External Certificate Authority

Subscriber Obligations

In order to request and use an Identity Certificate issued under the ORC ECA CPS you (the subscriber) must agree to the following obligations.

	To accurately represent yourself in all communications with ORC and the PKI.
	To protect the certificate private key from unauthorized access in accordance with the Private Key Protection section of the ORC ECA CPS.
	To immediately report to an RA or LRA and request certificate revocation if Private Key Compromise is suspected.
	To use the certificate only for authorized applications which have met the requirements of the US Government ECA CP and the ORC ECA CPS.
	To use the certificate only for the purpose for which it was issued, as indicated in the key usage extension.
	To report any changes to information contained in the certificate to the appropriate RA or LRA for certificate reissue processing.
	Abide by all the terms, conditions, and restrictions levied upon the use of private keys and certificates.

Theft, compromise or misuse of the private key may cause the Subscriber, Relying Party, and their organization legal consequences.

I understand that during this process I will be generating my key pair and will possess the only copy of my private key on the workstation/computer (or hardware token) from which I am making my request. If lost, damaged, or compromised, I will be responsible for requesting and incurring the costs of a new certificate.