ipsCA  will verify that the Subscriber has control over such Domain Name at the time it submitted its application. To do this, ipsCA will send an e-mail message to one of the following e-mail addresses requesting confirmation of the Certificate order and authorization to issue the Certificate in the Domain Name:

(1) an e-mail address listed as the administrative or technical contact for the Domain Name in an official InterNIC domain name registry that includes the Domain Name,

(2) a limited list of the most commonly used generic e-mail addresses for authorized persons at Domain Names (e.g., "admin@domain.com," or "hostmaster@domain.com" for the Domain Name domain.com), or

(3) after approval a manual process conducted by ipsCA, to another e-mail address containing the Domain Name that is listed as the Common Name in the Certificate order.
 

Proof of Right validation

ipsCA will perform verification of certificate information as follows:
-  Limited check of the applicant's domain name against a public domain name registry;
- Confirmation of applicant's Company name, name, address and phone number against information contained in an independent third party business database.
- Faxed documentation will be required when applicants company name cannot be validated using available information.

All certificate requests (CSR) must contain an Organization Name (O) that is exactly the same that appears at public domain name registries as the owner of the domain.

Upon receipt of a confirming e-mail message authorizing issuance of the Certificate, and having established the Proof of Right, ipsCA will issue the Certificate.

Domain names do not have to be meaningful or unique, but must match a second level domain name as posted by the InterNIC. ipsCA is not involved in the recognition, authentication, or role of trademarks involved in domain names. Name disputes (including trademark disputes) are not resolved by ipsCA, but are to be resolved between the Subscriber and other disputing parties by the InterNIC at time of application according to applicable InterNIC rules and/or by courts of competent jurisdiction.

ipsCA will insert an Organization Unit field "Organization Not Validated" or similar language for all ipsCA A1 SSL Server Certificates.

Subscribers submit their public key to ipsCA  for certification electronically through the use of a PKCS#10 Certificate Signing Request (CSR) or other package digitally signed by the Subscriber’s private key.

As a minimum, the Subscriber must provide the following data in or with the CSR: Common Name

ipsCA will process the SSL Server Certificate Applications in the manner described above.

However, ipsCA  reserves the right to use subcontractors or other third parties to assist in the performance of its operational requirements or any other obligation under this CPS.

At certain times during the application process in which ipsCA is not able to verify information in a Certificate application, a customer service representative may be assigned to the Applicant to facilitate the completion of the application process. Otherwise, the Applicant may be required to correct its associated information with third parties and re-submit its application for a Certificate.

If ipsCA finds that the Applicant's Certificate application was sufficiently verified, then the Applicant's Certificate will be signed by ipsCA. Upon signing the Applicant's Certificate, ipsCA  will attach such Certificate to an e-mail and send such e-mail to the appropriate contact.

The e-mail will typically be sent to the administrative contact and technical contact designated by the Subscriber, and will include the date the Certificate was issued, the date the Certificate will expire, and the type of Certificate that was issued. Notification will not be sent to others than the subject of the Certificate and the subject’s designated contacts. ipsCA, in its sole discretion, may provide such technical or customer support to the Applicants/Subscribers.

The Applicant expressly indicates acceptance of a Certificate by using such Certificate.