17/30281253 DC : 0

Superseded

View Superseded by

BS ISO 21188 - PUBLIC KEY INFRASTRUCTURE FOR FINANCIAL SERVICES - PRACTICES AND POLICY FRAMEWORK

Available format(s)

Hardcopy , PDF

Superseded date

30-04-2018

Language(s)

English

Publisher

British Standards Institution

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Abbreviated terms
5 Public key infrastructure (PKI)
6 Certificate policy and certification practice
  statement requirements
7 Certification authority control procedures
Annex A (informative) - Management by certificate
        policy
Annex B (informative) - Elements of a certification
        practice statement
Annex C (informative) - Object identifiers (OID)
Annex D (informative) - CA key generation ceremony
Annex E (informative) - Mapping of RFC 2527 to RFC 3647
Annex F (informative) - Certification Authority audit journal
        contents and use
Annex G (informative) - Alternative Trust Models
Annex H (informative) - Certificate Trust Levels (CTL)
Annex I (informative) - Certification authority techniques for
        disaster recovery
Bibliography

BS ISO 21188.

Committee	IST/12
DocumentType	Draft
Pages	129
PublisherName	British Standards Institution
Status	Superseded
SupersededBy	BS ISO 21188:2006

ISO/IEC 18033-1:2015	Information technology Security techniques Encryption algorithms Part 1: General
ISO/IEC 18032:2005	Information technology Security techniques Prime number generation
ISO/IEC 18014-3:2009	Information technology Security techniques Time-stamping services Part 3: Mechanisms producing linked tokens
FIPS PUB 140 : 0001	SECURITY REQUIREMENTS FOR CRYPTOGRAPHIC MODULES
ISO/IEC TR 14516:2002	Information technology Security techniques Guidelines for the use and management of Trusted Third Party services
ISO/IEC 15945:2002	Information technology — Security techniques — Specification of TTP services to support the application of digital signatures
ISO/IEC 7813:2006	Information technology Identification cards Financial transaction cards
ISO/IEC 9834-1:2012	Information technology — Procedures for the operation of object identifier registration authorities — Part 1: General procedures and top arcs of the international object identifier tree
ISO/IEC 18033-2:2006	Information technology — Security techniques — Encryption algorithms — Part 2: Asymmetric ciphers
ISO/IEC 18033-3:2010	Information technology Security techniques Encryption algorithms Part 3: Block ciphers
ISO/IEC 18014-2:2009	Information technology Security techniques Time-stamping services Part 2: Mechanisms producing independent tokens
ISO 13491-1:2016	Financial services Secure cryptographic devices (retail) Part 1: Concepts, requirements and evaluation methods
ISO/IEC 19790:2012	Information technology — Security techniques — Security requirements for cryptographic modules
ISO/IEC 27002:2013	Information technology Security techniques Code of practice for information security controls
ISO/IEC 8824:1990	Information technology — Open Systems Interconnection — Specification of Abstract Syntax Notation One (ASN.1)
ISO/TR 13569:2005	Financial services Information security guidelines
ISO/IEC 9594-8:2017	Information technology Open Systems Interconnection The Directory Part 8: Public-key and attribute certificate frameworks
TS 101 456 : 1.4.3	ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING QUALIFIED CERTIFICATES
ISO/IEC 10118-3:2004	Information technology Security techniques Hash-functions Part 3: Dedicated hash-functions
ISO/IEC 7810:2003	Identification cards Physical characteristics
ISO/IEC 10646-1:2000	Information technology Universal Multiple-Octet Coded Character Set (UCS) Part 1: Architecture and Basic Multilingual Plane
TS 102 042 : 2.4.1	ELECTRONIC SIGNATURES AND INFRASTRUCTURES (ESI); POLICY REQUIREMENTS FOR CERTIFICATION AUTHORITIES ISSUING PUBLIC KEY CERTIFICATES
ISO/IEC 18033-4:2011	Information technology — Security techniques — Encryption algorithms — Part 4: Stream ciphers