[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: certification for pki

To: ietf-pkix@xxxxxxx
Subject: Re: certification for pki
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Thu, 22 Jun 2000 04:47:52 (NZST)
Reply-to: pgut001@xxxxxxxxxxxxxxxxx
Sender: pgut001@xxxxxxxxxxxxxxxxx

ghilborn@csc.com writes:

>It is not a choice of CC vs. FIPS.  The FIPS 140-1 testing pertains narrowly
>to crypto modules.  The CC evaluation/"torture" process is about the
>system/components for certificate issuance and management meeting its security
>specification (security target and claimed PP(s)).

Oh, so the interest is in certifying the PKI process rather than machinery
which makes it possible?  In that case there's a whole host of standards to
choose from, from ISO there's ISO 15782-1, Banking - Certificate Management,
from ANSI theres X9.57 Certificate Management and ANSI X9.79, PKI Practices and
Framework, and from vendors there's both VISA and MC's SET PKI requirements
(which, while in some cases SET-specific), are well thought out.  Would any of
those be usable as a PP?

Peter.

Prev by Date: Re: certification for pki
Next by Date: RE: certification for pki
Previous by thread: RE: certification for pki
Next by thread: RE: certification for pki
Index(es):
- Date
- Thread