Published on 1 December 2023

Class A – Standards and rules

Smart cards

ICT directive A006 and appendices

Signature applications

  • DesktopSigner
  • This is installed as standard on your FOITT federal workstation client.
  • If you are not working with a federal workstation client from the FOITT, we recommend that you purchase and install DesktopSigner yourself.

Private keys

Signature server

Within the Federal Administration, there is the option to save the private key for the qualified personal certificate, as well as the regulated authority certificate, on an SG PKI server, a so-called hardware security module (HSM). No additional hardware is required.

Tokens

As a general rule, the approved tokens for class A can be ordered from the FOBL or directly from the supplier.

Approved type:

  • "Gemalto ID Prime MD 840 Revision B Common Criteria – with protection profile for class A of the Swiss Government PKI"
  • For migrating older class A certificates on ATOS 4.3 B cards, you can order a small number of Gemalto ID Prime MD 840 Revision B Common Criteria Tokens (with or without SIM punching) from the SG PKI (DLV remedy – PKI misc.). For more information, contact pki-info@bit.admin.ch.

Contacts / Support / Ordering / Location and situation plan