KLA - Class A certificate KLA001 - CP/CPS Root CA IV Certificate Policy and Certification Practice Statement of the Swiss Government Root CA IV
Link
KLA004 - User agreement and terms of use for Class A certificates – Regulated and qualified certificates in accordance with ZertES (for legal entities and natural persons) (in German) KLA017 - Registration for LRAO training class A KLA018 - Application for qualified Class A certificates for natural persons (in German) KLA019 - Revocation request for qualified certificates for natural persons (in German) KLA021 - Application LRA Officer (in German) KLA022 - Confirmation of receipt of LRA Officer certificate (in German) KLA024 - Checklist for revoking a Class A certificate (in German) KLA025 - Checklist for revoking a regulated public key certificate (in German) KLA027 - LRAO training KLB - Class B certificate KLB001 - CP/CPS Root CA I Certificate Policy and Certification Practice Statement of the Swiss Government Root CA I
Link
KLB003 - Verification of applicant's identity, class B KLB021 - User agreement and terms of use for advanced class B certificates (for natural persons) User agreement and terms of use for personal advanced certificates of the Swiss Government PKI of the Federal Authorities of the Swiss Confederation
Link
KLB026 - Quick Guide: Changing the language of the Swiss Government PKI wizards (tools) KLB027 - Guidelines for the Registration Identification Officer (RIO) (in German) KLB030 - Checklist: Issue of Class B certificates «mit RIO» (in German) KLC - Class C certificate KLC001 - CP/CPS Root CAII Certificate Policy and Certification Practice Statement of the Swiss Government Root CA II
Link
KLC002 - CP/CPS Root CAIII Certificate Policy and Certification Practice Statement of the Swiss Government Root CA III
Link
TSP - Trust Service Provider TSP003 - CA Layout and Policies Swiss Government PKI - CA Layout and Policies
Link
TSP004 - Swiss Government Object Identifiers (OID) TSP006 - Swiss travel documents for foreign nationals (in German) TSP012 - Swiss Government PKI - Root CA – CP/CPS Certificate Policy and Certification Practice Statement of the Swiss Government Root CA
Link
GV - Laws and ordinances Fedlex - The publication platform for federal law
GV003 - Federal law on information security (in German) GV004 - Ordinance on Information Security in the Federal Administration and the Armed Forces (in German) GV005 - Regulation on personal security checks (VPSP) (in German) Link - Verordnung über die Personensicherheitsprüfungen
GV006 - Federal Act on Archiving (ArchA) GV007 - Federal law on the responsibility of the Confederation and its authorities, members and officials (in German) GV008 -Government and Administration Organisation Act (GAOA) GV010 - Ordinance on the coordination of digital transformation and ICT governance in the Federal Administration (VDTI) (in German) GV011 - Regulation on identity management systems and directory services of the Federal Government (UAMV) (in German) GV012 - Ordinance on the processing of personal data collected when using the federal government's electronic infrastructure ((VBNIB) (in German) Link - Verordnung über die Bearbeitung von Personendaten, die bei der Nutzung der elektronischen Infrastruktur des Bundes anfallen (VBNIB)
GV013 - Ordinance on the organisation of public procurement in the Federal Administration (Org-VöB) (in German) GV014 - Organisational Ordinance for the Federal Department of Finance (OV-EFD) (in German) GV015 - Federal Data Protection Act (DSG) (in German) Link - Datenschutzgesetz (DSG)
GV016 - Ordinance on Data Protection (DPO) GV018 - Federal Act on Certification Services in the Field of Electronic Signatures and Other Applications of Digital Certificates (ZertES) (in German) GV019 - Regulation on certification services in the field of electronic signatures and other applications of digital certificates (VZertES) (in German) GV020 - Ordinance of the Federal Office of Communications (OFCOM) on certification services in the field of electronic signatures and other applications of digital certificates (in German) GV022 - Regulation on security clearance checks for individuals (PSPV) (in German) GV023 - Regulation (EU) No 910/2014 of the European Parliament and of the Council of 23 July 2014 on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC BV - ICT requirements of the federal administration All ICT requirements (in German) - Alle IKT-Vorgaben
BV001 - TAV - SR 943.032.1 Certification services in the area of the electronic signature and other applications of digital certificates
Link
BV002 - A006 - Smartcard This document describes the specifications for the smart cards used by the federal administration and the software and hardware elements required for their use (in German).
Link
BV003 - E026 – Deployment guideline for workplace system These ICT regulations contain the basic provisions for users of the ‘workplace’ service and – where applicable – the ‘virtual desktop’ service provided by the ICT standard service Office Automation (SD BA) (in German).
Link
BV004 - I006 – Admin Directory This standard defines the organisation and structure of the electronic directory Admin Directory for the general federal administration in accordance with the ITU's X.500 recommendations (in German).
Link
BV005 - White paper on the complexity requirements for smart card PIN codes ED - Standards, specifications & technical documentation (ETSI documents) ETSI - Welcome to the World of Standards!
ED001 - Electronic Signatures and Trust Infrastructures (ESI); General Policy Requirements for Trust Service Providers ED002 - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for Trust Service Providers issuing certificates; Part 1: General requirements ED003 - Electronic Signatures and Infrastructures (ESI); Policy and Security Requirements for Trust Service Providers issuing certificates; Part 2: Requirements for trust service providers issuing EU qualified certificates ED004 - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 1: Overview and common data structures ED005 - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 2: Certificate profile for certificates issued to natural persons ED006 - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 3: Certificate profile for certificates issued to legal persons ED007 - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 4: Certificate profile for web site certificates ED008 - Electronic Signatures and Infrastructures (ESI); Certificate Profiles; Part 5: QCStatements ED009 - Electronic Signatures and Infrastructures (ESI); Policy and Security Requirements for Trust Service Providers issuing Time-Stamps ED010 - Electronic Signatures and Infrastructures (ESI); Time-stamping protocol and time-stamp token profiles ED012 - Data Preservation Systems Security; Part 1: Requirements for Implementation and Management ED015 - Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service providers; Part 1: TSP service components operating a remote QSCD / SCDev ED016 - Policy and security requirements for trust service components providing identity proofing of trust service subjects ED017 - Policy and security requirements for trust service providers providing long-term preservation of digital signatures or general data using digital signature techniques FD - FIPS documents NIST Computer Security Resource Center | CSRC
FD002 - Security Requirements for Cryptographic Modules (FIPS 140-3) CD - CEN documents CEN - CENELEC - Search standards
CD001 - Protection profiles for secure signature creation device - Part 1: Overview CD002 - Protection profiles for secure signature creation device - Part 2: Device with key generation CD003 - Protection profiles for secure signature creation device - Part 3: Device with key import CD004 - Protection profiles for secure signature creation device - Part 4: Extension for device with key generation and trusted channel to certificate generation application CD005 - Protection profiles for secure signature creation device - Part 5: Extension for device with key generation and trusted channel to signature creation application CD006 - Protection profiles for secure signature creation device - Part 6: Extension for device with key import and trusted channel to signature creation application CD007 - Protection Profiles for TSP Cryptographic Modules - Part 5: Cryptographic Module for Trust Services CD008 - Trustworthy Systems Supporting Server Signing - Part 1: General System Security Requirements CD009 - Trustworthy Systems Supporting Server Signing - Part 2: Protection profile for QSCD for Server Signing CD010 - Security requirements for trustworthy systems managing certificates and time stamps IN - ISO standards ISO - International Organization for Standardization
IN001 - Code for individual languages and language groups IN002 - Codes for the representation of names of countries and their subdivisions - Part 1: Country code IN003 - Codes for the representation of names of countries and their subdivisions - Part 2: Country subdivision code IN004 - Codes for the representation of currencies IN005 - Information technology - Open systems interconnection - Part 8: The Directory: Public-key and attribute certificate frameworks IN006 - Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 1: Introduction and general model IN007 - Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 2: Security functional components IN008 - Information security, cybersecurity and privacy protection - Evaluation criteria for IT security - Part 3: Security assurance components IN009 - Information security, cybersecurity and privacy protection - Security requirements for cryptographic modules IN010 - Business continuity management systems – the basics IN011 - Business continuity management systems – the basics IN012 - Information technology - Security techniques - Code of practice for information security management IN013 - Information technology - Security techniques - Information security management systems - Guidance IN014 - Information technology - Security techniques - Information security management - Monitoring, measurement, analysis and evaluation IN015 - Information technology - Security techniques - Information security risk management IN016 - Information security, cybersecurity and privacy protection - Information security controls based on ISO/IEC 27002 for telecommunications organizations IN017 - Information technology - Security techniques - Network security - Part 1: Overview and concepts IN018 - Information technology - Security techniques - Network security - Part 2: Guidelines for the design and implementation of network security IN019 - Information technology - Security techniques - Network security - Part 3: Reference networking scenarios - Threats, design techniques and control issues IN020 -Information technology - Information security incident management - Part 1: Principles and process IN021 - Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence IN022 - Information technology - Security techniques - Storage security IN023 - Information technology - Security techniques - Identity proofing IN024 - Information technology - Security techniques - Entity authentication assurance framework IN025 - Information technology - Security techniques - A framework for access management IN026 - Information technology - Security techniques - Best practices for the provision and use of time-stamping services RD - RFC documents RFC Editor
RD001 - Key words for use in RFCs to Indicate Requirement Levels (RFC 2119) RD007 - Enhanced Security Services for S/MIME (RFC 2634) RD009 - Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) (RFC 3161) RD012 - Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework (RFC 3647) RD013 - Internet X.509 Public Key Infrastructure: Qualified Certificates Profile (RFC 3739) RD016 - Lightweight Directory Access Protocol (LDAP): Uniform Resource Locator (RFC 4516) RD018 - The Lightweight Online Certificate Status Protocol (OCSP) Profile for High-Volume Environments (RFC 5019) RD019 - Enhanced Security Services (ESS) Update: Adding CertID Algorithm Agility (RFC 5035) RD020 - Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (RFC 5280) RD021 - Cryptographic Message Syntax (CMS) (RFC 5652) RD022 - ESSCertIDv2 Update for RFC 3161 (RFC 5816) RD024 - Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (RFC 6818) RD025 - X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP (RFC 6960) RD032 - Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words (RFC 8174) RD036 - Deprecating TLS 1.0 and TLS 1.1 (RFC 8996) RD037 - Lightweight Directory Access Protocol (LDAP): String Representation of Distinguished Names (RFC 4514) RD040 - The Transport Layer Security (TLS) Protocol Version 1.3 (RFC 8446) RD041 - Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP) (RFC 4210) RD042 - Cryptographic Message Syntax (CMS) Algorithms (RFC 3370) RD043 - HTTP Semantics (RFC 9110) RD044 - HTTP Caching (RFC 9111) RD045 - HTTP/1.1 (RFC 9112) RD046 - Internationalized Email Addresses in X.509 Certificates (RFC 9598) RD047 - Internationalization Updates to RFC 5280 (RFC 9549) RD048 - Online Certificate Status Protocol (OCSP) Nonce Extension (RFC 9654) ID - ITU documents ITU: Committed to connecting the world
ID001 - Information technology - Open Systems Interconnection - The Directory: Overview of concepts, models and services (ITU-T X.500) ID002 - Information technology - Open Systems Interconnection - The Directory: Models (ITU-T X.501) ID003 - Information technology - Open Systems Interconnection - The Directory: Public-key and attribute certificate frameworks (ITU-T X.509) ID004 - Information technology - Abstract Syntax Notation One (ASN.1): Specification of basic notation (ITU-T X.680) ID005 - Information technology - Abstract Syntax Notation One (ASN.1): Information object specification (ITU-T X.681) ID006 - Information technology - Abstract Syntax Notation One (ASN.1): Constraint specification (ITU-T X.682) ID007 - Information technology - Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 specifications (ITU-T X.683) ID008 - Information technology - ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER) (ITU-T X.690) ID009 - Information technology - ASN.1 encoding rules: Specification of Packed Encoding Rules (PER) (ITU-T X.691) ID010 - Baseline identity management terms and definitions (ITU-T X.1252) ID011 - Security guidelines for identity management systems (ITU-T X.1253) ID012 - International Reference Alphabet (IRA) (Formerly International Alphabet No. 5 or IA5) - Information technology - 7-bit coded character set for information interchange (ITU-T T.50) SL - Other SL001 - Baseline Requirements for the Issuance and Management of Publicly‐Trusted TLS Server Certificates (CA|B-TLS-BR) SL002 - Company Identification Number (CIN) - Unternehmens-Identifikationsnummer (UID) SD003 - Swiss Accreditation Service (SAS) Reference organisations for specifications Legal texts and ordinances for Switzerland (in German) Federal Office for Buildings and Logistics (FOBL)
CH-3003 Bern
Link
EU - Legislation and regulations Publications Office of the European Union
20, Rue de Reims
Link
ETSI-Documents ETSI, European Telecommunications Standards Institute
650, Route des Lucioles
Link
FIPS-Documents National Institute of Standards and Technology (NIST)
HEADQUARTERS
Link
CEN-Documents CEN, the European Committee for Standardization
Link
EN-Normen Swiss Association for Standardisation (SNV)
29, Bürglistr.
Link
ISO standards Central Secretariat of the International Organisation for Standardisation (ISO)
1, Rue de Varembé
Link
RFC-Documents Internet Engineering Task Force (IETF)
Link
Common PKI Specifications for Interoperable Applications T7 (Consortium of German trust centre operators and certification service providers)
T7 e.V. Registriert beim Sitz des Vereins
Link
Technical and administrative regulations Federal Office of Communiations OFCOM
Zukunftstrasse 44
Link
Guidelines for the Issuance and Management of Extended Validation Certificates CA Brower Forum (CAB)
Link
ITU-Dokumente - International Telecommunication Union (ITU) 
