Gigi Organisation RA Agent Documentation
This document should guide an Organisation RA Agent through the process to verify an organisation within Gigi.
The structure of the document is according how to obtain the precondtions needed to act as Organisation RA Agent and the workflow of verifying an organisation.
The documentation is based on the software release 0.1-63-g15f6a8ad.
This documentation covers only the needs of an Organisation RA Agent. All elements used by an ordinary user a covered in the documentation "Gigi User Documentation". There are separate documentations for users with the role RA Agent and Supporter.
An Organisation RA Agent (Org RA Agent) is a special trained RA Agent who is enabled to verify organisation. Usually an Org RA Agent only verifies organisations in defined countries.
An Org RA Agent must meet the precondition of a normal RA Agent. Additional to that he needs to be trained to verify organisations. This current knowledge needs to be proofed by passing the Organisation Agent Qualifying Challenge on the Quiz-System.
The last success full passed test needs to be no older then 12 months.
The Org RA Agent is appointed by board / Organisation Officer after an succesful training. Support will grant the approbribate rights to his account.
An Organisation verification consists out of two steps.
The first step is the verification of the organisation. Here the existance of the organisation, the power of signing the Organisation Verification form on behalf of the organisation, the ownership of the domains used by the organisation and the
The seconds step is creating the organisation account.
The organisation fills the Organisation Verification Form. There is no need to have a printed version of the Organisation Verification Form but is advised to use current form created through Gigi. (Currently the form is not available).
The following data needs to be present on the form:
The Org RA Agent verifies the existance of the organistaion. In most cases this can be done with a current record from the registry office. The organisation needs to pay any expenses for the record.
The Org RA Agent verifies that the signer of the Organisation Verification Form has the power to sign on behalf of the organisation. In most case this information is give in the register record.
The Org RA Agent needs to verify the identity of the signer. The identity process is simalar to a Face to Face meeting of a normal verification. It is not mandatory that the Org RA Agent witnesses the signing and identity verification. This can be delegated to any RA Agent.
The Org RA Agent needs to make sure that the domains entered to the organisation account are owned by or are under the controll of the organisation. This is usually established via the whois record of the domain. The organisation needs to pay any expenses for the record.
The Org RA Agent is usually the RA Agent status of a nominated Organisation Administrator by entering his "default email address" to the system. If the status is given the record will be added to the account otherwise an error message will be displayed.
First the organisation account is created. Afterwards the domains and Org Admins are added to the account.
To create a new organisation account use Organisation - Create Account
Screenshot Create organisation account
Now the organisation data is entered.
Screenshot Create organisation account details
The certificate data needs to be filled complete as this data is mandatory. It will be used for the organisation entries in the certificates.
Therefore the organisation name must not be longer than 64 characters. If the organisation name is longer than 64 characters the name can be entered in the organisation data section.
The contact email address is used to send as recepient for any information send by Gigi to the owner of the organisation account. It can be a functional email address.
The comment is used as log.
Once the certificate data of an organisation account is changed all certificates issued to the organisation will be revoked by the system.
Screenshot Edit organisation account certificate data
The data in the organisation data section can be changed anytime without any consequense to existing data.
Screenshot Edit organisation account organisation
A new domain can only be added to an organisationa ccount through an Org RA Agent.
Screenshot Edit organisation account add domain
Add the domain name and use Add.
A new domain in an organisation account needs to verified by an Org Admin of the Org Account. (see Org Admin documentation)
Any change to the list of domains can only be done by an Org RA Agent.
Screenshot Edit organisation account edit domain
If a domain is deleted from an organisation account all certificates containing this domain (client or server certificates, also in multiple address certificates) will be revoked immidately on deletion.
Add the "default email address" of an Org Admin to the field and use Add.
Screenshot Edit organisation account add Org Admin
If the option master is set. The Org Admin can later add further Org Admins himself to the account.
The system verifies if the entered email address belongs to an existing account with RA Agent status.
The Organisation Verification Form needs to be stored in a secure manner for 7 years after the year when the verification was entered to the system.
During this time period the data must not be disclosed to anybody except a SomeCA Arbitrator in case of an running arbitration case. In this case the SomeCA Arbitrator needs to proof his right to get access to the data.
After the 7 years period needs to be destroyed in a secure manner e.g. using a paper shredder and/or burning the form.