Nowadays there are about 300 certification authorities (CA) in Russia which use their own regulations in security, procedures of issue of public key certificate and financial estimates.
To unify the work on the use of electronic digital signature in electronic trading platforms operators of which are included in the Association of Electronic Trading Platforms (AETP) there has been established Center of Accreditation of AETP which develops single requirements for CA that want to work within AETP. Information about issued certificates is stored in a Single register of public key certificates of the Association.
Authorized CA gets the right to issue public key certificates for participants of placing of orders within electronic platforms of AETP. Network of authorized CA can include certification authorities of government bodies, commercial CA.
Accreditation Center of the Association of electronic trading platforms is an organization which checks Certification Authorities, Authorized certification authorities against the requirements to authorized certification authorities and runs the Register of public key certificates of participants of electronic auctions and the Register of Authorized certification authorities.
Accreditation of Certification Authority is a verification procedure of a certification authority which claims to get the right to fulfill the functions of a certification authority with respect to participants of electronic auctions in electronic platforms the operators of which are included in AETP, against the requirements to authorized certification authorities stated by the Regulations of authorization of certification authorities under non-commercial organization “Association of Electronic Trading Platforms”.
Authorized certification authority is a certification authority which successfully passed the procedure of authorization and was included in the Register of authorized certification authorities. Authorized certification authority of AETP is given a certificate of entry of the authority into the Register of authorized certification authorities.
Unified space of trust — the information space, which provides identity of digital signatures, regardless of which certification authority issued the signature key certificate.
Public Key Infrastructure (PKI) — technological infrastructure and services, that provide security of information and communication systems through the use of algorithms and public key certificates.
Principles of Certification Authorities in AETP:
- Accreditation of CAs as a prerequisite for inclusion in the system;
- Single policy of forming public key infrastructure;
- Compliance with the existing legislation of the Russian Federation in the field of digital signature and information security;
- Technical compatibility of the means of EDS;
- Unique identifiers of objects, keys and numbers of signature key certificates.