Reference document

Org
ISO/IEC
Pubnum
9594-8
Date
2020-12-01
Version
Title
The Directory: Public-key and attribute certificate frameworks

Applicability

Recommendation ITU-T X.509 / ISO/IEC 9594-8 defines frameworks for public-key infrastructure (PKI) and privilege management infrastructure (PMI). It introduces the basic concept of asymmetric cryptographic techniques. It specifies the following data types public-key certificate, attribute certificate, certificate revocation list (CRL) and attribute certificate revocation list (ACRL). It also defines several certificates and CRL extensions, and it defines directory schema information allowing PKI and PMI related data to be stored in a directory. In addition, it defines entity types, such as certification authority (CA), attribute authority (AA), relying party, privilege verifier, trust broker and trust anchor. It specifies the principles for certificate validation, validation path, certificate policy etc. It includes a specification for authorization validation lists that allow for fast validation and restrictions on communications. It includes protocols necessary for maintaining authorization validation lists and a protocol for accessing a trust broker.

Responsible Party

Name
FMN CPWG

Status

URI
http://www.iso.org/iso/home/store/catalogue_tc/catalogue_detail.htm?csnumber=64854

History

Flag Date RFC Version
added 2022-05-06 14.032 15.0
UUID
e5174b28-eb6d-4db4-93c9-36e30ae0dc8d

Relationships

This standard is used by the following service profiles: