Any revocation request reported to TunTrust will be acknowledged promptly, and raised to a validation supervisor or TunTrust management as appropriate.
A revocation request may be submitted using one of the following methods:
- Physical presence before a TunTrust RA operator: Either the Certificate Manager or the Legal Representative of the Subscriber must be physically present at the headquarters of TunTrust and request the revocation of a Certificate in writing using the DigiGo / ID-Trust revocation form or the SSL revocation form after providing a valid ID.
- For DigiGo Certificates, Subscribers can revoke their certificates online on https://digigo.tuntrust.tn/pub/revoke
- For SSL, ID-Trust and DigiGo Certificates, Subscribers can revoke their certificates online using TunTrust revocation online service available at “https://www.tuntrust.tn/Revocation-online-service”. In this case, you are required to provide:
- For SSL Certificates:
1.The FQDN listed in the certificate that needs to be revoked, and
2. An email address to confirm your control over the listed FQDN, as per section 18.104.22.168.2 and section 22.214.171.124.4 of the TunTrust PKI CP/CPS. A revocation challenge will be sent to this email address and you need to provide it for the certificate revocation to be processed.
- For DigiGo or ID-Trust Certificates:
1. The Email Address listed in the certificate that needs to be revoked. A revocation challenge will be sent to this email address and you need to provide it for the certificate revocation to be processed.
TunTrust revokes certificates for the reasons stated in the relevant CP/CPS. These reasons include the following:
- TunTrust obtains evidence that the Subscriber’s Private Key corresponding to the Public Key in the Certificate suffered a Key Compromise;
- TunTrust is made aware of a demonstrated or proven method that can easily compute the Subscriber’s
Private Key based on the Public Key in the Certificate;
- TunTrust obtains evidence that the Certificate was misused;
- TunTrust is made aware that a Subscriber has violated one or more of its material obligations under the Subscriber Agreement;
- TunTrust is made aware of a material change in the information contained in the Certificate;
- TunTrust is made aware that the Certificate was not issued in accordance with the CA/Browser Forum Baseline Requirements or the applicable CP/CPS;
- TunTrust determines or is made aware that any of the information appearing in the Certificate is inaccurate;
- Any other reason listed in the CA/Browser Forum Baseline Requirements along with other applicable industry standards.
Certificate Problem Reporting
Subscribers, relying parties, application software vendors, and other third parties can send to firstname.lastname@example.org emails of suspected private key compromise, certificate misuse, or other types of fraud, compromise, misuse, or inappropriate conduct related to certification.
Make sure to include a thorough description of the reason for the certificate revocation. TunTrust will begin investigation of a certificate problem report within 24 hours of receipt and decide whether revocation or other appropriate action is warranted based on the relevant regulations or industry standards.