Chinese  |  English
 

      Introduction
      Cross-Certification
      Certificates Distribution
      CA Revocation List

 

    
  
Operating in accordance with the High Assurance Level defined in the Certificate Policy(CP) of Chunghwa Telecom ecommerce Public Key Infrastructure (ePKI), ePKI Root Certification Authority (eCA) is the trust anchor of ePKI. Acting as the interface between certification authority (CA) within and without ePKI, eCA is responsible for carrying out cross-certification: issuing and managing the certificates of Level 1 subordinate CAs' within ePKI as well as the certificates of CAs from without.

The eCA is responsible for the processing of firsthand certificate applications and revocations. There is no need to set up a Registration Authority (RA) of eCA. The eCA accepts the applications from the subject CAs and authenticates them.
 

  ¡ERepository
    Providing service 7/24, the repository of eCA is where information, such as certificates issued by eCA and CARL (Certification Authority Revocation List), is posted. The web site of the repository is http://ePKI.com.tw.

  ¡ESubject Certification Authority
   
CAs, including principal CAs within and any CAs without ePKI, that interoperate with eCA through cross-certification are referred to as subject CAs. To get a grant from eCA for cross-certification, the applicant CA must comply with the requirements of the Assurance level defined in the cited Certificate Policy. Additionally, the applicant CA must have the capabilities to establish and manage the following aspects:
(1) Public Key Infrastructure
(2) Digital signatures and certificate issuing technology
(3) The corresponding responsibilities and obligations among CA, RA, and the       relying party.

  ¡ERelying parties
   

A relying party refers to an entity who believes the certificate subject name and the connecting relationship of the public key.
The Relying Party is responsible for deciding how to check the validity of the certificate by checking the appropriate certificate status information. The Relying Party can use the certificate:
(1) To verify the integrity of a digitally signed message
(2) To identify the creator of a message
(3) To establish a confidential communications with the user.

 
The ePKI Root Certification Authority Certification Practice Statement (eCA CPS) is stipulated following the Certificate Policy (CP) for the Chunghwa Telecom ecommerce Public Key Infrastructure (ePKI). Complying with the bylaws of the Taiwan Digital Signature Act, the eCA CPS delineates how eCA proceeds according to the Fourth Assurance Level (High) to issue and manage the cross certificates of subject CAs.