Suggested region and language based on your location
Your current region and language
Business scope: Not applicable for this profile. Please find full digital pdf ETSI certificates published under section “Business Governance & Certifications".
Products, services or works: Not applicable for this profile. Please find full digital pdf ETSI certificates published under section “Business Governance & Certifications".
Address:
Fauststraat 1Verification date: 45601
| Certificate/Licence number | Standard/Scheme number or name | Start Date (YYYY-MM-DD) | Expiry Date (YYYY-MM-DD) |
|---|---|---|---|
| ETS 035 | ETSI EN 319 411-1 | 2016-06-08 | 2025-12-13 |
On the request of KPN B.V. (hereafter referred to as: KPN), the annual certification audit on all areas and processes was performed by BSI Group The Netherlands B.V. (John M. Keynesplein 9, 1066 EP Amsterdam, The Netherlands).
The full audit covered all applicable requirements from the audit criteria listed below (see “Audit Information”) and are defined in KPN’s Statement of Applicability, dated 4 September 2024 and the Overview of Applicability, dated 3 September 2024.
The scope of the assessment comprised the following Trust Service Provider component services, provided to the Netherlands Ministry of Defence, with regard to the Defensiepas:
-,,Certificate Generation Service
-,,Dissemination Service (partly);
-,,Revocation Management Service (partly)
-,,Certificate Status Service
These TSP component services are being processed for:
-,,Issuance of public key certificates (non-qualified trust service), in accordance with the policy: NCP+;
Statement on the issuance of S/MIME certificates:
The issuing CA in scope of certification is technically capable of issuing S/MIME certificates. On the request of KPN, we performed audit procedures to confirm that ETSI TS 119 411-6 V1.1.1 (2023-08) is not applicable. This is because related to the CA in scope of certification:
- We observed on 4 September 2024 that the Extended Key Usage (EKU) for id-kp-emailProtection (OID: 1.3.6.1.5.5.7.3.4) has been removed from the issued certificates (the rfc822Name email address is still included),
- Controls are in place to prevent the issuance of S/MIME certificates.
Our annual certification audit was performed in September 2024. The result of the annual certification audit is that we conclude, based on the objective evidence collected during the certification audit for the period from 1 September 2023 through 31 August 2024, the areas assessed for:
-,,Issuance of public key certificates (non-qualified trust service), in accordance with the policy: NCP+;
were generally found to be effective, based on the applicable requirements defined in KPN’s Statement of Applicability, dated 4 September 2024 and the Overview of Applicability, dated 3 September 2024.
NEW-PAGEAudit information:
Audit criteria:
-,,ETSI EN 319 401 v2.3.1 (2021-05) General Policy Requirements for Trust Service Providers;
-,,ETSI EN 319 411-1 v1.4.1 (2023-10) Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements, for the policy: NCP+;
-,,CA/Browser Forum - Network and Certificate System Security Requirements v2.0 (June 5, 2024);
-,,PKIoverheid - Program of Requirements v5.0, G3 Legacy Organization Person certificates (previously 3a).
Audit Period of Time:
1 September 2023 and 31 August 2024
Audit performed:
September 2024
Information and Contact:
BSI Group the Netherlands B.V., John M. Keynesplein 9, 1066 EP Amsterdam, NL
| Certificate/Licence number | Standard/Scheme number or name | Start Date (YYYY-MM-DD) | Expiry Date (YYYY-MM-DD) |
|---|---|---|---|
| ETS 008 | ETSI EN 319 411-2 | 2008-04-09 | 2025-12-13 |
On the request of KPN B.V. (hereafter referred to as: KPN), the annual certification audit on all areas and processes was performed by BSI Group The Netherlands B.V. (John M. Keynesplein 9, 1066 EP Amsterdam, The Netherlands).
The full audit covered all applicable requirements from the audit criteria listed below (see “Audit Information”) and are defined in KPN’s Statement of Applicability, dated 4 September 2024 and the Overview of Applicability, dated 3 September 2024.
The scope of the assessment comprised the following Trust Service Provider component services, provided to the Netherlands Ministry of Defence, with regard to the Defensiepas:
-,,Certificate Generation Service
-,,Dissemination Service (partly);
-,,Revocation Management Service (partly)
-,,Certificate Status Service
These TSP component services are being provided for the following qualified trust services, as defined in EU Regulation 910/2014 (eIDAS):
-,,Issuance of qualified certificates for electronic signatures (qualified trust service), in accordance with the policy: QCP-n-qscd
Statement on the issuance of S/MIME certificates:
The issuing CA in scope of certification is technically capable of issuing S/MIME certificates. On the request of KPN, we performed audit procedures to confirm that ETSI TS 119 411-6 V1.1.1 (2023-08) is not applicable. This is because related to the CA in scope of certification:
- We observed on 4 September 2024 that the Extended Key Usage (EKU) for id-kp-emailProtection (OID: 1.3.6.1.5.5.7.3.4) has been removed from the issued certificates (the rfc822Name email address is still included),
- Controls are in place to prevent the issuance of S/MIME certificates.
Our annual certification audit was performed in September 2024. The result of the annual certification audit is that we conclude, based on the objective evidence collected during the certification audit for the period from 1 September 2023 through 31 August 2024, the areas assessed for:
-,,Issuance of qualified certificates for electronic signatures (qualified trust service), in accordance with the policy: QCP-n-qscd
were generally found to be effective, based on the applicable requirements defined in KPN’s Statement of Applicability, dated 4 September 2024 and the Overview of Applicability, dated 3 September 2024.
NEW-PAGEAudit information:
Audit criteria:
-,,ETSI EN 319 401 v2.3.1 (2021-05) General Policy Requirements for Trust Service Providers;
-,,ETSI EN 319 411-1 v1.4.1 (2023-10) Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates - Part 1: General requirements, for the policy: NCP+;
-,,ETSI EN 319 411-2 v2.5.1 (2023-10) Electronic Signatures and Infrastructures (ESI) - Policy and security requirements for Trust Service Providers issuing certificates;- Part 2: Requirements for trust service providers issuing EU qualified certificates, for the policy: QCP-n-qscd;
-,,Regulation (EU) N 910/2014 of the European Parliament and of the Council on electronic identification and trust services for electronic transactions in the internal market and repealing Directive 1999/93/EC, Chapter III – Trust Services (20 May 2024);
-,,CA/Browser Forum - Network and Certificate System Security Requirements v2.0 (June 5, 2024);
-,,PKIoverheid - Program of Requirements v5.0, G3 Legacy Organization Person certificates (previously 3a).
Audit Period of Time:
1 September 2023 and 31 August 2024
Audit performed:
September 2024
Information and Contact:
BSI Group the Netherlands B.V., John M. Keynesplein 9, 1066 EP Amsterdam, NL
Years of operation
Years range: Not applicable for this profile. Please find full digital pdf ETSI certificates published below.
Type of ownership
Not applicable for this profile. Please find full digital pdf ETSI certificates published below.
Annual turnover
Not applicable for this profile. Please find full digital pdf ETSI certificates published below.
Total employees:
Not applicable for this profile. Please find full digital pdf ETSI certificates published under section “Business Governance & Certifications".
| Facilities on site(eg: office space, warehouse) | Size of facilities (m2) |
|---|---|
| Office area |
-
|
| Production area |
-
|
| Warehouse area |
-
|
| Other area |
-
|
| Key export country / region | Percentage of sales |
|---|---|
| Not applicable for this profile. Please find full digital pdf ETSI certificates published under section “Business Governance & Certifications". | N/A |
| Key sourcing country / region | Percentage of purchases |
|---|---|
| Not applicable for this profile. Please find full digital pdf ETSI certificates published under section “Business Governance & Certifications". | N/A |
Output capacity (N/A)
| Site Name | Site Address | Certificate/License number | Standard/Scheme number or name |
|---|
