Time within which CA must process the revocation request

4.8 Certificates revocation and suspension

4.8.5 Time within which CA must process the revocation request

The revocation request will be processed in the shortest possible time, always following the procedure of verification and authentication of the request, which is the Issuance Reports Manager’s responsibility.

4.8.6 CRL lists verification requirements

The relying parties must check the status of certificates which will rely. For this intent, they can check the latest CRL issued within the period of validity of the certificate of interest.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

4.8.7 CRL issuance frequency

As defined in the CPS of ANF AC.

4.8.8 Revocation online verification availability

ANF AC offers relying third parties an on-line revocation checking service, which is available 24 hours a day, 7 days a week.

4.8.9 Revocation online verification requirements

Trusted third parties must check the status of those certificates they wish to be entrusted to through https://www.anf.es website.

The consultation system requires prior knowledge of some parameters of the certificate of interest. As this procedure prevents massive data collection.

This service meets the requirements in terms of protection of personal data and only copies of these certificates provided to third parties duly authorized.

Access to this system is free.

4.8.10 Certificate suspension

Not applicable.

4.8.11 Suspension requests authentication and identification

Certificate suspension is not allowed.

4.9 Key storage and recovery

ANF AC does not store or has the ability to store the private key of the subscribers, and therefore offers no key recovery service.

4.10 Good practices

a) Private keys stored in PKCS#12 files.

Some issuers generate the key pair for their subscribers, and then deliver the validated SSL certificate in a PKCS #12 file. This is considered an unsafe practice and, as outlined in this CP, this CA does not generate the keys of subscribers. The subscriber is the one that generates his own key pair, in any of the software or hardware forms. ANF AC does not have in any case access to the private key of its users.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 b) Validated domains.

ANF AC validates the domain of legal or natural persons requesting a SSL or Electronic Office certificate, so that the certificate data are valid and updated.

c) Large life cycle of validated certificates.

Although the term of end-entity certificates issued by ANF AC does not exceed two years, it is possible that the owner has requested an automatic renewal and, therefore, the life cycle of the certificate is of long duration.

However, there is the possibility that a person has bought a domain, which until a certain date was owned by someone else. If the previous owner had a certificate of a validated SSL domain that is still valid, it is possible that the previous owner, with his valid certificate and DNS spoofing, can provide secure access to a malicious site.

To avoid this scenario, ANF AC verifies that the data included in the certificate is valid and updated at time intervals of 24 months.

d) Wildcard domains.

Some entities that issue validated domain certificates, issue certificates that can function as wildcards, for example, a certificate for *. example.com where the CA verifies only the ownership and control of the example.com domain.

This enables a subscriber to establish a malicious website with SSL protection in order to mimic legitimate sites such as paypal.example.com, and all without the knowledge of the CA. ANF AC has as a good practice to NOT issue certificates that can be used as wildcard domains.

e) Prefixes of e-mail address of Domain Validated Certificates.

ANF AC limits the set of addresses verification email to the following:

 admin @ domain

 administrador @ domain

 webmaster @ domain

 hostmaster @ domain

 postmaster @ domain

and any other address appearing in the technical contact field or registry administrative of the whois domain, regardless of the domains of the addresses.

No case-sensitive discriminations are imposed to subscribers in relation to the previous list.

f) Delegation of e-mail validation to third parties

ANF AC directly validates the identification of e-mail address in the whois, avoiding the delegation to third parties identification.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 g) End-entity issuance from the root

ANF AC issues SSL certificates from a subordinate authority which does not compromise the private key of the root, delegating the issue to a subordinate CA.

h) Allow external entities to operate subordinate CAs

Subordinate CA certificates issued by ANF AC, are managed directly and exclusively by ANF AC, who in no case allows its operation by external entities.

i) Certificates to HOST names or private IP addresses

ANF AC only issues SSL certificates to public domains that can be resolved on the Internet, avoiding the issue of certificates to private IP can use the certificates for an organization or home network and domains that can not be resolved by DNS.

j) Minimum key lenghts

ANF AC keeps track of the algorithms used and of secure key lengths, in accordance with the recommendations published by NIST or sites as https://wiki.mozilla.org/CA:MD5and1024

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

5 Facility, management and operational controls

ANF AC maintains the following criteria in relation to the information available for audit and analysis of incidents relative to certificates.

a) Control and Incident Detection

Anyone interested can communicate their complaints or suggestions through the following means:

 By telephone: 902 902 172 (calls from Spain); +34 933 935 946 (International).

 By email: [email protected]

 Completing the electronic form available on the website https://www.anf.es

 In person at one of the offices of the Recognized Registration Authorities.

 In person at one of the offices of ANF AC.

The annual internal audit protocol specifically requires the completion of a review of the operation of certificates issuance, with a sample of 3% of the issued certificates.

b) Incident Registration

ANF AC has an Incident Registry entering any incident that has occurred with the certificates issued, and the evidence obtained. These incidents are recorded, analyzed and resolved according to the procedures of the Management System of Information Security ANF AC.

The Security Manager determines the severity of the incident and identified as responsible and, in case of significant security incidents, reports to the PKI Governing Board. In cases of fraud or phishing, the information is reported to the Anti-Phishing Working Group site,

http://www.antiphishing.org/report-phishing/.

5.1 Physical security controls

As defined in the CPS of ANF AC.

5.2 Procedural controls

As defined in the CPS of ANF AC.

5.3 Personnel controls

As defined in the CPS of ANF AC.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

6 Technical security controls

6.1 Key pair generation and installation

As defined in the CPS of ANF AC.

6.2 Private Key Protection

As defined in the CPS of ANF AC.

6.3 Other aspects of key pair management

As defined in the CPS of ANF AC.

6.4 Activation data

As defined in the CPS of ANF AC.

6.5 Computer security controls

As defined in the CPS of ANF AC.

6.6 Life cycle technical controls

As defined in the CPS of ANF AC.

6.7 Network security controls

As defined in the CPS of ANF AC.

6.8 Time-stamping

As defined in the CPS of ANF TSA CA.

6.9 Cryptographic Module Security Controls

As defined in the CPS of ANF AC.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

7 Certificates and CRLs profiles

Intended uses: signature, SSL client, S/MIME, SCL, VPN, encryption (without key recovery).

7.1 Certificates profile

7.1.1 Common fields and extensions

I. Common fields

X.509v1 Field

FIELD CONTENT CRITIC MANDATORY

Version V3 YES

Serial Number *¹

Automatically set by the Certification Entity. It is used to uniquely identify the certificate.

YES

Signature Value Signature coded as bit stream YES

Issuer

Common Name (CN) Common name of the CA issuing the

certificate YES

Serial Number ID (CIF) of the Certification Services

Provider YES

Organizational Unit (OU)

Organizational unit within the Certification Service Provider responsible for issuing the certificate

YES

Organization (O) Official name of the Certification Service

Provider YES

Country (C) Country of the Certification Services

Provider YES

Locality (L) Locality/address of the Certification Services Provider

State (ST) Province where the Certification Service Provider is located

EmailAddress (E) E-mail address of the Certification Service Provider

Validity YES

notBefore Validity start date

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

notAfter Validity end date

Subject YES *²

Common Name (CN) DNS Domain where the certificate will be

hosted, as specified in 3.1.2 YES

Organization (O) Name or corporate name of the

subscriber. YES

GivenName Subscriber name (as stated on the ID

card or passport). YES

SurName

Surname(s) of the subscriber, according to identity (ID / Passport / NIE) and DNI / NIE (see criteria of CN field composition).

YES

Serial Number CIF (tax code) of the subscriber YES

Country (C) Country (Two digits as set in ISO 3166-1) YES *³

Locality (L) Locality/address of the subscriber YES *³

State (ST) Province of the subscriber YES *³

Email (E) E-mail address of the subscriber

2.5.4.41

Complete name of the certificate applicant (as stated in the identity document)

II. Common extensions

X.509v3 Extensions

EXTENSION CONTENT CRITIC MANDATORY

Certificate Policies YES

Policy Identifier As stated in section 1.2 Identification Policy Qualifier ID

Policy CPS Location https://www.anf.es/en/

Subject Alternative Names rfc822Name

(String) Size [RFC 5280] 255

Contact e-mail address given by the

subscriber

dNSName Fully-Qualified Domain Name (FQDN)

associated to the server of the certificate

Subject Key Identifier YES

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 Key Identifier

Identifier derived from the hash function used on the public key of the subject.

According to standards RFC2459 &

PKCS#1.

Authority Key Identifier YES

Key Identifier

Identifier of the issuer’s public key.

According to standards RFC2459 &

PKCS#1.

AuthorityCertIssuer Name of the CA whose key is identified in keyIdentifier

AuthorityCertSerialNumber Serial number of the CA certificate Subject Directory Attributes *⁴

title (T) (2.5.4.12) Title / position / role of the legal representative

streetAddress (2.5.4.9) Address of the subscriber

Postal Code (2.5.4.17) Postal Code of the subscriber Propietary extensions

1.3.6.1.4.1.18332.29.1 Name of the device owner 1.3.6.1.4.1.18332.29.2 Surname of the device owner 1.3.6.1.4.1.18332.29.3 Last name of the device owner 1.3.6.1.4.1.18332.29.4 NIF of the device owner

1.3.6.1.4.1.18332.29.5 E-mail address of the device owner 1.3.6.1.4.1.18332.29.7 Department of the device owner

1.3.6.1.4.1.18332.10.1 Name of applicant (legal representative)

1.3.6.1.4.1.18332.10.2 First name of applicant (legal representative)

1.3.6.1.4.1.18332.10.3 Last name of applicant (legal representative)

1.3.6.1.4.1.18332.10.4 ID card number of of applicant (legal representative)

1.3.6.1.4.1.18332.10.5 Title of applicant (legal representative) 1.3.6.1.4.1.18332.10.6 Indicates if the power is joint

1.3.6.1.4.1.18332.10.7 E-mail address of applicant (legal representative)

1.3.6.1.4.1.18332.19 Certificate localizer

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 1.3.6.1.4.1.18332.19.1 Session identifier

1.3.6.1.4.1.18332.40.1 Specifies if the certificate has been issued with the Recognized Certificate grade.

1.3.6.1.4.1.18332.41.1 Liability limit assumed by the issuer CA, in Euros.

1.3.6.1.4.1.18332.47.1 UUID Device P&S Original

1.3.6.1.4.1.18332.92 Trademarks or trade names owned 1.3.6.1.4.1.18332.92.1 Trademarks distributed

Issuer Alternative Names rfc822Name

(String) Size 255 [RFC 5280]

E-mail address of the Certification Entity that issued the certificate

dNSName DNS of the Certification Entity issuing the

certificate

Basic Constraints End Entity

CA : FALSE

Subject Type = End Entity

Restriction of route length = None YES

Authority Information Access YES

Access Method Id-ad-ocsp with OID 1.3.6.1.5.5.7.1.1

accessLocation Web address for On-line Certificate Status Protocol queries

caIssuers URL to download the issuer certificate

Key Usage SI

Key Certificate Signature = 0 CRL Signature = 0

extKeyUsage

Server authentication Client authentication

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 QcStatements OID 0.4.0.1862.1

QcRetentionPeriod *⁵ OID 0.4.0.1862.1.3

15 years

Retention period for the certificate usage information

QcCompliance OID 0.4.0.1862.1.1

Indicates whether the certificate is issued with the qualification of recognized QcLimitValue

OID 0.4.0.1862.1.2

Amount limit of liability assumed by the issuer expressed in EUROS

QcSSCD

OID 0.4.0.1862.1.4

Use of the HSM device to store the certificate and sign

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 CRLDistributionPoints *⁶

distributionPoint [1] Distribution point of the Website where the CRL # 1 resides

YES

distributionPoint [2] Distribution point of the Website where the CRL # 2 resides

distributionPoint [3] Distribution point of the Website where the CRL # 3 resides

*¹ According to the RFC5280. Positive integer, not bigger than 20 octets (1- 2¹⁵⁹).

*² According to the RFC5280. The Subject field must be mandatorily completed.

*³ According to ETSI-QC must necessarily reflect the field Country (See RFC3739 / ETSI 101862).

*⁴ [RFC5280] Subject Directory Attributes (OID 2.5.29.9) .

*⁵ According to ETSI TS 101 862 v1.3.3, this describes the period of retention of all information relevant to the use of a certificate, after its expiration.

*⁶ Web where the CRL lies (distribution point HTTPS or LDAP with authenticated server).

7.1.2 Specific fields according to the signature algorithm

X.509 v1 Field

FIELD CONTENT CRITIC MANDATORY

Signature Algorithm Signature Algorithm type identifier YES

Signature Hash Algorithm Signature Hash Algorithm type identifier YES

SSL Certificates, SSL EV, Electronic Office (Medium and High level) and Electronic Office EV (Medium and High level) may be issued with signature algorithms:

 SHA-1WithRSAEncryption

 SHA-256WithRSAEncryption In the case of

 SHA-1WithRSAEncryption the SignatureHashAlgorithm field value is SHA-1.

In the case of

 SHA-256WithRSAEncryption the SignatureHashAlgorithm field value is SHA-256.

The issuance of certificates with SHA256WithRSAEncryption signature algorithm requires that the issuing CA uses a certificate of equal or greater level.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 SHA1 Sunset

ANF Certification Authority, as a CABForum member, joins to the policy of ceasing to use cryptographic algorithms considered by the industry as potentially breakable. That is why it has been set this schedule in order to end the usage of the SHA1 digestion algorithm in favor of its evolution, the SHA2 (SHA256 – SHA512).

Root Certificates

Although there is no international agreement on setting a date for the end of using SHA1 in root

certificates because of the complexity of its change, since they are integrated into multiple software and hardware platforms, which are very difficult to update, ANF AC decided in 2013, for the issuance of the new ANF Global Root CA root certificate, to use the SHA1 algorithm and re-stamped to SHA256 with a 4096 bits key length. These certificates will be valid until June 5, 2033.

These certificates are the root of the certification hierarchy under which all certificates approved in the European Union are issued.

It is established that if the algorithms or key lengths used by the root certificates are compromised at any time, the PKI Board will order the re-stamp of all certificates in that situation.

Intermediate Certificates

The CAB Forum established the prohibition to the CAs that follow the BaselineRequirements to issue Intermediate Authority certificates with SHA1 algorithm from January 1, 2016.

The ANF Global Root CA hierarchy has 4 Intermediate Authorities (CA IA), all of them with SHA1 algorithm, SHA256 and 4096 bits key length. Its expiration is on July 23, 2023.

These Intermediate Authorities are:

 ANF Assured ID CA1

 ANF Global CA1

 ANF High Assurance AP CA1

 ANF High Assurance EV CA1

It is established that if the algorithms or key lengths used by the intermediate certificates are compromised at any time, the PKI Board will order the re-stamp of all certificates in that situation.

Final Certificates

In the same way as IA certificates, in the final certificates was established not to issue certificates with SHA1 algorithm from January 1, 2016.

Moreover, to these user certificates, from January 16, 2015 no certificates with SHA1 algorithm with expiration subsequent to January 1, 2017will be issued, under the policy of disuse.

This policy is applicable to all end-user certificates issued by ANF AC, those that are outlined by its certification policy. To see the updated list can be visited:

http://anf.es/es/politicas/psc-acreditado/politicas-certificacion.html

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 Unused hierarchy

Following the BaselineRequirements and the recent agreements defined in this text, no certificates have been issued under the ANF Global Root CA hierarchy with SHA1 signature algorithm.

Therefore this hierarchy was created and is owned by ANF Certification Authority but has never been used beyond to issue internal tests because at the same time his generation and start-up was planned, the agreements that prevent its use were published.

7.1.3 Specific fields according to key length

X.509 v1 Field

FIELD CONTENT CRITIC MANDATORY

Subject Public Key Info Subject's public key, encoded according to

the cryptographic algorithm YES

All the certificates are issued with SHA256WithRSAEncryption signature algorithm use at least 2048-bit key lengths.

7.1.4 Specific Fields by type of certificate

7.1.4.1 SSL Secure Server Certificate (With SHA-1)

X.509v1 Field

FIELD CONTENT CRITIC MANDATORY

Subject YES

Organizational Unit (OU) SSL Secure Server Certificate YES

Signature Algorithm SHA1WithRSAEncryption Signature Hash Algorithm SHA1

Subject Public Key Info RSA 2048 minimum Certificate Policies

UserNotice

(no longer than 200 characters)

A statement by the issuing CA, in which reference to certain legal rules, is expressed.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

7.1.4.2 SSL Secure Server Certificate (With SHA-256)

X.509v1 Field

FIELD CONTENT CRITIC MANDATORY

Signature Algorithm SHA256WithRSAEncryption Signature Hash Algorithm SHA256

Subject Public Key Info RSA 2048 minimum

Subject YES

Organizational Unit (OU) SSL Secure Server Certificate YES

Certificate Policies YES

userNotice

(no longer than 200 characters)

A statement by the issuing CA, in which reference to certain legal rules, is expressed.

7.1.4.3 SSL EV Secure Server Certificate (with SHA-1)

X.509v1 Field

FIELD CONTENT CRITIC MANDATORY

Subject YES

Organizational Unit (OU) SSL EV Secure Server Certificate YES

Signature Algorithm SHA1WithRSAEncryption Signature Hash Algorithm SHA1

Subject Public Key Info RSA 2048 minimum

BusinessCategory (2.5.4.15) ^*7

Possible values:

- "Private Organization" for Private organization

- "Government Entity" for Public Entity - "Business Entity" for Corporation - "Non-commercial Entity"for

Locality in which the company is registered

JurisdictionOfIncorporationS tateOrProvinceName (1.3.6.1.4.1.311.60.2.1.2)

Province in which the company is registered

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1 JurisdictionOfIncorporationC

ountryName

(1.3.6.1.4.1.311.60.2.1.3)

Country in which the company is

registered YES

Certificate Policies userNotice

(no longer than 200 characters)

A statement by the issuing CA, in which reference to certain legal rules, is expressed.

*⁷ In accordance with section 9.2.4 of the “Guidelines For The Issuance And Management Of Extended Validation Certificates” Version 1.4 (https://www.cabforum.org/Guidelines_v1_4.pdf), the content of this field will dependo n the properties of the subscribers, according to the values given in this certificate profile.

7.1.4.4 SSL EV Secure Server Certificate (with SHA-256)

X.509v1 Field

FIELD CONTENT CRITIC MANDATORY

Subject YES

Organizational Unit (OU) SSL EV Secure Server Certificate YES

Signature Algorithm SHA256WithRSAEncryption Signature Hash Algorithm SHA256

Subject Public Key Info RSA 2048 minimum

BusinessCategory (2.5.4.15) ^*7

Possible values:

- "Private Organization"

- "Government Entity"

- "Business Entity"

- "Non-commercial Entity"

YES

JurisdictionOfIncorporationL ocalityName

(1.3.6.1.4.1.311.60.2.1.1)

Locality in which the company is registered

JurisdictionOfIncorporationS tateOrProvinceName (1.3.6.1.4.1.311.60.2.1.2)

Province in which the company is registered

JurisdictionOfIncorporationC ountryName

(1.3.6.1.4.1.311.60.2.1.3)

Country in which the company is

registered YES

Certificate Policies userNotice

(no longer than 200 characters)

A statement by the issuing CA, in which reference to certain legal rules, is expressed.

Certificate Certification Policy for SSL, SSL EV, Electronic Office and EV Electronic Office OID 1.3.6.1.4.1.18332.55.1.1

In document National Register of Associations. Number CIF G (Page 30-82)