标准编号:ISO/IEC 27099:2022
中文名称:信息技术 公钥基础设施 实践和政策框架
英文名称:Information technology — Public key infrastructure — Practices and policy framework
发布日期:2022-07
标准范围
This document sets out a framework of requirements to manage information security for Public key infrastructure (PKI) trust service providers through certificate policies, certificate practice statements, and, where applicable, their internal underpinning by an information security management system (ISMS). The framework of requirements includes the assessment and treatment of information security risks, tailored to meet the agreed service requirements of its users as specified through the certificate policy.
This document is also intended to help trust service providers to support multiple certificate policies. This document addresses the life cycle of public key certificates that are used for digital signatures, authentication, or key establishment for data encryption. It does not address authentication methods, non-repudiation requirements, or key management protocols based on the use of public key certificates. For the purposes of this document, the term “certificate” refers to public key certificates. This document is not applicable to attribute certificates.
立即下载标准文件