GB/T 19771-2005
Information technology.Security technology.Public key infrastructure-Minimum interoperability specification for PKI components (English Version)

Standard No.
GB/T 19771-2005
Language
Chinese, Available in English version
Release Date
2005
Published By
General Administration of Quality Supervision, Inspection and Quarantine of the People‘s Republic of China
Latest
GB/T 19771-2005
Scope
This standard supports the interoperability of large-scale public key infrastructure (PKI is responsible for issuing, revoking and managing public key certificates for digital signature and key management). This standard provides a basic interoperability reference for component products developed by different PKI developers. The content of this standard involves: · Public key certificate generation, renewal and revocation; · Signature generation and verification; · Certificate and certificate certification path verification. This standard mainly includes the description of certificates, certificate revocation list (CRL) extensions and a set of transactions. These transactions include certificate requests, certificate renewals, certificate revocations, and retrieval of certificates and CRLs from repositories. This standard mainly looks at the interoperability of PKI from the perspective of end users, that is, how to apply for and obtain a certificate; how to sign documents, how to retrieve other people's certificates; how to verify signatures. As mentioned below, the "internal" operating specifications of PKI have not yet reached sufficient maturity, so they are not specified in detail. In this standard, PKI is divided into five components: Certificate Authority (Cas) that issues and revokes certificates; Registration Authority (Ras) that ensures the binding between the public key and the identity of the certificate holder and other attributes; · Certificate holders who obtain certificates and sign documents; · Clients who verify signatures and execute key management protocols and verify certificate certification paths; · Store and provide databases for certificate and CRL queries.

GB/T 19771-2005 Referenced Document

  • RFC 1777 Lightweight Directory Access Protocol (Obsoletes: 1487; Obsoleted by RFC 3494)

GB/T 19771-2005 history

  • 2005 GB/T 19771-2005 Information technology.Security technology.Public key infrastructure-Minimum interoperability specification for PKI components
Information technology.Security technology.Public key infrastructure-Minimum interoperability specification for PKI components


Copyright ©2024 All Rights Reserved