of November 19, 2010 No. 1222
About approval of Rules of carrying out accreditation of certification centers
According to the subitem 4) of article 4 of the Law of the Republic of Kazakhstan of January 7, 2003 "About the electronic document and the electronic digital signature" the Government of the Republic of Kazakhstan DECIDES:
1. Approve the enclosed Rules of carrying out accreditation of certification centers.
Prime Minister of the Republic of Kazakhstan
Approved by the Order of the Government of the Republic of Kazakhstan of November 19, 2010 No. 1222
1. These rules of carrying out accreditation of certification centers (further - Rules) are developed according to the Law of the Republic of Kazakhstan of January 7, 2003 "About the electronic document and the electronic digital signature" and establish procedure for carrying out accreditation of certification centers.
2. In these rules the following concepts are used:
1) authorized body - the state body performing management in the field of informatization;
2) accreditation of certification center (further - accreditation) official recognition by authorized body of competence of certification center of rendering services;
3) means of cryptographic information protection (further - SKZI) the means realizing algorithms of cryptographic conversions, generation, forming, distribution or management of keys.
3. The authorized body will organize carrying out accreditation of certification centers. Accreditation is performed by the commission on accreditation of certification centers (further - the commission) which structure is determined by authorized body. The commission consists of representatives of authorized body, authorized bodies on information security support (in case of accreditation of the certification centers integrated with the state information systems), homeland security and cryptography, standardization and metrology, technical regulation and technical supervision.
4. Accreditation of certification center is carried out by the commission for the purpose of assessment on compliance to these rules of the legal entity who submitted the application to authorized body (further - the applicant), and also to the requirements established by the legislation of the Republic of Kazakhstan and standards of the Republic of Kazakhstan in the field of the electronic document and the electronic digital signature.
5. Accreditation is performed by the commission based on the statement. The applicant for receipt of the certificate on accreditation (daleesvidetelstvo about accreditation) submits the following documents to authorized body:
1) the statement on issue of the certificate on accreditation according to appendix 1 to these rules;
2) No. 523 is excluded according to the Order of the Government of the Republic of Kazakhstan of 07.09.2016;
3) copies of licenses and/or certificates on the used software of not free distribution, and also documents confirming copyright in case of own development;
4) the certificate of compliance of certification center to requirements of information security and to the standards accepted in the territory of the Republic of Kazakhstan, in case of integration of the accredited certification center with the state information systems;
5) the scheme of interaction of modules (component) of certification center and the scheme of the electronic digital signature with data on the applied algorithms of cryptographic conversions and other basic data (the main requirements) for realization of process of forming of the electronic digital signature and requirements to separate parameters and certification center, approved as the applicant;
6) the list of the approved normative and technical documents regulating:
information security policy of certification center;
regulations or rules of activities of certification center;
to the politician of application of registration certificates;
regulations on certification center;
the instruction for actions of the workers who are carrying out works on behalf of the applicant directly participating in works on maintenance, administration, release of registration certificates of certification center (further - responsible persons) in non-staff, crisis situations;
the instruction about backup of information resources of certification center;
instruction for installation and software setup of certification center;
7) the certificate of conformity on the used SKZI on ST of PK 1073-2007, which it is applied in this certification center and its users.
6. The applicant provides functioning of certification center according to regulations or rules of activities which describe all provided services of certification center.
The policy of application of registration certificates shall describe scope, structure and lifecycle of registration certificates.
The term of consideration of the application can be prolonged for thirty calendar days in case of repeated departure of the commission in certification center for inspection what it is reported to the applicant within three working days from the moment of prolongation of term of consideration about. The authorized body sends the motivated letter to the applicant with indication of the reasons of prolongation of term.
8. Consideration of the application consists of the following stages:
1) inspection of the applicant by the commission on compliance to these rules;
2) issue by authorized body of the certificate on accreditation of certification center in the established form according to appendix 2 to these rules.
9. In case of inspection of the applicant it is determined:
1) compatibility of the used SKZI applied in the checked certification center with Root certification center of the Republic of Kazakhstan;
2) creation and check of chain of registration certificates from the registration certificate of Root certification center of the Republic of Kazakhstan to the registration certificate of the user of certification center (further - the client) with use of SKZI of certification center;
3) availability of the object identifiers registered by authorized body in the registration certificates issued by certification center;
4) mechanism of creation and check of chains of registration certificates of the electronic digital signature;
5) the registered object identifiers (OID);
6) server room;
7) the used communication links;
Disclaimer! This text was translated by AI translator and is not a valid juridical document. No warranty. No claim. More info
Database include more 40000 documents. You can find needed documents using search system. For effective work you can mix any on documents parameters: country, documents type, date range, teams or tags.
More about search system
If you cannot find the required document, or you do not know where to begin, go to Help section.
In this section, we’ve tried to describe in detail the features and capabilities of the system, as well as the most effective techniques for working with the database.
You also may open the section Frequently asked questions. This section provides answers to questions set by users.