FOR OFFICIAL USE ONLY

DoD Public Key Infrastructure (PKI)

ORC ACES Mobile Code Certificate Registration

Acknowledgement of Responsibilities

You, the subscriber, have been authorized to receive an ORC ACES digital certificate. With the certificate you will be able to digitally sign documents and identify yourself or your organization electronically.

During the registration process you will generate a digital certificate and private key. Your digital certificate will be used by other parties to verify your identity and digital signature and does not need to be protected. However, your private key must be protected because anyone with it can use your digital signature or assume yours, or your organization’s, digital identity. During the registration process you may be asked to protect your private key with a password. It is a requirement of the DoD PKI and ACES programs that you protect your private key with a password in accordance with the DoD Password Guideline. Please follow the instructions carefully in selecting a password because it is essential when using your private key. It is recommended that your password be no less than eight characters in length, and contain a combination of numbers, characters, and upper/lower case letters. It is your responsibility to ensure that no one has access to or uses your password or private key.

Should it be determined that someone else used your private key to sign a document, then you may be liable for failing to adequately protect it. If you suspect a compromise of your password or private key, immediately contact the ORC Issuing Authority (IA) for certificate revocation at 1-800-816-5548or .

Mobile Code SignerCertificate Obligations:

When requesting and using a mobile code signing certificate issued under the ORC ACES CPS, I accept for my organization and myself the following obligations:

  • Accurately represent yourself in all communications with the PKI and abide by all the terms, conditions, and restrictions levied upon the use of the issued private key(s) and certificate(s).
  • To protect the certificate private key from unauthorized access in accordance with the section 6.2 of the ACES CPS.
  • To immediately report to the RA if private key compromise is suspected.
  • Request that the Code Signing Attribute Authority approve and forward to the RA an authorization on the code signer's behalf to obtain a code signing certificate.
  • To apply for (generate a key pair) and download the code signing certificate onto the FIPS 140-1, level 2 validated smart card.
  • When not in use, the Code Signer hardware token shall be stored in a locked container.
  • Submit the certificate request to the CA via a secure (SSL protected) web session.
  • Digitally sign an email, using acceptable PKI credentials, that contains the subject Distinguished Name (DN), code signer DN, and the code signing certificate request number and send it to the ORC ACES RA.
  • In the event of Code Signer change (due to the verified individual having left the employ of the subscribing organization or is no longer assigned as the code signer for the certificate) the applicant organization must designate and notify the ORC ACES of the new Code Signer.
  • The Code Signer is a current employee of the organization and is authorized to obtain a code signing certificate(s) for the organization.
  • To use the certificate only for authorized applications which have met the requirements of this CPS.
  • To use the certificate only for the purpose for which it was issued, as indicated in the key usage extension.
  • To report any changes to information contained in the certificate to the appropriate RA/LRA.

Name:______Date:______

(Print: Last, First MI)

Signed: ______Organization: ______

(Signature)

Official Photo ID: ______Unique ID No.:______

(Type; i.e. Military, Driver’s License, Passport)

FOR OFFICIAL USE ONLY