Customer responsibilities

In Entrust PKIaaS, customers have the following responsibilities.

• Registration Authority
• Subscribers
• Relying parties

Registration Authority

In Entrust PKIaaS, you and your company are the Registration Authority (RA). The RA is the person or entity that decides whether to issue a certificate in response to a Subscriber request. Specifically, RAs:

1. Verify the identity of the applicants. They are responsible for the applicant registration, identification, and authentication processes.
2. Submit certificate issuance requests on their behalf.

ℹ To perform RA tasks, you will typically use software applications, like the Entrust Certificate Enrollment Gateway, that interface with the Entrust PKIaaS API.

Subscribers

Subscribers are the end-users and entities that request and use certificates. Typical examples of Subscribers are

• Employees or contractors and their devices,
• Enterprise servers and infrastructure,
• IoT devices.

⚠ As the RA, you are responsible for determining who may be a subscriber and which people, entities, and devices may receive certificates.

Relying parties

A relying party is an entity that uses a certificate, for example, to verify an identity. Entrust PKIaaS is tuned to support enterprise-level, privately trusted certificates. You are responsible for ensuring that relying parties perform the necessary certificate validity and status checks.

ℹ Entrust PKIaaS supports both CRL and OCSP checks.