StartCom Intermediate Certificate Authority Program - Introduction
Medium to large-sized organizations many times have the need to protect their network traffic between its employees, customers and client-server applications. Providing network security and encryption between all the functions involved - client authentication, electronic mail, web servers or other applications - can be a time-consuming and expensive effort.
The StartCom Intermediate CA Program (SICAP) will provide you with a ready-to-go and pre-configured solution, cutting your costs and deployment time. With your own Intermediate CA and web-based administration panel, you'll be in full control of managing, issuing and revoking certificates organization-wide and beyond. With the StartCom CA as its Root CA, your issued certificates will be recognized within a short time by most mainstream client software, accelerating the deployment of your Intermediate CA and building trust with relying parties. And with the security related physical, technical and logistical burden removed from their shoulders, your staff can concentrate on other important tasks.
Who can run an Intermediate Certificate Authority?
The intended audience for our SICAP Program are middle to large organizations and companies, that need to run their own CA within their infrastructure. This can be a University, Governmental Agency or Municipality, Internet Service Provider or Hosting Provider, Software and Online Vendor, among others.
Such entities must be Institutions, Non-profit Organizations or Companies (Inc., Ltd.) officially registered in their country of operation, with a proven record of activity for at least one year.
What are the limitations?
Certificates issued by an Intermediate CA should be used first and foremost for the securing of traffic within the organizational infrastructure and networks. These certificates may not be sold to the subscriber! However an organization may issue certificates to customers in conjunction with a product the organization is selling or as means of client authentication and encryption (Personal Certificates).
Each ICA may have its own limitations, according to the needs of their respective organizations. Therefore some ICA's may issue only certificates bound to certain domains or IP blocks, whereas others may issue certificates to a wide range of domains.
All certificates issued by an ICA of our program are Class 1 certificates, but checks and verification procedures may be better than that and similar to Class 2 certificates.
What do you get?
- An Intermediate Authority Certificate representing your organization (Hosted at StartCom's premises).
- A Web based Administration Panel for managing Intermediate CA and subscriber certificates.
- Web Interfaces for easy integration of subscriber requests into the organization's website, i.e. a simple way of requesting a certificate from the ICA.
- Certificate Revocation List (CRL) and Online Certificate Status Protocol (OCSP) service.
- Class 3 certificates for the organizations main public web server(s), issued by the StartCom Primary Class 3 CA.
- 24/7 unlimited mail and phone based support service by StartCom's personnel.
How much does it cost?
StartCom offers this service for very attractive fees, with an average price of approximately two US dollars per certificate, depending on the number of certificates issued. This represents a fraction of the price charged by similar solution providers or of the investment needed for self-made implementations. This solution is intended for at least 1000 certificates and up.
Organizations and Software Vendors representing an Open Source Project may apply for a discount. For more information and an offer for your organization please contact the CertMaster
For more detailed information please read the StartCom Intermediate Certification Authority Policy Appendix