Certificate Policy/Programme of Requirements PKIoverheid
The Programme of Requirements (PoR) within the Public Key Infrastructure (PKI) for the Dutch government (PKIoverheid) contains the requirements stipulated by the PKIoverheid Policy Authority (PA) for all Trust Service Providers (TSPs) within PKIoverheid, and thus can be regarded as a Certificate Policy (CP) for those TSPs.
Current version
The current version of the PKIoverheid Programme of Requirements can be found below.
- Programme of Requirements v5.0 (Effective date: 2024-06-01)
Historical versions
Historical versions of the PoR can be found below. These documents are provided to be compliant with Section 3.3 of the Mozilla Root Store Policy (MRSP)) which states:
7. CA operators SHALL maintain links to all historic versions of each CP and CPS (or CP/CPS) from the creation of included CA certificates, regardless of changes in ownership or control of such CA certificates, until the entire CA certificate hierarchies (i.e. end entity certificates, intermediate CA certificates, and cross-certificates) operated in accordance with such documents are no longer trusted by the Mozilla root store. For CA certificates that were included in Mozilla's root store before December 31, 2022, the CA Operator shall maintain links in their online repositories to all reasonably available historic versions of CPs and CPSes (or CP/CPSes) from creation of the included CA certificates.
All documents prior to v4.12 are semi-automated exports of documents signed off by Logius legal representatives. Version v4.12 of the PoR is the first version to unify the many different parts into one single document. Additionally versions prior to v4.12 were not designed to take the Web Content Accessibility Guidelines (WCAG) into account, however several WCAG optimizations were scripted into the export proces to improve accessibility through metadata. However, full compliance with the WCAG means having to change the textual contents as well, which goes against the purpose of making these documents available with authentic contents for audit purposes. Because these documents are of no administrative purpose anymore, as well as changing them going against the purpose of making them available in the first place, versions 4.7 through 4.11 will remain non-compliant with the WCAG. Documents prior to version 4.7 (i.e. originally published prior to September 23rd 2018) are not required to be Web Content Accessibility Guidelines (WCAG) compliant. These are kept in their original PDF format.
However, people running into problems with accessibility regarding any of these documents can contact the PKIoverheid team using the contact link below. When contacted, the team will provide the desired information in a suitable format. Any accessibility enhancements made this way will be retrofitted on this website for future visitors, as long as they do not involve actual text updates.
- Programme of Requirements v4.12 (Effective date: 2024-01-15)
- Programme of Requirements
v4.11 (Effective date: 2023-02-28)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organisation Person Domain
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3g: Certificate Policy for Authenticity and Confidentiality
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 3j: Certificate Policy for Server certificates in Server 2020 (EV G1) Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.10 (Effective date: 2022-03-01)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organisation Person Domain
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3g: Certificate Policy for Authenticity and Confidentiality
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 3j: Certificate Policy for Server certificates in Server 2020 (EV G1) Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.9 (Effective date: 2021-03-01)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organisation Person Domain
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3g: Certificate Policy for Authenticity and Confidentiality
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 3j: Certificate Policy for Server certificates in Server 2020 (EV G1) Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.8 (Effective date: 2020-02-03)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organisation Person Domain
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3g: Certificate Policy for Authenticity and Confidentiality
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 3j: Certificate Policy for Server certificates in Server 2020 (EV G1) Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.7 (Effective date: 2019-02-08)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organisation Person Domain
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3g: Certificate Policy for Authenticity and Confidentiality
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.6 (Effective date: 2018-02-01)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organization (G2) and Organization Person (G3) Domains
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services (G3) Appendix to CP Organization (G2)
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices domain
- Programme of Requirements part 3e: Certificate Policy Server certificates - Organization Services Domain (G3), Appendix to CP Organization (G2) Domain
- Programme of Requirements part 3f: Certificate Policy - Extended Validation
- Programme of Requirements part 3g: Certificate Policy Authenticity and Confidentiality certificates- Private Services domain
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.5 (Effective date: 2017-07-07, only
available in Dutch)
- Programma van Eisen deel 1: Introductie
- Programma van Eisen deel 2: Toetreding tot en toezicht binnen de PKI voor de overheid
- Programma van Eisen deel 3: Basiseisen
- Programma van Eisen deel 3: Aanvullende eisen
- Programma van Eisen deel 3a: Certificate Policy - Organisatie (g2) en Organisatie Persoon (g3)
- Programma van Eisen deel 3b: Certificate Policy - Authenticiteit- en vertrouwelijkheidcertificaten - Organisatie Services (g3)
- Programma van Eisen deel 3c: Certificate Policy - Domein Burger
- Programma van Eisen deel 3d: Certificate Policy - Domein Autonome Apparaten
- Programma van Eisen deel 3e: Certificate Policy - Server certificaten - Domein Organisatie Services (g3)
- Programma van Eisen deel 3f: Certificate Policy - Extended Validation
- Programma van Eisen deel 3g: Certificate Policy - Authenticiteit en Vertrouwelijkheidcertificaten - Domein Private Services
- Programma van Eisen deel 3h: Certificate Policy - Server Certificaten - Domein Private Services
- Programma van Eisen deel 3i: Certificate Policy - Domein private personen
- Programma van Eisen deel 4: Definities en Afkortingen
- Programme of Requirements
v4.4 (Effective date: 2017-02-01)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organization (G2) and Organization Person (G3) Domains
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services (G3) Appendix to CP Organization (G2)
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices domain
- Programme of Requirements part 3e: Certificate Policy Server certificates - Organization Services Domain (G3), Appendix to CP Organization (G2) Domain
- Programme of Requirements part 3f: Certificate Policy - Extended Validation
- Programme of Requirements part 3g: Certificate Policy Authenticity and Confidentiality certificates- Private Services domain
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.3 (Effective date: 2016-07-01)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programmo of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organization (G2) and Organization Person (G3) Domains
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services (G3) Appendix to CP Organization (G2)
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices domain
- Programme of Requirements part 3e: Certificate Policy Server certificates - Organization Services Domain (G3), Appendix to CP Organization (G2) Domain
- Programme of Requirements part 3f: Certificate Policy - Extended Validation
- Programme of Requirements part 3g: Certificate Policy Authenticity and Confidentiality certificates- Private Services domain
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.2 (Effective date: 2016-01-18, only
available in Dutch)
- Programma van Eisen deel 1: Introductie
- Programma van Eisen deel 2: Toetreding tot en toezicht binnen de PKI voor de overheid
- Programma van Eisen deel 3: Basiseisen
- Programma van Eisen deel 3: Aanvullende eisen
- Programma van Eisen deel 3a: Certificate Policy - Domeinen Overheid/Bedrijven (g1), Organisatie (g2) en Organisatie Persoon (g3)
- Programma van Eisen deel 3b: Certificate Policy - Authenticiteit- en vertrouwelijkheidcertificaten - Organisatie Services (g3)
- Programma van Eisen deel 3c: Certificate Policy - Domein Burger
- Programma van Eisen deel 3d: Certificate Policy - Domein Autonome Apparaten
- Programma van Eisen deel 3e: Certificate Policy - Server certificaten - Domein Organisatie Services (g3)
- Programma van Eisen deel 3g: Certificate Policy - Authenticiteit en Vertrouwelijkheidcertificaten - Domein Private Services
- Programma van Eisen deel 3h: Certificate Policy - Server Certificaten - Domein Private Services
- Programma van Eisen deel 3e: Certificate Policy - Extended Validation
- Programma van Eisen deel 3i: Certificate Policy - Domein private personen
- Programma van Eisen deel 4: Definities en Afkortingen
- Programme of Requirements
v4.1 (Effective date: 2015-07-27)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programmo of Requirements part 3: Basic Requirements
- Programme of Requirements part 3: Additional Requirements
- Programme of Requirements part 3a: Organization (G2) and Organization Person (G3) Domains
- Programme of Requirements part 3b: Certificate Policy authenticity, confidentiality and non-reputiation certificates - Organisation Services (G3) Appendix to CP Organization (G2)
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices domain
- Programme of Requirements part 3e: Certificate Policy Server certificates - Organization Services Domain (G3), Appendix to CP Organization (G2) Domain
- Programme of Requirements part 3f: Certificate Policy - Extended Validation
- Programme of Requirements part 3g: Certificate Policy Authenticity and Confidentiality certificates- Private Services domain
- Programme of Requirements part 3h: Certificate Policy Server certificates - Private Services Domain
- Programme of Requirements part 3i: Certificate Policy - Private Persons Domain
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v4.0 (Effective date: 2015-01-05,
available only in Dutch)
- Programma van Eisen deel 1: Introductie
- Programma van Eisen deel 2: Toetreding tot en toezicht binnen de PKI voor de overheid
- Programma van Eisen deel 3: Basiseisen
- Programma van Eisen deel 3: Aanvullende eisen
- Programma van Eisen deel 3a: Certificate Policy - Domeinen Overheid/Bedrijven (g1), Organisatie (g2) en Organisatie Persoon (g3)
- Programma van Eisen deel 3b: Certificate Policy - Authenticiteit- en vertrouwelijkheidcertificaten - Organisatie Services (g3)
- Programma van Eisen deel 3c: Certificate Policy - Domein Burger
- Programma van Eisen deel 3d: Certificate Policy - Domein Autonome Apparaten
- Programma van Eisen deel 3e: Certificate Policy - Server certificaten - Domein Organisatie Services (g3)
- Programma van Eisen deel 3f: Certificate Policy - Extended Validation
- Programma van Eisen deel 3g: Certificate Policy - Authenticiteit en Vertrouwelijkheidcertificaten - Domein Private Services
- Programma van Eisen deel 3h: Certificate Policy - Server Certificaten - Domein Private Services
- Programma van Eisen deel 3i: Certificate Policy - Domein private personen
- Programma van Eisen deel 4: Definities en Afkortingen
- Programme of Requirements
v3.7 (Effective date: 2014-06-23,
available only in Dutch)
- Programma van Eisen deel 1: Introductie
- Programma van Eisen deel 2: Toetreding tot en toezicht binnen de PKI voor de overheid
- Programma van Eisen deel 3a: Certificate Policy - Domeinen Overheid/ Bedrijven en Organisatie
- Programma van Eisen deel 3b: Certificate Policy - Services
- Programma van Eisen deel 3c: Certificate Policy - Domein Burger
- Programma van Eisen deel 3d: Certificate Policy - Domein Autonome Apparaten
- Programma van Eisen deel 3e: Certificate Policy - Extended Validation
- Programma van Eisen deel 4: Definities en Afkortingen
- Programme of Requirements
v3.6 (Effective date: 2014-01-28)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3a: Certificate Policy - Government/Companies (G1), Organization (G2) and Organization Person (G3) Domains
- Programme of Requirements part 3b: Certificate Policy - Organization Services (G3) Appendix to CP Government/Companies (G1) and Organization (G2) domains
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3e: Certificate Policy - Extended Validation
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v3.5 (Effective date: 2013-07-08)
- Programme of Requirements part 1: Introduction
- Programme of Requirements part 2: Admittance to and Supervision within the PKI for the government
- Programme of Requirements part 3a: Certificate Policy - Government/Companies and Organization Domains
- Programme of Requirements part 3b: Certificate Policy - Services Appendix to CP Government/Companies and organization domains
- Programme of Requirements part 3c: Certificate Policy - Citizen Domain
- Programme of Requirements part 3d: Certificate Policy - Autonomous Devices Domain
- Programme of Requirements part 3e: Certificate Policy - Extended Validation
- Programme of Requirements part 4: Definitions and Abbreviations
- Programme of Requirements
v3.4 (Effective date: 2013-02-04,
available only in Dutch)
- Programma van Eisen deel 1: Introductie
- Programma van Eisen deel 2: Toetreding tot en toezicht binnen de PKI voor de overheid
- Programma van Eisen deel 3a: Certificate Policy - Domeinen Overheid/ Bedrijven en Organisatie
- Programma van Eisen deel 3b: Certificate Policy - Services
- Programma van Eisen deel 3c: Certificate Policy - Domein Burger
- Programma van Eisen deel 3d: Certificate Policy - Domein Autonome Apparaten
- Programma van Eisen deel 3e: Certificate Policy - Extended Validation
- Programma van Eisen deel 4: Definities en Afkortingen
Programme of Requirements TRIAL
Certificates issued under a TRIAL root are subject to the Programme of Requirements TRIAL PKIoverheid, which serves as its Certificate Policy (CP).
Current version
- Programme of Requirements TRIAL v5.1.1 (Effective date: 2021-09-01)
Historical versions
If you require any historical version of the Programme of Requirements TRIAL, please contact us.