Any revocation request reported to TunTrust will be acknowledged promptly, and raised to a validation supervisor or TunTrust management as appropriate.
A revocation request may be submitted using one of the following methods:
- Using TunTrust revocation online service available at “https://www.tuntrust.tn/Revocation-online-service”. In this case, you are required to provide:
- For SSL Certificates:
1.The FQDN listed in the certificate that needs to be revoked, and
2. An email address to confirm your control over the listed FQDN, as per section 220.127.116.11.2 and section 18.104.22.168.4 of the relevant CP/CPS. A revocation challenge will be sent to this email address and you need to provide it for the certificate revocation to be processed.
- For ID-Trust Certificates:
1. Email Address listed in the certificate that needs to be revoked. A revocation challenge will be sent to this email address and you need to provide it for the certificate revocation to be processed.
- For Subscribers that have accounts on https://ecert.tuntrust.tn, they can revoke their certificates online from their private space.
- Physical presence before a TunTrust RA operator: Either the Certificate Manager or the Legal Representative of the Subscriber must be physically present at the headquarters of TunTrust and request the revocation of a Certificate in writing using the ID-Trust revocation form or the SSL revocation form after providing a valid ID.
TunTrust revokes certificates for the reasons stated in the relevant TunTrust CP/CPS, including the following:
- The subscriber requests in writing that TunTrust revoke the certificate;
- The subscriber notifies TunTrust that the original certificate request was not authorized and does not retroactively grant authorization;
- TunTrust obtains evidence that the subscriber’s private key corresponding to the public key in the certificate suffered a key compromise, or that the certificate was misused;
- TunTrust is made aware that a subscriber has violated one or more of its material obligations under its agreement with TunTrust;
- If TunTrust determines that any of the information appearing in the certificate is not accurate or, in TunTrust’ sole discretion, that the certificate was not issued in accordance with the terms and conditions of TunTrust’ Policies;
- Any other reason listed in the CA/Browser Forum Baseline Requirements along with other applicable industry standards.
Certificate Problem Reporting
Subscribers, relying parties, application software vendors, and other third parties can send to email@example.com emails of suspected private key compromise, certificate misuse, or other types of fraud, compromise, misuse, or inappropriate conduct related to certification.
Make sure to include a thorough description of the reason for the certificate revocation. TunTrust will begin investigation of a certificate problem report within 24 hours of receipt and decide whether revocation or other appropriate action is warranted based on the relevant regulations or industry standards.