Initialization Event

Key Access Component Card Set Configuration

1. An IBM compatible computer (hereafter referred to as "the computer") was set up in a room providing strict personnel access control, security camera monitoring [and electronic isolation from any computer networks].

2. The computer has a hard disk which has been pre-prepared with a fresh installation of a [Red Hat Enterprise Linux, version 5.0] operating system, the requisite HSM driver, nToken authentication PCI device, HSM device Support Software and the
Digi-CA™ PKI System, both acting as the Cryptographic Operation Control Software. The software was tested for correct operation prior to the Key Ceremony by using an HSM reserved for backup purposes.

3. The Key Access Component Cards are going to be distributed to appointed Key Access Component Holders during a later event of this ceremony. It is however important to note, that Key Access Component Holders are the only holders possessing PIN codes necessary to access the data stored on these smart cards. Before this step can be completed, each appointed Key Access Component Holder must now write down their new PIN code on a dedicated PIN paper sheet and put the PIN paper sheet with the written PIN code into an envelope, indicating their full personal name. Each envelope is to be placed on the Inventory Table and remain not sealed for the duration of the entire Key Ceremony. All attending Witnesses must ensure, that Key Access Component Holders are inserting their PIN Code paper sheets into correct envelopes, that indicate their full personal name.
Key Ceremony Administrator should now place a sufficient number of empty Key Access Component Cards on top of the envelopes containing PIN Code paper sheets. It is important to note, that the video camera should constantly record all activities related to access to the Key Access Component Cards and envelopes containing PIN Code paper sheets.

The Key Ceremony Administrator is now going to note the new Name for the newly configured Key Access Component Card Set, the Serial Number of each Key Access Component Card, that is about to be used and the details of each Key Access Component Holder (below) in this script. All attending Key Ceremony Witnesses must ensure, that the date entered into the script, the full personal name of each Key Access Component Holder and the Serial Number of the Key Access Component Card they are about to use is correct. They also must place their signature where indicated (below) in this section of the script.

Date: …………………………………………

Key Access Component Card Set
Name: …………………………………………………………………………………………………………………

Key Access Component Holder #1
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………

Key Access Component Holder #2
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………

Key Access Component Holder #3
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………

Key Access Component Holder #4
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………

Key Access Component Holder #5
Full Name: …………………………………………………………………………………………………………………
Card Serial Number: ……………………………………………………………………………………………