GB/T 29241-2012 English PDF

US$1609.00 · In stock
Delivery: <= 10 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 29241-2012: Information security technology -- Public key infrastructure -- PKI interoperability evaluation criteria
Status: Valid

Standard ID	USD	BUY PDF	Lead-Days	Standard Title (Description)	Status
GB/T 29241-2012	1609	Add to Cart	10 days	Information security technology -- Public key infrastructure -- PKI interoperability evaluation criteria	Valid

Similar standards

GB/T 29246   GB/T 28458   GB/T 28454   GB/T 29244   GB/T 29240   

Basic data

Standard ID: GB/T 29241-2012 (GB/T29241-2012)
Description (Translated English): Information security technology -- Public key infrastructure -- PKI interoperability evaluation criteria
Sector / Industry: National Standard (Recommended)
Classification of Chinese Standard: L80
Classification of International Standard: 35.040
Word Count Estimation: 73,754
Quoted Standard: GB/T 16264.8-2005; GB/T 19713-2005; GB/T 20518-2006; GM/T 0003-2012; GM/T 0004-2012; RFC 3647; RFC 3709; RFC 3779; RFC 4059; RFC 4334; RFC 4387; RFC 4523; RFC 5280
Regulation (derived from): National Standards Bulletin No. 41 of 2012
Issuing agency(ies): General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary: This standard specifies the PKI and PKI applications interoperability level five, completed the hierarchical PKI interoperability assessment criteria for the PKI and PKI applications provide interoperability rating basis. This standard applies to the need

GB/T 29241-2012: Information security technology -- Public key infrastructure -- PKI interoperability evaluation criteria

---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security technology. Public key infrastructure. PKI interoperability evaluation criteria ICS 35.040 L80 National Standards of People's Republic of China Information security technology - Public key infrastructure PKI Interoperability assessment guidelines Issued on. 2012-12-31 2013-06-01 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released

Table of Contents

Introduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 2 5 Evaluation Model 3 5.1 PKI interoperability 3 5.2 assess the object 3 5.3 interoperability assessment 3 5.4 interoperability capability grading 4 Operating Principles 6 6 evaluate the content 6.1 First level. correct format class 6 6.2 Second stage. stage 10 content clearly 6.3 Third level. fully functional stage 17 6.4 Fourth level. the implementation of a standardized level 26 6.5 Fifth Grade. Security audit stage 32 Appendix A (normative appendix) PKI system to assess the content list 35 Appendix B (Normative Appendix) PKI applications to assess the content list 57

Foreword

This standard was drafted in accordance with GB/T 1.1-2009 rules. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. This standard was drafted. Data protection and Communication Research and Education Center Chinese Academy of Sciences, Chan Ka Electronic Technology (Beijing) Co., Ltd. The main drafters of this standard. Jingji Wu, PIDM Qing, Lin Jing Qiang, check Darren, Wu Jingjing, Zhang Fan, Wang Ping was built.

Introduction

PKI system as a universal security infrastructure, while providing security services for a variety of applications. PKI provides security through Full service information, PKI applications available authenticity, confidentiality, integrity, non-repudiation security services. Since the PKI system design and construction, operation and maintenance of standards and norms are based with greater flexibility and freedom optional application Service data obtained from the PKI system also has some uncertainty. Private Extension extensive use of certificates and certificate policy of undetermined significance Indeed, revocation status information is not comprehensive and other issues will affect the use of security services, and even cause the application without access to safe services. Said Q Questions for cross-domain PKI transaction is particularly prominent. Because cross-domain application of PKI and PKI systems are usually designed by different manufacturers or developers Personnel to achieve, both to understand and use for a variety of services, inconsistent data more obvious, leading to interoperability between the two is difficult, difficult to obtain Security services. When the PKI system interoperability, we must consider the PKI system provides service information security level of cross-domain PKI applications, but also PKI PKI is a system and interoperability between applications. For more cross-domain applications to provide comprehensive security service information is PKI The system's ability to optimize and improve interoperability goals. If the PKI system is limited to providing services to a particular minority PKI app, The PKI system is difficult to be effective in the interconnection. As a security infrastructure, PKI system should be for a variety of applications, mining Take effective measures to improve interoperability, to do a comprehensive security infrastructure for network communications. On the other hand, users will want their own PKI Applications to the PKI system with more interoperability, the ability to obtain security services from a variety of electronic authentication services. This standard takes into account a variety of PKI security services related to information and its performance. PKI system provides security services is to generate each way Related topics kind of certificates, including. certificates, certificate revocation status information, certificate policy and certification service statements. PKI is the use of the application Said information access to safe services. Security service information in the correct format settings, whether expressly Expression, reflected is perfect, exercise Whether the procedure for execution by standardization, reliability of sources of information and other issues will affect the provision of security services. This standard is applied separately from the two aspects of systems PKI and PKI, interoperability is proposed assessment criteria graded. A high level of PKI System, it is possible to more PKI applications to provide a more comprehensive and reliable security services. A high level of PKI applications from more of PKI system EC gets more comprehensive security services. This standard interoperability through hierarchical evaluation system for the PKI and PKI applications have pointed out the direction of improvement, will contribute to the construction and opening Made with full interoperability of PKI systems and applications, so as to fully interconnected PKI system, for the final formation of a unified certification System to lay a solid foundation. Information security technology - Public key infrastructure PKI Interoperability assessment guidelines

1 Scope

This standard specifies the PKI system and PKI application interoperability grade five, complete hierarchical PKI Interoperability Assessment Guidelines for the PKI system and PKI applications based on interoperability level assessment. This standard applies to the need for cross-border interoperability of PKI systems and PKI applications, can be used for PKI and PKI applications systems design, Development, manufacturing, procurement, testing, evaluation, use other processes.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB/T 16264.8-2005 Information technology - OSI Directory - Part 8. a public key and attribute certificate frameworks GB/T 19713-2005 Information technology - Security techniques Public Key Infrastructure Online Certificate Status Protocol GB/T 20518-2006 Information security technology - Public key infrastructure - Digital certificate format GM/T 0003-2012 SM2 elliptic curve public-key cryptography algorithm GM/T 0004-2012 SM3 cryptographic hash algorithm RFC3647 Internet X.509 Public Key Infrastructure. Certificate Policy and Certification Service Framework (InternetX.509PublicKey Infrastructure. CertificatePolicyandCertificationPracticesFramework) RFC3709 Internet X.509 Public Key Infrastructure. X.509 certificate logo (InternetX.509PublicKeyInfra- structure. LogotypesinX.509Certificates) X.509 certificate RFC3779 for IP addresses and AS identifiers extensions (X.509ExtensionsforIPAddressesand ASIdentifiers) RFC4059 Internet X.509 Public Key Infrastructure. Certificate extended warranty information (InternetX.509PublicKeyInfra- structure. WarrantyCertificateExtension) RFC4334 support Point to Point Protocol (PPP) and wireless local area network (WLAN) authentication certificate extensions and attributes [Certificate ExtensionsandAttributesSupportingAuthenticationinPoint-to-PointProtocol (PPP) andWireless LocalAreaNetworks (WLAN)] RFC4387 Internet X.509 Public Key Infrastructure Operating Protocol. HTTP access through certificate store (InternetX.509 PublicKeyInfrastructureOperationalProtocols. CertificateStoreAccessviaHTTP) Lightweight Directory Access Protocol RFC4523 for X.509 certificates (LDAP) schema definition (LightweightDirectoryAc- cessProtocol (LDAP) SchemaDefinitionsforX.509Certificates) RFC5280 Internet X.509 Public Key Infrastructure. Certificate and Certificate Revocation List (CRL) Summary (InternetX.509Public KeyInfrastructure. CertificateandCertificateRevocationList (CRL) Profile)

3 Terms and Definitions

GB/T 16264.8-2005 and as defined in the following terms and definitions apply to this document. ......

Image     

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 29241-2012_English be delivered?

Answer: Upon your order, we will start to translate GB/T 29241-2012_English as soon as possible, and keep you informed of the progress. The lead time is typically 6 ~ 10 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 29241-2012_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 29241-2012_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to Sales@ChineseStandard.net. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.