Certification Authority

Qualified Trust Service Provider


 

The Certification Authority is a trustworthy entity, responsible for providing electronic certification services. In particular it assumes responsibility for:

·    Issuance of electronic certificates.

• Publish and facilitate access to the validity status of certificates.

• Guarantee the identity of the holders of the certificates.

• Guarantee the veracity of the information included in the certificates.

• Revoke certificates when it becomes aware that the security of the system has been compromised.

• Manage the Public Key Infrastructure in accordance with current legal and technical standards.

 

The ANF AC's PKI has been designed following international recommendations and standards:

·       IETF RFC 5280 (Internet X.509 Public Key Infrastructure Certificate and CRL 

Profile) updated by 6818.

·       ETSI TS 101 456 (Policy requirements for certification Authorities issuing qualified 

certificates)

·       CA/Browser Forum. Baseline Requirements for the Issuance and Management of Publicly

Trusted Certificates.

·       CA/Browser Forum. Guidelines For The Issuance And Management of Extended Validation 

Certificates.

In the process of adaptation to Regulation (EU) 910/2014 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of July 23rd, 2014, on electronic identification and trust services for electronic transactions in the internal market.

More information about standards followed by ANF AC

 

According to the legislation of each country, the CAs receive different names, e.g.: Trust Services Provider (UE), Certification Entity of Information and Related Services (Ecuador) or Digital Certification Services Provider (Peru)… Regardless of the denomination agreed in each country, the functions in the provision of these services are common in all countries, having as a basic guide the UNCITRAL Model Law on Electronic Signatures (UNCITRAL is the main legal body of the United Nations).
 
Another essential element, common in all international legislation, is the consideration that the identity outlined in the electronic certificate is legal evidence, and that electronic signatures made with these certificates have, regarding the data recorded electronically, the same Legal value that the handwritten signature in relation to those consigned on paper. 
 
ANF AC was the first CA of Spain to be officially accredited in 2000, being in possession of the necessary technology to issue recognized electronic certificates, advanced electronic signature, digital time stamps and online verification of certificates status.
 
ANF AC is officially accredited to operate in all EU member countries, and third countries in Latam. In accordance with the current legislation, it is registered in the TSL of the Government of Spain. The common legal framework in all EU Member Countries is Regulation (EU) 910/2014 of the European Parliament and of the Council, applicable from the last July 1st. In Spain, the basic rule is Law 59/2003, of December 19th, on Electronic Signature.