PKI service

About the service

A Public Key Infrastructure (PKI) is a set of roles, policies, procedures and systems needed to create, manage, distribute, store and revoke digital certificates. The eDelivery PKI service enables issuance and management of the digital certificates used on the deployed eDelivery components, e.g. between eDelivery Access Points (AP) and Service Metadata Publishers (SMP), to ensure confidentiality, integrity and non-repudiation of the data moving across systems. This service is provided only to the European Union (EU) and European Economic Area (EEA) public administrations that wish to be established as sub-domain owners in the PKI service and that are interested in creating a trust circle for information exchange using the technical specifications and components of eDelivery. The use of the eDelivery PKI is optional, policy domains may choose to use any other PKI service or mutual trust mechanism.

Users of the service 

• Policy Domain Owners: may use the eDelivery PKI to create secure networks for information exchange and facilitate the dynamic registration and discovery of participants. Only European Union (EU) and European Economic Area (EEA) public administrations are allowed to become policy domain owners.

Benefits for the users of the service

The eDelivery PKI has been designed to generate a list of benefits to the users of the service:

• A user friendly interface to request and manage digital certificates;
• Well established processes and procedures supported by the eDelivery Support office;
• Digital certificates issued by a trusted Certification Authority;
• Free-of-charge PKI service (with limitations) under the terms and conditions of eDelivery for eligible stakeholders only.

Limitation of use of the service

The eDelivery PKI Service can be used to have up to 60 active certificates issued at any given time for all concerned eDelivery-related systems and environments necessary for the PKI domain. Once this limit is reached, requests to issue further certificates will be rejected until the expiration or revocation of active certificates. A domain requiring more than 60 active certificates will have to rely on other Certification Authorities for obtaining certificates.

Documentation

The terms and conditions of the eDelivery PKI service can be consulted in the Terms and Conditions of the PKI service document. 

The terms and conditions of the Building Blocks can be consulted in the Master Service Arrangement. 

The way European Commission is processing personal data belonging to the users of PKI service can be consulted in the eDelivery privacy statement for PKI Service.