Index of documents supporting the Grant of Approval to Trustis’ Certificate Factory service.

1. What the tScheme Approved Service Mark signifies.
2. Approved Service - Service Description
3. Approval Profiles used in the assessment:
   

   Base Approval Profile	tSd0111	3.00
   Approval Profile for Certificate Generation	tSd0104	3.01
   Approval Profile for Certificate Dissemination	tSd0105	3.01
   Approval Profile for Certificate Status Management	tSd0106	3.01

Back to Grant details

---

What the tScheme Approved Service Mark signifies

When a trust service carries the tScheme Mark, you can be secure in the knowledge that:

• the service has been thoroughly evaluated against rigorous criteria by independent experts;
  
  
• the service provider has agreed to keep to these criteria;
  
  
• the service provider subscribes to the tScheme Code of Conduct;
  
  
• the service provider has agreed to act promptly and fairly to remedy faults.
  
  

For each service, tScheme approval is regularly reviewed and may be withdrawn.

This Grant of Approval does not affirm or endorse any claims of conformance to standards or adherence to guidelines not explicitly listed as forming part of the service assessment.

top

---

Approved Service - Service Description

Certificate Factory

Certificate Factory is designed to allow an organisation wishing to issue Digital Certificates, over which it has full control, to do so without the need to commit the significant investment required to establish a PKI. It allows the organisation to maintain complete control over all important commercial aspects such as the certificate policy; registration practices etc. while Trustis runs the technical PKI infrastructure at its secure Trust Service Centre.

In the Certificate Factory each organisation’s Certificate Authority (used to manufacture the digital certificates) is separate from all others and is run in accordance with its requirements and specifications. The digital certificates produced are manufactured to the organisation’s specification and are internally identified as that organisation’s certificates.

Key features of the Certificate Factory are:

• Complete managed service;
• Customised Certificate Policy and Certificate Profile;
• Dedicated Certificate Authority;
• Registration Authorities installed in organisation’s location under their control;
• Organisation branded certificates;
• Standards compliant (for example X.509 v3)
• Secure infrastructure certified to ISO27001.
• Products selected which have undergone external evaluations against established criteria FIPS, Common Criteria etc.);
• Support of a variety of cryptographic key management methods including smart cards, tokens etc.;
• Operational 24/7 with physically remote secure contingency facility.

The Certificate Factory is designed to satisfy organisations operating in a wide variety of fields including Finance, Government (Local and Central), NHS, Manufacturing, IT, telecoms and law.

top

---

The tScheme Code of Conduct

Participants in the electronic trust services industry strive:

• to act in an honest, fair, reasonable and trustworthy manner;
  
  
• not to bring electronic trust services into disrepute;
  
  
• to provide clear information about what each electronic trust service provides, including limitations and exclusions, to those who rely on that service;
  
  
• to meet service commitments and obligations;
  
  
• to be proactive in identifying and correcting faults and deficiencies in electronic trust services;
  
  
• to operate in accordance with appropriate standards;
  
  
• to act promptly in resolving complaints relating to electronic trust services.

top