Advanced Search
HomeCertificate Authority [CA] SystemsSelecting the Correct CA for YouSelecting Your CA System

Storage Considerations

PDF When choosing your Storage Type, careful consideration should be given to a number of factors. If the Private Key is not exportable and its life cycle is set to be valid for ten years, then will the device it is stored on still work 10 years from now? What happens if the device is lost, stolen or destroyed? Alternatively, if you decide that the Private Key can be exported, how do you prevent it being shared by several users? What is the disadvantage should sharing occur?

If you decide to enforce High User Protection, what happens if the user forgets their password and the Digi-ID™ is rendered permanently unusable thereafter? On the other hand, ff there’s no password, how easy would it be for someone else to use that Digi-ID™?

The Digi-CAST1™ Team of professional advisors are there to assist you in making the best choice for your environment and to help remove the element of risk from your purchase.


Delivery & Storage Examples

    PROCESS A. User enrolls at the web application form and in submitting the form creates the Private Key on the device (PC Digi-Card™ or Digi-Token™). The Private Key is not exportable and requires a password every time it’s used. Application is validated and approved and the user receives a second email to activate the Digi-ID™. This is an example of a Fused Process Method with High User Protection.

    PROCESS B. User enrolls at the web application form. Application is validated and approved and the user receives an email with a Digi-ID™ container package (containing both the public and Private Key). A second activation email containing a password is sent and used in opening the package to install the Digi-ID™ on the device (PC Registry, Smartcard, USB Token or other suitable Digi-ID™ storage media device). This is an example of an Export Package Method.

    PROCESS C. User receives a Smartcard, USB Token or any other Digi-ID™ storage media device with the Digi-ID™ pre-installed. The user completes the web application form. The Private Key is not exportable. Application is validated and approved and the user receives an email with a password to activate the device. This is an example of a Fused Package Method.

    PROCESS D. User receives a pre-printed Smartcard with their photograph and other details and follows METHOD A to complete the process. This is an example of a Fused Process Method with High User Protection.

    PROCESS E. A security printed P.I.N. number is delivered via registered courier or postal service. This is the same procedure as in METHOD B except that the user must enter the P.I.N. number when enrolling at the web application form stage. This is an example of an Export Package Method.

    PROCESS F. Parts of METHOD A and Method E combined except that the P.I.N. number is also required when installing the Digi-ID™. This is an example of a Fused Process Method with High User Protection.

As stated, these are just some issuing processes and parts of one process can be combined with parts of another to meet the Certificate Policy requirements.

Digi-CA™

  • Ireland, Dublin
    +353 (1) 685-3680