Introduction

This document should guide an Organisation RA Agent through the process to verify an organisation within Gigi.

The structure of the document is according how to obtain the precondtions needed to act as Organisation RA Agent and the workflow of verifying an organisation.

The documentation is based on the software release 0.1-63-g15f6a8ad.

This documentation covers only the needs of an Organisation RA Agent. All elements used by an ordinary user a covered in the documentation "Gigi User Documentation". There are separate documentations for users with the role RA Agent and Supporter.

Definition Organisation RA Agent

An Organisation RA Agent (Org RA Agent) is a special trained RA Agent who is enabled to verify organisation. Usually an Org RA Agent only verifies organisations in defined countries.

Precondition To Act As Org RA Agent

An Org RA Agent must meet the precondition of a normal RA Agent. Additional to that he needs to be trained to verify organisations. This current knowledge needs to be proofed by passing the Organisation Agent Qualifying Challenge on the Quiz-System.

The last success full passed test needs to be no older then 12 months.

The Org RA Agent is appointed by board / Organisation Officer after an succesful training. Support will grant the approbribate rights to his account.

Verification Of An Organisation

An Organisation verification consists out of two steps.

The first step is the verification of the organisation. Here the existance of the organisation, the power of signing the Organisation Verification form on behalf of the organisation, the ownership of the domains used by the organisation and the

The seconds step is creating the organisation account.

Filling Organisation Verification Form

The organisation fills the Organisation Verification Form. There is no need to have a printed version of the Organisation Verification Form but is advised to use current form created through Gigi. (Currently the form is not available).

The following data needs to be present on the form:

  • Name of the organisation
  • If the name is longer than 64 characters a short version of the organisation name as the data field in the certificate only take 64 characters
  • Address information for certifcates: town and zip code, state, country
  • Postal address which should be one used for registration of the organisation
  • If the organisation is registered in an offical register the registration number and the register
  • A list of all domains for which certificates should be created. The domains needs to be owned by the organisation.
  • Nomination of one or more Organisation Administrator by giving the name and the "default email" address of the person given.
  • Conatct email address
  • Data processing statement
  • Name of the person signing the form, role of the person
  • Siganture and date of signing
  • Org RA Agent statement

Verifying Of Existance Of Organisation

The Org RA Agent verifies the existance of the organistaion. In most cases this can be done with a current record from the registry office. The organisation needs to pay any expenses for the record.

Verification Of Power To Sign

The Org RA Agent verifies that the signer of the Organisation Verification Form has the power to sign on behalf of the organisation. In most case this information is give in the register record.

Verification Identity Of Signer

The Org RA Agent needs to verify the identity of the signer. The identity process is simalar to a Face to Face meeting of a normal verification. It is not mandatory that the Org RA Agent witnesses the signing and identity verification. This can be delegated to any RA Agent.

Verifing Ownership Of Domain

The Org RA Agent needs to make sure that the domains entered to the organisation account are owned by or are under the controll of the organisation. This is usually established via the whois record of the domain. The organisation needs to pay any expenses for the record.

Verifing RA Agent Status Of Organisation Administrator

The Org RA Agent is usually the RA Agent status of a nominated Organisation Administrator by entering his "default email address" to the system. If the status is given the record will be added to the account otherwise an error message will be displayed.

Creating And Maintaing Organisation Account

First the organisation account is created. Afterwards the domains and Org Admins are added to the account.

Creating Organisation Account

To create a new organisation account use Organisation - Create Account

Screenshot Create organisation account

Screenshot Create organisation account

Now the organisation data is entered.

Screenshot Create organisation account details

Screenshot Create organisation account details

The certificate data needs to be filled complete as this data is mandatory. It will be used for the organisation entries in the certificates.

Therefore the organisation name must not be longer than 64 characters. If the organisation name is longer than 64 characters the name can be entered in the organisation data section.

The contact email address is used to send as recepient for any information send by Gigi to the owner of the organisation account. It can be a functional email address.

The comment is used as log.

Changing Data Of Organisation Account

Once the certificate data of an organisation account is changed all certificates issued to the organisation will be revoked by the system.

Screenshot Edit organisation account certificate data

Screenshot Edit organisation account certificate data

The data in the organisation data section can be changed anytime without any consequense to existing data.

Screenshot Edit organisation account organisation

Screenshot Edit organisation account organisation

Adding Domain

A new domain can only be added to an organisationa ccount through an Org RA Agent.

Screenshot Edit organisation account add domain

Screenshot Edit organisation account add domain

Add the domain name and use Add.

A new domain in an organisation account needs to verified by an Org Admin of the Org Account. (see Org Admin documentation)

Managing Domain

Any change to the list of domains can only be done by an Org RA Agent.

Screenshot Edit organisation account edit domain

Screenshot Edit organisation account edit domain

If a domain is deleted from an organisation account all certificates containing this domain (client or server certificates, also in multiple address certificates) will be revoked immidately on deletion.

Managing Org Admin

Add the "default email address" of an Org Admin to the field and use Add.

Screenshot Edit organisation account add Org Admin

Screenshot Edit organisation account add Org Admin

If the option master is set. The Org Admin can later add further Org Admins himself to the account.

The system verifies if the entered email address belongs to an existing account with RA Agent status.

Storing Of Organisation Verification Form

The Organisation Verification Form needs to be stored in a secure manner for 7 years after the year when the verification was entered to the system.

During this time period the data must not be disclosed to anybody except a SomeCA Arbitrator in case of an running arbitration case. In this case the SomeCA Arbitrator needs to proof his right to get access to the data.

After the 7 years period needs to be destroyed in a secure manner e.g. using a paper shredder and/or burning the form.


Back to top of page
Table of Contents | Copyright WPIA 2018-2019 | Imprint | Data Protection