A A A

Standardele PKI

 

1 group of standards

 

ISO/IEC 9796-2:2002 Information technology - Security techniques - Digital signature schemes giving message recovery - Part 2: Integer factorization based mechanisms

ISO/IEC 9796-3:2006 Information technology - Security techniques - Digital signature schemes giving message recovery - Part 3: Discrete logarithm based mechanisms 

ISO/IEC 10118-1:2000 Information technology - Security techniques - Hash-functions - Part 1: General 

ISO/IEC 10118-2:2010 Information technology - Security techniques - Hash-functions - Part 2: Hash-functions using an n-bit block cipher 

ISO/IEC 10118-3:2004 Information technology - Security techniques - Hash-functions - Part 3: Dedicated hash-functions 

ISO/IEC 10118-4:1998 Information technology - Security techniques - Hash-functions - Part 4: Hash-functions using modular arithmetic 

ISO/IEC 14888-1:1998 Information technology - Security techniques - Digital signatures with appendix - Part 1: General 

ISO/IEC 14888-2:1999 Information technology - Security techniques - Digital signatures with appendix - Part 2: Identity-based mechanisms 

ISO/IEC 14888-3:1998 Information technology - Security techniques - Digital signatures with appendix - Part 3: Certificate-based mechanisms 

ISO/IEC 18033-1:2005 Information technology - Security techniques - Encryption algorithms - Part 1: General 

ISO/IEC 18033-3:2005 Information technology - Security techniques - Encryption algorithms - Part 3: Block ciphers 

ISO/IEC 18033-4:2005 Information technology - Security techniques - Encryption algorithms - Part 4: Stream ciphers 

ISO/IEC 19780-1:2008 Information technology - Learning, education and training - Collaborative technology - Collaborative learning communication

ISO/IEC 19790:2009 Information technology - Security techniques - Security requirements for cryptographic modules

ISO/IEC 9594-8:2014 Information technology - Open system Interconnection - The Directory - Part 8: Public-key and attribute certificate frameworks

 

 

2 group of standards

 

CWA 14167-1:2003 Security Requirements for Trustworthy Systems Managing Certificates for Electronic Signatures - Part 1: System Security Requirements 

CWA 14167-2:2003 Cryptographic module for CSP signing operations with backup -Protection profile - CMCSOB PP 

CWA 14167-3:2004 Cryptographic module for CSP key generation services protection profile CMCKG-PP 

CWA 14167-4:2004 Cryptographic module for CSP signing operations – Protection profile - CMCSO PP 

CWA 14170:2003 Security requirements for signature creation applications 

CWA 14171:2004 General guidelines for electronic signature verification 

CWA 14172-1:2003 EESSI Conformity Assessment Guidance - Part 1: General introduction 

CWA 14172-2:2003 EESSI Conformity Assessment Guidance - Part 2: Certification Authority services and processes 

CWA 14172-3:2003 EESSI Conformity Assessment Guidance - Part 3: Trustworthy systems managing certificates for electronic signatures 

CWA 14172-4:2004 EESSI Conformity Assessment Guidance - Part 4: Signature creation applications and general guidelines for electronic signature verification 

CWA 14172-5:2004 EESSI Conformity Assessment Guidance - Part 5: Secure signature-creation devices 

CWA 14172-6:2004 EESSI Conformity Assessment Guidance - Part 6: Signature creation device supporting signatures other than qualified 

CWA 14172-7:2004 EESSI Conformity Assessment Guidance - Part 7:
Cryptographic modules used by Certification Service Providers for signing operations and key generation services 

CWA 14172-8:2004 EESSI Conformity Assessment Guidance - Part 8: Timestamping Authority services and processes 

CWA 14355:2004 Guidelines for the implementation of Secure Signature-Creation Devices 

CWA 14890-1:2004 Application Interface for smart cards used as Secure Signature Creation Devices - Part 1: Basic requirements 

CWA 14890-2:2004 Application Interface for smart cards used as Secure Signature Creation Devices - Part 2: Additional Services 

CWA 14169:2002 Secure signature - Creation devices "EAL 4+"

 

 

3 group of standards

 

RFC 4210 Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP). C. Adams, S. Farrell, T. Kause, T. Mononen. September 2005 

RFC 4211 Certificate Request Protocol
Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF). J. Schaad. September 2005. 

RFC 2527 Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework. S. Chokhani, W. Ford, R. Sabett, C. Merrill, S. Wu. November 2003. 

RFC 3494 Lightweight Directory Access Protocol version 2 (LDAPv2) to Historic Status. K. Zeilenga. March 2003. 

RFC 2560 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, C. Adams. June 1999. 

RFC 2585 Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP. R. Housley, P. Hoffman.May1999. 

RFC 2587 Internet X.509 Public Key Infrastructure LDAPv2 Schema. S. Boeyen, T. Howes, P. Richard. June 1999. 

RFC 2797 Certificate Management Messages over CMS. M. Myers, X. Liu, J. Schaad, J. Weinstein. April 2000. 

RFC 2875 Diffie-Hellman Proof-of-Possession Algorithms. H. Prafullchandra, J. Schaad. July 2000. 

RFC 3029 Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols. C. Adams, P. Sylvester, M. Zolotarev, R. Zuccherato. February 2001. 

RFC 3739 Internet X.509 Public Key Infrastructure: Qualified Certificates Profile. S. Santesson, M. Nystrom, T. Polk. March 2004. 

RFC 3161 Internet X.509 Public Key Infrastructure Time-Stamp Protocol (TSP). C. Adams, P. Cain, D. Pinkas, R. Zuccherato. August 2001. 

RFC 3279 Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. L. Bassham, W. Polk, R. Housley. April 2002. 

RFC 3280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. R. Housley, W. Polk, W. Ford, D. Solo. April 2002. 

RFC 3281 An Internet Attribute Certificate Profile for Authorization. S. Farrell, R. Housley. April 2002. 

RFC 6712 Internet x.509 Public Key Infrastructure HTTP Transfer for the certificate Management Protocol (CMP) September 2012

RFC 3647 Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework

RFC 5967 The aplication/pkcs 10 Media Type August 2010

RFC 3447 Public-key cryptography standards (PKCS)#1:RSA Cryptography Specifications Version 2.1 February 2003

RFC 5816 ESSCertID v2 Update for RFC 3161 April 2010

RFC 5905 Network Time Protocol Version 4: Protocol and Algorithms Specification June 2010

RFC 5280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) May 2008

RFC 6818 Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile January 2013
RFC 6960 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP June 2013
RFC 4523 Lightweight Directory Acces Protocol (LDAP) Scheme Definitions for X.509 Certificates June 2006

 

 

 

 4 group of standards

 

PKCS#1 RSA Cryptography Standard 

PKCS #3 Diffie-Hellman Key Agreement Standard 

PKCS #5 Password-Based Encryption Standard 

PKCS #6 Extended-Certificate Syntax Standard 

PKCS#7 Cryptographic Message Syntax Standard 

PKCS #8 Private-Key Information Syntax Standard 

PKCS #9 Selected Object Classes and Attribute Types. 

PKCS #10 Certification Request Syntax Standard 

PKCS#ll Cryptographic Token Interface Standard 

PKCS #12 Personal Information Exchange Syntax Standard 

PKCS #13 Elliptic Curve Cryptography Standard 

 

 

 

 5 group of standards

 

S/MIME

RFC 2311 S/MIME Version 2 Message Specification. S. Dusse, P. Hoffman, B. Ramsdell, L. Lundblade, L. Repka. March 1998.

RFC 2312 S/MIME Version 2 Certificate Handling. S. Dusse, P. Hoffman, B. Ramsdell, J. Weinstein. March 1998.

RFC 2630 Cryptographic Message Syntax. R. Housley. June 1999.

RFC 2632 S/MIME Version 3 Certificate Handling. B. Ramsdell, Ed.. June 1999.

RFC 2633 S/MIME Version 3 Message Specification. B. Ramsdell, Ed.. June 1999.

RFC 2634 Enhanced Security Services for S/MIME. P. Hoffman, Ed.. June 1999.

RFC 2785 Methods for Avoiding the "Small-Subgroup" Attacks on the Diffie-Hellman Key Agreement Method for S/MIME. R. Zuccherato. March 2000.

S/HTTP TLS

RFC 2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999.

RFC 2659 Security Extensions For HTML. E. Rescorla, A. Schiffman. August 1999.

RFC 2660 The Secure HyperText Transfer Protocol. E. Rescorla, A. Schiffman. August 1999.

RFC 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May 2000.

RFC 2818 HTTP Over TLS. E. Rescorla. May 2000.

IPSec

RFC 2401 Security Architecture for the Internet Protocol. S. Kent, R. Atkinson. November 1998.

RFC 2402 IP Authentication Header. S. Kent, R. Atkinson. November 1998.

RFC 2406 IP Encapsulating Security Payload (ESP). S. Kent, R. Atkinson. November 1998.

RFC 2408 Internet Security Association and Key Management Protocol (ISAKMP). D. Maughan, M. Schertler, M. Schneider, J. Turner. November 1998.

DNS

RFC 3007 Secure Domain Name System (DNS) Dynamic Update. B. Wellington. November 2000.

RFC 2535 Domain Name System Security Extensions. D. Eastlake 3rd. March 1999.

RFC 2536 DSA KEYs and SIGs in the Domain Name System (DNS). D. Eastlake 3rd. March 1999.

RFC 3110 RSA/SHA-1 SIGs and RSA KEYs in the Domain Name System (DNS). D.Eastlake 3rd. May 2001.

RFC 2538 Storing Certificates in the Domain Name System (DNS). D. Eastlake 3rd, O. Gudmundsson. March 1999.

RFC 2539 Storage of Diffie-Hellman Keys in the Domain Name System (DNS). D.Eastlake 3rd. March 1999.

RFC 2540 Detached Domain Name System (DNS) Information. D. Eastlake 3rd. March 1999.

RFC 2541 DNS Security Operational Considerations. D. Eastlake 3rd. March 1999.

 

 

 

6 group of standards

 

ETSI TS 101 903 V.1.4.2:2010 Electronic Signatures and Infrastructures(ESI); XML Advanced Electronic Signatures(XAdES)
ETSI TS 102 778-1 V.1.1.1:2009 Electronic Signature and Infrastructures (ESI); PDF Advanced Electronic Signature Profiles; Part 1: PAdES Overview - a framework document for PAdES
ETSI TS 102 778-2 V.1.2.1:2009 Electronic Signatures and Infrastructures(ESI); PDF Advanced Electronic Signature Profiles; Part 2:PAdES Basic - Profile based on ISO 32000-1
ETSI TS 102 778-3 V.1.2.1:2010 Electronic Signatures and Infrastructures(ESI); PDF Advanced Electronic Signature Profiles; Part 3:PAdES Enhanced - PAdES-BES and PAdES-EPES Profiles
ETSI TS 102 778-4 V.1.1.2:2009 Electronic Signatures and Infrastructures(ESI); PDF Advanced Electronic Signature Profiles; Part 4:PAdES Long Term - PAdES LTV Profile
ETSI TS 102 778-5 V.1.1.2:2009 Electronic Signatures and Infrastructures(ESI); PDF Advanced Electronic Signature Profiles; Part 5:PAdES for XML Content - Profiles for XAdES signature
ETSI TS 102 778-6 V.1.1.1:2010 Electronic Signatures and Infrastructures(ESI); PDF Advanced Electronic Signature Profiles; Part 6: Visual Representations of Electronic Signatures