(In reply to Ryan Sleevi from comment #55)
Is the view that this contains all the necessary provisions of 9.6.3? It seems there are some elements missing. Perhaps you could provide a comparison of the BR provisions to KIR S.A.'s provisions, to see how they map up?
here is a comparion of the BR provisions to KIR's provions. All this provisions are included in an order signed by a client (Ordering Party). The order is signed by entitled representatives of the client (Ordering Party) and must be deliverd to KIR.
Accuracy of Information: An obligation and warranty to provide accurate and complete information at all times to the CA, both in the certificate request and as otherwise requested by the CA in connection with the issuance of the Certificate(s) to be supplied by the CA;
KIR S.A.'s provisions:
In the case of an SSL certificate, the Ordering Party undertakes to:
- provide KIR with true and accurate information regarding the data of the certificate subject (subscriber) throughout the certificate validity period, in the form of both data contained in the order and data contained in the certificate request containing the public key for which the certificate is to be prepared;
2. Protection of Private Key: An obligation and warranty by the Applicant to take all reasonable measures to assure control of, keep confidential, and properly protect at all times the Private Key that corresponds to the Public Key to be included in the requested Certificate(s) (and any associated activation data or device, e.g. password or token);
KIR S.A.'s provisions:
2. protect the private key associated with the public key for which KIR will issue a certificate by controlling the use of the private key, ensuring the confidentiality of the private key, ensuring the protection of all information related thereto;
3. Acceptance of Certificate: An obligation and warranty that the Subscriber will review and verify the Certificate contents for accuracy;
3. verification of data contained in the issued certificate;
4. installation of the certificate only on the server that supports the domain name or domain names listed in the certificate issued by KIR;
5. use the certificate in accordance with the law and the Agreement;
5. Reporting and Revocation: An obligation and warranty to: (a) promptly request revocation of the Certificate, and cease using it and its associated Private Key, if there is any actual or suspected misuse or compromise of the Subscriber’s Private Key associated with the Public Key included in the Certificate, and (b) promptly request revocation of the Certificate, and cease using it, if any information in the Certificate is or becomes incorrect or inaccurate;
6. Termination of Use of Certificate: An obligation and warranty to promptly cease all use of the Private Key corresponding to the Public Key included in the Certificate upon revocation of that Certificate for reasons of Key Compromise.
6. immediate cessation of the use of the certificate and the related private key and notification to KIR of a request for certificate revocation in the following cases:
a) incorrect or untrue data contained in the certificate,
b) there is a suspicion of misuse of the certificate,
c) compromising the private key,
d) cease to use the private key associated with the public key included in the certificate upon expiry of the certificate or its revocation,
e) other provisions provided for in the Certification Practice Statement of KIR for Trusted Non-Qualified Certificates;
7. Responsiveness: An obligation to respond to the CA’s instructions concerning Key Compromise or Certificate misuse within a specified time period.
7. follow the instructions provided by KIR in the event of compromising the private key or misused the certificate.
KIR’s provisions (this is a part missed in Piotr's comment): The Ordering Party accepts the right of KIR to revoke the certificate immediately if the Ordering Party does not comply with the obligations imposed on it or the revocation results from the Certification Practice Statement of KIR for Trusted Non-Qualified Certificates, Certification Policy of KIR for Trusted Non-qualified Certificates and Baseline Requests for the Issuance and Management of Publicly-Trusted Certificates.