This certification hierarchy is architecturally independent of any specific digital signature (public key) algorithm. Some algorithms, employed for signing certificates and validating certificate signatures, are patented in some countries. The IPRA will not grant a license to any PCA for the use of any signature algorithm in conjunction with the management of this certification hierarchy. The IPRA will acquire, for itself, any licenses needed for it to sign certificates and CRLs for PCAs, for all algorithms which the IPRA supports. Every PCA will be required to represent to the IPRA that the PCA has obtained any licenses required to issue (sign) certificates and CRLs in the environment(s) which the PCA will serve.
For example, the RSA cryptosystem is patented in the United States and thus any PCA operating in the U.S. and using RSA to sign certificates and CRLs must represent that it has a valid license to employ the RSA algorithm in this fashion. In contrast, a PCA employing RSA and operating outside of the U.S. would represent that it is exempt from these licensing constraints.