ISO/IEC 9594-8:2017 Withdrawn

Information technology - Open Systems Interconnection - The Directory - Part 8: Public-key and attribute certificate frameworks

English
CHF 

Do you need a multi-user copy?

English
CHF 

Preview

Abstract

ISO/IEC 9594-8:2017 addresses some of the security requirements in the areas of authentication and other security services through the provision of a set of frameworks upon which full services can be based. Specifically, this Recommendation | International Standard defines frameworks for:
- public-key certificates; and
- attribute certificates.
The public-key certificate framework defined in this Recommendation | International Standard specifies the information objects and data types for a public-key infrastructure (PKI), including public-key certificates, certificate revocation lists (CRLs), trust broker and authorization and validation lists (AVLs). The attribute certificate framework specifies the information objects and data types for a privilege management infrastructure (PMI), including attribute certificates, and attribute certificate revocation lists (ACRLs). This Recommendation | International Standard also provides the framework for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a set of extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema components (including object classes, attribute types and matching rules) for storing PKI and PMI information in a directory, are included in this Recommendation | International Standard.
ISO/IEC 9594-8:2017 specifies the framework for strong authentication, involving credentials formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but it can be of general use for applications which consider these techniques adequate.
Authentication (and other security services) can only be provided within the context of a defined security policy. It is a matter for users of an application to define their own security policy.

Look inside


Additional information

Publication typeInternational Standard
Publication date2017-05-05
Withdrawal date2020-12-01
Edition8.0
Available language(s)English
TC/SCISO/IEC JTC 1/SC 6 - Telecommunications and information exchange between systemsrss
ICS35.100.70 - Application layer
Stability date  2020
Pages242
File size3616 KB

The following test report forms are related:



Share this page


Share your publications

Learn how to share your publications with your colleagues, using networking options.

Payment information

Our prices are in Swiss francs (CHF). We accept all major credit cards (American Express, Mastercard and Visa, JCB and CUP), PayPal and bank transfers as form of payment.


Keep in touch

Keep up to date with new publication releases and announcements with our free IEC Just Published email newsletter.

Contact customer services

Please send your enquiry by email or call us on +41 22 919 02 11 between 09:00 – 16:00 CET Monday to Friday.