Medium-Hardware Assurance certificates are intended for all applications operating in environments appropriate for medium assurance but require a higher degree of assurance and technical non-repudiation based on the relying party’s assessment. Identity certificates may be used to authenticate to a PKI-enabled application, such as a secure web site, or non-repudiation purposes, (i.e., transactions that have been signed by an identity certificate.) may be legally linked to the owner of that certificate. The certificate may also be used for secure and authenticated email. Encryption certificates may be used for encrypting e-mail. When encrypting e-mail messages, the sender uses the certificate of the recipient(s), and the recipient decrypts the message using his or her private key. Web sites known to require ECA Medium-Hardware Assurance certificates include Navy Data Environemnt (NDE) and NGA.
Note: The issuance of ORC ECA Medium Hardware Assurance certificates requires that the certificate keys be generated in front of a duly designated ORC representative, such as a Registration Authority (RA) or Local Registration Authority (LRA). This will require that you do one of the following:
- Come to an ORC facility (located in Fairfax or Chesapeake, Virginia) to create the certificate requests in the presence of an RA.
- Your company may also designate employees to be trained as duly designated ORC representative (LRAs) and perform this function at your facilities.
