Text Box:

Home About NHS SSL Apply for cert Information Terms Help

Certificate Revocation
Revoking a certificate makes it no longer valid for use.  Once a certificate is revoked, visitors to your website may get warning messages telling them that the certificate is not longer valid and should not be trusted.  Revocation of a certificate is an unlikely requirement, however certificate owners should be aware of the following information pertaining to revocation - which is abstracted from the certificate policy.

Circumstances for revocation
A certificate must be revoked:

  • When any of the information in the certificate is known or suspected to be inaccurate
  • Upon suspected or known compromise of the private key
  • Upon suspected or known compromise of the media holding the private key
  • When the Subscriber withdraws from or is no longer eligible to participate in the public key infrastructure governed by this certificate policy

The above use of the term “compromise” is intended to include:

  • Unauthorised access
  • Loss
  • Theft
  • Irrecoverable corruption
  • Destruction

The Issuing Authority may revoke a certificate when an Entity fails to comply with obligations set out in this certificate policy, any additional published documents defining practices to be followed by the entity, any other relevant agreement or any applicable law.

Who can request revocation
The revocation of a certificate may be requested by any entity, authenticated according to section 3.4 of the Certificate Policy, that presents reliable information indicating a valid circumstance for revocation according to 4.4.1.  Approval of a revocation request may only be granted by:

  • The Policy Authority
  • The Issuing Authority
  • Authorised and authenticated administrators of the Issuing Authority
  • Authorised and authenticated Registrars of a Registration Authority acting on behalf of the Issuing Authority

Upon revocation of a subscriber’s certificate, the Issuing Authority shall undertake to inform the subscriber.

Procedure for revocation request
Revocation shall be requested promptly after detection of a compromise or any other event giving cause for revocation.

A revocation request may be generated in the following ways, in order of preference:

  • Electronically by a digitally signed message
  • By personal representation to the Issuing Authority or a Registration Authority
  • By a signed fax message
  • Electronically by a non-signed message
  • By telephone call to the Issuing Authority or a Registration Authority

Those wishing to revoke a certificate may contact:
Trustis FPS
Trustis Limited
Fax: (01635) 231366
Email: support@trustis.com

Please provide your full details including the capacity in which you are making the request, the details of your certificate (issuer name, serial number, etc.) and the circumstances surrounding its revocation.

The Issuing Authority or Registration Authority acting on its behalf may seek independent confirmation, for example, by making a phone call to the subscriber’s employer or other sources, prior to initiating the revocation of a certificate.

All Third Party Trademark Rights Acknowledged.

This document is licensed for use only in conjunction with the use of Trustis Limited Trust Services.

Copyright © Trustis Limited 2006, All rights reserved. Trustis FPS Healthcare is not responsible for the content of external websites.