Evaluated Product - Details

Return to the EPL index

UniCERT Version 3.1.2A

Product type: PKI Products
Product Status: Archived
Assurance Level: E3

Version: 3.1.2.A

Product Details

Product Description

Certification Country: AUSTRALIA/NEW ZEALAND (2000)
Certificate Details: 2000/16, November 2000
Certification Method: ITSEC
Crypt Evaluation: Completed
Evaluation Facility: Admiral
Manufacturer/Vendor/Distributor: Baltimore Technologies

Baltimore Technologies

39/41 Parkgate Street
Dublin 8 Ireland
Website: http://www.baltimore.com/


Dr. Trevor Thomas
Vice President, Identity Management Enabling Technologies
4 New Square Park Bedfont Lakes
Feltham Middlesex TW14 8HA GB
Phone: +44 208 831 2600
Fax: +44 208 831 2900
Email: trevor.thomas@cybertrust.com
Website: http://www.cybertrust.com/

Kate Morton

Phone: (+353) 1 881 6000
Fax: (+353) 1 881 7000
Email: info@baltimore.com


Security Target
Certification Report
Certification Report - Extension

UniCERT is a PKI system that provides certification authority, registration authority and PKI management functions using cryptography. This can then be used to manage cryptographic keys necessary for a system requiring security for end users, such as a secure e-mail or other messaging systems, or security on web browsers. UniCERT provides the ability to set up a centralised or distributed architecture for organisations of any size, using a single level or multilevel certification authority to suit the structure, function and geography of the organisation. 

Operating under Windows NT® V4.0, and using Oracle as an internal database, UniCERT is an integrated product solution of modular construction and is comprised of the components: Certification Authority (CA), CA Operator (CAO), Registration Authority (RA) and RA Operator (RAO). These components may be placed on the same, or separate hardware systems. 

UniCERT offers a complete system for the issuance and management of X.509 V3 public key certificates for end users or for other entities operating within the PKI. UniCERT can also revoke certificates and generate Certificate Revocation Lists (CRLs). Both the certificates and CRLs can be published on an X.500 directory using either LDAP or DAP. 

In summary, UniCERT

  • Provides a GUI to create and support a Root CA, and any number of lower-level CAs, CAOs, RAs, and RAOs in a hierarchy, 
  • Creates and signs X.509 V3 public key certificates (including SSL certificates and cross-certification), 
  • Supports RSA with key lengths of 768, 1024 and 2048 bits, and DSA with key lengths of 768 and 1024 bits, 
  • Revokes certificates as a result of events such as key compromise and creates CRLs, 
  • Optionally posts these certificates and CRLs to an X.500 directory using LDAP or DAP, 
  • Performs auditing and reporting tasks for administration including maintenance of a secure audit log, 
  • Provides registration facilities either remotely or face-to-face, 
  • Is completely standards based to facilitate interoperability with other industry products.

Ace Modifications

Patch B (UniCERT v3.1.3.B)
Patch C (UniCERT v3.1.2.C)
Patch D (UniCERT v3.1.2.D)


For further information on the scope of ACE for this product please refer to the Certification Extension Report or contact [email protected] .