Trustmark Definition Name | Version |
---|---|
Addresses the requirement for CAs to validate that individuals hold the roles identified in pseudonymous PKI certificates that identify subjects by their organizational roles.
|
1.0 |
Addresses the requirement for CAs to validate that individuals hold the roles identified in pseudonymous PKI certificates that identify subjects by their organizational roles.
|
1.0 |
Certificate Authority (CA) Verifies Identity Of Applicant In Accordance With Certificate Policy (CP)
Addresses requirements for the Organization CA ensuring that the applicant's identity information is verified in accordance with the process established by the applicable CP.
|
1.0 |
Addresses requirements for the Organization CA ensuring that the applicant's identity information is verified in accordance with the process established by the applicable CPS.
|
1.0 |
Addresses the requirement for CA signature keys to not be escrowed.
|
1.0 |
Addresses requirements for the mechanisms for posting information into a repository including the availability of the information as required by the certificate information posting stipulations of the CP.
|
1.0 |
Addresses requirements for the mechanisms for posting information into a repository including the availability of the information as required by the retrieval stipulations of the CP.
|
1.0 |
Addresses the requirements for limiting the lifetime of self-signed PKI certificates used as trust anchors.
|
1.0 |
Addresses requirements for organization PKI certificate authorities (CAs) specifying rules for interpreting names in Subscriber certificates in the Organization Certificate Policy (CP).
|
1.0 |
Addresses requirements for organization PKI certificate authorities (CAs) specifying rules for interpreting names in Subscriber certificates in a referenced certificate profile.
|
1.0 |
Addresses requirements for mechanisms and procedures designed to ensure the availability of PKI Certificate Revocation Lists (CRLs)
|
1.0 |
This Trustmark Definition defines conformance and assessment criteria for compliance with minimum security requirements for access enforcement as related to overall access control requirements.
|
1.0 |
Addresses backup handling for keys used with PKI.
|
1.0 |
Addresses requirements for the Organization designating the person or Organization to asserts whether CPS conforms to CP.
|
1.0 |
Addresses requirements for whether the determination that the CPS conforms to the CP is based on the results and recommendations of an independent compliance auditor.
|
1.0 |
Addresses requirements for organization PKI certificate authorities (CAs) submitting the results of their compliance audits to the appropriate authority for approval.
|
1.0 |
Addresses requirements for the Certification Practice Statement (CPS) conforming to the Certificate Policy (CP).
|
1.0 |
Addresses requirements for the Organization CA's CPS meeting all facets of the CP.
|
1.0 |
Addresses requirements for organization PKI certificate authorities (CAs) submitting their CPS to the appropriate authority for approval.
|
1.0 |
Defines conformance and assessment criteria for verifying that all changes to services provided by a service provider that are subject to the CJIS Security Policy managed by the CJA, authorized agency, or FBI.
|
1.0 |
Defines conformance and assessment criteria for verifying that CHRI is only stored for extended periods under limited circumstances.
|
1.0 |
Defines conformance and assessment criteria for verifying that the management control of network security remains with the CJA.
|
1.0 |
Defines conformance and assessment criteria for verifying that organizations have not outsourced the management of security requirements.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization's CSA ISO established security incident response and reporting procedures.
|
1.0 |
Defines conformance and assessment criteria for verifying that an organization's policies do not permit anything prohibited by the CJIS Security Policy.
|
1.0 |