Search BSI Kitemark

Search BSI Kitemark products by sector, certificate, description or model number.

You must complete at least one of the mandatory fields Sector Generic Description

Certificate Number (123456)

Please enter at least 3 characters

Model Number

Please enter at least 3 characters

Standard

Please enter at least 3 characters

Company Name

Please enter at least 3 characters

Country Cancel

Client Directory certificate

Check company, site and product certificates - Validation and Verification

ETSI EN 319 411-1

Digidentity B.V.
Schenkkade 50
2595 AR 's-Gravenhage
The Netherlands

Certificate Number: ETS 043
Scope: On the request Digidentity B.V. (hereafter referred to as: Digidentity), the annual certification audit on all areas and processes was performed by BSI Group The Netherlands B.V. (John M. Keynesplein 9, 1066 EP Amsterdam, The Netherlands). The full audit covered all applicable requirements from the audit criteria listed below (see “Audit Information”) and are defined Digidentity’s Statement of Applicability, dated 19 November 2024, and the Overview of applicability and for the certificate types marked (*) in the Statement of Applicability dated 17 April 2025. The scope of the assessment comprised the following Trust Service Provider component services: -,,Registration Service -,,Certificate Generation Service -,,Dissemination Service -,,Revocation Management Service -,,Revocation Status Service -,,Subject Device Provision Service The TSP component services are performed, partly or completely by subcontractors under the final responsibility of Digidentity. These TSP component services are being provided for the following trust services: -,,Issuance of public key certificates (non-qualified trust service) in accordance with the policies: NCP, NCP+, OVCP The certificates are issued through the issuing Certification Authorities, as specified below: Root CA: Staat der Nederlanden Private Root CA - G1 (not in scope) Domain CA: Staat der Nederlanden Private Services CA - G1 (not in scope) -,,Issuing CA: Digidentity PKIoverheid Private Services CA – G1 Sha256 Fingerprint: BFE8F634772B0EC2CD2A41A17FC7612577D7E24F934073DEC89A991B6169687E +,,Private Server (OID 2.16.528.1.1003.1.2.8.6), in accordance with policy NCP Root CA: Staat der Nederlanden Root CA - G3 (not in scope) Domain CA: Staat der Nederlanden Organisatie Persoon CA - G3 (not in scope) -,,Issuing CA: Digidentity BV PKIoverheid Organisatie Persoon CA - G3 (OID 2.16.528.1.1003.1.3.5.8.2) Sha256 Fingerprint: 533FE97EB45FCED24049E41EFE9DB254A5DD9D90DFD53C9512C6207EDB21D82C +,,Authentication (OID 2.16.528.1.1003.1.2.5.1), in accordance with policy: NCP+ Domain CA: Staat der Nederlanden Burger CA - G3 (not in scope) -,,Issuing CA: Digidentity BV PKIoverheid Burger CA – 2021 (OID 2.16.528.1.1003.1.3.3.2.1) Sha256 Fingerprint: 9C64E24D2CAAA8DD45EF99BA62277CEEE6005C663624514B8C770E2D075BB611 +,,Authentication (OID 2.16.528.1.1003.1.2.5.1), in accordance with policy: NCP+ Domain CA: Staat der Nederlanden Organisatie Services CA - G3 (not in scope) -,,Issuing CA: Digidentity BV PKIoverheid Organisatie Services CA - 2021 (OID 2.16.528.1.1003.1.3.5.8.3) Sha256 Fingerprint: 827A6B205D2E73FF379286DD0B2DED5AEC7239EFE6BC8CACB03ABCCD84B95750 +,,Authentication (OID 2.16.528.1.1003.1.2.5.4) in accordance with policy: NCP+ Root CA: Staat der Nederlanden - G4 Root Priv G-Other - 2024 Intermediate CA: Staat der Nederlanden - G4 Intm Priv G-Other NP - 2024 (not in scope) -,,Issuing CA: Digidentity - G4 PKIo Priv G-Other NP - 2024 Sha256 Fingerprint: 35A5964756174E59AC79215F699F4178FDD015A21D29F430E16CEBC0B9EE8D2E +,,Authentication (NCP+) - OID 2.16.528.1.1003.1.2.44.16.11.8 +,,Personal Organisation authentication (NCP+) - OID 2.16.528.1.1003.1.2.44.16.13.8 (*) +,,Professional authentication (NCP+) - OID 2.16.528.1.1003.1.2.44.16.12.8 +,,Professional Organisation authentication (NCP+) - OID 2.16.528.1.1003.1.2.44.16.14.8 (*) Intermediate CA: Staat der Nederlanden - G4 Intm Priv G-Other LP - 2024 (not in scope) -,,Issuing CA: Digidentity - G4 PKIo Priv G-Other LP - 2024 Sha256 Fingerprint: 766C5B1A8865574C41887CBE356B82E2FE05039E2C7B851DB8AD2D311F0D2CCF +,,Authentication (NCP/NCP+) - OID 2.16.528.1.1003.1.2.44.16.25.8 Root CA: Digidentity SSCD Root CA Sha256 Fingerprint: C20451BD93D8FD6D0C43CD5CE832877FD5614055875126D170910E1209C9B77D -,,Issuing CA: Digidentity Personal Qualified CA Sha256 Fingerprint: 03E1AAEF72329B4DA1FCF0BA75FCB7B2F2F34B25AADE701AAAEACC0F65A3B4C4 +,,Personal Authentication (OID 1.3.6.1.4.1.34471.3.1.1), in accordance with policy NCP+ +,,Personal Organisation Authentication (NCP+) - OID 1.3.6.1.4.1.34471.3.1.4 (*) +,,Professional Organisation Authentication (NCP+) - OID 1.3.6.1.4.1.34471.3.1.4 (*) -,,Issuing CA: Digidentity Business Qualified CA Sha256 Fingerprint: 21E5D8CFBC2430AA45AD86D38394AE97B359C0E88835E4DE5E0AD1CE92A8201D +,,Authentication (OID 1.3.6.1.4.1.34471.3.2.1), in accordance with policy NCP+ -,,Issuing CA: Digidentity Personal Advanced CA Sha256 Fingerprint: E152892576F4B40B1496F60F6711AA14C2AD54BAFE355331EE6E47397301E962 +,,Authentication (OID 1.3.6.1.4.1.34471.3.3.1), in accordance with policy NCP+ +,,Non-Repudiation (OID 1.3.6.1.4.1.34471.3.3.3), in accordance with policy NCP+ The Certification Authority processes and services are documented in the following documents: -,,Certificate Practice Statement - PKIoverheid certificates, 2024v3, 21 November 2024, valid from: 28 November 2024 -,,Certificate Practice Statement - PKIoverheid certificates, 2025v1, 22 May 2025, valid from: 1 June 2025 -,,PKI Disclosure Statement –PKIoverheid certificates, 2024v3, 21 November 2024, valid from: 28 November 2024 -,,Certificate Policy & Certificate Practice Statement Digidentity Certificates, 2024v3, 21 November 2024, valid from: 28 November 2024 -,,Certificate Policy & Certificate Practice Statement Digidentity Certificates, 2025v1, 22 May 2025, valid from: 1 June 2025 -,,PKI Disclosure Statement - Digidentity Certificates, 2024v3, 21 November 2024, valid from: 28 November 2024 Our annual certification audit was performed in October and November 2024. The result of the full audit is that based on the objective evidence collected during the certification audit for the period from 1 November 2023 through 31 October 2024, the areas assessed for: -,,Issuance of public key certificates (non-qualified trust service), in accordance with the policies: NCP, NCP+. were generally found to be effective, based on the applicable requirements defined in Digidentity’s Statement of Applicability, dated 19 November 2024, and the Overview of applicability. We confirm that the following identification method(s) provide equivalent assurance in terms of reliability to physical presence, pursuant to Regulation (EU) 910/2014 (eIDAS) article 24, paragraph 1a, sub c, for the trust services (and Identity Proofing Context) covered by this Certificate of Conformity: +,,Digidentity Remote Identity Proofing Level of Assurance 3 – EU Advanced or eIDAS Substantial”, supporting the ETSI TS 119461 Use Cases for Unattended remote identity proofing (9.2.3): "Hybrid manual and automated operation" (9.2.3.3)" and Automated Operation (9.2.3.4), and (where applicable) “Identity proofing of Legal Person” (9.3); and “Identity proofing of Natural Person representing Legal Person” (9.4). Statement on the issuance of S/MIME certificates: Issuing CAs in scope of certification are technically capable of issuing S/MIME certificates. On the request of Digidentity, we performed audit procedures to confirm that ETSI TS 119 411-6 V1.1.1 (2023-08) is not applicable. This is because from the CAs in scope of certification: -,,We have not observed that S/MIME certificates have been issued in the audit period -,,Controls are in place to prevent the issuance of S/MIME certificates. Audit information: Audit criteria: -,,Regulation (EU) N 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC, Chapter III – Trust Services -,,ETSI EN 319 401 v3.1.1 (2024-06) General Policy Requirements for Trust Service Providers -,,ETSI EN 319 411-1 v1.4.1 (2023-10) Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements, for the policies: NCP, NCP+ Subordinate to ETSI EN 319411-1: -,,ETSI TR 119 461 v1.1.1 (2021-07): Electronic Signatures and Infrastructures (ESI); Policy and security requirements for trust service components providing identity proofing of trust service subjects -,,CA/Browser Forum – Network and Certificate System Security Requirements v2.0 (5 June 2024) -,,PKIoverheid Programme of Requirements, version 5.0, 1 June 2024, parts: G3 Legacy Organization Person certificates (previously 3a), G3 Legacy Organization Services certificates (previously 3b), G3 Legacy Citizen certificates (previously 3c), Private Server certificates (previously 3h) Audit Period of Time: 1 November 2023 through 31 October 2024 Audit Point in Time, for certificate types marked (*): 30 April 2025 Audit performed: October and November 2024 Information and Contact: BSI Group the Netherlands B.V., John M. Keynesplein 9, 1066 EP Amsterdam, NL

Original Registration Date	Effective Date	Last Revision Date	Expiry Date
2015-06-03	2024-01-27	2025-05-16	2026-01-26

Site Name	Site Address	Certificate/License number	Standard/Scheme number or name
Digidentity B.V.	Schenkkade 50 2595 AR 's-Gravenhage The Netherlands	ETS 043	ETSI EN 319 411-1