HOME   Cart(0)   Quotation   About-Us Policy PDFs Standard-List
www.ChineseStandard.net Database: 189759 (26 Oct 2025)

GB/T 31508-2015 English PDF

US$1029.00 · In stock
Delivery: <= 7 days. True-PDF full-copy in English will be manually translated and delivered via email.
GB/T 31508-2015: Information security techniques -- Public key infrastructure -- Digital certificate policies classification and grading specification
Status: Valid
Standard IDContents [version]USDSTEP2[PDF] delivered inStandard Title (Description)StatusPDF
GB/T 31508-2015English1029 Add to Cart 7 days [Need to translate] Information security techniques -- Public key infrastructure -- Digital certificate policies classification and grading specification Valid GB/T 31508-2015

PDF similar to GB/T 31508-2015


Standard similar to GB/T 31508-2015

GB/T 31505   GB/T 31722   GB/T 31509   GB/T 31500   GB/T 31506   

Basic data

Standard ID GB/T 31508-2015 (GB/T31508-2015)
Description (Translated English) Information security techniques -- Public key infrastructure -- Digital certificate policies classification and grading specification
Sector / Industry National Standard (Recommended)
Classification of Chinese Standard L80
Classification of International Standard 35.040
Word Count Estimation 49,423
Date of Issue 2015-05-15
Date of Implementation 2016-01-01
Quoted Standard GB/T 20518-2006; GB/T 26855-2011; GB/T 29241-2012
Regulation (derived from) National Standard Announcement 2015 No. 15
Issuing agency(ies) General Administration of Quality Supervision, Inspection and Quarantine of the People's Republic of China, Standardization Administration of the People's Republic of China
Summary This Standard specification of the eight kinds of digital certificate policy. This Standard applies to digital certificates of electronic commerce and the public services involved.

GB/T 31508-2015: Information security techniques -- Public key infrastructure -- Digital certificate policies classification and grading specification


---This is a DRAFT version for illustration, not a final translation. Full copy of true-PDF in English version (including equations, symbols, images, flow-chart, tables, and figures etc.) will be manually/carefully translated upon your order.
Information security techniques. Public key infrastructure. Digital certificate policies classification and grading specification ICS 35.040 L80 National Standards of People's Republic of China Information security technology - Public key infrastructure Digital certificate policy specification classification and grading Issued on. 2015-05-15 2016-01-01 implementation Administration of Quality Supervision, Inspection and Quarantine of People's Republic of China Standardization Administration of China released

Table of Contents

Introduction Ⅲ Introduction Ⅳ 1 Scope 1 2 Normative references 1 3 Terms and definitions 4 Abbreviations 3 5 Overview 3 6 certificate database and information dissemination responsibilities 6 7 identity and identification 7 8 Certificate Lifecycle Operational requirements 12 9 facilities, management and operation of control 20 Technical security controls 31 10 11 certificates, certificate revocation lists, and Online Certificate Status Protocol 43 12 compliance audits and assessments related to 43

Foreword

This standard was drafted in accordance with GB/T 1.1-2009 given rules. Please note that some of the content of this document may involve patents. Release mechanism of the present document does not assume responsibility for the identification of these patents. This standard by the National Safety Standardization Technical Committee (SAC/TC260) and focal points. This standard was drafted. CAS data protection and Communication Research and Education Center, Beijing digital certificate authentication center Co., Ltd., Chinese Academy of Sciences software. The main drafters of this standard. Jingji Wu, high-energy, Jing Lin Qiang, Wang Zhan, PIDM celebration to continue, Wangyue Wu, Xia Luning, check Darren, Ping Jian, Wang Qiongxiao, Zhan Banghua, even a peak.

Introduction

Entity uses electronic authentication services for electronic transactions primarily concerned with two questions. First, what is a legitimate public key trading partners; the second is Security of transactions subject digital certificates can be used in this transaction. To reflect the second aspect of the information contained in a digital certificate by the Certificate Policy electronic authentication services provide identification, which indicates the certificate holder (the public key corresponding to the user) security attributes. digital Relying party certificate can be assessed degree of safety certificate by reading the corresponding certificate policy document for proper use of or reliance on the certificate (Eg. only for testing, or only used to access the network, or can be used for financial transactions and $ 100,000 guarantee). Therefore, the certificate policy Implementation is an indispensable part of the practical application of digital certificates is one of the foundations of hierarchical reliable electronic authentication services provided. At present, the digital certificates of electronic authentication services contain content certificate issued no policy, that the certificate did not specify the public Key can be applied to what the scene for what kind of security needs. This leads the user certificate for the purpose of the certificate is very confused, Limiting the widespread use of digital certificates. In addition, the lack of use of digital certificates or quality standards, each of the electronic certification services permit Bookmark issued security measures (such as. the certificate issuance process of identification, physical security equipment, liability and payment, etc.) there is a big gap. This inconsistency has led to a lot of confusion certificate relying parties, hindering the digital certificate of inter-regional cross-industry applications, limiting the application directly Obtain security information certificate, the certificate is automatically verified. Standardized certificate policy enables the user to clearly recognize the certificate Quality and safety thoroughfare, designed to facilitate the development of application systems. Therefore, the certificate policies to regulate and standardize is to promote e-commerce, electronic An important step in the interconnection between the sub-government system. By standardizing the design of digital certificate policy hierarchical classification specification certificate policy, you can plan a rating of electronic authentication service market The multi-level quality of service system, for different application systems to achieve appropriate security services, so as to promote among electronic certification service agencies Healthy competition, improve service quality, and promote the orderly development of electronic authentication service market. In addition, with the hierarchical classification certificate policy of gradual Implementation, but also can promote the standardization of electronic certification service providers Evaluation and Authorisation of work, namely the review of electronic authentication service Really Press According to its certificate policy requirements specification to operate, whether to provide appropriate security, which is an important certificate policy of Classification System Construction significance. Information security technology - Public key infrastructure Digital certificate policy specification classification and grading

1 Scope

The standard classification and grading by way of standardized electronic certification services for commercial transactions, equipment and public services in eight Digital certificate policy. This standard applies to digital certificates of electronic commerce and the public services involved.

2 Normative references

The following documents for the application of this document is essential. For dated references, only the dated version suitable for use herein Member. For undated references, the latest edition (including any amendments) applies to this document. GB/T 20518-2006 Information security technology - Public key infrastructure - Digital certificate format GB/T 26855-2011 Information Technology Security Public Key Infrastructure Certificate Policy Statement and Assurance Framework GB/T 29241-2012 Information security technology - Public Key Infrastructure (PKI) interoperability assessment guidelines

3 Terms and Definitions

The following terms and definitions apply to this document. 3.1 Certificate Authority certificationauthority Maintenance entity responsible for issuing certificates and certificate status. 3.2 Subscriber Registration Authority registrationauthority Revocation and hanging responsible for identification and authentication of subscribers, to approve or reject the subscriber's certificate request to withdraw the application and pending requests to initiate a certificate From the entities. 3.3 Electronic authentication services certificationserviceprovider Based on "Electronic Signature Law" and "electronic authentication service management approach" was "the electronic certification service license" to provide electronic authentication to the public sector Service institutions usually contain the certificate issuing authority and subscriber registration authority. 3.4 Subscriber subscriber It signed an agreement with electronic authentication services, electronic authentication service entity to accept service agencies. Subscribers should be able to correspond to the certificate The private use liable. 3.5 Relying Party relyingparty Relying party agreement to accept electronic authentication service agencies, independent judging safety certificate meets the security requirements of their applications, and inspection Cert and corresponding signature of the entity.

Tips & Frequently Asked Questions:

Question 1: How long will the true-PDF of GB/T 31508-2015_English be delivered?

Answer: Upon your order, we will start to translate GB/T 31508-2015_English as soon as possible, and keep you informed of the progress. The lead time is typically 4 ~ 7 working days. The lengthier the document the longer the lead time.

Question 2: Can I share the purchased PDF of GB/T 31508-2015_English with my colleagues?

Answer: Yes. The purchased PDF of GB/T 31508-2015_English will be deemed to be sold to your employer/organization who actually pays for it, including your colleagues and your employer's intranet.

Question 3: Does the price include tax/VAT?

Answer: Yes. Our tax invoice, downloaded/delivered in 9 seconds, includes all tax/VAT and complies with 100+ countries' tax regulations (tax exempted in 100+ countries) -- See Avoidance of Double Taxation Agreements (DTAs): List of DTAs signed between Singapore and 100+ countries

Question 4: Do you accept my currency other than USD?

Answer: Yes. If you need your currency to be printed on the invoice, please write an email to [email protected]. In 2 working-hours, we will create a special link for you to pay in any currencies. Otherwise, follow the normal steps: Add to Cart -- Checkout -- Select your currency to pay.

Refund Policy     Privacy Policy     Terms of Service     Shipping Policy     Contact Information