home || catalog: SP800-53rev3 / class: Technical / family: (SC) System and Communications Protection ||
search controls:
search nistpubs:

AC
AT
AU
CA
CM
CP
IA
IR
MA
MP
PE
PL
PM
PS
RA
SA
SC

SC-01
SC-02
SC-03
SC-04
SC-05
SC-06
SC-07
SC-08
SC-09
SC-10
SC-11
SC-12
SC-13
SC-14
SC-15
SC-16
SC-17 *
SC-18
SC-19
SC-20
SC-21
SC-22
SC-23
SC-24
SC-25
SC-26
SC-27
SC-28
SC-29
SC-30
SC-31
SC-32
SC-33

SI
MMMMM

  SC-17: Public Key Infrastructure Certificates  

base control objective:
The organization issues public key certificates under an appropriate certificate policy or obtains public key certificates under an appropriate certificate policy from an approved service provider.

supplemental objective information:
For user certificates, each organization attains certificates from an approved, shared service provider, as required by OMB policy. For federal agencies operating a legacy public key infrastructure cross-certified with the Federal Bridge Certification Authority at medium assurance or higher, this Certification Authority will suffice. This control focuses on certificates with a visibility external to the information system and does not include certificates related to internal system operations, for example, application-specific time services.

enhancements to the base objective:

(1) None.

mapping to FIPS199 baseline:

  LOW: null     MOD: base     HIGH: base  

related (regimented) controls:

None.

documents referenced in SP800-53rev3 for SC-17:

Document Date Status Title
FIPS 201-1 March, 2006 current   Personal Identity Verification (PIV) of Federal Employees and Contractors
OMB M-05-24 August, 2005 current   Implementation of HSPD-12: Policy for a Common Identification Standard for Federal Employees and Contractors
NIST SP800-15 September, 1997 current   MISPC Minimum Interoperability Specification for PKI Components
NIST SP800-25 October, 2000 current   Federal Agency Use of Public Key Technology for Digital Signatures and Authentication
NIST SP800-32 February, 2001 current   Introduction to Public Key Technology and the Federal PKI Infrastructure
NIST SP800-36 October, 2003 current   Guide to Selecting Information Technology Security Products
NIST SP800-56a March, 2006 current   Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography
NIST SP800-57, part1 August, 2005 current   Recommendation for Key Management, part 1
NIST SP800-57, part2 August, 2005 current   Recommendation for Key Management, part 2
NIST SP800-89 November, 2006 current   Recommendation for Obtaining Assurances for Digital Signature Applications

Search SP800-53rev3 catalog: