C2PA Intermediate Certificate Authority

Trusteddit PKI

Certificate Policy & Practice Documentation

Trusteddit operates as a C2PA-focused intermediate certificate authority, providing content signing certificates for digital media authentication. This section hosts our Certificate Policy, Certificate Practice Statement, and related compliance documents per RFC 3647.

Policy Documents

Certificate Policy (CP)

Defines the rules and requirements governing the issuance, management, and revocation of certificates within the Trusteddit PKI. Structured per RFC 3647.

Certificate Practice Statement (CPS)

Describes the practices and procedures Trusteddit employs to implement the Certificate Policy, including technical controls and operational processes.

Subscriber Agreement

Terms and conditions for entities receiving C2PA content signing certificates from Trusteddit, including obligations for key protection and accurate information.

Relying Party Agreement

Terms for entities and applications that rely on Trusteddit-issued certificates for C2PA content credential verification.

Trust Anchors

Root certificate authorities that Trusteddit chains to

C2PA Trust List Root CAs

Trusteddit aims to chain to root CAs recognized by the C2PA Trust List, enabling broad verification support across compliant applications.

PKI Infrastructure

Core services operated by Trusteddit

Intermediate CA

C2PA content signing certificates issued from our intermediate CA, chaining to recognized root authorities.

OCSP Responder

Online Certificate Status Protocol responder for real-time certificate revocation checking.

TSA Service

RFC 3161 Time-Stamp Authority providing trusted timestamps for content signing operations.

CP/CPS Inquiries

For questions about our Certificate Policy, Certificate Practice Statement, or PKI operations, contact our PKI team.

[email protected]

Trusteddit, a service of SanMarcSoft LLC