Certification Practice Statements for the Policy Authority PKIoverheid
The Certification Practice Statement (CPS) within the Public Key Infrastructure (PKI) for the Dutch government (PKIoverheid) provides Trust Service Providers (TSPs), subscribers and relying parties with information regarding the procedures and measures taken in respect of the Policy Authority's (PA) services with regard to certificates issued by the following "Staat der Nederlanden" PKI root certificates:
- Staat der Nederlanden Root CA - G3
- Staat der Nederlanden EV Root CA
- Staat der Nederlanden Private Root CA - G1
- TRIAL PKIoverheid Root CA - G3
- Staat der Nederlanden - G4 Root EUTL G-Sigs - 2024
- Staat der Nederlanden - G4 Root Priv S-CIBG - 2024
- Staat der Nederlanden - G4 Root Priv G-Other - 2024
- Staat der Nederlanden - G4 Root Priv G-TLS - 2024
- Staat der Nederlanden - G4 Root Publ G-SMIME - 2024
The names of the root certificates contain common PKI abbreviations. G1, G2, and G3 stand for first, second, and third generation respectively. A CA is a Certification Authority, and EV stands for Extended Validation.
The CPS offers information to relying parties and certificate owners about the setup of the PKIoverheid (PKIo) system and the interaction of the PA with the TSPs. The CPS is only maintained in English, as is this web page.
Current version
The current version of the CPS can be found below.
- CPS PA PKIoverheid Unified version 5.3 (Effective date: July 17, 2024)
Historical versions
Historical versions of the CPS can be found below. These documents are provided to be compliant with Section 3.3 of the Mozilla Root Store Policy (MRSP) which states:
7. CA operators SHALL maintain links to all historic versions of each CP and CPS (or CP/CPS) from the creation of included CA certificates, regardless of changes in ownership or control of such CA certificates, until the entire CA certificate hierarchies (i.e. end entity certificates, intermediate CA certificates, and cross-certificates) operated in accordance with such documents are no longer trusted by the Mozilla root store. For CA certificates that were included in Mozilla's root store before December 31, 2022, the CA Operator shall maintain links in their online repositories to all reasonably available historic versions of CPs and CPSes (or CP/CPSes) from creation of the included CA certificates.
All documents below are semi-automated exports of documents signed off by Logius legal representatives. Version 5.0 of the CPS is the first CPS which unifies the four separate PKIoverheid root CPSs into one single document. Versions 4.6 and below of these documents were not designed taking into account the *Web Content Accessibility Guidelines- (WCAG), however several WCAG optimizations were scripted into the export proces to improve accessibility. However, full compliance with the WCAG means having to change the textual contents as well, which goes against the purpose of making these documents available with authentic contents for audit purposes. Because these documents are of no administrative purpose anymore, as well as changing them going against the purpose of making them available in the first place, these documents will remain non-compliant with the WCAG. However, people running into problems with accessibility regarding any of these documents can contact the PKIoverheid team using the contact link below. When contacted, the team will provide the desired information in a suitable format. Any accessibility enhancements made this way will be retrofitted on this website for future visitors, as long as they do not involve actual text updates.
- CPS PA PKIoverheid Unified version 5.2 (Effective date: January 16, 2024)
- CPS PA PKIoverheid Unified version 5.1 (Effective date: October 16, 2023)
- CPS PA PKIoverheid Unified version 5.0 (Effective date: October 17, 2022)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.6 for G3 CA certificates (Effective date: April 2022)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.5 for G3 CA certificates (Effective date: April 2021)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.4 for G3 and G2 CA certificates (Effective date: December 2020)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.3 for G3 and G2 CA certificates (Effective date: December 2019)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.2 for G3 and G2 CA certificates (Effective date: November 2018)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.1 for G3 and G2 CA certificates (Effective date: December 2017)
- Certification Practice Statement of the Policy Authority PKIoverheid version 4.0 for G3 and G2 CA certificates (Effective date: October 2016)
- Certification Practice Statement van de Policy Authority PKIoverheid versie 3.9 voor G3, G2 en G1 CA certificaten (Effective date: February 2015)
- Certification Practice Statement van de Policy Authority PKIoverheid versie 3.8 voor G3, G2 en G1 CA certificaten (Effective date: June 2014)
- Certification Practice Statement van de Policy Authority PKIoverheid versie 3.7 voor G3, G2 en G1 CA certificaten (Effective date: December 18, 2013)