Revoking a Certificate

The individual making the request for certificate revocation shall either digitally sign requests sent via email, or the individual shall present the request in person to the RA.

Individual Revocation Request Letter

Corporate Revocation Request Letter

Note: Code signer certificates are not normally revoked when the code signer departs or is no longer with the organization. If the code signer is suspected of having signed (intentionally or unintentionally) unapproved code, the code signer certificate may be revoked by the RA.

The following authorized parties may request revocation of a certificate:

• Any End Entity may request revocation of their own certificate(s) and RAs may request revocation of any EE certificate on behalf of the EE or other authorized party

• The WidePoint IA may revoke any certificate within its domain for reasons identified in this CPS

• Other parties may also request revocation of certificates through a RA or LRA. The RA or LRA shall validate the credentials of the requesting party, and the RA shall determine if the revocation request meets the requirements of Section 4.4.1 of the WidePoint CPS.

If any individual has reason to believe that a certificate private key has been compromised, that individual is required to notify an RA or LRA of the compromise suspicion. It is the responsibility of the RA to investigate the information and determine if certificate revocation is warranted.

If so, the RA shall forward the revocation request along with documentation of the reason for the request to the IA. WidePoint-ORC will send a written notice and brief explanation for the revocation to the Subscriber.

If any of the following points apply to your current situation then immediately have your certificate revoked. If your key is compromised, report it to WidePoint at 1-800-816-5548, or email immediately.

Circumstances for Revocation