6. Standards.-
The Information Technology (IT) architecture for Certifying Authorities may support open standards and accepted de facto standards; the most important standards that may be considered for different activities associated with the Certifying Authoritys functions are as under:
The product | The standard |
Public Key Infrastructure | PKIX |
Digital Signature Certificates and Digital Signature revocation list | X.509. version 3 certificates as specified in ITU RFC 1422 |
Directory (DAP and LDAP) | X500 for publication of certificates and Certification Revocation Lists (CRLs) |
Database Management Operations | Use of generic SQL |
Public Key algorithm | DSA and RSA |
Digital Hash Function | MD5 and SHA-1 |
RSA Public Key Technology | PKCS#1 RSA Encryption Standard (512, 1024, 2048 bit) PKCS#5 Password Based Encryption Standard PKCS#7 Cryptographic Message Syntax standard PKCS#8 Private Key Information Syntax standard PKCS#9 Selected Attribute Types PKCS#10 RSA Certification Request PKCS#12 Portable format for storing/transporting a users private keys and certificates |
Distinguished name | X.520 |
Digital Encryption and Digital Signature | PKCS#7 |
Digital Signature Request Format | PKCS#10 |