MagicOizo Certificate Authority Info Page

About

General Information

The Certificate Authority (CA) of MagicOizo is a privately operated Public Key Infrastructure (PKI).

This CA is mainly used to issue device certificates to secure the Web User Interfaces for the configuration of locally operated devices (e.g. NAS, Router, Test-Server). These devices are usually not accessible from the public Internet. All publicly accessible websites use certificates from Let's Encrypt.

The real reason why the CA has a public information page is that S/MIME certificates are issued particularly for the e-mail domain "zoeller.me".

Encrypted e-mail communication with PGP is not possible with all communication partners. Some only accept S/MIME. As many companies (e.g. banks, energy providers) do not use generally trusted certification authorities for their S/MIME certificates and private S/MIME certificates are usually not free of charge with such providers, the operator of the zoeller.me domain has decided to issue certificates himself.

Issuing Practice

Only certificates for persons and their e-mail accounts that are personally known to the operator are issued.

These persons usually also have (but do not necessarily have to) an e-mail account in the domain "zoeller.me". Accordingly, the persons are from the family or circle of friends of the operator. Certificates are only created manually and only for selected e-mail accounts and persons.

Security

The CA is not publicly accessible. This website is operated on a different server than the issuing CA. The private keys (when created by the CA) are therefore not accessible from the outside. The CA is also able to sign Certificate Signing Request (CSR). In this case the CA does not know the private key for a certificate.

The operator makes every effort to secure the systems as far as possible. He is aware that the systems have little to oppose a direct and targeted attack. However, the protection should be sufficient for the everyday level of risk.

^ top ^

Root Certificates

This section contains a table with the root certificates of the certification authority (current and expired).

Serial Number	Common Name	Valid Until	SHA1 Fingerprint	Info
e6:ad:fa:f1:3b:31:75:25	MagicOizo CA	06. Nov 2026 07:50:12 UTC	32:23:9a:b1:2e:ab:e8:0a:a4:4c:e0:af:7e:55:7c:c1:40:8c:84:3d	more

MagicOizo CA

Serial Number	e6:ad:fa:f1:3b:31:75:25
Common Name	MagicOizo CA
Validity	Not Before: 08. November 2016 07:50:12 UTC Not After: 06. November 2026 07:50:12 UTC
Subject	O = MagicOizo Inc. emailAdress = ca@magicoizo.local L = Cologne ST = NRW C = DE CN = MagicOizo CA
Signature Algorithm	SHA256 with RSA encryption
RSA Key Size	4096 bit
Fingerprints	SHA1 : 32:23:9a:b1:2e:ab:e8:0a:a4:4c:e0:af:7e:55:7c:c1:40:8c:84:3d SHA256 : ff:06:06:1e:7d:da:9d:68:72:b7:80:e9:ea:63:1c:62:f6:8c:70:21:c7:2e:03:b2:cc:78:a2:f3:2e:32:8a:a6
Download	PEM CER

^ top ^

Announcements

Currently no announcements to make.

^ top ^

Imprint

Information according to §5 TMG (German Telemedia Act)

Max Zöller
Tannenweg 21
50389 Wesseling
Germany

Represented by:
Max Zöller

Contact:
Phone: Telefonnummer verschleiert für SPAMBOTS. Javascript aktivieren.
E-Mail: Mailadresse verschleiert für SPAMBOTS. Javascript aktivieren.

Disclaimer:

Liability for Contents

The contents of this page were created with the greatest care. However, we cannot assume any liability for the correctness, completeness and topicality of the contents. As a service provider, I am responsible for my own content on these page according to §7 paragraph 1 TMG (German Telemedia Act) and general laws. According to §§ 8 to 10 TMG, I am not obliged to monitor transmitted or stored external information or to investigate circumstances that indicate illegal activity. Obligations to remove or block the use of information according to general laws remain unaffected. However, liability in this respect is only possible from the time of knowledge of a concrete infringement. If I become aware of any such infringements, I will remove such content immediately.

Liability for Links

My offer contains links to external websites of third parties (these are marked with an ⇒-sign), on whose contents I have no influence. Therefore I can not take any responsibility for these external contents. The respective provider or operator of the sites is always responsible for the contents of the linked sites. The linked pages were checked for possible legal violations at the time of linking. Illegal contents were not identifiable at the time of linking. However, a permanent control of the contents of the linked pages is not reasonable without concrete evidence of a violation of the law. If I become aware of any infringements, I will remove such links immediately.

Copyright

The contents and works on these pages created by the site operator are subject to German copyright law. The reproduction, editing, distribution and any kind of use outside the limits of copyright law require the written consent of the respective author or creator. Downloads and copies of these pages are only permitted for private, non-commercial use. Insofar as the content on this site was not created by the operator, the copyrights of third parties are respected. In particular, third-party content is marked as such. Should you nevertheless become aware of a copyright infringement, please inform us accordingly. If we become aware of any infringements, we will remove such contents immediately.

Website Imprint by ⇒ impressum-generator.de
Translation by free edition of ⇒ deepl.com Translator

^ top ^

Privacy policy

Introduction

With the following data protection declaration we would like to inform you about the types of your personal data (hereinafter also referred to as "data") which we process, for what purposes and to what extent. The data protection declaration applies to all processing of personal data carried out by us, both in the context of providing our services and, in particular, on our websites, in mobile applications and within external online presences, such as our social media profiles (hereinafter also referred to collectively as "online offer").

The terms used are not gender-specific.

Status: January 31, 2020

Table of contents

1. Introduction
2. Responsible
3. Overview of the Processing Operations
4. Relevant Legal Bases
5. Security Measures
6. Provision of the Online Offer and Web Hosting
7. Deletion of Data
8. Amendment and Update of the Privacy Policy

Responsible

Max Zöller
Tannenweg 21
50389 Wesseling
Germany

Represented by:
Max Zöller

Contact:
Phone: Telefonnummer verschleiert für SPAMBOTS. Javascript aktivieren.
E-Mail: Mailadresse verschleiert für SPAMBOTS. Javascript aktivieren.
Imprint: https://www.zoeller.me/pki/index.html#imprint

Overview of the Processing Operations

The following overview summarises the types of data processed and the purposes of their processing, and refers to the data subjects.

Types of Data Processed

• Content data (e.g. text entries, photographs, videos).
• Meta/communication data (e.g. device information, IP addresses, time of access).

Categories of Data Subjects

Users (e.g. website visitors, users of online services).

Relevant Legal Bases

In the following, we provide the legal basis of the General Data Protection Regulation (GDPR), on the basis of which we process personal data. Please note that in addition to the regulations of the GDPR, national data protection regulations may apply in your or our country of residence and domicile.

• Legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GDPR) - The processing is necessary to protect the legitimate interests of the controller or of a third party unless the interests or fundamental rights and freedoms of the data subject which require the protection of personal data outweigh the data subject's own interests or fundamental rights and freedoms.

National data protection regulations in Germany: In addition to the data protection regulations of the Basic Data Protection Regulation, national regulations on data protection apply in Germany. These include in particular the law on protection against misuse of personal data in data processing (Bundesdatenschutzgesetz - BDSG, Federal Data Protection Act). In particular, the BDSG contains special regulations on the right to information, the right to deletion, the right of objection, the processing of special categories of personal data, processing for other purposes and transmission as well as automated decision making in individual cases including profiling. Furthermore, it regulates data processing for the purposes of the employment relationship (Section 26 BDSG), in particular with regard to the establishment, implementation or termination of employment relationships and the consent of employees. Furthermore, state data protection laws of the individual federal states may apply.

Security Measures

We take appropriate technical and organizational measures in accordance with the legal requirements, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing, as well as the different probabilities of occurrence and the extent of the threat to the rights and freedoms of natural persons, in order to ensure a level of protection commensurate with the risk.

Those measures shall include, in particular, safeguarding the confidentiality, integrity and availability of data by controlling physical and electronic access to the data as well as the access, input, disclosure, safeguarding of availability and segregation of data relating to them. Furthermore, we have established procedures to ensure that data subjects' rights are exercised, data is deleted and responses to data threats are made. Furthermore, we take the protection of personal data into account as early as the development or selection of hardware, software and procedures in accordance with the principle of data protection, by designing technology and by using data protection-friendly default settings.

SSL encryption (https): To protect your data transmitted via our online offer, we use SSL encryption. You can recognize such encrypted connections by the prefix https:// in the address line of your browser.

Provision of the Online Offer and Web Hosting

In order to provide our online services securely and efficiently, we use the services of one or more web hosting providers from whose servers (or servers managed by them) the online services can be accessed. For these purposes we may use infrastructure and platform services, computing capacity, storage space and database services, as well as security and technical maintenance services.

The data processed within the scope of providing the hosting offer may include all data concerning the users of our online offer, which are generated within the scope of use and communication. This regularly includes the IP address, which is necessary to be able to deliver the contents of online offers to browsers, and all entries made within our online offer or from websites.

Collection of access data and log files: We ourselves (or our web hosting provider) collect data on every access to the server (so-called server log files). Server log files may include the address and name of the web pages and files accessed, date and time of access, data volume transferred, notification of successful access, browser type and version, the user's operating system, referrer URL (the previously visited page) and, as a rule, IP addresses and the requesting provider.

The server log files can be used for security purposes, e.g. to avoid overloading the servers (especially in the case of abusive attacks, so-called DDoS attacks) and to ensure the capacity utilisation of the servers and their stability.

• Processed data types: Content data (e.g. text entries, photographs, videos), usage data (e.g. websites visited, interest in content, access times), meta/communication data (e.g. device information, IP addresses).
• Persons concerned: Users (e.g. website visitors, users of online services).
• Legal basis: legitimate interests (Art. 6 para. 1 sentence 1 lit. f. GPDR).

Deletion of Data

The data processed by us will be deleted in accordance with the legal requirements as soon as their consent permitted for processing is revoked or other permissions cease to apply (e.g. if the purpose for processing these data ceases to apply or if they are not necessary for the purpose).

Unless the data are deleted because they are required for other and legally permissible purposes, their processing is limited to these purposes. This means that the data is blocked and not processed for other purposes. This applies, for example, to data that must be retained for reasons of commercial or tax law or whose retention is necessary for the assertion, exercise or defence of legal claims or for the protection of the rights of another natural or legal person.

Further information on the deletion of personal data can also be provided in the individual data protection notes of this data protection declaration.

Amendment and Update of the Privacy Policy

We ask you to inform yourself regularly about the content of our data protection declaration. We will adapt the data protection declaration as soon as changes in the data processing carried out by us make this necessary. We will inform you as soon as the changes make it necessary for you to cooperate (e.g. consent) or to receive other individual notification.

If we provide addresses and contact information of companies and organisations in this privacy policy, please note that the addresses may change over time and please check the information before contacting us.

Created with the free ⇒ datenschutz-generator.de by Dr. Thomas Schwenke
Translation by free edition of ⇒ deepl.com Translator

^ top ^