1. Introduction

The scope of this document is limited to the practices and procedures employed by VillageMall to supply VillageMall Certification Authority services. This document must be read in conjunction with the VillageMall Certificate Policy, and associated Subscribers and Relying Party Agreements.

The purpose of this document is to describe the certification practices and procedures employed by VillageMall to supply Certification Authority services and to exhibit trust by providing evidence of the methods used to manage and complete tasks associated with the VillageMall Certificate Policy.

2.1 Scope VillageMall provides public key certification services to members of the VillageMall network, these include  individuals, organisations and web servers within Australia.

2.2 certification Services The certification services offered by VillageMall include the following: Authentication, Certificate Issuance, and Certificate Revocation in support of VillageMall services.

2.3 Usage: A VillageMall authentication certificate may only be used for authentication, non-repudiation, confidentiality and access control within the VillageMall network, this network is a closed community. VillageMall subscribers may not use the certificate for any purpose outside of the VillageMall network. Parties outside the VillageMall network are advised that they should not process or rely upon a VillageMall certificate for any purpose outside of the provision of a VillageMall service.

3.1 Introduction The VillageMall Certification Root Authority certificate is the highest level certificate in the VillageMall service. It is used in the path to verify all digital signatures and Certificate Revocation Lists (CRL) issued by VillageMall. It contains the public key corresponding to the private key used for signing all subscriber certificates, and CRL's issued by VillageMall. 

4.1.1 Application Forms There is two types of application forms for VillageMall services, as follows: Application for Personal and for Organisation Authentication Services.

4.1.1.1 Application for Personal Services An "Application for Personal Services" is used for individuals who require a VillageMall certificate for their own personal use within the VillageMall network. A personal certificate is issued in the applicant's name. 

Process - Application for Personal Services An application for personal services is processed online via the VillageMall registration facility.  

4.1.1.2 Application for Organisation Services An application for organisation services is used for individuals who require a VillageMall certificate to conduct business on behalf of their organisation. 

Process - Application for Organisation Services An "Application for Organisation Services" is processed online via the VillageMall Business Registration facility.

5.1 Introduction VillageMall provides authentication services for individuals and individuals applying on behalf of an organisation.

5.2 Identification Requirements All VillageMall identification and authentication processes require the applicant to provide evidence supporting their application.

5.2.1 Types of authentication VillageMall performs two types of authentication, as follows: Authentication of individuals, Authentication of individuals representing an organisation

Authentication - Individuals An individual must present certain authentication information in order to prove his/her identity. 

Authentication - Individuals Representing an Organisation An individual representing an organisation is authenticated in two stages. Stage 1 is to verify the identity of the applicant. Stage 2 is to verify the identity of the organisation. This is referred to as Organisation Authentication. Certain organisation identification documents must be presented depending on the type of organisation nominated on the application form. 

5.2.2 Verify the Identity of the Organisation The identity of the organisation is verified against the organisation identification information provided by the applicant. The following table shows the identification documents which must be presented for each type of organisation as part of the authentication check.

Sole Trader copy of the Business Registration Certificate  showing sole trader as the owner or A.B.N number.

Company copy of the Certificate of Registration of a Company from the Australian Securities Commission Original Letter of Authorisation signed by an office holder of the company or A.B.N or A.C.N number.

Partnership copy of the Business Registration Certificate or Deed of Partnership Original Letter of Authorisation signed by one of the partners whose name appears on the Business Registration Certificate or Deed of Partnership, if required or A.B.N number.

Club / Association copy of the Articles of Incorporation or Articles of Association Original Letter of Authorisation signed by President or Secretary, if required or A.B.N number.

Company Trust / Individual Trust copy of the Trustee Seal Original or certified copy of the Trust Deed verifying trustee status Original Letter of Authorisation signed by Trustee, if required or A.B.N number.

Naming Convention The naming convention used by VillageMall to uniquely identify Subscribers in certificates is: ISO/IEC 9594 (X.500) Distinguished Name (DN).

Distinguished Name Components The VillageMall Distinguished Name comprises the following components:

Country (C=) "AU"

State( S=) "QLD"

Organisation (o=)  "VillageMall Network" 

Locality (l=) "VillageMall"

Common Name (cn=) See "Subscriber Common Name" 

Subscriber Common Name The Subscriber Common Name may take one of the following formats:

Individuals with no desire for anonymity, the Subscriber's: given name, and surname 

Individuals that require anonymity, a VillageMall reference number.

Individuals representing  an organisation, either: the Subscriber's name, or the Subscriber's: given name surname position within the organisation.

Definition VillageMall defines a valid certificate as a certificate that: has been issued by VillageMall, is not on the VillageMall Certificate Revocation List, has not expired, and can be verified by a valid VillageMall Certification Authority certificate.

Personal Certificate Revocation Requests A personal certificate can only be revoked by the subscriber of that certificate. The certificate subscriber is the person listed on the application form for the certificate. The subscriber must make a formal request to VillageMall to revoke their certificate. The request must be made using one of the following methods: Sending a paper Certificate Revocation Request form to VillageMall. The form must be signed with the same signature as on the original application for the certificate, or Requesting revocation over the telephone by quoting the password nominated on the original application form for the certificate, or On-Line Submission of a digitally signed Certificate Revocation Request Form. 

Organisation Certificate Revocation Requests A certificate used on behalf of an organisation can be revoked by the subscriber of the certificate or a person nominated as an Organisation Signatory for the organisation. The subscriber of the certificate is the person listed on the application form for the certificate. The Organisation Signatory for an organisation is the person whose signature appears on the letter of authorisation provided at the application stage. The subscriber or Organisation Signatory must make a formal request to VillageMall to revoke the certificate. A revocation request made by the subscriber of the certificate must be made using one of the following methods: Sending a paper Certificate Revocation Request to VillageMall. The request must be signed with the same signature as on the original application for the certificate, or Requesting revocation over the telephone by quoting approperate authentication information. 

Where to Obtain Forms A Certificate Revocation Request form may be downloaded and printed from the VillageMall internet site.

7.2.1 Revoking a Certificate From a Telephone Request The following table describes the process for revoking a certificate originating from a telephone request.

Stage Description

A) The subscriber telephones VillageMall to request revocation of their certificate.

B) The subscriber must provide the VillageMall operator authentication information.

C) The operator verifies the request by checking the authentication information. 
Note: If the revocation request is not verified, VillageMall forwards a message to the originator of the certificate revocation request, informing them that their request was not processed. The message includes the reasons why it was not verified.

D) The certificate is revoked.

E) A new CRL is generated and signed by VillageMall.

F) The new CRL is published.

G) VillageMall notifies the subscriber that their certificate has been revoked via email, or fax or mail.

7.3 Certificate Revocation Policies

When a Certificate Status Becomes "Revoked" A certificate will be revoked when it is included in the next Certificate Revocation List published.

Date of Revocation Revocation Requests will specify the date and time from which the revocation will take effect.

Revocation Due to Subscriber Death or Organisation Dissolution VillageMall revokes certificates: upon receiving a certified copy of the subscriber's death certificate, or upon presentation of documents verifying the dissolution of a subscriber's organisation, or upon confirming by other evidence that the subscriber's organisation has been dissolved or has ceased to exist.

CRL Update period VillageMall will update its CRL monthly unless the CRL is empty.

Publishing CRL's VillageMall will publish its CRL(s) as indicated within the VillageMall CA certificate, this will be via a CRL distribution point, identified within each VillageMall CA certificate.

Actions Upon Cessation of Operations either Wholly or in Part VillageMall will take the following actions upon cessation of operations either wholly or in part: where the cessation so requires, revoke all valid certificates, and where required, preserve all databases, archives and records

Actions in the Event of VillageMall Key Compromise VillageMall will perform the following actions in the event of the VillageMall Certification Authority systems or the VillageMall Certification Authority private keys being, or suspected of being, compromised: revoke the VillageMall Certification Authority certificate, generate a new VillageMall Certification Authority key pair and certificate, revoke all valid certificates issued by the compromised systems generate, issue new keys and certificates for all affected subscribers, at no cost to the subscriber.

8.3 Record Retention

Legislative Requirements VillageMall retains records documenting issuance of all certificates in accordance with legislative and taxation requirements and Information Privacy Principles (Commonwealth Privacy Act 1988). These records include: copies of documentation authenticating subscribers application forms certificate revocation request forms change of address forms

Retention Period The period for retaining VillageMall records will be seven years. VillageMall will take all reasonable steps to ensure the security of these records.

Access to Retained Records Access to the retained records will be via nominated and duly authenticated representatives of VillageMall.

VillageMall Auditing The operations of VillageMall are not independently audited.

In This Chapter This chapter describes the security environment of the VillageMall Service Centre. The chapter includes the following: Protection of VillageMall's Private Cryptographic Keys Protection Of VillageMall's Systems and Data Physical Security of the VillageMall Service Centre

Cryptographic Security Device VillageMall generates its Private Cryptographic Keys using a hardware security module rated at FIPS 140-1 level 2. 

VillageMall Private Key The VillageMall Private Key is stored on  combination of smart cards and a hardware security module (HSM). The HSM is rated at FIPS 140-1 level 2.

VillageMall CA Private Key Size A minimum of 2048bits.

Protection of VillageMall Systems The VillageMall Systems (other than key and certificate generation systems) are protected from unauthorised access from external sources by a firewall between the VillageMall network and all external networks. All VillageMall network servers require a hardware security token to become part of the VillageMall Network.

Physical Security of the VillageMall Service Centre The VillageMall centre that houses the Certification Authority computers, has multi-zone physical and electronic barriers.

Physical Access to the VillageMall Service Centre Physical access to the VillageMall Certificate Authority system is by high security locks and controlled keys. Operational access to all VillageMall Certification Authority computers requires a controlled smart card to logon. All access must take place at the physical CA system, using as a minimum two factor authentication.

10. Tokens

Token Issuance VillageMall issues tokens  to VillageMall Subscribers under the terms and conditions contained within the Subscribers Agreement.

Token Initialisation and Personalisation  Only authorised personal can perform token initialisation and personalisation. Authorisation is via the issuance of a VillageMall certificate with the designated privileges required for token initialisation and personalisation.

Use of VillageMall Services The terms and conditions for the use of VillageMall services including the Certification Authority service can be found on the VillageMall internet site.