Please refer to paper 5 to understand the difference between the Passport, Business Card and Associate Card certificates.

8.1.2 Associate card certificates are not truly S.E.E. Keys in that they may be issued without smart tokens. They may be useful to support applications with specific requirements that cannot be fulfilled by the other two types of certificate.

8.1.3 Applications need to consider the implications of the differences among these types of certificate, for example an email address in a certificate should not be relied on solely for SENSITIVE systems because it may have been issued under weaker processes or not on a smart token.

8.1.4 Instead the certificate must consider the difference among certificates based on the contents of the CN field in the DN and/or by using Policy OID.