Certificate revocation requests may be made by the Subscriber, the Organization that the Subscriber represents or by an ORC Registration Authority (RA).
All revocation requests, along with the reason for the request, are sent to the RA for processing.
- Document the revocation request and the reason for the request.
- Sign and date the revocation request.
- Send a digitally signed email to email@example.com or appear before an ACES RA in person:
WidePoint Cyber Security Solutions (formerly ORC)
11250 Waples Mill Road
South Tower Suite 210
Fairfax, VA 22030
The individual making the request for certificate revocation shall either digitally sign requests sent via e-mail or the individual shall present the request in person to the RA.
If any of the following points apply to your current situation, then immediately have your certificate revoked. If your key is compromised, report it to ORC at 1-888-816-5503, or email firstname.lastname@example.org immediately.
Circumstances for Revocation
- The certificate holder requests that the certificate be revoked.
- The certificate holder can be shown to have violated the subscriber obligations, including payment of any required fees.
- The certificate holder is no longer authorized to hold the certificate (e.g. termination of employment or change in responsibilities).
- The information in the certificate is no longer accurate, and therefore, identifying information needs to be changed (e.g. change of name or privilege attributes asserted in the subscriber’s certificate are reduced).
- The subscriber’s employer or organization requests revocation.
- The certificate was obtained by fraud or mistake.
- The certificate was not correctly requested, issued, or accepted.
- The certificate contains incorrect information, is defective, or creates a possibility of incorrect reliance or usage.
- Certificate private key compromise is suspected.
- The certificate holder fails to make a payment or other contractual obligations related to the certificate.
- Subscribers leaving the organizations that sponsored their participation in the PKI shall surrender to their organization’s PKI point of contact (through any accountable mechanism) all Cryptographic Hardware Tokens that were issued, under the sponsoring organization, prior to leaving the organization. The PKI point of contact shall zeroize or destroy the token promptly upon surrender and shall protect the token from malicious use between surrender and zeroization or destruction. In all cases, whether software or hardware tokens are involved, the organization shall promptly notify an RA to revoke the certificate and attest to the disposition of the token, via a digitally signed email.
- ORC reserves the right to revoke any ORC ACES issued certificate at its discretion.