In order to use PKIoverheid properly, message recipients MUST meet the requirements for the receiving party described in the PKIoverheid Programma van Eisen (PKIoverheid Requirements), refer to https://www.logius.nl/ondersteuning/pkioverheid/aansluiten-als-csp/programma-van-eisen/.
The following aspects are important:
- Trust the root certificates which are still valid and not revoked from the website https://cert.pkioverheid.nl/; The following PKI root certificates are NOT allowed:
So called "TEST certificaten"
- Roots which are marked with "Persoon"
Know and trust all valid domain and TSP certificates under the PKIo hierarchy, refer to https://cert.pkioverheid.nl/, with the exception of the folowing domains:
- Organisatie Persoon
- Autonome apparaten
- Private Personen
- Check the PKIoverheid CRL on https://crl.pkioverheid.nl regularly;
- Participants MUST process and handle changes made on the pages https://cert.pkioverheid.nl/ and https://crl.pkioverheid.nl within 10 business days.