The Certification Authority is integral to the proper operation of a public key infrastructure. The duties of the certification authority include authenticating the identity of the subscriber, issuing the digital certificates that verify the authenticity of the subscriber to interested persons, and causing these certificates to be placed in an online repository so that they can be accessed when needed.
Certification authorities also manage the certificates they issue, including the revocation and suspension of certificates, as well as the renewal of already issued certificates. The certification authority manages the certificates they issue in accordance with their "Certification Practice Statement." This certification practice statement, or "CPS," is publicly available, and tells the potential subscriber or relying party the actions taken by the certification authority in relation to a specific certificate.
In order to become licensed an applicant must, among other issues, establish that they are using certified Operative Personnel in their critical operations, show that their computer systems are trustworthy and secure, and establish a surety bond to cover potential claims made against the certification authority.
The Office of Secretary of State requires that a license applicant submit the following items:
When completed, these materials should be sent to:
Electronic Authentication Program Manager
Corporations Division, Office of the Secretary of State
801 Capitol Way S.
P.O. Box 40234
Olympia, Washington 98504-0234
Once the materials have been reviewed, the applicant will be notified by mail whether or not their license has been approved.