Raytheon Company Public Key Infrastructure (PKI) Certificate Policy

More documents

Recommendations

Info

6 TECHNICAL SECURITY CONTROLS 6.1 Key Pair Generation and Installation 6.1.1 Key Pair Generation The following table provides the requirements for key pair generation for the various entities. Entity FIPS 140-1/2 Level Hardware or Software Same Module CA 3 Hardware Same RA 2 Hardware Same CSA 2 Hardware Same Code Signing 2 Hardware Same End Entity Signature or Authentication (mediumsoftware and medium- CBP-software) 1 Software No Requirement End Entity Encryption (medium-software and medium-CBP-software) End Entity Signature or Authentication (mediumhardware, medium- CBP-hardware and highhardware) End Entity Encryption (medium-hardware, medium-CBP-hardware and high-hardware) Server (medium-software and medium-CBP- software) Server (medium-hardware, medium-CBP-hardware, and high-hardware) 1 Software No Requirement 2 Hardware Same 2 Hardware No Requirement 1 Software 2 Hardware No Requirement Same Random numbers for medium-hardware, medium-CBP-hardware, and high-hardware assurance level keys shall be generated in FIPS 140 Level 2 validated hardware cryptographic modules. When private keys are not generated on the token to be used, originally generated private keys shall be destroyed after they have been transferred to the token. This does not prohibit the key generating modules to act as the key escrow module also. Multiparty control shall be used CA key pair generation, as specified in Section 5.2.2. CA key pair generation process shall create a verifiable audit trail that the security requirements for procedures were followed. The documentation of the procedure shall be detailed enough to 58 7/25/2011
show that appropriate role separation was used. The process shall be validated by an independent third party. 6.1.2 Private Key Delivery to Subscriber The CA shall generate their own key pair and therefore do not need private key delivery. If subscribers generate their own key pairs, then there is no need to deliver private keys, and this section does not apply. When CAs or RAs generate keys on behalf of the Subscriber, then the private key shall be delivered securely to the Subscriber. Private keys may be delivered electronically or may be delivered on a hardware cryptographic module. In all cases, the following requirements shall be met: � Anyone who generates a private signing key for a Subscriber shall not retain any copy of the key after delivery of the private key to the Subscriber. � The private key shall be protected from activation, compromise, or modification during the delivery process. � The Subscriber shall acknowledge receipt of the private key(s). � Delivery shall be accomplished in a way that ensures that the correct tokens and activation data are provided to the correct Subscribers. o For hardware modules, accountability for the location and state of the module shall be maintained until the Subscriber accepts possession of it. o For electronic delivery of private keys, the key material shall be encrypted using a cryptographic algorithm and key size at least as strong as the private key. Activation data shall be delivered using a separate secure channel. The CA or the RA shall maintain a record of the subscriber acknowledgement of receipt of the token. 6.1.3 Public Key Delivery to Certificate Issuer Where key pairs are generated by the Subscriber or RA, the public key and the Subscriber’s identity shall be delivered securely to the CA for certificate issuance. The delivery mechanism shall bind the Subscriber’s verified identity to the public key. If cryptography is used to achieve this binding, it shall be at least as strong as the CA keys used to sign the certificate. 6.1.4 CA Public Key Delivery to Relying Parties The public key of a trust anchor shall be provided to the subscribers acting as relying parties in a secure manner so that the trust anchor is not vulnerable to modification or substitution. Acceptable methods for delivery of trust anchor include but are not limited to: � The CA loading a trust anchor onto tokens delivered to subscribers via secure mechanisms; � Secure distribution of a trust anchor through secure out-of-band mechanisms; � Comparison of certificate hash (fingerprint) against trust anchor hash made available via authenticated out-of-band sources (note that fingerprints or hashes posted in-band along with the certificate are not acceptable as an authentication mechanism); or � Loading trust anchor from web sites secured with a currently valid certificate of equal or greater assurance level than the certificate being downloaded and the trust anchor is not in the certification chain for the Web site certificate. 59 7/25/2011
Page 1 and 2:
Raytheon Company Public Key Infrast
Page 3 and 4:
Table of Contents 1 INTRODUCTION ..
Page 5 and 6:
4.6.7 Notification of Certificate I
Page 7 and 8: 5.4.8 Vulnerability Assessments ...
Page 9 and 10: 9 OTHER BUSINESS AND LEGAL MATTERS
Page 11 and 12: 1 INTRODUCTION This Certificate Pol
Page 13 and 14: 1.1.3 Scope The following diagram r
Page 15 and 16: 1. The CAs asserting id-raytheon-SH
Page 17 and 18: approval of the PMA. The ROA activi
Page 19 and 20: � Raytheon employees and eligible
Page 21 and 22: 1.5 Policy Administration 1.5.1 Org
Page 23 and 24: 3.1 Naming 3 IDENTIFICATION & AUTHE
Page 25 and 26: establishing how the applicant is k
Page 27 and 28: 4. The Identity Verifier shall reco
Page 29 and 30: 3.3.1 Identification and Authentica
Page 31 and 32: For subscriber certificates, the pr
Page 33 and 34: 4.3.1 CA Actions during Certificate
Page 35 and 36: 4.7.4 Notification of New Certifica
Page 37 and 38: Any CA may unilaterally revoke anot
Page 39 and 40: 4.9.8 Maximum Latency for CRLs The
Page 41 and 42: 4.12.2 Session Key Encapsulation an
Page 43 and 44: depart shall initial a sign-out she
Page 45 and 46: � Performing or overseeing intern
Page 47 and 48: � Be trustworthy; � Have no oth
Page 49 and 50: administrative documents (e.g., Adm
Page 51 and 52: REVOCATION PROFILE MANAGEMENT Audit
Page 53 and 54: It is acceptable for the system to
Page 55 and 56: 5.6 Key Changeover A CA uses a sign
Page 57: If a RA signature keys are compromi
Page 61 and 62: Hashing: Cryptographic Function Has
Page 63 and 64: 6.2 Private Key Protection and Cryp
Page 65 and 66: 6.3 Other Aspects of Key Management
Page 67 and 68: � All hardware must be shipped or
Page 69 and 70: 7 CERTIFICATE, CRL AND OCSP PROFILE
Page 71 and 72: When multiple values exist for an a
Page 73 and 74: 8 COMPLIANCE AUDIT AND OTHER ASSESS
Page 75 and 76: 9.1 Fees 9 OTHER BUSINESS AND LEGAL
Page 77 and 78: � There are no material misrepres
Page 79 and 80: � Ensure that certificate and rev
Page 81 and 82: as a termination of this CP unless
Page 83 and 84: enforce the agreement to arbitrate,
Page 85 and 86: 10 CERTIFICATE, CRL, AND OCSP FORMA
Page 87 and 88: Field Value Policy Mapping For SHA-
Page 89 and 90: 10.3 Raytheon Root CA Certificate (
Page 91 and 92: 91 7/25/2011
Page 93 and 94: 10.6 Medium Assurance Signing CA Ce
Page 95 and 96: Field Value Entrust Version Info c=
Page 97 and 98: 10.9 Medium Assurance Code Signing
Page 99 and 100: Field Value Entrust Version Info En
Page 101 and 102: 10.12 Medium Assurance Domain Contr
Page 103 and 104: 10.13 Medium Assurance Role Signatu
Page 105 and 106: 10.15 OCSP Responder Certificate Th
Page 107 and 108: 10.17 Medium Assurance CA CRL Forma
Page 109 and 110:
11 PKI REPOSITORY INTEROPERABILITY
Page 111 and 112:
BIBLIOGRAPHY The following document
Page 113 and 114:
HTTP Hypertext Transfer Protocol IA
Page 115 and 116:
13 GLOSSARY Access Ability to make
Page 117 and 118:
Client (application) A system entit
Page 119 and 120:
Non-Repudiation Assurance that the
Page 121 and 122:
other CA. (See superior CA). Subscr
show all

Raytheon Company Public Key Infrastructure (PKI) Certificate Policy

Create successful ePaper yourself

Delete template?

Save as template?