Terms

	The GTA will not conduct a code analysis of the software comprising the application;
	The GTA does not accept any liability for those who use the application;
	Application developers are able to offer an application for use within the GTA hierarchy. Those operating within the hierarchy will decide individually whether they wish to make use of the application;
	The GTA brand must be used in conjunction with the application wherever it is used in the GTA hierarchy;
	The GTA needs to be informed of the attributes, if any, used in the application;
	The certificate used in the application must contain a certificate chain linked directly to the GTA root or, for those using cross validation, the certificate must contain a URL for its own external VA. This external VA needs to be registered with VAs within the GTA hierarchy.

How to accredit an application
To accredit an application, a provider of an application has to go through the following procedure:

	First apply to the GTA Office (veerle.gyselings@theglobaltrustauthority.org);
	GTA provides a contractual letter for signature;
	Return the contractual letter, duly signed, together with a detailed specification of the application and its purpose. The GTA might also require the application to be demonstrated in a test environment set-up by the provider of the application, which is based on the GTA hierarchy, to ensure that it meets the GTA rules;
	The GTA reviews the specification of the application to check that it meets the GTA requirements, not only on certificate format but also on, for example, key lengths, algorithm choices, certificate validation processes, use of PKI standards for certificate request and retrieval;
	The provider receives a letter stating the accreditation of the application from the GTA;
	The GTA keeps a register of applications together with an attribute library, available via the GTA website, to those operating in the hierarchy.