198
edits
NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions
NSSCryptoModuleSpec/Section 7: Cryptographic Key Management (view source)
Revision as of 03:50, 18 February 2006
, 18 February 2006no edit summary
GlenBeasley (talk | contribs) No edit summary |
No edit summary |
||
| Line 8: | Line 8: | ||
Section | Section | ||
! | ! | ||
Assessment | |||
! | ! | ||
Status | Status | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.01.01 VE.07.01.01 ] || || | | Specification of all aspects of key management; key material, key generation, key distribution, key entry & output, key storage, key destruction, key archiving - 1.Key material: key types , function, format and how protected; 2. Key generation: generation process, types, & if generation algorithm is FIPS-approved; 3. Key distribution: technique, types distributed, if technique is FIPS-approved; 4. Key entry and output: use of manual or electronic entry/output, types of keys, procedures, and form (plaintext, encrypted, split knowledge) entered or output; 5. Key storage: types stored, where, and in what form; 6. Key destruction: technique, key types zeroized and why, security parameters zeroized and why, restrictions on when module can be zeroized; 7.Key archiving: technique, types archived, and whether encrypted for archiving|| [http://wiki.mozilla.org/VE_07#VE.07.01.01 VE.07.01.01 ] | ||
[http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ] | |||
thru | |||
[http://wiki.mozilla.org/VE_07#VE.07.11.01 VE.07.11.01 ] | |||
[http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ] | |||
[http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ] | |||
|| || | |||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.02.01 VE.07.02.01 ] || || | | Description of key protection - Describe protection of all secret and/or private keys from unauthorized disclosure, modification and substitution. Describe protection of all public keys from unauthorized modification and substitution.|| | ||
[http://wiki.mozilla.org/VE_07#VE.07.02.01 VE.07.02.01 ] | |||
[http://wiki.mozilla.org/VE_07#VE.07.03.01 VE.07.03.01 ] | |||
|| || | |||
|- | |- | ||
| || | | Proof of FIPS approved key generation - Provide a validation certificate from a NIST- accredited laboratory.|| || || | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ] || || | | Random number generator test - Provide 20, 000 consecutive bits from the random number generator for statistical testing per section 4.11 of FIPS PUB 140-1.|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ] || || | ||
|- | |- | ||
| | | Proof/affirmation that key distribution is FIPS approved - Provide a validation certificate issued by a NIST-accredited laboratory or provide written affirmation that the key distribution technique is FIPS-approved.|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ] || || | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ] || || | | || [http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ] || || | ||
| Line 33: | Line 38: | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ] || || | | || [http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ] || || | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ] || (N/A) || | | || [http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ] || (N/A) || | ||
|- | |- | ||
| || [http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ] || || | | || [http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ] || || | ||