The Onion Memorandum Platform - Certification Practice Statement (CPS)

1. Introduction

This Certification Practice Statement (CPS) outlines the practices and procedures employed by The Onion Manifesto Platform Certification Authority (CA) for issuing, managing, and revocating digital certificates. This document ensures compliance with international standards such as ETSI EN 319 411-2 and PADES.

2. Certification Authority Contact Information

The Onion Manifesto Platform CA is operated by:

3. Certificate Issuance Policies

Certificates issued by The Onion Manifesto Platform CA are intended for:

  • Document signing (PADES-compliant signatures).
  • Digital identity verification.
  • Secure communications for The Onion Manifesto Platform services.

All certificates adhere to strict cryptographic standards, including RSA 4096-bit key lengths and SHA-256 signature algorithms.

4. Revocation Procedures

Certificates may be revoked if:

  • The private key associated with the certificate is compromised.
  • The certificate was issued to an entity that provided fraudulent or inaccurate information.
  • The certificate is no longer required for its intended use.

Revocation information

Revocation information is available via the following endpoints:

5. Security and Privacy Practices

The Onion Manifesto Platform CA ensures the integrity and security of its cryptographic keys through:

  • Storage of the Root CA key in an offline, secure hardware security module (HSM).
  • Regular audits of key management processes.
  • Strict access control policies for cryptographic operations.

The CA respects user privacy and processes personal data by the General Data Protection Regulation (GDPR).

Contact Us

For more information, contact us at support@theonionmanifesto.org.

  • Last update
  • 24 September 2024