What must a subscriber present when meeting the Trusted Agent in person?

When a subscriber meets with a Trusted Agent in person, they are typically required to present an identity proof document. This requirement is critical for ensuring that the individual seeking to obtain or validate a digital certificate is indeed who they claim to be. An identity proof document can include government-issued IDs, passports, or other formal identification that verifies the person’s identity.

The reason for this strict requirement is to uphold the integrity and security of the Public Key Infrastructure (PKI) system. Since PKI relies heavily on the trustworthiness of the subscribers and their keys, confirming their identity through official documentation minimizes the risk of fraud and ensures that certificates are issued to legitimate holders.

In contrast, merely presenting any form of identification lacks the specificity and reliability needed in a PKI context, and just showing a token does not establish identity. Verification emails, while useful, do not serve as proof of identity in a physical meeting and are often leveraged in different contexts, such as initial communications or digital validations rather than the in-person verification process itself.