FBCA CP Section 6, Technical Security Controls, v2.27
Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6, Technical Security Controls
Identifier | https://artifacts.trustmarkinitiative.org/lib/tips/fbca-cp-section-6_-technical-security-controls/2.27/ | ||||
Publication Date | 2018-10-30 | ||||
Issuing Organization |
Trustmark Initiative (https://trustmarkinitiative.org/)
View Contact
|
||||
Keywords | PIV-I, Security, Identity, Federal Bridge | ||||
Legal Notice | This document and the information contained herein is provided on an "AS IS" basis, and the Georgia Tech Research Institute disclaims all warranties, express or implied, including but not limited to any warranty that the use of the information herein will not infringe any rights or any implied warranties or merchantability or fitness for a particular purpose. In addition, the Georgia Tech Research Institute disclaims legal liability for any loss incurred as a result of the use or reliance on the document or the information contained herein. |

Trust Expression:
TIP_FBCACPSection6111CAKeyPairGeneration and TIP_FBCACPSection6112SubscriberKeyPairGeneration and TIP_FBCACPSection612PrivateKeyDeliveryToSubscriber and TIP_FBCACPSection613PublicKeyDeliveryToCertificateIssuer and TIP_FBCACPSection614CAPublicKeyDeliveryToRelyingParties and TIP_FBCACPSection615KeySizes and TIP_FBCACPSection616PublicKeyParametersGenerationAndQualityChecking and TIP_FBCACPSection617KeyUsagePurposesasperX509v3keyusagefield and TIP_FBCACPSection621FIPS140 and TIP_FBCACPSection623PrivateKeyEscrow and TIP_FBCACPSection6241BackupOfFBCAAndEntityCAPrivateSignatureKey and TIP_FBCACPSection6242BackupOfSubscriberPrivateSignatureKey and TIP_FBCACPSection6243BackupOfSubscriberKeyManagementPrivateKeys and TIP_FBCACPSection6244BackupOfCSSPrivateKey and TIP_FBCACPSection6245BackupOfPIVIContentSigningKey and TIP_FBCACPSection6246BackupOfDevicePrivateKeys and TIP_FBCACPSection625PrivateKeyArchival and TIP_FBCACPSection626PrivateKeyTransferIntoOrFromACryptographicModule and TIP_FBCACPSection628MethodOfActivatingPrivateKeys and TIP_FBCACPSection629MethodsOfDeactivatingPrivateKeys and TIP_FBCACPSection6210MethodOfDestroyingPrivateKeys and TIP_FBCACPSection632CertificateOperationalPeriodsKeyUsagePeriods and TIP_FBCACPSection641ActivationDataGenerationAndInstallation and TIP_FBCACPSection642ActivationDataProtection and TIP_FBCACPSection643OtherAspectsOfActivationData and TIP_FBCACPSection651SpecificComputerSecurityTechnicalRequirements and TIP_FBCACPSection661SystemDevelopmentControls and TIP_FBCACPSection662SecurityManagementControls and TIP_FBCACPSection67NetworkSecurityControls and TIP_FBCACPSection68TimeStamping
References (30)
TIP FBCA CP Section 6.1.1.1, CA Key Pair Generation, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.1.1, CA Key Pair Generation |
ID | TIP_FBCACPSection6111CAKeyPairGeneration |
TIP FBCA CP Section 6.1.1.2, Subscriber Key Pair Generation, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.1.2, Subscriber Key Pair Generation |
ID | TIP_FBCACPSection6112SubscriberKeyPairGeneration |
TIP FBCA CP Section 6.1.2, Private Key Delivery To Subscriber, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.2, Private Key Delivery To Subscriber |
ID | TIP_FBCACPSection612PrivateKeyDeliveryToSubscriber |
TIP FBCA CP Section 6.1.3, Public Key Delivery To Certificate Issuer, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.3, Public Key Delivery To Certificate Issuer |
ID | TIP_FBCACPSection613PublicKeyDeliveryToCertificateIssuer |
TIP FBCA CP Section 6.1.4, CA Public Key Delivery To Relying Parties, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.4, CA Public Key Delivery To Relying Parties |
ID | TIP_FBCACPSection614CAPublicKeyDeliveryToRelyingParties |
TIP FBCA CP Section 6.1.5, Key Sizes, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.5, Key Sizes |
ID | TIP_FBCACPSection615KeySizes |
TIP FBCA CP Section 6.1.6, Public Key Parameters Generation And Quality Checking, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.6, Public Key Parameters Generation And Quality Checking |
ID | TIP_FBCACPSection616PublicKeyParametersGenerationAndQualityChecking |
TIP FBCA CP Section 6.1.7, Key Usage Purposes (as per X.509 v3 key usage field), v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.1.7, Key Usage Purposes (as per X.509 v3 key usage field) |
ID | TIP_FBCACPSection617KeyUsagePurposesasperX509v3keyusagefield |
TIP FBCA CP Section 6.2.1, FIPS 140, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.1, FIPS 140 |
ID | TIP_FBCACPSection621FIPS140 |
TIP FBCA CP Section 6.2.3, Private Key Escrow, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.3, Private Key Escrow |
ID | TIP_FBCACPSection623PrivateKeyEscrow |
TIP FBCA CP Section 6.2.4.1, Backup Of FBCA And Entity CA Private Signature Key, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.4.1, Backup Of FBCA And Entity CA Private Signature Key |
ID | TIP_FBCACPSection6241BackupOfFBCAAndEntityCAPrivateSignatureKey |
TIP FBCA CP Section 6.2.4.2, Backup Of Subscriber Private Signature Key, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.4.2, Backup Of Subscriber Private Signature Key |
ID | TIP_FBCACPSection6242BackupOfSubscriberPrivateSignatureKey |
TIP FBCA CP Section 6.2.4.3, Backup Of Subscriber Key Management Private Keys, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.4.3, Backup Of Subscriber Key Management Private Keys |
ID | TIP_FBCACPSection6243BackupOfSubscriberKeyManagementPrivateKeys |
TIP FBCA CP Section 6.2.4.4, Backup Of CSS Private Key, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.4.4, Backup Of CSS Private Key |
ID | TIP_FBCACPSection6244BackupOfCSSPrivateKey |
TIP FBCA CP Section 6.2.4.5, Backup Of PIV-I Content Signing Key, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.4.5, Backup Of PIV-I Content Signing Key |
ID | TIP_FBCACPSection6245BackupOfPIVIContentSigningKey |
TIP FBCA CP Section 6.2.4.6, Backup Of Device Private Keys, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.4.6, Backup Of Device Private Keys |
ID | TIP_FBCACPSection6246BackupOfDevicePrivateKeys |
TIP FBCA CP Section 6.2.5, Private Key Archival, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.5, Private Key Archival |
ID | TIP_FBCACPSection625PrivateKeyArchival |
TIP FBCA CP Section 6.2.6, Private Key Transfer Into Or From A Cryptographic Module, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.6, Private Key Transfer Into Or From A Cryptographic Module |
ID | TIP_FBCACPSection626PrivateKeyTransferIntoOrFromACryptographicModule |
TIP FBCA CP Section 6.2.8, Method Of Activating Private Keys, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.8, Method Of Activating Private Keys |
ID | TIP_FBCACPSection628MethodOfActivatingPrivateKeys |
TIP FBCA CP Section 6.2.9, Methods Of Deactivating Private Keys, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.9, Methods Of Deactivating Private Keys |
ID | TIP_FBCACPSection629MethodsOfDeactivatingPrivateKeys |
TIP FBCA CP Section 6.2.10, Method Of Destroying Private Keys, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.2.10, Method Of Destroying Private Keys |
ID | TIP_FBCACPSection6210MethodOfDestroyingPrivateKeys |
TIP FBCA CP Section 6.3.2, Certificate Operational Periods/Key Usage Periods, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.3.2, Certificate Operational Periods/Key Usage Periods |
ID | TIP_FBCACPSection632CertificateOperationalPeriodsKeyUsagePeriods |
TIP FBCA CP Section 6.4.1, Activation Data Generation And Installation, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.4.1, Activation Data Generation And Installation |
ID | TIP_FBCACPSection641ActivationDataGenerationAndInstallation |
TIP FBCA CP Section 6.4.2, Activation Data Protection, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.4.2, Activation Data Protection |
ID | TIP_FBCACPSection642ActivationDataProtection |
TIP FBCA CP Section 6.4.3, Other Aspects Of Activation Data, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.4.3, Other Aspects Of Activation Data |
ID | TIP_FBCACPSection643OtherAspectsOfActivationData |
TIP FBCA CP Section 6.5.1, Specific Computer Security Technical Requirements, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.5.1, Specific Computer Security Technical Requirements |
ID | TIP_FBCACPSection651SpecificComputerSecurityTechnicalRequirements |
TIP FBCA CP Section 6.6.1, System Development Controls, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.6.1, System Development Controls |
ID | TIP_FBCACPSection661SystemDevelopmentControls |
TIP FBCA CP Section 6.6.2, Security Management Controls, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.6.2, Security Management Controls |
ID | TIP_FBCACPSection662SecurityManagementControls |
TIP FBCA CP Section 6.7, Network Security Controls, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.7, Network Security Controls |
ID | TIP_FBCACPSection67NetworkSecurityControls |
TIP FBCA CP Section 6.8, Time Stamping, v2.27 | |
---|---|
Description | Profile of requirements for the Federal Bridge Certificate Authority (FBCA) Certificate Policy (CP), FBCA CP Section 6.8, Time Stamping |
ID | TIP_FBCACPSection68TimeStamping |