Personal Classic Plus

Appendix revision date: March 1, 2018.

APPENDIX: DESCRIPTION OF THE K.SIGN PERSONAL CLASSIC PLUS CERTIFICATE SERVICE

DocuSign France offers a K.Sign Personal Classic Plus Certificate Service in response to specific operations that shall be strictly limited to signing documents in all formats and with all types of signature tools compatible with the DocuSign France time-stamping and OCSP services, and to the access control service (authentication).

1. Subscriber and Authorized Representative

What the Subscriber and Authorized Representative will have access to:

• Registration Portal for filling the Certificate Requests;
• DocuSign Signature Web Portal to sign submitted Certificate Requests when appropriate;
• Certificate to be loaded onto the Cryptographic device associated with the Certificate;
• Activation Code of the Certificate;
• Publication of the CRL (Certificate Revocation List);
• Tools for verifying the Certificate;
• Certificate Authority Certificates;
• Appropriate middleware for enabling the use of the Certificate on the Subscriber computer;
• List of supported computer platforms with the Certificate;
• Access to an Online Certificate Status Protocol (OCSP) for the Certificate validation service; and
• Recognition of the Certificate Authority in Adobe Reader software (version 9 and upwards) enabling automatic validation of signatures made with the Certificate.

2. Customer and DRA Central Operators

The K.Sign Personal Classic Plus Certificate Service allows a DRA Central Operator to manage Certificate Requests for issuing, renewing, and revoking Certificates. As part of the K.Sign Personal Classic Plus Certificate Service, DocuSign France shall provide the following:

• Authentication of Certificate Requests originating from a DRA and sent by a DRA Central Operator;
• Authentication of Revocation Requests originating from a DRA and sent by a DRA Central Operator;
• Validation of the Subscriber’s Legal Entity entered in the Certificate Request sent by a DRA Central Operator;
• Verification of completeness of registration applications sent by a DRA Operator;
• Issuance of K.Sign Personal Classic Plus Certificate for the benefit of the Subscriber designated in the Certificate Requests sent by a DRA Central Operator;
• Shipment of the Certificate to the Subscriber;
• Access to Customer Support using https://support.docusign.com/en/acct1login and account credential received at login creation by DocuSign France;
• Revocation of Certificates; and
• Access to an OCSP Certificate validation service.

Digitized management of Certificate Requests through a Registration Portal interface will be made available to the Authorized Users by DocuSign France. This Registration Portal may be used and accessed for the following purposes:

3. Compliance

Under the Service, DocuSign France delivers Certificates that comply with the requirements of the Regulation:

In this regard, the digitized workflow for Certificate Request management shall be defined by DocuSign France in accordance with audited issuing procedures described in the Certification Policy for Seal Server Certificates that can be found at the following URL: https://www.docusign.fr/societe/politiques-de-certifications.

4. Service Setup

During the Service setup, the following are delivered:

5. Training of DRA Central Operators

This training is performed in a form of remote presentation of the Registration Portal and DocuSign Signature Web Portal. This session includes:

Presentation material is delivered to the DRA Central Operator.

6. Authenticated access of DRA Central Operators

In order to access the Registration Portal, each DRA Central Operator will need to complete a Certificate Request for K.Sign Office Certificate.

To access the DocuSign Signature Web Portal, the DRA Central Operator is provisioned with a login and password.

In this regard, the Customer is solely responsible for any damaging consequences that may result from the use of the DocuSign Signature Web Portal by an unauthorized third party following a fault or an act of negligence by an individual acting under the security of his/her password received via SMS or email and of the login and/or password provided to him/her by the DRA Central Operator.

• To enable Authorized Users to fulfill and submit Certificate Requests;
• To enable Authorized Users to follow up on the status of their Certificate Request progress towards verification and signature by all Parties;
• To enable the DRA Central Operator to have dedicated authenticated access;
• To enable the DRA Central Operator to manage the Certificate Request for the purpose of:
  • Notifying the Parties for signature;
  • Following the status of the Certificate Request at DocuSign France until its issuance; and
  • Having a complete situation of all the Certificate Requests ongoing and completed or canceled.
• To enable the DRA to make available the list of the Certificates they manage as incorporated into the Agreement.
  • Certificate OID: 1.3.6.1.4.1.22234.2.9.3.12
  • French regulation compliancy: version 2.0 of "Référentiel Général de Sécurité", and its appendix A2 «Certification Policy Type "Certificats électroniques de personnes”, Version 3.0 from February 27, 2014, Level *
  • eIDAS regulation compliancy: ETSI 319 411 – 1 LCP
  • Training of DRA Central Operators;
  • Customization of the Registration Portal and enablement of the DRA workspace with the Certificate type;
  • Provisioning of the DRA Central Operator’s account in the DocuSign Signature Web Portal; and
  • The authentication certificate for a maximum of three (3) DRA Central Operators; additional authentication certificates can be procured.
  • Training of DRA Central Operators including technical training on the provided tools: Registration Portal and DocuSign Signature Web Portal for managing the Certificate Requests;
  • Security training with regards to the duties associated with the DRA role and described in the Agreement; and
  • A Training attendance sheet that is signed by each DRA Central Operator.