Hoofdinhoud
All current PKIoverheid G3 certificates will expire no later than November 2028. PKIoverheid introduces the G3+ and G4 certificates as its successors, which are designed to keep pace with the latest technological developments. This factsheet helps you understand the impact will have on your services and organisation.
PKI for the government, or PKIoverheid for short, is a public private partnership between the Dutch government and several other parties (Trust Service Providers). This partnership is managed by Logius and facilitates the issuance and management of digital certificates to ensure a secure and reliable data exchange between government, citizens and businesses. Recently, a new generation of PKIoverheid certificates was launched: the G4. An update to the G3, the G3+, has also been launched.
G4: the new generation
All PKIoverheid certificates that have been issued in the past 11 years were issued under two different Root certificates: The Publicly trusted Root CA (alias: G3) and Privately trusted Root CA (alias: G1 Private). Publicly trusted means the trust anchor is included in the software of various parties such as Microsoft, Google, Apple and Mozilla. With this, all certificates issued by this Root CA are automatically accepted by internet browsers and/or email clients. Whereas privately trusted certificates are concerned, a relying party must determine themselves whether certificates should be trusted and accepted. In recent years certificate usage increased and the regulatory pressure on PKIs is mounting. Because of the risks this introduces, a new generation of certificates (G3+ and G4) has been developed. By 2028 all PKIoverheid certificates will be issued from new Root CAs and intermediates.
G4: What's new?
- G4 consists of 4 Root certificates instead of G3’s 2 root certificates. Each Root is designated for different use cases and subject to its own (external) frameworks:
- S/MIME (publicly trusted);
- EU-qualified digital signatures;
- Server authentication (privately trusted);
- Other (privately trusted; primarily intended for authentication purposes),
- Each end-user certificate can only be used for one specific purpose, e.g. a G4 certificate cannot be used for both authentication and digital signatures purposes;
- G4 uses a modern cryptographic algorithm to sign all certificates: RSASSA-PKCS1-v1_5 has been replaced by RSASSA-PSS. To give the full specification: RSASSA-PSS with SHA-256, MGF-1 with SHA-256, and a salt length of 32 bytes;
- The naming of both CA certificates and end-user certificates has been updated. This makes them more consistent with international standards and frameworks and making it easier to identify a certificate’s purpose, target audience, validation type and ultimate trust anchor.
G3+: Interim adaptation G3 for S/MIME
Due to changing regulations, it is no longer possible to use the original G3 certificates for securing email (S/MIME) since September 2024. For PKIoverheid to continue to offer this functionality, a new branch has been created within G3, namely G3+. The difference between G3 and G3+ are:
- G3+ S/MIME certificates can only be used to secure email;
- G3+ S/MIME certificates cannot be delivered on secure cryptographic devices (smart card, token, etc.).
New cryptographic algorithm
The signature algorithm used for G3 certificates is RSASSA-PKCS1-v1_5, which has recently been labelled as a legacy algorithm by EU standard bodies. For the G4, the more secure RSASSA-PSS(2) algorithm was chosen because is supported by most software and relevant PKI frameworks.
While quantum-resistant algorithms do exist, they are not yet suitable for use in production environments with PKI certificates. Logius closely monitors these developments and will provide test certificates when standardisation in this area is considered ready. As such, the G4 architecture has been designed to easily adopt to new algorithms when needed.
What does this mean for my organisation?
With G4 certificates, each certificate can only be used for a single purpose, and certificate types are organised by root, each with its own distinctive rules and regulations. This may affect the number of certificates your organisation needs. The table ‘What type of certificate do I need?’ at logius.nl/pkioverheid you can see which G4 certificates you need. To fully understand the impact of this transition, it is important to identify which types of G3 certificates currently deployed in your environment.
G3+ and G4 certificates are gradually becoming available to Trust Service Providers. You and your organisation will encounter these certificates more frequently over time. By November 2028, all organisations must have switched to G4 certificates.
Preparation steps
It will take time for your organisation to be able to use the new certificates. The sooner your organisation starts, the more time your organisation will have to complete the steps below. Early preparation will ensure a smooth transition to the G4 for all parties involved.
Step 1: Using the table below, list the purposes for which your current certificates are used so that your organisation can acquire and accept the correct G4 certificate types;
Step 2: Make an inventory of all systems using PKIoverheid certificates and verify if the RSASSA-PSS algorithm is supported;
Step 3: Update software if RSASSA-PSS is unsupported;
Step 4: Several G4 PKIoverheid roots may need to be imported into the Trust Store of the various information systems in your organisation;
Step 5: Ensure thorough testing before any large scale roll out of G4 certificates. This applies both to using and accepting/relying on G4 certificates.
What type or certificate do I need?
The table below shows which certificate you will need to use in the future and which ones you may need to process as a relying party. Also listed with each certificate type is the so-called Certificate Policy Object Identifier (OID) that uniquely identifies the certificate type.
A complete and up-to-date overview of all Root CA, Intermediate CA and TSP CA certificates issued under PKIoverheid and the associated Certificate Policy (CP), Certificate Practice Statement (CPS), PKIoverheid OIDs and Certificate Revocation Lists (CRL) can be found at www.pkioverheid.nl.
| Service (use case) | G3/G1 Private certificate type | G3+/G4 certificate type |
|---|---|---|
| Client authentication for Legal Entities (for instance SAML/XML, mTLS for use with SBR, Digipoort, DigiD etc.) |
|
G4 Private Other Generic Legal Persons Organization Validated Authentication (OID: 2.16.528.1.1003.1.2.44.16.25.8) |
| Server authentication for Legal Entities (web services e.g.) |
|
|
| Use of EU qualified certificates by natural persons (eIDAS) |
|
|
| Use of EU Qualified signatures by legal entities (eIDAS seal) |
|
|
| Signing or encrypting of emails (S/MIME) by natural persons |
|
|
| Signing or encrypting of emails (S/MIME) by employees |
|
|
| Signing or encrypting of emails (S/MIME) by legal entities |
|
|
