Gatekeeper Documentation

The following Gatekeeper documentation has been arranged under five categories:

Gatekeeper Documents – These are an assortment of documents which provide background and support to Gatekeeper and the Gatekeeper PKI Framework.

Policy Documents – These documents provide policy and operational guidance for the issuance and maintenance of Digital Certificates under Gatekeeper.

Criteria Documents – These documents detail the requirements for the Accreditation and Listing of organisations under Gatekeeper.

Template Documents – These documents provide guidance in relation to development of some of the documents required as appropriate under Gatekeeper.

Guidebooks – These documents provide guidance and understanding in relation to Relationship Certificates, the General Category and Security.

Gatekeeper Documents

Approved Documents and Compliance Requirements

This document provides the list of documents required for Gatekeeper Accreditation/Listing.

Approved Documents and Compliance Requirements PDF version [ - 130 KB]
Approved Documents and Compliance Requirements RTF version [ - 175 KB]

Gatekeeper PKI Framework

The Gatekeeper PKI Framework is a high level conceptual document that provides an overview of the detail of the Gatekeeper accreditation program including in particular the new certificate categories the introduction of Known Customer and Threat / Risk Evidence of Identity models and the range of supplementary certificates. The Framework is supported by a suite of detailed policy guidance and template documents that will facilitate the accreditation and recognition of PKI service providers.

Gatekeeper PKI Framework PDF version [ - 258 KB]
Gatekeeper PKI Framework RTF version [ - 720 KB]

Gatekeeper Strategy

The Gatekeeper Strategy provides the underpinning policy and technology structure for the Gatekeeper accreditation program. The basic elements of the Strategy (including subsequent amendments) have been incorporated or reflected in the development of the Gatekeeper PKI Framework.

Gatekeeper Strategy [ - 306 KB]

Glossary

This document provides a listing and brief explanation of terms used throughout the Gatekeeper documents.

Glossary PDF version [ - 518 KB]
Glossary RTF version [ - 390 KB]

Privacy Impact Assessment

This document is a Privacy Impact Assessment (PIA) for the Gatekeeper PKI Framework as at June 2006. The broad purpose of this PIA is to assess the potential privacy legal issues and privacy perception issues that arise from the reform of Gatekeeper as reflected in the Gatekeeper PKI Framework.

Privacy Impact Assessment [ - 437 KB]

Privacy Impact Assessment Checklist for Known Customer

This document is a Privacy Impact Assessment (PIA) Checklist for Known Customer Organisations (KCO) and Threat and Risk Organisations (TRO) operating under the General Category of the Gatekeeper PKI Framework.

The broad purpose of this PIA Checklist is to assist KCOs and TROs to assess their privacy legal compliance and related privacy perception issues.

Privacy Impact Assessment Checklist for Known Customer [ - 475 KB]

x509 Gatekeeper Certificate and CRL Profile

This document provides a recommended profile for Certificates and Certificate Revocation Lists issued by Gatekeeper Accredited/Recognised Certification Authorities (CAs). Implementation guidance is provided for CAs and certificate processing entities.

x509 Gatekeeper Certificate and CRL Profile PDF version [ - 271 KB]
x509 Gatekeeper Certificate and CRL Profile RTF version [ - 533 KB]

Policy Documents

Core Obligations Policy

This document sets out the core obligations of the participants in PKI deployments in relation to their roles in the application, generation, issuance and ongoing management of Keys and Digital Certificates issued by a Gatekeeper Accredited Service Provider.

Core Obligations Policy PDF version [ - 206 KB]
Core Obligations Policy RTF version [ - 243 KB]

Corporate Certificate Policy Specification

This Policy Specification provides policy and operational guidance on the deployment of Corporate Certificates under the Gatekeeper PKI Framework.

Corporate Certificate Policy Specification PDF version [ - 119 KB]
Corporate Certificate Policy Specification RTF version [ - 136 KB]

Cross Recognition Policy

This policy paper describes interoperability issues and the requirements of the Gatekeeper domain, including proposed implementation approaches and requirements for other PKI domains seeking interoperability with the Gatekeeper PKI domain. In particular it proposes the mechanism of cross-recognising PKI domains to facilitate (though not guarantee) recognition of their Digital Certificates.

Cross Recognition Policy PDF version [ - 150 KB]
Cross Recognition Policy RTF version [ - 301 KB]

Device Certificate Policy Specification

This document provides Policy Specification for Device Certificates (formerly Type 3 Certificates) that may be adopted by Organisations. This document outlines the benchmark for those seeking Gatekeeper evaluation of their Device Certificate Policies (CPs). Each CP will be compared against the minimum specifications set out in this document and evaluated on a case-by-case basis.

Device Certificate Policy Specification PDF version [ - 116 KB]
Device Certificate Policy Specification RTF version [ - 324 KB]

EOI Policy

This document outlines the Evidence of Identity (EOI) processes and requirements for individuals, organisations and devices for all Certificate Categories under the Gatekeeper PKI Framework.

EOI Policy PDF version [ - 231 KB]
EOI Policy RTF version [ - 538 KB]

General Business Certificate Policy Specification

This document is a Policy Specification for Digital Certificates issued under the General Category of the Framework for businesses.

General Business Certificate Policy Specification PDF version [ - 228 KB]
General Business Certificate Policy Specification RTF version [ - 405 KB]

General Individual Certificate Policy Specification

This document is a policy specification for Individual Certificates issued under the General Category of the Framework.

General Individual Certificate Policy Specification PDF version [ - 219 KB]
General Individual Certificate Policy Specification RTF version [ - 358 KB]

Hosted Certificate Policy Specification

This Specification provides policy and operational guidance on the deployment of Hosted Certificates within the Special Category of the Framework.

This Specification applies solely to a situation where a digital certificate issued by a Gatekeeper Accredited or Recognised CA and its associated Private Key(s) are stored on a device or application other than a device or application owned, operated or controlled by the Subscriber and where the Private Keys are used by another Organisation (the Host that owns, operates or controls the relevant device or application) to digitally sign / encrypt messages on behalf of the Subscriber.

Hosted Certificate Policy Specification PDF version [ - 150 KB]
Hosted Certificate Policy Specification RTF version [ - 223 KB]

Security Profile

This document provides guidance for applicants for Gatekeeper as well as Authorised Evaluators in relation to the structure and content of the Security Profile document. The Security Profile (SEC1) is a core document that addresses all elements of a Service Provider's physical, logical and personnel security.

Security Profile PDF version [ - 233 KB]
Security Profile RTF version [ - 389 KB]

Criteria Documents

CA Accreditation Criteria

This document provides details of the Gatekeeper Accreditation process for CAs and should be used by potential CAs to identify the standards to which their PKI operations (business facilities, policies, resources, procedures and technologies) need to conform in order to be granted Gatekeeper Accreditation.

CA Accreditation Criteria PDF version [ - 173 KB]
CA Accreditation Criteria RTF version [ - 408 KB]

CA Operations Manual Criteria

This document describes the content and structure of a Certification Authority Operations Manual. It has been developed using the RFC3647 Certificate Policy and Certification Practices Framework as a guide to assist an applicant for Gatekeeper Accreditation/Recognition to effectively manage its PKI operations.

CA Operations Manual Criteria PDF version [ - 218 KB]
CA Operations Manual Criteria RTF version [ - 360 KB]

Known Customer Organisation Listing Requirements

This document details the requirements for the Listing of Known Customer Organisations under Gatekeeper. Listing is a formal acknowledgement that the organisation has satisfied specific Gatekeeper requirements and will provide the necessary assurance to Relying Parties and Subscribers.

Known Customer Organisation Listing Requirements PDF version [ - 190 KB]
Known Customer Organisation Listing Requirements RTF version [ - 177 KB]

RA Accreditation Criteria

This document provides an overview of the Gatekeeper Accreditation process for Registration Authorities (RAs) and should be used by potential RAs to identify the standards to which their PKI operations (business facilities, policies, resources, procedures and technologies) need to conform in order to be granted Gatekeeper Accreditation.

RA Accreditation Criteria PDF version [ - 238 KB]
RA Accreditation Criteria RTF version [ - 319 KB]

RA Operations Manual Criteria

This document describes the content and structure of a Registration Authority Operations Manual. It has been developed using the RFC3647 Certificate Policy and Certification Practices Framework as a guide to assist an applicant for Gatekeeper Accreditation to effectively manage its RA operations.

RA Operations Manual Criteria PDF version [ - 204 KB]
RA Operations Manual Criteria RTF version [ - 187 KB]

Threat and Risk Organisation Listing Requirements

This document details the requirements for the Listing of Threat and Risk Organisations under Gatekeeper. Listing is a formal acknowledgement that the organisation has satisfied specific Gatekeeper requirements and will provide the necessary assurance to Relying Parties and Subscribers.

Threat and Risk Organisation Listing Requirements PDF version [ - 195 KB]
Threat and Risk Organisation Listing Requirements RTF version [ - 187 KB

Validation Authority Listing Requirements

This document details policies and procedures for Gatekeeper Listing of Validation Authorities. Listing is a formal acknowledgement that the organisation has satisfied specific Gatekeeper requirements and will provide the necessary assurance to Relying Parties.

Validation Authority Listing Requirements PDF version [ - 220 KB]
Validation Authority Listing Requirements RTF version [ - 535 KB

Template Documents

Head Agreement template

This document provides a template for the preparation of the Head Agreement between the Commonwealth and Gatekeeper Accredited Service Provider.

Head Agreement template [ - 477 KB]

Deed of Agreement template for Listed Organisations

This document provides a template for the preparation of the Deed of Agreement between the Commonwealth and the Gatekeeper Listed Organisation.

Deed of Agreement template for Listed Organisations [ - 515 KB]

Supplementary Certificate Policy Specification template

This document is a template for the preparation of a Supplementary Certificate Specification. It is based on an analysis of all available Policy Specifications issued by Gatekeeper Accredited/Recognised Service Providers.

Supplementary Certificate Policy Specification template PDF Version [ - 133 KB]
Supplementary Certificate Policy Specification template RTF Version [ - 153 KB]

Relationship Certificate CP template

This document is a Relationship Certificate CP Template and is based on IETF RFC 3647. It includes simplifying assumptions, detailing matters to be removed or migrated to the CPS or other documents.

Relationship Certificate CP template [ - 266 KB]

Services Agreement template

This document provides a template of the Services Agreement between an agency wishing to employ a service provider and the Service Provider.

Services Agreement template [ - 273 KB]

Threat and Risk Assessment template

This document provides a template for conducting a Threat and Risk Assessment (TRA) in a PKI deployment. It outlines a standardised set of general threats that may be encountered.

The template also includes at Appendix 1, the template for the TRA conducted on Threat and Risk Organisations which measure whether or not the EOI processes utilised in that particular PKI deployment meet the test of EOI Assurance in the General category.

Threat and Risk Assessment template [ - 464 KB]

Guidebooks

General Certificate Guidebook

This document provides guidance for Service Providers, Organisations and clients to issue, manage and use digital certificates under the General Category. It is intended to provide an overview of policy issues, implementation issues and evaluation criteria relevant to the General Category.

General Certificate Guidebook PDF version [ - 196 KB]
General Certificate Guidebook RTF version [ - 265 KB]

Relationship Certificate Guidebook

This document provides guidance for Service Providers, Organisations and their Clients, as appropriate to issue, manage and use Relationship Certificates. It is intended to provide an overview of policy issues, implementation issues and light touch regulatory oversight relevant to Relationship Certificates.

Relationship Certificate Guidebook PDF version [ - 331 KB]
Relationship Certificate Guidebook RTF version [ - 655 KB]

Security Guidebook

The purpose of the document is to assist potential Gatekeeper service providers, consultants and assessors in understanding the security that must be applied.

Security Guidebook PDF version [ - 277 KB]
Security Guidebook RTF version [ - 554 KB]

Gatekeeper is a registered trademark.

Contact for information on this page: Gatekeeper Team

Skip links

Main site links

Contact and help

Menu