SK

Print

Certificate Policies

Certificate Policy for ID-card, Digi-ID, RP-card and Diplomatic-ID

Requirements for the Qualified Electronic Signature and Authentication Certificates that are issued for Estonian identity card, residence permit card, digital identity card and diplomatic identity card. Certificates issued under this policy are issued and served by the intermediate CA ESTEID2018.

Certificate Policy is published: https://www.id.ee/en/article/certificate-policy-for-identity-card-digital-identity-card-residence-permit-card-and-diplomatic-identity-card-2/

Certificate Policy for ID card and Digi-ID

Requirements for the Qualified Electronic Signature and Authentication Certificates that are issued for Estonian identity card, residence permit card and digital identity card. Certificates issued under this policy are issued and served by the intermediate CA ESTEID-SK 2015 and served by intermediate CA ESTEID-SK 2011.

Certificate Policy for ID card

Version 9.0
OID: 1.3.6.1.4.1.10015.1.1

Download:
Version 9.0, PDF (valid from 10.04.2020)

Older versions:
Version 8.0, PDF (valid from 01.05.2019)
Version 7.0, PDF (valid from 01.11.2017)
Version 6.0, PDF (valid from 01.11.2016)

Certificate Policy for Digi-ID

Version 11.0
OID: 1.3.6.1.4.1.10015.1.2

Download:
Version 11.0, PDF (valid from 10.04.2020)

Older versions:
Version 10.0, PDF (valid from 03.07.2019)
Version 9.0, PDF (valid from 01.05.2019)
Version 8.0, PDF (valid from 01.11.2018)
Version 7.0, PDF (valid from 01.11.2017)
Version 6.0, PDF (valid from 01.11.2016)

Older versions of ESTEID Card Certificate Policies:
Version 5.0, PDF (valid from 25.01.2016)
Version 4.0, PDF (valid from 01.12.2014)
Version 3.3, PDF (valid from 01.09.2012)
Version 3.2, PDF (valid from 01.01.2011)
Version 2.2, PDF (valid from 01.01.2010)

Certificate Policy for the digital identity card in form of the Mobile-ID

Requirements for the Qualified Electronic Signature and Authentication Certificates that are issued for Estonian digital identity card in form of the Mobile-ID. Certificates issued under this policy are issued and served by the intermediate CA ESTEID-SK 2015 and served by intermediate CA ESTEID-SK 2011.

Version 10.0
OID: 1.3.6.1.4.1.10015.1.3

Download:
Version 11.0, PDF (valid from 02.07.2022)

Older versions:
Version 10.0, PDF (valid from 27.05.2021)
Version 9.0, PDF (valid from 15.08.2020)
Version 8.0, PDF (valid from 10.04.2020)
Version 7.0, PDF (valid from 01.05.2019)
Version 6.0, PDF (valid from 24.10.2017)
Version 5.0, PDF (valid from 01.11.2016)
Version 4.0, PDF  (valid from 27.06.2016)
Version 3.0, PDF (valid from 01.01.2016)
Version 2.0, PDF (valid from 01.01.2015)
Version 1.1, PDF (valid from 01.02.2011)

 

Certificate Policy for Mobile-ID

Requirements for issuing and service of Qualified Electronic Signature Certificates and Authentication Certificates for Mobile-ID issued from 02.07.2022.

Version 4.0
OID: 1.3.6.1.4.1.10015.18.1

Download:
Version 4.0, PDF (valid from 02.07.2022)

Certificate Policy for Mobile-ID of Lithuania

Requirements for issuing and service of Qualified Electronic Signature Certificates and Authentication Certificates for Mobile-ID of Lithuania.

Version 3.0
OID: 1.3.6.1.4.1.10015.18.1

Download:
Version 3.0, PDF (valid from 12.05.2021) 

Older versions:
Version 2.0, PDF (valid from 10.04.2020) 
Version 1.0, PDF (valid from 01.03.2018) 

Certificate Policy for Qualified Smart-ID

Requirements fo issuing Qualified Certificates for Electronic Signatures and Authentication Certificates for Qualified Smart-ID.

Version 9.0
OID: 1.3.6.1.4.1.10015.17.2

Download:
Version 9.0, PDF (valid from 17.05.2022)

Older versions:
Version 8.0, PDF (valid from 17.02.2022)
Version 7.0, PDF (valid from 12.05.2021)
Version 6.0, PDF (valid from 21.02.2020)
Version 5.0, PDF (valid from 08.11.2018)
Version 4.1, PDF (valid from 06.07.2018)
Version 4.0, PDF (valid from 01.06.2017)
Version 3.0, PDF
Version 2.0, PDF
Version 1.0, PDF

Certificate Policy for non-qualified Smart-ID

Requirements for issuing non-qualified Electronic Signature Certificates and Authentication Certificates for non-qualified Smart-ID.

Version 4.0
OID: 1.3.6.1.4.1.10015.17.1

Download:
Version 4.0, PDF (valid from 12.05.2021)

Older versions:
Version 3.0, PDF (valid from 01.07.2019)
Version 2.0, PDF (valid from 25.06.2019)
Version 1.1, PDF(valid from 09.02.2017)
Version 1.0, PDF 

Certificate Policy for Organisation Certificates

Requirements for issuing of e-Seal Certificates, Certificates for Encryption and Certificates for Authentication. The requirements for issuing TLS Server Certificates have been moved to a separate document.

Version 12
OID: 1.3.6.1.4.1.10015.7.3

Download:
Version 13, PDF (valid from 17.04.2022)

Older versions:
Version 12, PDF (valid from 12.07.2021)
Version 11, PDF (valid from 15.08.2019)
Version 10, PDF (valid from 30.11.2017)
Version 9.0, PDF (valid from 03.07.2017) 
Version 8.0, PDF (valid from 01.06.2017)
Version 7.0, PDF (valid from 03.02.2017)
Version 6.0, PDF (valid from 01.07.2016)
Version 5.0, PDF (valid from 22.06.2016)
Version 4.0, PDF (valid from 01.02.2016)
Version 3.0, PDF (valid from 13.02.2015)
Version 2.6, PDF (valid from 20.06.2014)
Version 2.5, PDF (valid from 21.12.2012)
Version 2.4, PDF (valid from 28.09.2012)
Version 2.3, PDF (valid from 20.07.2012)
Version 2.2, PDF (valid from 10.05.2010)
These documents are available only in Estonian.
Version 2.1, PDF (valid from 13.08.2009)
Version 1.1, PDF (valid from 13.10.2006)
Version 1.0, PDF (valid from 10.04.2002)
Version 0.3, PDF (valid from 12.05.2003)

SK Certificate Policy for TLS Server Certificates

Requirements for issuing and managing TLS Server Certificates.

Version 8.0
OID: 1.3.6.1.4.1.10015.7.2

Download:
Version 8.0, PDF (valid from 12.05.2021)

Older versions:
Version 7.0, PDF (valid from 10.04.2020)
Version 6.0, PDF (valid from 22.05.2019)
Version 5.0, PDF (valid from 30.11.2017)
Version 4.0, PDF (valid from 03.07.2017) 
Version 3.0, PDF (valid from 01.06.2017)
Version 2.0, PDF (valid from 03.02.2017)
Version 1.0, PDF (valid from 01.07.2016)

Certificate Policy for EE Certification Centre Root CA

Requirements for issuing and managing certificates issued by SK's Root CA for intermediate CAs. Certificate policy for EE Certification Centre Root CA is expired. SK's activity in issuing and managing certificates issued by Root CA for intermediate CAs has been transferred to certification practice statement of EECCRCA. 

Expired versions:
These documents are available only in Estonian.
Version 2.0, PDF
Version 1.1, PDF

Certificate Policies for terminated services

Requirements for services that are no longer provided by SK. 

SEB-card Certification Policy

Requirements for the organisation cards certificates for natural persons.

Version 6.0
OID: 1.3.6.1.4.1.10015.13.1

Download:
Version 6.0, PDF (valid from 10.04.2020)

Older versions:
Version 5.0, PDF (valid from 01.11.2017)
Version 4.0, PDF (valid from 01.04.2017) 
Version 3.0, PDF (valid from 01.01.2017)
Version 2.0, PDF (valid from 30.03.2015)
Version 1.0, PDF (valid from 21.09.2012)

Certificate Policy for Mobile-ID

Requirements for issuing Mobile-ID Certificates. Certificate Policy for Mobile-ID has expired.

Expired versions:
Version 2.0, PDF (valid from 16.12.2009)

Certificate Policy for Lithuanian Mobile-ID

Requirements for issuing Lithuanian Mobile-ID Certificates. Certificate Policy for Lithuanian Mobile-ID has expired.

Expired versions:
Version 2.0, PDF (valid from 01.01.2016)
Version 1.1, PDF (valid from 16.03.2015)