Enterprise PKI
from the Metropolitan Police Service
Grant of Approval
tScheme Limited grants approval to the electronic trust service identified as:
Enterprise PKI
as supplied by:
The Metropolitan Police Service
of New Scotland Yard, Broadway, London, SW1 OBG.
The management system used to deliver this service is certified by:
Lloyd’s Register Quality Assurance Ltd. (LRQA)
of Trinity Park, 1 Bickenhill Lane, Birmingham B37 7ES
to satisfy the criteria defined in the following tScheme Approval Profiles:
Title | Identity | Issue |
Base Approval Profile | tSd0111 | 3.00 |
Approval Profile for a Certification Authority* | tSd0102 | 3.01 |
Approval Profile for Signing Key Pair Management* | tSd0103 | 3.02 |
Approval Profile for Certificate Generation* | tSd0104 | 3.01 |
Approval Profile for Certificate Dissemination | tSd0105 | 3.01 |
Approval Profile for Certificate Status Management | tSd0106 | 3.01 |
Approval Profile for Certificate Status Validation | tSd0107 | 3.01 |
Approval Profile for Registration Services | tSd0042 | 3.02 |
*not including Qualified Certificates
This approval initially commenced on:
14th December, 2012
and annual renewal against the current issue of these Approval Profiles was confirmed in:
May 2019
Documents supporting this grant are available by clicking on the links in the table above.
This Grant of approval is issued by:
tScheme Limited
Mulberry Grove
PO Box 3653
WOKINGHAM
RG40 9NN
United Kingdom
Company Number 4000985
Approved Service Description
The subject service of this Grant of Approval is the Enterprise PKI Service from the Metropolitan Police Service.
The Metropolitan Police Service (MPS) has developed an Enterprise Public Key Infrastructure (PKI) to underpin IT security services and to enable electronic business within the organisation and with external parties, for example the NPIA for access to national police applications such as PND. The Certificate Policy (CP) for the MPS PKI Root Certificate Authority (CA) provides a full description of the Root Certificate Authority role, and in particular describes the legal, business and technical requirements for the Root CA. The policy should be read in conjunction with the associated Certificate Practice Statement (CPS), which describes ‘how’ these requirements are met in issuing certificates to CAs that are chained to the Root CA. The Root CA currently has two sub-ordinate CAs known as Sub-CA1 and sub-CA2, which are responsible for issuing, suspending and revoking certificates.
The scope of the certificates issued by each Sub-CA is shown below:
- Authentication of end-entities and confidentiality (Sub-CA1)
- Digital signature (Sub-CA2)