NOTE: validation processes vary between vendor and product. This note applies just to DigiCert's process
With Document Signing Certificates, there are two different validation levels: Individual and Organization.
Individual Document Signing certificates are for single users with no associated organization.
Organization Document Signing certificates require standard OV-level validation with DigiCert. Additionally, the requester of the organization certificate must complete an Individual Validation.
For an Individual Validation, DigiCert requires the requester to present a government-issued photo ID as well as complete an attestation form before an authorized witness.
For the authorized witness, the options are to have a video conference with a DigiCert agent or work with a registered notary, in which the user would provide DigiCert with the notarized documents to complete the validation.
For an Organization Validation, the Individual Validation process would need to be completed first by the company member requesting the certificate. From there, the process is similar to an OV SSL certificate validation.
The organization will need to pass a physical address verification, telephone number verification and conduct a phone call between the certificate requester and DigiCert.
After the validation process is complete, DigiCert will provision the Document Signing certificate onto a secure USB token, then send the package by mail to the company’s verified address. Once the Document Signing USB device is received and utilized, the document signing can begin.
If you need any assistance, reach out to our support team.