NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions

595 bytes added , 11 May 2015

m

GPHemsley moved page Section 7: Cryptographic Key Management to NSSCryptoModuleSpec/Section 7: Cryptographic Key Management without leaving a redirect: NSSCryptoModuleSpec page

GPHemsley

canmove, Confirmed users, Bureaucrats and Sysops emeriti

960

edits

@@ Line 13: / Line 13: @@
 Status
 |-
-| '''Specification of all aspects of key management;'''<br> key material, key generation, key establishment, key entry and output, key storage, key zeroization, and key archiving.||
+| '''Specification of all aspects of key management;'''<br> key generation, key establishment, key entry and output, key storage, and key zeroization.||
-[http://wiki.mozilla.org/VE_07#VE.07.01.01 VE.07.01.01 ]  <br>
+[http://wiki.mozilla.org/VE_07#VE.07.03.01 VE.07.03.01 ]  <br>
 [http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]<br>
 through<br>
@@ Line 22: / Line 22: @@
 [http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]<br>
 [http://wiki.mozilla.org/VE_07#VE.07.40.01 VE.07.40.01 ]<br>
-[http://wiki.mozilla.org/VE_07#VE.07.41.01 VE.07.41.01 ]<br>
+[http://wiki.mozilla.org/VE_07#VE.07.41.01 VE.07.41.01 ]
-[http://wiki.mozilla.org/VE_07#VE.07.42.01 VE.07.42.01 ]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]<br> [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Zeroization Key Zeroization]
-|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]
 || draft
 |-
 | '''Description of key protection'''||
-[http://wiki.mozilla.org/VE_07#VE.07.02.01 VE.07.02.01 ]<br>
+[http://wiki.mozilla.org/VE_07#VE.07.01.01 VE.07.01.01 ]<br>
-[http://wiki.mozilla.org/VE_07#VE.07.03.01 VE.07.03.01 ]
+[http://wiki.mozilla.org/VE_07#VE.07.02.01 VE.07.02.01 ]
 || [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]
 || draft
 |-
-| '''Proof of FIPS approved key generation''' -<br>Provide a validation certificate from a NIST- accredited laboratory.||
+| '''Proof of FIPS approved key generation'''||
 [http://wiki.mozilla.org/VE_07#VE.07.11.01 VE.07.11.01 ]
-|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Generation]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
 || draft
 |-
-| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br>
+| '''Security of key generation method'''||
-[http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ]<br>
+[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]
-[http://wiki.mozilla.org/VE_07#VE.07.12.01 VE.07.12.01 ]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
-|| [http://wiki.mozilla.org/VE_07KeyMgmt RNG]
-|| draft
-|-
-| '''Random number generator test'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]
-||
 || draft
 |-
-| '''Proof/affirmation that key establishment is FIPS approved''' -<br>Provide documentation stating that the key establishment technique is FIPS-approved.
+| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ]
-|| [http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Random_Number_Generator RNG]
-|| The following FIPS Approved key establishment techniques listed in Annex D to FIPS PUB  140-2 are used: Diffie-Hellman (key agreement) and Key Wrapping using RSA keys.
 || draft
 |-
 | '''Documentation of means to ensure entity association of stored keys'''||
-[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]
+[http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]
-|| [http://wiki.mozilla.org/VE_07KeyMgmt Entity Association Assurance]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance]
 || draft
 |-
@@ Line 66: / Line 59: @@
 | '''Key generation methods employed by the cryptographic module'''||
 [http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ]
-|| (N/A)
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
 || draft
 |-
-| '''Key generation'''||
+| '''Key establishment'''
-[http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ]<br>
+|| [http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ]<br>
-[http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ]<br>
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Establishment_Techniques Key Establishment Techniques]
-[http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br>
+|| draft
-[http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ]<br>
+|-
+| '''Key entry and output methods'''||
+[http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.24.01 VE.07.24.01 ]<br>
 [http://wiki.mozilla.org/VE_07#VE.07.27.01 VE.07.27.01 ]<br>
-[http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ]<br>
+[http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ]
-[http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Entry_and_Output_Methods Key Entry and Output Methods]
-|| (N/A)
+|| draft
+|-
+| '''Documentation of means to ensure entity association of entered or output keys'''||
+[http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ]
+|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance]
+|| draft
+|-
+| '''Manual key entry test'''||
+[http://wiki.mozilla.org/VE_09#VE.09.40.01 VE.09.40.01 ]<br>
+[http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ]
+|| N/A. Manual key entry and output methods are not employed by the cryptographic module.
 || draft
 |-

NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions

NSSCryptoModuleSpec/Section 7: Cryptographic Key Management (view source)

Revision as of 12:03, 11 May 2015