0. Inadequate or non-determined level: Very low confidence or assessment not possible, usually because a certificate policy does not exist. Many corporate PKIs will be placed in this category.

1. Low level: Low confidence in certificate but certificate policy exists or quality assessment is possible by other means.

2. Medium non-approved level: Medium confidence certificates with no formal registration/ approval status.

3. High non-approved level: Certificate quality is at or very close to qualified level but certificate issuer is not registered/approved by assigned inspectorate/authority according to applicable law to the issuer.

4. Non-qualified approved level: Certificate is not marked as qualified but certificate issuer is registered/approved by assigned inspectorate/authority according to applicable law to the issuer (according to a registration/approval scheme for issuers of non-qualified certificates).

5. Qualified approved level: Certificates are marked as qualified and the issuer is registered/ approved by assigned inspectorate/authority according to applicable law to the issuer. Private key environment is not certified as SSCD (Secure Signature Creation Device) according to CEN CWA 14169.

6. Qualified signature level: Certificates are marked and registered as for level 5, and use of a certified SSCD according to CEN CWA 14169 is mandated. Thus, this level supports qualified signatures according to the EU Directive on electronic signatures.

A quality classification system applicable world-wide, i.e. taking US, Asian and other specifications into account, is under development at DNV.