Services
In this section:
PKI service
About the service
A Public Key Infrastructure (PKI) is a set of roles, policies, procedures and systems needed to create, manage, distribute, store and revoke digital certificates. The eDelivery PKI service enables issuance and management of the digital certificates used on the deployed eDelivery components, e.g. between eDelivery Access Points (AP) and Service Metadata Publishers (SMP), to ensure confidentiality, integrity and non-repudiation of the data moving across systems. This service is provided only to the European Union (EU) and European Economic Area (EEA) public administrations that wish to be established as sub-domain owners in the PKI service and that are interested in creating a trust circle for information exchange using the technical specifications and components of eDelivery. The use of the eDelivery PKI is optional, policy domains may choose to use any other PKI service or mutual trust mechanism.
Users of the service
- Policy Domain Owners: may use the eDelivery PKI to create secure networks for information exchange and facilitate the dynamic registration and discovery of participants. Only European Union (EU) and European Economic Area (EEA) public administrations are allowed to become policy domain owners.
Benefits for the users of the service
The eDelivery PKI has been designed to generate a list of benefits to the users of the service:
- A user friendly interface to request and manage digital certificates;
- Well established processes and procedures supported by the eDelivery Support office;
- Digital certificates issued by a trusted Certification Authority;
- Free-of-charge PKI service (with limitations) under the terms and conditions of eDelivery for eligible stakeholders only.
Limitation of use of the service
The eDelivery PKI Service can be used to have up to 60 active certificates issued at any given time for all concerned eDelivery-related systems and environments necessary for the PKI domain. Once this limit is reached, requests to issue further certificates will be rejected until the expiration or revocation of active certificates. A domain requiring more than 60 active certificates will have to rely on other Certification Authorities for obtaining certificates.
Documentation
eDelivery PKI service offering description
Last updated: 05 June 2023
Last updated: 03 October 2023
eDelivery PKI Service level arrangement