NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions

no edit summary
No edit summary
No edit summary
Line 1: Line 1:
''This is a draft document''
{| border="1" cellpadding="2"
|+
|-
!
Document Description
!
DTR
Section
!
Assessment
!
Status
|-
| '''Specification of all aspects of key management;'''<br> key generation, key establishment, key entry and output, key storage, and key zeroization.||
[http://wiki.mozilla.org/VE_07#VE.07.03.01 VE.07.03.01 ]  <br>
[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]<br>
through<br>
[http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.24.01 VE.07.24.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.40.01 VE.07.40.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.41.01 VE.07.41.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]<br> [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Zeroization Key Zeroization]
|| draft
|-
| '''Description of key protection'''||
[http://wiki.mozilla.org/VE_07#VE.07.01.01 VE.07.01.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.02.01 VE.07.02.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]
|| draft
|-
| '''Proof of FIPS approved key generation'''||
[http://wiki.mozilla.org/VE_07#VE.07.11.01 VE.07.11.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
|| draft
|-
| '''Security of key generation method'''||
[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
|| draft
|-
| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Random_Number_Generator RNG]
|| draft
|-
| '''Documentation of means to ensure entity association of stored keys'''||
[http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance]
|| draft
|-
| '''Output of intermediate key generation values'''||
[http://wiki.mozilla.org/VE_07#VE.07.15.01 VE.07.15.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.15.02 VE.07.15.02 ]
|| No intermediate key generation values are output from the cryptographic module upon completion of the key generation process.
|| draft
|-
| '''Key generation methods employed by the cryptographic module'''||
[http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
|| draft
|-
| '''Key establishment'''
|| [http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ]<br>
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Establishment_Techniques Key Establishment Techniques]
|| draft
|-
| '''Key entry and output methods'''||
[http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.24.01 VE.07.24.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.27.01 VE.07.27.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Entry_and_Output_Methods Key Entry and Output Methods]
|| draft
|-
| '''Documentation of means to ensure entity association of entered or output keys'''||
[http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance]
|| draft
|-
| '''Manual key entry test'''||
[http://wiki.mozilla.org/VE_09#VE.09.40.01 VE.09.40.01 ]<br>
[http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ]
|| N/A. Manual key entry and output methods are not employed by the cryptographic module.
|| draft
|-
|}


Return to: [[NSSCryptoModuleSpec]]
canmove, Confirmed users
937

edits