NSSCryptoModuleSpec/Section 7: Cryptographic Key Management
From MozillaWiki
This is a draft document
Document Description |
DTR Section |
Assessment |
Status |
---|---|---|---|
Specification of all aspects of key management; key generation, key establishment, key entry and output, key storage, and key zeroization. |
VE.07.03.01 |
Key Management Key Zeroization |
draft |
Description of key protection | Key Management | draft | |
Proof of FIPS approved key generation | Key Generation | draft | |
Security of key generation method | Key Generation | draft | |
Random number generator description | VE.07.08.01 VE.07.09.01 VE.07.10.01 |
RNG | draft |
Documentation of means to ensure entity association of stored keys | Entity Association Assurance | draft | |
Output of intermediate key generation values | No intermediate key generation values are output from the cryptographic module upon completion of the key generation process. | draft | |
Key generation methods employed by the cryptographic module | Key Generation | draft | |
Key establishment | VE.07.17.01 VE.07.18.01 VE.07.19.01 VE.07.21.01 |
Key Establishment Techniques | draft |
Key entry and output methods | Key Entry and Output Methods | draft | |
Documentation of means to ensure entity association of entered or output keys | Entity Association Assurance | draft | |
Manual key entry test | N/A. Manual key entry and output methods are not employed by the cryptographic module. | draft |
Return to: NSSCryptoModuleSpec