SwissSign Certificate Services -

Trust SwissSign Certificate Authority

Trust is a basic requirement for all security models based on Public Key Infrastructure (PKI). All PKIs are hierarchically organized in tree structures and the trust anchor of the PKI is the top level Certificate Authority (CA). This CA is often called the Root CA. It normally has several subsidiary CAs that have their certificates signed by the Root CA. Subsidiary CAs that issue end user certificates are often called Issuing CAs and the end user certificate carries the signature of the Issuing CA.

To establish trust with a PKI you can import the Root CAs certificate into your application and the trust then extends over the entire tree and validates all end user certificates regardless whether they have been directly or indirectly been signed by the Root CA. Modern Applications will allow the end user to define exactly for which purposes the certificates issued by a particular PKI are to be trusted. These purposes may be: email protection, server authentication, time stamping or code signing, to name the most common ones.

Trust is an essential element in a PKI. The Certificate Policy and Certification Practice Statement (CP/CPS) will provide transparency for the overall processes and thus helps to improve trust. Besides this document the Certificate Authority operatores under the laws and duties of the country in which the Authority is located.

Why can you trust SwissSign? Or what is the difference to other PKI vendors? Here are some reasons:

SwissSign has been certified on October 30th, 2006 to issue qualified certificates according to Swiss digital signature law. This certification encompasses the audit of the security, procedures, operation, legal and technical aspects of the PKI and it implies that SwissSign meets the highest commercial requirements.
SwissSign is based in Switzerland and operates under Swiss law.
The SwissSign CA software has been developped by SwissSign and is based purely on our internally developped code or on open source libraries. Customers may verify the correctness of our code in a guided code review.