NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| Line 66: | Line 66: | ||
| '''Key generation methods employed by the cryptographic module'''|| | | '''Key generation methods employed by the cryptographic module'''|| | ||
[http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ] | [http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ] | ||
|| | || | ||
|| draft | |||
|- | |||
| '''Key entry and output methods'''|| | |||
[http://wiki.mozilla.org/VE_07#VE.07.27.01 VE.07.27.01 ]<br> | |||
[http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ] | |||
|| N/A. Neither manual nor electronic key entry and output methods are employed by the cryptographic module. | |||
|| draft | |||
|- | |||
| '''Manual key entry test'''|| | |||
[http://wiki.mozilla.org/VE_09#VE.09.40.01 VE.09.40.01 ]<br> | |||
[http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ] | |||
|| N/A. Manual key entry and output methods are not employed by the cryptographic module. | |||
|| draft | || draft | ||
|- | |- | ||
| Line 74: | Line 86: | ||
[http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br> | [http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br> | ||
[http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ]<br> | [http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ]<br> | ||
[http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ] | [http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ] | ||
|| (N/A) | || (N/A) | ||
Revision as of 00:13, 9 May 2006
This is a draft document
|
Document Description |
DTR Section |
Assessment |
Status |
|---|---|---|---|
| Specification of all aspects of key management; key material, key generation, key establishment, key entry and output, key storage, key zeroization, and key archiving. |
VE.07.01.01 |
Key Management | draft |
| Description of key protection | Key Management | draft | |
| Proof of FIPS approved key generation - Provide a validation certificate from a NIST- accredited laboratory. |
Key Generation | draft | |
| Random number generator description | VE.07.09.01 |
RNG | draft |
| Random number generator test | VE.07.08.01 | draft | |
| Proof/affirmation that key establishment is FIPS approved - Provide documentation stating that the key establishment technique is FIPS-approved. |
VE.07.17.01 | The following FIPS Approved key establishment techniques listed in Annex D to FIPS PUB 140-2 are used: Diffie-Hellman (key agreement) and Key Wrapping using RSA keys. | draft |
| Documentation of means to ensure entity association of stored keys | Entity Association Assurance | draft | |
| Output of intermediate key generation values | No intermediate key generation values are output from the cryptographic module upon completion of the key generation process. | draft | |
| Key generation methods employed by the cryptographic module | draft | ||
| Key entry and output methods | N/A. Neither manual nor electronic key entry and output methods are employed by the cryptographic module. | draft | |
| Manual key entry test | N/A. Manual key entry and output methods are not employed by the cryptographic module. | draft | |
| Key generation | (N/A) | draft |
Return to: NSSCryptoModuleSpec