OISTE GLOBAL TRUST MODEL

The OISTE Foundation owns and regulates the OISTE GLOBAL TRUST MODEL, which includes as “Root of Trust” a number of ROOT and SUBORDINATE CERTIFICATION AUTHORITIES, globally recognized. OISTE delegates on the Swiss company WISeKey SA the operation of the systems and infrastructures supporting the Trust Model. OISTE doesn’t issue certificates to end subscribers, but grants to WISeKey a license to operate a set of SUBORDINATE CERTIFICATION AUTHORITY, allowing the delivery of Trust Services for Persons, Applications and Objects.
Important Note for Relying Parties

PRIOR TO ACCESSING AND/OR RELYING UPON THE OISTE ROOT CA CERTIFICATES, YOU ARE REQUIRED TO CONSENT TO THE OISTE RELYING PARTY AGREEMENT. IN ALL CASES, UPON ACCESSING ANY SUCH INFORMATION AND DATA, YOU ARE INDICATING YOUR CONSENT TO THE TERMS AND CONDITIONS OF SUCH RELYING PARTY AGREEMENT.

PLEASE NOTE THAT RELIANCE ON A CERTIFICATE OR CERTIFICATE REVOCATION LISTS ISSUED BY OISTE REQUIRES ASSESSING WHETHER SUCH RELIANCE IS REASONABLE. IN ORDER TO DO SO, IT IS ESSENTIAL TO READ AND UNDERSTAND THE PROVISIONS OF THE  OISTE/WISeKey Global Trust Model CP/CPS.

CURRENT DOCUMENTATION FRAMEWORK OF THE OISTE GLOBAL TRUST MODEL – OGTM

From January 20th, 2025, the current version of the CP/CPS and other relevant documents of the Trust model are published in the GitHub repository https://github.com/OISTE/repository. The repository allows to navigate the version history (see “Releases”).

The latest version of the CP/CPS, in markdown format is always available in https://github.com/OISTE/repository/blob/main/OWGTMCPS.md. For convenience, the GitHub repository also publishes PDF versions. In case of divergence, the markdown version always takes precedence

PRIOR TO January 20th, 2025 – DOCUMENTATION FRAMEWORK OF THE OISTE GLOBAL TRUST MODEL – OGTM

• OGTM Certification Practice Statement Version 3.6 – 18 July 2024 [PDF][All versions]
• OGTM Certificate Policies (CP):
  • CP for Personal Certificates Version 1.5 – 18 July 2024 [PDF][All versions]
  • CP for SSL Certificates Version 1.6 – 18 July 2024 [PDF][All versions]
  • CP for Device Certificates Version 1.2 – 18 July 2024 [PDF][All versions]
• OISTE Root Certificates Embedding Agreement – 16 January 2019

OISTE ROOT CA Certificates

• Root Certificates [Link]
• CRLs (CDP Table) [Link]

Independent Audit Reports

• WebTrust audit for Certification Authorities (June 2020) [Link]
• WebTrust audit for SSL – Baseline Requirements and Network Security (June 2020) [Link]
• WebTrust audit for Extended Validation SSL [Link]

LICENSED SUBORDINATE CERTIFICATION AUTHORITIES

The following entities have been granted a license to operate as Subordinate CAs of the OISTE Roots:

• WISEKEY SA:
  • Allowed to run non-constrained CAs: YES
  • Allowed Certification Policies: ALL POLICIES
  • Independent Audit Required: YES [Link to Audit Reports]
  • Document Repository page: hhttps://www.wisekey.com/company/legal-information/pki-documentation/
• WISEKEY INDIA PRIVATE LIMITED:
  • Allowed to run non-constrained CAs: NO
  • Allowed Certification Policies: ONLY PERSONAL CERTIFICATES, NOT ALLOWED FOR SECURE EMAIL
  • Independent Audit Required: NO
  • Document Repository page: N/A

OTHER RELATED DOCUMENTS

• WISeKey Vulnerability Reporting Policy [HTML]
• WISeKey Privacy Notice [HTML]
• CertifyID Certificate Subscriber Agreement [PDF]
• CertifyID Relying Party Agreement [PDF]
• CertifyID Identity Validation Overview [PDF]
• CertifyID Classes and Requirements Overview [PDF]