May 14, 2009

Dear VeriSign Partner:

This zip file contains 14 Root certificates.  VeriSign recommends installing all of the certificates into your application's trusted root certificate store.  

Here is a brief description of the root certificates (subject to change):

Generation 1 (G1) PCAs - RSA1024
* Class 1 Public Primary Certification Authority - Used for S/MIME certificates.
* Class 2 Public Primary Certification Authority - No longer in active use.
* Class 3 Public Primary Certification Authority - Used for SSL, Code Signing, OFX, and Administrator certificates.

Generation 2 (G2) PCAs - RSA1024/SHA1
* Class 1 Public Primary Certification Authority - G2 - Used for S/MIME and Client certificates.
* Class 2 Public Primary Certification Authority - G2 - Used for S/MIME and Client certificates.
* Class 3 Public Primary Certification Authority - G2 - Used for SSL, Code Signing, OFX, and Administrator certificates.
* Class 4 Public Primary Certification Authority - G2 - Reserved for future use.

Generation 3 (G3) PCAs - RSA2048/SHA1
* VeriSign Class 1 Public Primary Certification Authority - G3 - Used for S/MIME and Client certificates.
* VeriSign Class 2 Public Primary Certification Authority - G3 - Used for S/MIME, MBA, and Client certificates.
* VeriSign Class 3 Public Primary Certification Authority - G3 - Used for SSL, Code Signing, OFX, MBA, and Administrator certificates.
* VeriSign Class 4 Public Primary Certification Authority - G3 - Reserved for future use.

Generation 4 (G4) PCA - ECC384/SHA384
* VeriSign Class 3 Public Primary Certification Authority - G4 - Reserved for future use.

Generation 5 (G5) PCA - RSA2048/SHA1
* VeriSign Class 3 Public Primary Certification Authority - G5 - Used for Extended Validation (EV) certificates.

VeriSign Universal Root - - RSA2048/SHA256
* VeriSign Universal Root Certification Authority - Reserved for future use.


If you have any questions, please let us know.

Regards

VeriSign, Inc.
487 E. Middlefield Road
Mountain View, CA  94043
www.verisign.com
email: cbo@verisign.com
