Specific terms of use of cryptographic key management service

Download the Specific terms of use of cryptographic key management service

The purpose of these Specific Terms of Use (STU) is to define the conditions for accessing and using the Cryptographic Key Management Service. They supplement the ToU of Universign services on which they take precedence and the Certification Policy.

Before any use of the Service, the User shall acknowledge:

  • that they have read these STU;
  • that they consent to the STU of the Electronic Signature Service and/or to the STU of the Electronic Seal Service;
  • that they have the legal competence and authorizations to commit to the terms of these STU;
  • that they accept the STU without reserve.

The acceptance of the User is materialized by clicking on the check box on the Website at the time of the creation of a User account or prior to the signature.

These STU are made available by Universign on its website. They can be downloaded in PDF format.

DEFINITIONS

  • Key pair: refers to a pair of cryptographic keys consisting of a private key and a public key associated with a Certificate issued by the Certification Authority.
  • Registration File: refers to the file based on which the request for the Certificate containing the information and supporting documents required by the CP is made.
  • Authorized Persons: refers to persons expressly authorized by the Certificate’s Holder to use the private key associated with the Electronic Seal Certificate issued in their name.
  • Certification Representative: means the individual responsible for the life-cycle of the Electronic Seal Certificate. This is a legal representative of the Certificate’s Holder or a person duly authorized to this effect by a legal representative of the Certificate Holder.
  • Certification Service: means Universign’s Certificate issuing service.

Article 1 – CRYPTOGRAPHIC KEY MANAGEMENT SERVICE

The Cryptographic Key Management Service enables the Certificate’s Holder to generate a Key pair associated with a Certificate and to use it remotely to sign or seal the Documents by means of an Electronic Signature or of an Electronic Seal.

Article 1.1. – Access to the service

Access to and use of the Service require:

  • The creation of a User Account
  • A means of personal authentication accepted by Universign (ex: a personally assigned mobile phone number)
  • A subscription to the Certification Service.

The conditions for issuing, managing and revoking Certificates are laid down by the Certification Policy.

Article 1.2. – Service usage

For the creation of an Electronic Signature, the Key pair associated with the Certificate is enabled remotely after authentication of the Certificate’s Holder by means of a confidential code sent to the phone number provided to Universign.

For the creation of an Electronic Seal, the Key-pair  associated with the Certificate is enabled remotely after authentication of the Certificate’s Holder or of an Authorized Person by means of a unique identifier.

Any use of the Key-pair by Authorized Persons is deemed to be made by the Certificate Holder.

Article 1.3. – Usage restriction

Universign does not guarantee that the Service is suited to the needs of the User. It is the responsibility of the User to verify this suitability.

Article 2 – OBLIGATIONS OF THE USER

The User undertakes to ensure the security of their means of authentication so as to avoid the use of the Key pair by unauthorized third parties.

They shall be particularly committed to taking the necessary measures to ensure the confidentiality of the means of activation sent by Universign and to implementing the measures to keep the Key pair under the exclusive control of the Authorized Persons.

Article 3 – OBLIGATIONS OF UNIVERSIGN

Universign undertakes to generate and to enable the Certificate Holder’s Key pair in a cryptographic device with algorithms which are compatible with the requirements of the CP corresponding to the Certificate.

The cryptographic key management Service allows the Certificate’s Holder to keep the Key pair under their exclusive control for the creation of Electronic Signatures.

The cryptographic key management Service allows the Certificate’s Holder and Authorized Persons to keep the Key pair under their exclusive control for the creation of Electronic Seals.

Universign ensures the protection of the private key of the Key pair in order to ensure its integrity and confidentiality.

Universign shall ensure by appropriate means that the Key pair can no longer be used after the Certificate has expired or been revoked.

With the exception of guarantees expressly provided for by the Agreement, Universign excludes any other express or implied guarantee including any implied guarantee of suitability for a specific use, satisfaction of requirement of the Certificate Holder.

Article 4 – LIABILITY

The User shall accept sole responsibility in the case of harmful consequences caused to third parties resulting from a breach by the Certificate’s Holder or by Authorized Persons under the conditions for the protection of the private key of the Key pair and/or its means of authentication.

Article 5 – INTELLECTUAL PROPERTY

A user license for the Key pair is granted to the Certificate’s Holderas well as to Authorized Persons for the provision of the Electronic Signature and/or Seal Services.

Article 6 – DATA RETENTION

Universign retains the data relating to the verification of the User’s identification data and the log data related to the use of Key pair are kept according to conditions consistent with the personal data protection policy available on the Publication Website.

Test Universign