Public Service Description
The DPKI X.509 Certificate Policy Version 3.0 (dated 8 October 08 | OID 1.2.826.0.1310.100.3) provides a full description of the DPKI and the Defence Root Certification Authority (DRCA) role.
The DRCA provides Trust Services for the Defence environment and is the ultimate trust point for the DPKI. It provides support to authentication, integrity, confidentiality and non-repudiation services through the use of X.509 certificates.
The DPKI Trust Service (using the DRCA as its root) is a pan-MoD provision that will be available to all MoD recognised projects, applications, services and entities that require it subject to approval from DPKI Policy Management Authority (DPMA) . Through interoperability, the DPKI will extend its Trust Services to Organisations and Nations that the MoD has a business or operational requirement, such as NATO, the US DoD and TSCP.
The DRCA maintains the Root private signing key for the DPKI. It provides all sub-ordinate CA’s with their Public and Private keys that are embedded into certificates. It also issues Authority Revocation Lists (ARL) on a monthly basis to these CA’s as well as emergency ARL’s when required.
A strict process is followed to ensure the identity of those who request sub-ordinate certificates or emergency revocations and a validation process is invoked to ensure that they are authorised to do so.