NIST PKI Specs

[Tim Polk <polk@xxxxxxxxxxxxxxxxxxx>]

NIST has just released the "Minimum Interoperability Specifications for
PKI Components (draft Version 1)" for a 90 day review period.  NIST
developed this document with the assistance of ten CRADA partners -
AT&T, BBN, Certicom, Cylink, DynCorp, IRE, Motorols, Nortel, Spyrus,
and Verisign. This specification is intended to provide the basis for
interoperable PKI components (CAs, ORAs, and clients) from different vendors.

This specification addresses certificate generation, renewal, and
revocation. It includes a certificate and CRL profile, and defines
transactions between PKI components for requesting, renewing, revoking,
and retrieving certificates.

Version 1 is focused on interoperability for a large scale PKI that
issues, revokes and manages digital signature public key certificates.
This specification does not preclude support for key management
certificates; there is simply no direct support.  (A sound digital
signature PKI should provide the basis for issuing any kind of
certificate. This specification could be enhanced to address key
managment in a later version.)

The URL for this document is

	http://csrc.nist.gov/pki/welcome.html#mispc

The document is available in Microsoft Word and PostScript.

It is NIST's goal that the MISPC align closely with the PKIX documents.
The functionality of the MISPC is akin to Parts 1 and 3, and shares many
features, but it is not a proper subset at the moment.  Close alignment
of the MISPC and PKIX efforts is our goal. I hope you will get a chance
to download the MISPC and review it.  It could prompt some interesting
discussion in San Jose. 

After the 90 day review period closes (March 2, 1997) we intend to
publish this document as a NIST Special Publication.  Follow-on projects
are planned, including development of a reference implementation and a
suite of conformance tests.

Thanks,

Tim Polk