ISO/IEC 9594-8 7th Edition, March 1, 2014
INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - THE DIRECTORY - PART 8: PUBLIC-KEY AND ATTRIBUTE CERTIFICATE FRAMEWORKS
Includes all amendments and changes through Corrigendum 2, October 15, 2016
Additional Comments: ENGLISH
Published By:International Organization for Standardization (ISO)
The public-key certificate framework defined in this Recommendation | International Standard specifies the information objects for a public-key infrastructure (PKI), including public-key certificates, c revocation lists (CRLs), trust broker and authorization validation lists (AVLs). The attribute certificate framework specifies of the information objects for a privilege management infrastructure (PMI), including attribute certificates, and attribute Ccertificate Rrevocation Llists (ACRLs). This Recommendation | International Standard also provides the framework for issuing, managing, using and revoking certificates. An extensibility mechanism is included in the defined formats for both certificate types and for all revocation list schemes. This Recommendation | International Standard also includes a set of standard extensions, which is expected to be generally useful across a number of applications of PKI and PMI. The schema components (including object classes, attribute types and matching rules) for storing PKI and PMI information in the a directory, are included in this Recommendation | International Standard
This Recommendation | International Standard specifies the framework for strong authentication, involving credentials formed using cryptographic techniques. It is not intended to establish this as a general framework for authentication, but it can be of general use for applications which consider these techniques adequate.