| Trustmark Definition Name | Version |
|---|---|
|
Addresses naming requirements for End Entity certificates issued for PIV-I cards.
|
1.0 |
|
Addresses multi-party control requirements for the activation of PIV-I content signing keys.
|
1.0 |
|
Addresses the requirement for PIV-I Hardware certificates, to be used for digital signatures and/or authentication, and PIV-I Card Authentication certificates, subscriber key generation to be performed on hardware tokens that meet the requirements of FBCA CP Appendix A.
|
1.0 |
|
Addresses the requirements for the expiration of PIV-I subscriber certificates.
|
1.0 |
|
Addresses organizational requirements for PKI hardware to enforce separation of duties.
|
1.0 |
|
Addresses the requirement for activation data to transmitted via a protected channel.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with FBCA requirements for the Administrator Role.
|
1.0 |
|
Addresses the requirement for affiliated organizations with respect to affiliation of subscribers to their organization.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for audit record retention as related to overall audit and accountability requirements.
|
1.0 |
|
Addresses the requirement for organizations to submit a PKI compliance audit package to the FPKIPA on an annual basis.
|
1.0 |
|
Addresses the requirement for the individual who removes audit logs from the Organization CA system shall be an official different from the individuals who, in combination, command the Organization CA signature key.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with FBCA requirements for the Auditor Role.
|
1.0 |
|
Addresses the requirement for PKI auditors to demonstrate competence in the field of compliance audits.
|
1.0 |
|
Addresses requirement s to ensure independence and objectivity of PKI compliance auditors.
|
1.0 |
|
Addresses the requirement PKI Authorities to convey subscriber responsibilities to them before use of its private key.
|
1.0 |
|
Addresses key usage bit settings for CA certificates issued by organization Cas.
|
1.0 |
|
Addresses the requirement for organization PKI CA certificates to not include critical private extensions.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for reporting of suspected incidents as related to overall incident response requirements.
|
1.0 |
|
Addresses the requirement for an organization's PKI certificate authorities (CAs) to publish certificate revocation lists (CRLs)
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for control of physical ingress and egress as related to overall physical and environmental protection requirements.
|
1.0 |
|
Addresses the requirement for organization PKI certificate authorities (CAs) either must establish key rollover certificates as described above or must obtain a new CA certificate for the new public key from the issuers of their current certificates.
|
1.0 |
|
Addresses the requirement for PKI, Organization CAs to maintain agreements with Affiliated Organizations
|
1.0 |
|
Addresses the requirement for all organization CA certificates to be be published in organization repositories.
|
1.0 |
|
Addresses the requirement for an organization to prohibit the escrow of PKI Certificate Authority (CA) private keys.
|
1.0 |
|
This Trustmark Definition defines priority requirements for re-establishing PKI Certificate Authority operation when signature keys have been destroyed.
|
1.0 |
