PKI USER ACKNOWLEDGEMENT AGREEMENT

advertisement
USER ACKNOWLEDGEMENT AGREEMENT
For Public Key Encryption and Digital Signature Services
U. S. Department of Energy (DOE) employees, contractors, and affiliates are responsible for acknowledging this user
agreement when requesting, accepting, and/or using a DOE assigned digital certificate. Employees will be bound to the
terms of this user agreement upon cessation of need or employment, whichever comes first.
As an Entrust user, you must agree to the following prior to using the Entrust software:

Use Restricted to Official DOE Business and Unclassified Data:
The Entrust user license, software, and electronic identity that are issued to you are the property of the U. S.
Department of Energy and should only be used exclusively for legal, authorized, and legitimate DOE business
only. The Entrust license and software MUST NOT BE USED to protect CLASSIFIED data!

Enforcement of either the Triple-DES Encryption or AES-256 Algorithms:
Ensure that the encryption algorithms stay set to Triple DES, as specified in the NIST Federal Information
Processing Standards (FIPS) 140-2 series, or Advanced Encryption Standard (AES-256), specified in FIPS-197,
which DOE is obligated to follow. Settings can be verified by right-clicking the yellow key, selecting Entrust
Options, then selecting the Security tab.

Accuracy of Representation:
Make true representation at all times regarding information in your certificate and other identification and
authentication information. Not only should you provide accurate representation initially to receive Entrust, but
you should also notify your local support center if your personal information changes (name change, organization
change, email address change, etc.) throughout the duration of use so the certificate information is updated in the
directory.

Protection of Private Keys:
Private keys and associated information must be protected. This refers to the profile files that are created during
the “Create Profile” process. This includes:
o Using a locking screen saver on machines that have the Entrust software installed;
o Activating the locked screen saver anytime the machine is left unattended; and
o Protecting your Entrust password at all times by not giving it to others and preferably by not writing it
down. If you must write it down, then ensure that it is stored in a locked safe or vault with restricted
access only.
Additionally, inform your local Registration Authority or Trusted Agent at least one week in advance of a planned
hardware swap-out. The encryption software and your personal profile credentials must be properly removed from
the old system prior to releasing the system to untrusted hands.

Notification of Forgotten Password or Profile Loss, Disclosure, or Compromise:
Upon any actual or suspected loss, disclosure, or compromise of your private signing or decryption keys,
activation codes, or Entrust password, you must immediately notify your local support center. Your support center
will then notify your local Registration Authority or Trusted Agent.

Non-Transference of License and Cessation of Operation:
You may not transfer your Entrust user license to anyone else. If you no longer need the Entrust software, notify
your local support center. The support center will then notify your local Registration Authority or Trusted Agent
to revoke and archive your license.

Export of Entrust Software Prohibited:
Please consult with your local Headquarters Security Officer if you have a requirement involving any foreign
nationals.
Department of Energy Headquarters Certification Authority Information:
Mary Ann Breland
DOE PKI Program Manager
For Questions or Problems regarding your Entrust account please contact your local computer
support center, or 301-903-2500.
AS AN ENTRUST USER, YOU AGREE TO USE DOE PKI SERVICES IN ACCORDANCE WITH THE TERMS
FOUND IN THIS AGREEMENT.
You demonstrate your knowledge and acceptance of the terms of this agreement by signing this user agreement form. This
agreement is valid for the certificate and key lifetime or until cessation of need or employment, whichever comes first.
_________________
User’s First Name
______
MI
______________________
Last Name
________________________________________
User’s Email Address
________________________________________
User Signature
_____________
User’s Org Code
_________________________
Date
SECRET KEYWORD
Please answer ALL of the questions listed below. The question will be asked of you if you need to call our office for any
reason regarding your Entrust certificate. The most common reasons we are contacted are for forgotten passwords,
departmental changes, or name/email changes.
What was the make and model of your first car?
_____________________________________________
What year you graduated from high school?
_____________________________________________
What is/was the name of your pet?
_____________________________________________
Do not write below this line
IDENTITY PROOFING
Date: ____________________
Type of identification presented:
_______________________________________
Identification Number:
_______________________________________
Person’s name as it appears on identification: _______________________________________
Registration Authority Name:
_______________________________________
Registration Authority Signature:
_______________________________________
Download