IDRBT-CPS-v3

Recommendations

Info

6.1.6. Public key parameters generation ................................................................................... 756.1.7. Parameter quality checking .............................................................................................. 756.1.8. Hardware/software key generation ................................................................................ 756.1.9. Key usage purposes ........................................................................................................... 756.2. Private Key Protection .............................................................................................................. 766.2.1. Standards for cryptographic module .............................................................................. 766.2.2. Private key (n out of m) multi-person control ............................................................... 766.2.3. Private key escrow ............................................................................................................. 766.2.4. Private key backup ............................................................................................................ 766.2.5. Private key archival ........................................................................................................... 776.2.6. Private key entry into cryptographic module ................................................................ 776.2.7. Method of activating private key .................................................................................... 776.2.8. Method of deactivating private key ................................................................................ 776.2.9. Method of destroying private key ................................................................................... 786.3. Other Aspects of Key Pair Management ................................................................................ 786.3.1. Public key archival ............................................................................................................ 786.3.2. Usage periods for the public and private keys .............................................................. 786.4. Activation Data .......................................................................................................................... 796.4.1. Activation data generation and installation ................................................................... 796.4.2. Activation data protection ................................................................................................ 796.5. Computer Security Controls .................................................................................................... 796.5.1. Specific computer security technical requirements....................................................... 796.5.2. Computer security rating ................................................................................................. 796.6. Life Cycle Technical Controls .................................................................................................. 796.6.1. System development controls .......................................................................................... 796.6.2. Security management controls ......................................................................................... 796.6.3. Life cycle security ratings ................................................................................................. 796.7. Network Security Controls ....................................................................................................... 806.8. Cryptographic Module Engineering Controls ....................................................................... 807. Certificate and CRL Profiles ............................................................................................ 817.1. Certificate profile ....................................................................................................................... 817.1.1. Version number(s) ............................................................................................................. 817.1.2. Certificate extensions ........................................................................................................ 827.1.2.1 Key Usage ............................................................................................................... 827.1.2.2 Certificate Policies Extension ............................................................................... 827.1.2.3 Subject Alternative Names ................................................................................... 837.1.2.4 Basic Constraints .................................................................................................... 837.1.2.5 Enhanced Key Usage ............................................................................................. 837.1.2.6 CRL Distribution Points ....................................................................................... 837.1.2.7 Authority Key Identifier ....................................................................................... 847.1.2.8 Subject Key Identifier ............................................................................................ 847.1.3. Algorithm Identifiers ........................................................................................................ 847.1.4. Names forms ...................................................................................................................... 847.1.5. Name Constraints .............................................................................................................. 857.1.6. IDRBT CA Certificate Profile ........................................................................................... 857.2. CRL Profile ................................................................................................................................. 867.2.1. Version number(s) ............................................................................................................. 877.2.2. CRL entry extensions ........................................................................................................ 877.2.3. IDRBT CA CRL Profile ...................................................................................................... 87IDRBT CA CPS Version 3.2, Copyright © IDRBT, 2002-2015xviIDRBTCA/DOC/CPS/3.2
8. Specification Administration ........................................................................................... 888.1. Specification Change procedures ............................................................................................ 888.1.1. Items that can change without Notification ................................................................... 888.1.2. Items that can change with Notification ......................................................................... 888.1.2.1 List of Items ............................................................................................................ 898.1.2.2 Notification Mechanism ....................................................................................... 898.2. Publication and notification ..................................................................................................... 898.2.1. Items Not Published in the CPS ....................................................................................... 898.2.2. Distribution of the CPS ..................................................................................................... 898.3. CPS approval procedures ......................................................................................................... 899. APPENDIX ............................................................................................................................. 909.1 Subscriber Application Form ................................................................................................... 919.2 Certificate Revocation/Suspension/Activation Form ............................................................ 939.3 Subscriber Agreement (sample) .............................................................................................. 949.4 Relying Party Agreement ......................................................................................................... 999.5 Document Master List ............................................................................................................. 10310. Glossary ............................................................................................................................. 104IDRBT CA CPS Version 3.2, Copyright © IDRBT, 2002-2015xviiIDRBTCA/DOC/CPS/3.2
Page 1 and 2: IDRBT CA CPSIDRBT CA CERTIFICATION
Page 3 and 4: Amendment CertificateVersion No.Des
Page 5 and 6: _DEFINITIONSThe following definitio
Page 7 and 8: "key pair", in an asymmetric crypto
Page 9 and 10: An Executive summary of CPS, the RI
Page 11 and 12: LIST OF ACRONYMS AND ABBREVIATIONSC
Page 13 and 14: 2.6. Fees .........................
Page 15: 4.7.4. Protection of audit log ....
Page 19 and 20: Certificate SuspensionCertificate A
Page 21 and 22: IDRBT CA does not assume, and discl
Page 23 and 24: This policy is valid from the date
Page 25 and 26: Review CommitteeIDRBT CA Review Com
Page 27 and 28: 1.5. Amendment ProcedureAs new stan
Page 29 and 30: Generate its Signing key pair and p
Page 31 and 32: Submitting their public keys in the
Page 33 and 34: information at all times and provid
Page 35 and 36: Take back up of current operating s
Page 37 and 38: ClassLiability CapsClass 1 Rs. 20/-
Page 39 and 40: Deception or misrepresentation of f
Page 41 and 42: supplemented, modified, or terminat
Page 43 and 44: repositories, as determined by the
Page 45 and 46: Security Policy and PlanningTechnol
Page 47 and 48: The date, time and period of certif
Page 49 and 50: 2.10.1.2 CertificateThe IDRBT CA re
Page 51 and 52: postal address and the e-mail addre
Page 53 and 54: The Class 3 Certificate is intended
Page 55 and 56: 3Subject Alternative Name• Subjec
Page 57 and 58: 3. IDENTIFICATION AND AUTHENTICATIO
Page 59 and 60: be conducted by an authorized Regis
Page 61 and 62: E-mail id is the e-mail id of the a
Page 63 and 64: 3.3. Routine RekeyIDRBT CA Certific
Page 65 and 66: In case of Class 3 application, the
Page 67 and 68:
Web Server Certificate:Same as Clas
Page 69 and 70:
Organization Unit, Postal Code of t
Page 71 and 72:
When advice is received that the ce
Page 73 and 74:
4.5.1. S/MIME EncryptionThe sender
Page 75 and 76:
The Subscriber has breached or fail
Page 77 and 78:
To process a suspension request ini
Page 79 and 80:
4.6.15. Key compromiseAfter Key com
Page 81 and 82:
4.8.4. Archive backup procedureIDRB
Page 83 and 84:
4.10.2. IDRBT CA key compromiseUpon
Page 85 and 86:
4.12. Cross CertificationCross Cert
Page 87 and 88:
End Entity should not leave their c
Page 89 and 90:
5.3. Personnel Controls5.3.1. Backg
Page 91 and 92:
6. TECHNICAL SECURITY CONTROLSThis
Page 93 and 94:
6.2. Private Key ProtectionIDRBT CA
Page 95 and 96:
RA and Subscriber private keys may
Page 97 and 98:
6.7. Network Security ControlsIDRBT
Page 99 and 100:
7.1.2. Certificate extensionsThe fo
Page 101 and 102:
7.1.2.7 Authority Key IdentifierIDR
Page 103 and 104:
Extended Key Usage SyntaxKey Purpos
Page 105 and 106:
8. SPECIFICATION ADMINISTRATIONThis
Page 107 and 108:
9 APPENDIXIDRBT CA CPS Version 3.2,
Page 109 and 110:
DECLARATION AND UNDERTAKING BY THE
Page 111 and 112:
9.3 Subscriber Agreement (sample)Th
Page 113 and 114:
5. to use Keys and Digital Certific
Page 115 and 116:
Inform the Registration Authority i
Page 117 and 118:
http://idrbtca.org.in/cps.html and
Page 119 and 120:
IDRBT CA or verifying the revocatio
Page 121 and 122:
10 GLOSSARYApplicantAn Applicant is
Page 123 and 124:
Certifying Authority (CA)A person w
Page 125 and 126:
IdentityA unique piece of informati
Page 127 and 128:
Public Key CryptographyA type of cr
Page 129:
Trusted PositionA role that include
show all

IDRBT-CPS-v3

Create successful ePaper yourself

Delete template?

Save as template?