| Trustmark Definition Name | Version |
|---|---|
|
Addresses the requirement for organization PKI certificate authorities (CAs) to record identity information for a sponsor associated with the role before issuing a role-based certificate.
|
1.0 |
|
Addresses the requirement for human sponsors of devices named as PKI certificate subjects to provide their contact information to enable the CA or RA to communicate with the sponsor when required.
|
1.0 |
|
Addresses the requirement for human sponsors of devices named as PKI certificate subjects to provide the devices' equipment attributes if they are to be included in the certificate.
|
1.0 |
|
Addresses the requirement for human sponsors of devices named as PKI certificate subjects to provide the devices' equipment authorizations if they are to be included in the certificate.
|
1.0 |
|
Addresses the requirement for human sponsors of devices named as PKI certificate subjects to provide equipment identification information (e.g., serial number).
|
1.0 |
|
Addresses the requirement for human sponsors of devices named as PKI certificate subjects to provide the devices' public keys.
|
1.0 |
|
Addresses the requirement for human sponsors of devices named as PKI certificate subjects to provide service name information (e.g., DNS name).
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization implements spyware protection.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs spyware protection at mobile computing devices on the network.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs spyware protection at servers on the network.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization employs spyware protection at workstations on the network.
|
1.0 |
|
Addresses requirements for establishing that an organization requires a State Government-issued Picture I.D. for the purpose of identity proofing.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that the State appointed a Compact Officer pursuant to the National Crime Prevention and Privacy Compact.
|
1.0 |
|
Addresses the requirement to review the authorization status of devices named as the subject of a PKI certificate when their human sponsor is changed.
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 5(1)(e).
|
1.0 |
|
Addresses the requirement for activation data used to unlock Organization CA private keys to have an appropriate level of strength for the keys or data to be protected.
|
1.0 |
|
Addresses the requirement for activation data used to unlock subscriber private keys to have an appropriate level of strength for the keys or data to be protected.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for strong authenticators for non-local maintenance sessions as related to overall maintenance requirements.
|
1.0 |
|
Specifies requirements in accordance with the DHS CISA Secure-by-Design Pledge, published by the U.S. Dept of Homeland Security (DHS) Cybersecurity and Infrastructure Agency (CISA). Requires an organization to require users to create a strong password during initial product installation and configuration, across all of its product and service offerings.
|
1.0 |
|
Addresses the requirement for the subjectName DN of a group PKI certificate to not imply that the subject is a single individual, e.g. by inclusion of a human name form.
|
1.0 |
|
Specifies requirements in accordance with General Data Protection Regulation (GDPR) Art. 36(3).
|
1.0 |
|
Addresses the requirement for subscriber acknowledgement of delivery of private keys.
|
1.0 |
|
This Trustmark Definition defines conformance and assessment criteria for compliance for PKI administrators to not issue subscriber certificates.
|
1.0 |
|
Addresses the requirements for determining that an organization permits PKI certificate subscribers to use their current signature key to identify themselves for re-keying their certificates.
|
1.0 |
|
Addresses the requirement for subscribers of of organization PKI certificate authorities to identify themselves for the purpose of re-keying.
|
1.0 |
