Minnesota Statutes 325K.10 – Issuance of Certificate
Subdivision 1.Conditions.
A licensed certification authority may issue a certificate to a subscriber only after all of the following conditions are satisfied:
Terms Used In Minnesota Statutes 325K.10
- Certificate: means a computer-based record that:
(1) identifies the certification authority issuing it;
(2) names or identifies its subscriber;
(3) contains the subscriber's public key; and
(4) is digitally signed by the certification authority issuing it. See Minnesota Statutes 325K.01
- Certification authority: means a person who issues a certificate. See Minnesota Statutes 325K.01
- Confirm: means to ascertain through appropriate inquiry and investigation. See Minnesota Statutes 325K.01
- Contract: A legal written agreement that becomes binding when signed.
- Licensed certification authority: means a certification authority to whom a license has been issued by the secretary and whose license is in effect, or a certification authority who operates under a license issued by a governmental entity which has been certified pursuant to section 325K. See Minnesota Statutes 325K.01
- Person: means a human being or an organization capable of signing a document, either legally or as a matter of fact. See Minnesota Statutes 325K.01
- Private key: means the key of a key pair used to create a digital signature. See Minnesota Statutes 325K.01
- Public key: means the key of a key pair used to verify a digital signature. See Minnesota Statutes 325K.01
- Publish: means to record or file in a repository. See Minnesota Statutes 325K.01
- Recognized repository: means a repository recognized by the secretary under section 325K. See Minnesota Statutes 325K.01
- Revoke a certificate: means to make a certificate ineffective permanently from a specified time forward. See Minnesota Statutes 325K.01
- Secretary: means the Minnesota secretary of state. See Minnesota Statutes 325K.01
- Subscriber: means a person who:
(1) is the subject listed in a certificate;
(2) accepts the certificate; and
(3) holds a private key that corresponds to a public key listed in that certificate. See Minnesota Statutes 325K.01
- Suspend a certificate: means to make a certificate ineffective temporarily for a specified time forward. See Minnesota Statutes 325K.01
- Verify a digital signature: means , in relation to a given digital signature, message, and public key, to determine accurately that:
(1) the digital signature was created by the private key corresponding to the public key; and
(2) the message has not been altered since its digital signature was created. See Minnesota Statutes 325K.01
(1) the certification authority has received a request for issuance signed by the prospective subscriber;
(2) the prospective subscriber or the prospective subscriber’s duly authorized agent must appear before the licensed certification authority to present the request; and
(3) the certification authority has confirmed that:
(i) the prospective subscriber is the person to be listed in the certificate to be issued;
(ii) if the prospective subscriber is acting through one or more agents, the subscriber duly authorized each agent to have custody of the subscriber’s private key and to request issuance of a certificate listing the corresponding public key;
(iii) the information in the certificate to be issued is accurate;
(iv) the prospective subscriber rightfully holds the private key corresponding to the public key to be listed in the certificate;
(v) the prospective subscriber holds a private key capable of creating a digital signature;
(vi) the public key to be listed in the certificate can be used to verify a digital signature affixed by the private key held by the prospective subscriber; and
(vii) the certificate provides information sufficient to locate or identify one or more repositories in which notification of the revocation or suspension of the certificate will be listed if the certificate is suspended or revoked.
The requirements of this subdivision may not be waived or disclaimed by either the licensed certification authority, the subscriber, or both.
Subd. 2.Publication.
If the subscriber accepts the issued certificate, the licensed certification authority shall publish a signed copy of the certificate in a recognized repository, as the certification authority and the subscriber named in the certificate may agree, unless a contract between the certification authority and the subscriber provides otherwise. If the subscriber does not accept the certificate, a licensed certification authority shall not publish it, or shall cancel its publication if the certificate has already been published.
Subd. 3.Application of other standards.
Nothing in this section precludes a licensed certification authority from conforming to standards, certification practice statements, security plans, or contractual requirements more rigorous than, but nevertheless consistent with, this chapter.
Subd. 4.Suspension or revocation.
After issuing a certificate, a licensed certification authority shall revoke it immediately upon confirming that it was not issued as required by this section. A licensed certification authority may also suspend a certificate that it has issued for a reasonable period not exceeding 48 hours as needed for an investigation to confirm grounds for revocation under this subdivision. The certification authority shall give notice to the subscriber as soon as practicable after a decision to revoke or suspend under this subdivision.
Subd. 5.Order of suspension or revocation.
The secretary may order the licensed certification authority to suspend or revoke a certificate that the certification authority issued if, after giving any required notice and opportunity for the certification authority and subscriber to be heard in accordance with the Administrative Procedure Act, chapter 14, the secretary determines that:
(1) the certificate was issued without substantial compliance with this section; and
(2) the noncompliance poses a significant risk to persons reasonably relying on the certificate.
Upon determining that an emergency requires an immediate remedy, and in accordance with the Administrative Procedure Act, chapter 14, the secretary may issue an order suspending a certificate for a period not to exceed 96 hours.