NISTIR 7924 Reference Certificate Policy: Draft

NISTIR 7924 May 2014 Draft

The purpose of this document is to identify a baseline set of security controls and practices to support the secure issuance of certificates. This baseline was developed with publicly-trusted Certification Authorities (CAs) in mind. These CAs, who issue the certificates used to secure websites using TLS and verify the authenticity of software, play a particularly important role online. This document formatted as a Reference Certificate Policy (CP). We expect different applications and relying party communities will tailor this document based on their specific needs. It was structured and developed so that the CP developer can fill in sections specific to organizational needs and quickly produce a suitable CP.

Why buy a book you can download for free?

First you gotta find it and make sure it's the latest version (not always easy). Then you gotta print it using a network printer you share with 100 other people - and its outta paper - and the toner is low (take out the toner cartridge, shake it, then put it back). If it's just 10 pages, no problem, but if it's a 250-page book, you will need to punch 3 holes in all those pages and put it in a 3-ring binder. Takes at least an hour. An engineer that's paid $75 an hour has to do this himself (who has assistant's anymore?).

If you are paid more than $10 an hour and use an ink jet printer, buying this book will save you money.

It's much more cost-effective to just order the latest version from Amazon.com

This book is published by 4th Watch Books and includes copyright material. We publish compact, tightly-bound, full-size books (8 1/2 by 11 inches), with glossy covers. 4th Watch Books is a Service Disabled Veteran-Owned Small Business (SDVOSB), and is not affiliated with the National Institute of Standards and Technology.

For more titles published by 4th Watch Books, please visit: usgovpub.com

NIST SP 500-299NIST Cloud Computing Security Reference Architecture

NIST SP 500-291NIST Cloud Computing Standards Roadmap Version 2

NIST SP 500-293US Government Cloud Computing Technology Roadmap Volume 1 & 2

NIST SP 500-293US Government Cloud Computing Technology Roadmap Volume 3 DRAFT

NIST SP 1800-8Securing Wireless Infusion Pumps

NISTIR 7497Security Architecture Design Process for Health Information Exchanges (HIEs)

NIST SP 800-66Implementing the Health Insurance Portability and Accountability Act (HIPAA) Security Rule

NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices

NIST SP 800-177 Trustworthy Email

NIST SP 800-184 Guide for Cybersecurity Event Recovery

NIST SP 800-190 Application Container Security Guide

NIST SP 800-193 Platform Firmware Resiliency Guidelines

NIST SP 1800-1 Securing Electronic Health Records on Mobile Devices

NIST SP 1800-2Identity and Access Management for Electric Utilities

NIST SP 1800-5IT Asset Management: Financial Services

NIST SP 1800-6 Domain Name Systems-Based Electronic Mail Security

NIST SP 1800-7 Situational Awareness for Electric Utilities

NIST SP 500-288Specification for WS-Biometric Devices (WS-BD)

NIST SP 500-304Data Format for the Interchange of Fingerprint, Facial & Other Biometric Information

NIST SP 800-32Public Key Technology and the Federal PKI Infrastructure

NIST SP 800-63-3Digital Identity Guidelines

NIST SP 800-63aDigital Identity Guidelines - Enrollment and Identity Proofing

NIST SP 800-63bDigital Identity Guidelines - Authentication and Lifecycle Management