ICAO Public Key Directory ICAO PKD Key Ceremony Procedures

Similar documents
ICAO Public Key Directory (PKD) How to join

Christiane DerMarkar Programme Officer PKD

Christiane DerMarkar Programme Officer - PKD Secretary of the PKD Board

ICAO PUBLIC KEY DIRECTORY (PKD)

ICAO Public Key Directory (PKD)

Introduction ICAO PKD Higher Travel Security. ICAO TRIP Seminar 9 to 11th May 2016

ICAO Public Key Directory (PKD)

Public Key Directory: What is the PKD and How to Make Best Use of It

ICAO PUBLIC KEY DIRECTORY (PKD) Christiane DerMarkar ICAO PKD Officer

Implementation of the Public Key Directory

MEMORANDUM OF UNDERSTANDING (MOU)

epassport PKI Validation & the ICAO PKD

ICAO Public Key Directory (PKD)

MINISTERIAL CONFERENCE ON AVIATION SECURITY AND FACILITATION IN AFRICA. WINDHOEK, NAMIBIA, 4-8 April 2016

ICAO PUBLIC KEY DIRECTORY (ICAO PKD) 2007 ANNUAL REPORT TO PARTICIPANTS

Roman Vanek PKD Board Chairman

THE BEAGLE CLUB. (Founded 1890)

SCHEDULE OF Unlicenced RALLY EVENT. (held under ROL Rules & Regulations) COMPETITION VENUE ONLINE. DATE OF COMPETITION 20 October 3 November 2017

CSCA Top 10 Gala Event Guidelines. The inaugural event will take place at the 2018 CSCA National Specialty.

Animal Research Ethics Procedure

SCHEDULE OFIndependent RALLY EVENT. (held under ROL Rules & Regulations) COMPETITION VENUE ONLINE. Competition Date (Judging)1 December 2018.

REGULATIONS. SECTION R The REGISTER and REGISTRATIONS

BREEDING & REGISTRATION RULES (January 2011)

No more breed exams! AKC Online Education Platform

Bare Bones Just how the dogs like it!

Animal Use Subcommittee. Post Approval Monitoring Policy Approved: September 13, 2012 Supersedes: August 13, Goal. Mandate

D & S Dogs of Course Present the AAC Sanctioned 2019 Spring into Action Trial

Ohio State Board of Pharmacy Compliance in Veterinary Practice

Public Qualifying & Try Outs: Information Sheet Purina Farms, Gray Summit, Missouri September 30 th, 2016

Lune Valley Dog Training Club. (in conjunction with Fitdogs) Schedule of Open. Rally Competition

Sanctioned Agility Trial June 9 th -10 th, 2018

LIGRC Incentive Awards and Challenge Trophies

REGULATIONS PART 3 JUDGES TRAINING EXAMINATION PROGRAM

AAC Sanctioned Agility Trial

Dogs and Cats Online All of our Puppies in One Basket

University Council on Animal Care

GUIDELINES FOR THE OPERATION AND MANAGEMENT OF DOG BREEDING ESTABLISHMENT

VETERINARY SURGEONS (GENERAL PROVISIONS) (JERSEY) ORDER 2012

TITLE 532 BOARD OF COMMERCIAL PET BREEDERS CHAPTER 1 ORGANIZATION, OPERATION, AND PURPOSES

GUIDELINES FOR YOUR VETERINARIAN Submitting Radiographs to VDD

DEPARTMENT OF LICENSING AND REGULATORY AFFAIRS DIRECTOR'S OFFICE VETERINARY MEDICINE - GENERAL RULES

California Narcotic Canine Association. Standards for Patrol Dog Certification

drugs, which examine by central competent authorities.

If you did not register your device by Spring 2017, you must purchase a clicker license and register your device to your mybama account.

RHODESIAN RIDGEBACK CLUB of SOUTH AUSTRALIA INCORPORATED

Limited Fun Match. Saturday, March 28, Check In and Measuring. Trial Secretary: Nancy Gray. Trial Chair: Vi Sucart

PORTUGUESE WATER DOG CLUB OF AMERICA, INC. BREEDER REFERRAL PROGRAM & LITTER LISTING AGREEMENT Introduction

REGULATIONS. SECTION R The REGISTER and REGISTRATIONS

GCCF DISCIPLINARY PROCEDURES FIXED PENALITES

HUNGARIAN VIZSLA CLUB FIELD TRIAL SCHEDULE ALL HPRS 2018/ 2019 KC ID NO. 1278

JUDGES COMPETENCY FRAMEWORK

Judges Competency Framework Overview

The Uniacke Dog Sport Club * (UDSC)

European Regional Verification Commission for Measles and Rubella Elimination (RVC) TERMS OF REFERENCE. 6 December 2011

A Bill Regular Session, 2017 HOUSE BILL 1717

Conducting Programs for the Implantation of Electronic Identification Devices (EID) in Companion Animals

Nothing But Games Trial

JUDGES TABLE OF CONTENTS

Sydney School of Veterinary Science

CLUMBER SPANIEL CLUB OF AMERICA Top Ten Event Rules

Breed Survey Manual of the GSD Federation of South Africa February Breed Survey Manual. Section Objects... 2

March 30 & 31, Spring Fling Trial. A Limited AAC Sanctioned Agility Trial. Neitak Equestrian Centre, Stony Plain, AB

JUDGES COMPETENCY FRAMEWORK

Nothing But... Proctoring Trial

GERMAN SHEPHERD DOG CLUB OF AMERICA

N.A.R.A. COVER PAGE SAMPLE INSERT NARA LOGO AND OTHER GRAPHICS. North American Ring Association. Scorebook / Carnet de Travail

THE FAMOUS SPRING FLING!!!

7. Flock book and computer registration and selection

Level 3 Award in Implantation of Identification Microchips in Animals VSMI001 Qualification Handbook

HOLBEACH CEMETERY CHAPELS TRUST Photography Competition 2017

RULES FOR THE LICENSING AND REGISTRATION OF BREEDING STALLIONS WITH THE HIGHLAND PONY SOCIETY 1 SUBMISSION OF APPLICATIONS Those submitting stallion

SECTION I - SHOW REGULATIONS AND CLASSIFICATIONS

Fundy Agility & Sports Team Is proud to Present an

CHAPTER Committee Substitute for Senate Bill No. 1540

OHIO LEGISLATIVE SERVICE COMMISSION

The Flat-Coated Retriever Society of America, Inc. Hall of Fame Effective Date: January 1, 2014 Requirements Updated 07/2013

PNCC Dogs Online. Customer Transactions Manual

ICAO WCO Joint Conference on Enhancing Air Cargo Security and Facilitation

PNCC Dogs Online. Customer Transactions Manual

Better Training for Safer Food

Specifications for the organization of the FCI IPO European Open for Tracking Dogs

5 STAR DOG TRAINING ANNUAL SPRING TRIAL. MAY 12, 13, & 14, 2017 Dick Hart Ballpark, outdoors on grass

2017 CORPORATE MEMBERSHIP PROGRAM

Pit Bull Dog Licensing By-law

Office Managers Meeting

August 31, 2013 (Unbenched, Unexamined and Held under Canadian Kennel Club Rules)

VI. SHOWS AND TRIALS

Specifications for the organisation of the ATIBOX FH World Championship and the competitions 1

American Rescue Dog Association. Standards and Certification Procedures

TransLink Assistance Animal Pass

Qualifications of Exhibitor

Welsh Springer Spaniel Club of America, Inc. Mentor Program. WSSCA Mentor Program Application

Judging Approval Process Effective March 1, Frequently Asked Questions

GERMAN SHEPHERD DOG CLUB OF AMERICA, INC. BREED SHOW RULES

Sub: Use of EVM in the elections- additional transparency measures

GLANDORE DOG TRAINING CLUB OF ULSTER

Continued animal holding beyond the year of certification constitutes Procedural Non-Compliance and will be treated as such.

SECTION 7 REGISTRATION. 7.1 Registration. 7.2 Kennel Prefix. 7.3 Naming of Dogs. 7.4 Registration of Progeny. 7.5 Limited Register Regulations

2016 No. 58 ANIMALS. The Microchipping of Dogs (Scotland) Regulations 2016

THE JACOB SHEEP SOCIETY

Transcription:

ICAO Public Key Directory ICAO PKD Key Ceremony Procedures Update for new ICAO PKD Service 2016 Last modification: Final 1

Table of Contents 1. Introduction 3 2. Key ceremony Overview 3 3. Definition of roles 4 4. What needs to be done prior to key ceremonies 4 4.1. Prior to first key ceremony after the participant joint the PKD 4 4.2. Prior to key ceremonies to renew CSCA certificates 6 4.2.1. Self-signed CSCA certificates 6 4.2.2. CSCA certificates with corresponding CSCA Link certificate 7 5. What is done during key ceremonies 9 5.1. Key ceremonies with self-signed CSCA certificates 9 5.2. Key ceremonies for CSCA certificates with corresponding CSCA Link certificate 10 Last modification: Final 2

1. Introduction The CSCA is the Country Signing Certificate Authority. Each participants needs to import at least one CSCA certificate as trust anchor into the ICAO PKD system before uploads of new issued Document Signer Certificates, CRLs, Master Lists or Deviation Lists can be done through the PKD electronic interface. These key ceremonies are done at the ICAO HQ in Montreal by the ICAO PKD office. 2. Key ceremony Overview The key ceremony for CSCA and CSCA Link certificates is a formal procedure to import the CSCA certificates into the ICAO PKD System after checking their conformance to ICAO standards. Key ceremonies are always done in 2 steps: Step 1: registration of a key ceremony. This is done to make sure that the key ceremony can be carried out successfully (check personal data of the representative of. a participant state, check the correctness and conformance of the CSCA certificates) Step 2: key ceremony with import of the CSCA certificate to the HSM There are basically two types of key ceremonies: a) Key ceremony with self-signed CSCA certificates: these certificates require the secure submission of the certificates to be imported by an authorized representative of the participating state and the presence of such during the key ceremony at ICAO HQ in Montreal (for the first import as well as for renewing CSCA certificates). b) Key ceremonies with CSCA certificates and corresponding CSCA Link certificates: for renewing CSCA certificates participant states can use CSCA Link certificates. These certificates can be provided to the ICAO PKD Office by electronic means and are then imported by ICAO on behalf of the participant state. This procedure does not require the presence of a representative of the state. Last modification: Final 3

3. Definition of roles Role Issuing authority of the PKD participant Representative of PKD participant ICAO PKD ICAO PKD Officer Organization PKD participant PKD participant ICAO ICAO 4. What needs to be done prior to key ceremonies 4.1. Prior to first key ceremony after the participant joint the PKD Certain information is required to be gathered before the first CSCA cert can be imported into the ICAO PKD System. With the following information, we can proceed with the import ceremony: As below, the pre-requisites required before the CSCA Import Ceremony can commence: Activities prior to first key ceremony after the participant joint the PKD Step Who Activity Status 1 Issuing Authority of the PKD participant Complete Notice of Participation form to Secretary-General of ICAO 2 Issuing Authority of the PKD participant Completed Registration form for Participation in ICAO PKD as in Attachment B of ICAO PKD Regulations & Procedures document. 3 Issuing Authority of the PKD participant The CSCA certificate shall be checked for conformance to the ICAO standards by the participant by the means of the ICAO PKD conformance website. In case of issues with the certificates the participants should contact the PKD support of Veridos Last modification: Final 4

(pkdsupport@verdios.com) for assistance. 4 Issuing Authority of the PKD participant 5 ICAO PKD The participant submits the CSCA certificate along with the electronic thumbprint to ICAO by electronic means for registering the key ceremony. Participants need to submit also the following information about their representative who will be present at ICAO in Montreal to hand over the CSCA certificate (e.g. by providing a copy of the ID document Passport/ID card) Sex Title First name Last name Date of birth Email Type of ID for identification (ID card or Passport) Number of ID document Expiration date of ID document The ICAO PKD accesses the PKD system with authorization via smart card. The submitted CSCA certificate is copied on a USB storage device and transferred to the operation workstation of the ICAO PKD. The submitted CSCA certificate is registered in the PKD system by the ICAO PKD operator, the conformance to the ICAO standards is checked and the personal data of the announced participant representative is entered and saved. 6 ICAO PKD Representative After successful registration of the CSCA certificate the appointment for the key ceremony at ICAO HQ in Montreal with import of the CSCA certificate is made with ICAO Last modification: Final 5

4.2. Prior to key ceremonies to renew CSCA certificates 4.2.1. Self-signed CSCA certificates If the participant is going to renew a CSCA certificate by a new self-signed CSCA certificate the process requires a personal hand-over of the new CSCA certificate at ICAO in Montreal by an authorized representative of the participant state. Prior to the key ceremony the following steps need to be done: Activities to renew a CSAC by a self-signed CSCA certificate Step Who Activity Status 1 Issuing Authority of the PKD participant The CSCA certificate shall be checked for conformance to the ICAO standards by the participant by the means of the ICAO PKD conformance website. In case of issues with the certificates the participants should contact the PKD support of Veridos (pkdsupport@verdios.com) for assistance. 2 Issuing Authority of the PKD participant If conformance is confirmed the participant submits the CSCA certificate along with the electronic thumbprint to ICAO by electronic means for registering the key ceremony Participants need to submit also the following information about their representative who will be present at ICAO in Montreal to hand over the CSCA certificate: Sex Title First name Last name Date of birth Email Type of ID for identification (ID card or Passport) Number of ID document Expiration date of ID document Last modification: Final 6

3 ICAO PKD The ICAO PKD accesses the PKD system with authorization via smart card. The submitted CSCA certificate is copied on a USB storage device and transferred to the operation workstation of the ICAO PKD. The submitted CSCA certificate is registered in the PKD system by the ICAO PKD operator, the conformance to the ICAO standards is checked and the personal data of the announced participant representative is entered and saved. 4 ICAO PKD Representative After successful registration of the CSCA certificate the appointment for the key ceremony at ICAO HQ in Montreal with import of the CSCA certificate is made with ICAO 4.2.2. CSCA certificates with corresponding CSCA Link certificate If a participants wants to renew the CSCA certificate in the PKD system by applying CSCA Link certificates both the new CSCA root certificate and the corresponding CSCA Link certificate are submitted to ICAO for the key ceremony. Activities prior to renewal of CSCA with CSCA Link certificate Step Who Activity Status 1 Issuing Authority of the PKD participant The CSCA certificate and the corresponding CSCA Link certificate shall be checked for conformance to the ICAO standards by the participant by the means of the ICAO PKD conformance website. 2 Issuing Authority of the PKD participant If conformance is confirmed the participant submits the CSCA certificate and the CSCA Link certificate along with the electronic thumbprints to ICAO by electronic means for registering the key ceremony Last modification: Final 7

3 ICAO PKD The ICAO PKD accesses the PKD system with authorization via smart card. The submitted CSCA certificate is copied on a USB storage device and transferred to the operation workstation of the ICAO PKD. The submitted CSCA certificate is registered in the PKD system by the ICAO PKD operator and the conformance to the ICAO standards is checked. The key ceremony with import of the CSCA and CSCA Link certificate to the HSM does not require the presence of a representative of the participant state. Last modification: Final 8

5. What is done during key ceremonies 5.1. Key ceremonies with self-signed CSCA certificates These key ceremonies are performed with an authorized representative of the participating state present during the ceremony. The key ceremony comprised of the following steps: Activities at key ceremonies for self-signed CSCA certificates Step Who Activity 1 ICAO PKD Officer The representatives identity is checked by ICAO. 2 Representative The representative of the participating state is handing over the CSCA certificate and the corresponding electronic thumbprint on a USB storage device or CD. 3 ICAO PKD The USB storage device / CD is checked for viruses on a dedicated virus checking workstation. 4 ICAO PKD The key ceremony and the import of the CSCA certificate is done by two different authorized ICAO PKD representatives: Step 1: an ICAO PKD is accessing the PKD system with authorization by smart card and is initiating the import of the CSCA certificate to the HSM. This includes uploading the CSCA certificate, comparison with the previously registered certificate and thumbprint, the conformity check of the CSCA certificate to the ICAO standards, and the entered personal data of the representative of the participant state. 5 ICAO PKD Officer Step 2: an ICAO PKD Officer is accessing the PKD system with authorization by smart card and confirms the correctness of all entered data and authorizes the import of the CSCA certificate to the HSM. Last modification: Final 9

6 ICAO PKD ICAO PKD Officer Representative The ICAO PKD prints the Key Ceremony Protocol that includes the relevant information about the imported CSCA certificate, the representative of the participating state and the executing ICAO PKD and Officer. The protocol is than signed by ICAO and the representative of the participating state. Afterwards it is published through the ICAO Secure Portal in the PKD group. 5.2. Key ceremonies for CSCA certificates with corresponding CSCA Link certificate These key ceremonies are performed only by ICAO on behalf of the participating state. It is not required for a representative of the participating state to be present during the ceremony. The key ceremony comprised of the following steps: Activities at key ceremonies with CSCA Link certificates Step Who Activity 1 ICAO PKD The submitted CSCA Certification and the corresponding CSCA Link certificate are copied on a USB storage device and transferred to the operation workstation of the ICAO PKD. 2 ICAO PKD The key ceremony and the import of the CSCA certificate and the corresponding CSCA Link certificate is done by two different authorized ICAO PKD representatives: Step 1: an ICAO PKD is accessing the PKD system with authorization by smart card and is initiating the import of the CSCA certificate to the HSM. This includes uploading the CSCA and CSCA Link certificate, comparison with the previously registered certificates and thumbprints, and the conformity check to the ICAO standards. 3 ICAO PKD Officer Step 2: an ICAO PKD Officer is accessing the PKD system with authorization by smart card and confirms the correctness of all entered data and authorizes the import of the CSCA and CSCA Link certificate to the HSM. 4 ICAO PKD The ICAO PKD prints the Key Ceremony Protocol that includes the relevant information about the imported CSCA cer- Last modification: Final 10

ICAO PKD Officer tificate and the executing ICAO PKD and Officer. The protocol is than signed by ICAO. Afterwards it is published through the ICAO Secure Portal in the PKD group. Last modification: Final 11

2024 © petsdocbox.com Privacy Policy | Terms of Service | Feedback