NSSCryptoModuleSpec/Section 7: Cryptographic Key Management: Difference between revisions

From MozillaWiki
Jump to navigation Jump to search
No edit summary
No edit summary
Line 1: Line 1:
''This is a draft document''
{| border="1" cellpadding="2"
|+
|-
!
Document Description
!
DTR
Section
!
Assessment
!
Status
|-
| '''Specification of all aspects of key management;'''<br> key generation, key establishment, key entry and output, key storage, and key zeroization.||
[http://wiki.mozilla.org/VE_07#VE.07.03.01 VE.07.03.01 ]  <br>
[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]<br>
through<br>
[http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.24.01 VE.07.24.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.40.01 VE.07.40.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.41.01 VE.07.41.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]<br> [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Zeroization Key Zeroization]
|| draft
|-
| '''Description of key protection'''||
[http://wiki.mozilla.org/VE_07#VE.07.01.01 VE.07.01.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.02.01 VE.07.02.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt Key Management]
|| draft
|-
| '''Proof of FIPS approved key generation'''||
[http://wiki.mozilla.org/VE_07#VE.07.11.01 VE.07.11.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
|| draft
|-
| '''Security of key generation method'''||
[http://wiki.mozilla.org/VE_07#VE.07.13.01 VE.07.13.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
|| draft
|-
| '''Random number generator description'''|| [http://wiki.mozilla.org/VE_07#VE.07.08.01 VE.07.08.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.09.01 VE.07.09.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.10.01 VE.07.10.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Random_Number_Generator RNG]
|| draft
|-
| '''Documentation of means to ensure entity association of stored keys'''||
[http://wiki.mozilla.org/VE_07#VE.07.39.01 VE.07.39.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance]
|| draft
|-
| '''Output of intermediate key generation values'''||
[http://wiki.mozilla.org/VE_07#VE.07.15.01 VE.07.15.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.15.02 VE.07.15.02 ]
|| No intermediate key generation values are output from the cryptographic module upon completion of the key generation process.
|| draft
|-
| '''Key generation methods employed by the cryptographic module'''||
[http://wiki.mozilla.org/VE_07#VE.07.16.01 VE.07.16.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Generation Key Generation]
|| draft
|-
| '''Key establishment'''
|| [http://wiki.mozilla.org/VE_07#VE.07.17.01 VE.07.17.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.18.01 VE.07.18.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.19.01 VE.07.19.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.21.01 VE.07.21.01 ]<br>
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Establishment_Techniques Key Establishment Techniques]
|| draft
|-
| '''Key entry and output methods'''||
[http://wiki.mozilla.org/VE_07#VE.07.23.01 VE.07.23.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.24.01 VE.07.24.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.27.01 VE.07.27.01 ]<br>
[http://wiki.mozilla.org/VE_07#VE.07.28.01 VE.07.28.01 ]<br> [http://wiki.mozilla.org/VE_07#VE.07.29.01 VE.07.29.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Key_Entry_and_Output_Methods Key Entry and Output Methods]
|| draft
|-
| '''Documentation of means to ensure entity association of entered or output keys'''||
[http://wiki.mozilla.org/VE_07#VE.07.25.01 VE.07.25.01 ]
|| [http://wiki.mozilla.org/VE_07KeyMgmt#Entity_Association_Assurance Entity Association Assurance]
|| draft
|-
| '''Manual key entry test'''||
[http://wiki.mozilla.org/VE_09#VE.09.40.01 VE.09.40.01 ]<br>
[http://wiki.mozilla.org/VE_09#VE.09.40.02 VE.09.40.02 ]
|| N/A. Manual key entry and output methods are not employed by the cryptographic module.
|| draft
|-
|}


Return to: [[NSSCryptoModuleSpec]]

Revision as of 19:23, 9 March 2007

This is a draft document

Document Description

DTR Section

Assessment

Status

Specification of all aspects of key management;
key generation, key establishment, key entry and output, key storage, and key zeroization.

VE.07.03.01
VE.07.13.01
through
VE.07.17.01
VE.07.19.01
VE.07.24.01
VE.07.39.01
VE.07.40.01
VE.07.41.01

Key Management
Key Zeroization 		draft
Description of key protection

VE.07.01.01
VE.07.02.01

Key Management draft
Proof of FIPS approved key generation

VE.07.11.01

Key Generation draft
Security of key generation method

VE.07.13.01

Key Generation draft
Random number generator description VE.07.08.01
VE.07.09.01
VE.07.10.01 		RNG draft
Documentation of means to ensure entity association of stored keys

VE.07.39.01

Entity Association Assurance draft
Output of intermediate key generation values

VE.07.15.01
VE.07.15.02

No intermediate key generation values are output from the cryptographic module upon completion of the key generation process. draft
Key generation methods employed by the cryptographic module

VE.07.16.01

Key Generation draft
Key establishment VE.07.17.01
VE.07.18.01
VE.07.19.01
VE.07.21.01
Key Establishment Techniques draft
Key entry and output methods

VE.07.23.01
VE.07.24.01
VE.07.27.01
VE.07.28.01
VE.07.29.01

Key Entry and Output Methods draft
Documentation of means to ensure entity association of entered or output keys

VE.07.25.01

Entity Association Assurance draft
Manual key entry test

VE.09.40.01
VE.09.40.02

N/A. Manual key entry and output methods are not employed by the cryptographic module. draft

Return to: NSSCryptoModuleSpec

Retrieved from "https://wiki.allizom.org/index.php?title=NSSCryptoModuleSpec/Section_7:_Cryptographic_Key_Management&oldid=51335"