NIST PKI Specs
Tim Polk <polk <at> csmes.ncsl.nist.gov>
1996-12-03 19:58:28 GMT
NIST has just released the "Minimum Interoperability Specifications for
PKI Components (draft Version 1)" for a 90 day review period. NIST
developed this document with the assistance of ten CRADA partners -
AT&T, BBN, Certicom, Cylink, DynCorp, IRE, Motorols, Nortel, Spyrus,
and Verisign. This specification is intended to provide the basis for
interoperable PKI components (CAs, ORAs, and clients) from different vendors.
This specification addresses certificate generation, renewal, and
revocation. It includes a certificate and CRL profile, and defines
transactions between PKI components for requesting, renewing, revoking,
and retrieving certificates.
Version 1 is focused on interoperability for a large scale PKI that
issues, revokes and manages digital signature public key certificates.
This specification does not preclude support for key management
certificates; there is simply no direct support. (A sound digital
signature PKI should provide the basis for issuing any kind of
certificate. This specification could be enhanced to address key
managment in a later version.)
The URL for this document is
The document is available in Microsoft Word and PostScript.
It is NIST's goal that the MISPC align closely with the PKIX documents.
The functionality of the MISPC is akin to Parts 1 and 3, and shares many
features, but it is not a proper subset at the moment. Close alignment