| Trustmark Definition Name | Version |
|---|---|
|
Addresses requirements for an electronic facial image to be collected during identity proofing for PKI card issuance.
|
1.0 |
|
Addresses the requirement for copies of private keys that are delivered electronically to not be retained.
|
1.0 |
|
Defines conformance and assessment criteria for compliance with minimum security requirements for emergency lighting as related to overall physical and environmental protection requirements.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides emergency lighting for all areas within the facility supporting essential missions and business functions.
|
1.0 |
|
Addresses the requirement for organization principle PKI certificate authorities operated in an offline manner to meet the requirements for issuing Emergency CRLs as specified in the organization's certificate policy.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides a short-term uninterruptible power supply to facilitate an orderly shutdown of the information system in the event of a primary power source loss.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides a short-term uninterruptible power supply to facilitate transition of the information system to long-term alternate power] in the event of a primary power source loss.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides a long-term alternate power supply for the information system that is capable of maintaining minimally required operational capability in the event of an extended loss of the primary power source.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides a long-term alternate power supply for the information system that is self-contained, not reliant on external power generation, and capable of maintaining [Selection: minimally required operational capability; full operational capability in the event of an extended loss of the primary power source. .
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization provides the capability of shutting off power to the information system or individual system components in emergency situations.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization protects emergency power shutoff capability from unauthorized activation.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization places emergency shutoff switches or devices in defined locations to facilitate safe and easy access for personnel.
|
1.0 |
|
Addresses requirements for encoding the UUID within the serialNumber attribute of Card Authentication Certificates
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization require passphrases used to unlock encrypted data at rest to be changed when previously authorized personnel no longer require access.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires passphrases used to unlock encrypted data at rest to not be a dictionary word.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires a minimum passphrase length to unlock encrypted data at rest.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires multiple files maintained in the same unencrypted folder to have separate and distinct passphrases.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization requires passphrases used to unlock encrypted data at rest to include a minimum number of character types.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that cryptographic modules employed by the organization certified to meet FIPS 140-2 standards.
|
1.0 |
|
Addresses the requirement for the encryption of electronically delivered private key material.
|
1.0 |
|
Defines conformance and assessment criteria for verifying that an organization using encryption for access control employs FIPS 140-2 compliant cryptography.
|
1.0 |
|
Addresses requirements for End Entity certificates containing only valid Uniform Resource Identifiers (URIs) that are accessible by relying parties.
|
1.0 |
|
This Trustmark Definition specifies a minimum Diffie-Hellman key size for PKI.
|
1.0 |
|
This Trustmark Definition specifies a minimum DSA key size for private keys use with PKI.
|
1.0 |
|
This Trustmark Definition specifies a minimum DSA key size for public keys use with PKI.
|
1.0 |
