About Kamu SM (TR)

Kamu SM - Public Certification Authority was established in 2005 within Ulusal Elektronik ve Kriptoloji Arastirma Enstitusu (UEKAE) a subsidiary of Türkiye Bilimsel ve Teknolojik Arastirma Kurumu (TUBITAK). Kamu SM is authorized by the Telecommunications Authority to operate according to the act of Electronic Signature Law 5070 published on January 15, 2004. TUBITAK UEKAE, has been assigned by government to create Kamu SM for its competency in areas of information security and electronic signature technologies.

According to Electronic Signature Law 5070 published on January 15, 2004, secure electronic signature given by authorized Electronic Certificate Service Providers will have the same legal effect as that of a handwritten signature. Using the electronic signature created consistent with the law, online transactions has a legal basis and eliminates the use of paper. The person who wants to give approval on declaration of intent can use electronic signature on company's electronic file system, online services, and online government services.

Kamu SM specializes in qualified certification services to confirm the identity of individuals, provide reliability and security of e-documents, electronic data and hardware. Use of qualified electronic certificates issued by Kamu SM in electronic signatures enables the identification of the signature owner and detection as to whether signed electronic data has been altered.

Kamu SM is obligated to prepare Qualified Electronic Certificates, to load signature creation data with these certificates into the Secure Electronic Signature Hardware and to deliver the certificate to the certificate owner. Kamu SM uses secure products and systems to collect applicant data, to prepare and deliver the certificates , manage operations in a reliable way, and to take all necessary measures in order to avoid certificates being copied or distorted.

Services provided by Kamu SM are based on UEKAE PKI technology and aimed at public government and businesses. The scope of the services covers the following fields:

• Issuing and management of qualified electronic certificates for secure e-signature:

  Qualified electronic certificates, are used for verification of identity of the signor in reliance upon a “qualified electronic certificate” and can be used for detection of any subsequent change or modification in a signed “electronic data” Qualified electronic certificates are issued according to X.509 standarts and can be installed on web browsers, smart cards and tokens that respect to the standart.

• Issue of ordinary certificates for general e-signature, logging on domains, databases, applications and www; protection of e-mails; protection of SSL servers; development of the VPN’s; protection and signing of software;
• Supply software libraries (applets and APIs) for integrating existent infrastructure to e-signature applications.

• Providing additional services: trusted time stamping, OCSP server; Trusted timestamping is the process of securely keeping track of the creation and modification time of a document.

  Online Certificate Status Protocol (OCSP) is a method for determining the revocation status of an X.509 digital certificate using means other than CRLs. It is described in RFC 2560 and is on the Internet standards track.

• Consultancy and special training in e-signature;
• Audit of companies in adaption for e-signature.

Official Authorization Document

• Link to Electronic Signature (e-sign) Law 5070
• Link to Contact Details

Quality Certificates ISO/IEC 27001