Skip to topic | Skip to bottom
Home
Sandbox
Create personal sidebar
Sandbox.LOA3r1.4 - 23 Jan 2008 - 16:49 - MichaelHelm12345topic end
Start of topic | Skip to actions

Personal Appearance Identity Verification

A person (a human end-entity (EE)) requests identity certification. The person appears before a registration authority (RA) or the registration authority agent. The prospective EE provides authentic, government-issued identification documents that support the EE’s identity assertion.

This method of verification is commonly employed in certification authorities (CAs), by notaries public in the course of performing notarial acts, by courts of law, and is part of many identity processes elsewhere (such as PIV-1). These government-issued identification documents are personally identifying information (PII).

The RA decides whether or not to approve the certification, and records a legally acceptable description of the event in RA log files.

The RA SHOULD have sufficient training and understanding of the local legal requirements to handle the security and confidentiality of any PII provided.

The RA SHOULD inspect identification documents and make a reasonable assessment of their integrity. The RA is not obliged to make an exhaustive investigation for fraud or forgery.

Here are some examples of satisfactory transactions and associated documentation.

“John Doe submitted a CSR. On 21 Jan 2008 John Doe arrived in my office, and showed me CA DL#xxxxxxxx.”

“On 15 May 2006, I did a Thawte notarization of John Doe. On 21 Jan 2008, John Doe sent me an email signed by his Thawte certificate, containing a CSR.”

“On 15 Jan 2008 I participated in a video conference that included Steve Manager and Jane Doe. Jane said she would be submitting her CSR shortly, and showed me her Tralfamadorian passport.” (Agent should confirm CSR with Jane.)

Unacceptable as-is: additional documentation needed.

“On 19 Jan 2008 a request for a certificate from MarySmith@example.com arrived. Mary faxed me a copy of her birth certificate.” (Not connected to requestor; difficult because not photo identification.)

“On 19 Jan 2008 Mary Smith appeared in my office to confirm her CSR, but she lacked any acceptable government-issued photo ID. Later she sent me a photocopy of her driver’s license by interoffice mail.” (Events must be concurrent.)

“On 19 Jan 2008 Jack Smith appeared in my office to confirm his CSR. Jack is personally known to me. (Personal knowledge is acceptable in some forms of this verification.)

-- Main./DC=org/DC=doegrids/OU=People/CN=Michael Helm 12345 - 24 Jan 2008
to top

End of topic
Skip to action links | Back to top

Edit | Attach image or document | Printable version | Raw text | More topic actions
Revisions: | r1.4 | > | r1.3 | > | r1.2 | Total page history | Backlinks
You are here: Sandbox > IDVerif > LOA3

to top

Copyright © 1999-2008 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback