USER ACKNOWLEDGEMENT AGREEMENT For Public Key Encryption and Digital Signature Services U. S. Department of Energy (DOE) employees, contractors, and affiliates are responsible for acknowledging this user agreement when requesting, accepting, and/or using a DOE assigned digital certificate. Employees will be bound to the terms of this user agreement upon cessation of need or employment, whichever comes first. As an Entrust user, you must agree to the following prior to using the Entrust software: Use Restricted to Official DOE Business and Unclassified Data: The Entrust user license, software, and electronic identity that are issued to you are the property of the U. S. Department of Energy and should only be used exclusively for legal, authorized, and legitimate DOE business only. The Entrust license and software MUST NOT BE USED to protect CLASSIFIED data! Enforcement of either the Triple-DES Encryption or AES-256 Algorithms: Ensure that the encryption algorithms stay set to Triple DES, as specified in the NIST Federal Information Processing Standards (FIPS) 140-2 series, or Advanced Encryption Standard (AES-256), specified in FIPS-197, which DOE is obligated to follow. Settings can be verified by right-clicking the yellow key, selecting Entrust Options, then selecting the Security tab. Accuracy of Representation: Make true representation at all times regarding information in your certificate and other identification and authentication information. Not only should you provide accurate representation initially to receive Entrust, but you should also notify your local support center if your personal information changes (name change, organization change, email address change, etc.) throughout the duration of use so the certificate information is updated in the directory. Protection of Private Keys: Private keys and associated information must be protected. This refers to the profile files that are created during the “Create Profile” process. This includes: o Using a locking screen saver on machines that have the Entrust software installed; o Activating the locked screen saver anytime the machine is left unattended; and o Protecting your Entrust password at all times by not giving it to others and preferably by not writing it down. If you must write it down, then ensure that it is stored in a locked safe or vault with restricted access only. Additionally, inform your local Registration Authority or Trusted Agent at least one week in advance of a planned hardware swap-out. The encryption software and your personal profile credentials must be properly removed from the old system prior to releasing the system to untrusted hands. Notification of Forgotten Password or Profile Loss, Disclosure, or Compromise: Upon any actual or suspected loss, disclosure, or compromise of your private signing or decryption keys, activation codes, or Entrust password, you must immediately notify your local support center. Your support center will then notify your local Registration Authority or Trusted Agent. Non-Transference of License and Cessation of Operation: You may not transfer your Entrust user license to anyone else. If you no longer need the Entrust software, notify your local support center. The support center will then notify your local Registration Authority or Trusted Agent to revoke and archive your license. Export of Entrust Software Prohibited: Please consult with your local Headquarters Security Officer if you have a requirement involving any foreign nationals. Department of Energy Headquarters Certification Authority Information: Mary Ann Breland DOE PKI Program Manager For Questions or Problems regarding your Entrust account please contact your local computer support center, or 301-903-2500. AS AN ENTRUST USER, YOU AGREE TO USE DOE PKI SERVICES IN ACCORDANCE WITH THE TERMS FOUND IN THIS AGREEMENT. You demonstrate your knowledge and acceptance of the terms of this agreement by signing this user agreement form. This agreement is valid for the certificate and key lifetime or until cessation of need or employment, whichever comes first. _________________ User’s First Name ______ MI ______________________ Last Name ________________________________________ User’s Email Address ________________________________________ User Signature _____________ User’s Org Code _________________________ Date SECRET KEYWORD Please answer ALL of the questions listed below. The question will be asked of you if you need to call our office for any reason regarding your Entrust certificate. The most common reasons we are contacted are for forgotten passwords, departmental changes, or name/email changes. What was the make and model of your first car? _____________________________________________ What year you graduated from high school? _____________________________________________ What is/was the name of your pet? _____________________________________________ Do not write below this line IDENTITY PROOFING Date: ____________________ Type of identification presented: _______________________________________ Identification Number: _______________________________________ Person’s name as it appears on identification: _______________________________________ Registration Authority Name: _______________________________________ Registration Authority Signature: _______________________________________