Certificate profile, including:

    * Version number(s) supported
    * Certificate extensions populated and their criticality
    * Cryptographic algorithm object identifiers
    * Name forms (meaning, naming hierarchy used to ensure that the certificate subject can be uniquely identified - if required) used for the CA, RA, and subscribers names
    * Name constraints used and the name forms used in the name constraints
    * Applicable Certificate Policy Object Identifier(s)
    * Usage of the policy constraints extension
    * Policy qualifiers syntax and semantics and
    * Processing semantics for the critical Certificate Policy extension

CRL profile, including:

    * Version numbers supported for CRLs
    * CRL and CRL entry extensions populated and their criticality

CA Environmental Controls CPS and CP administration:

    * CPS and CP change control procedures
    * Publication and notification policies
    * CPS and CP approval procedures

Confidentiality, including:

    * Applicable statutory or regulatory requirements to keep information confidentia
    * Kinds of information to be kept confidential
    * Kinds of information not considered confidential
    * Disclosure of information concerning certificate revocation and suspension
    * Release to law enforcement officials
    * Release as part of civil discovery
    * Disclosure upon owner's request
    * Other information release circumstances Intellectual property rights

    * Adequacy of Security policies and implementation
    * Existence of adequate physical security
    * Evaluation of Functionalities in Technology as it supports CA operations
    * CA's services adminstration processes and procedures
    * Adequacy of contracts/agreements for all outsourced CA operations
    * Adherence to Information Technolgy ACT, 2000, the rules and regulations thereunder, and guidelines issued by the Controller from time-to-time