Presentation is loading. Please wait.

Presentation is loading. Please wait.

E-MARC Recommendations

Published bySilvester Mosley Modified over 6 years ago

Similar presentations

Presentation on theme: "E-MARC Recommendations"— Presentation transcript:

1 E-MARC Recommendations
The eMARC CP must require that all eMARC certificates be fully compliant with the X.509 standard.

2 E-MARC Recommendations
Adopt a basic trust model that multiple providers and intended users can handle. Let the CAs take care of the details required to comply with the basic trust model rather than prescribing the details in the CP. Make the eMARC CP a high-level policy document. The CP should limit itself to such things as how the trust is established (requirements for verifying user information and access needs) and certificate usage rules.

3 E-MARC Recommendations
Recommendation 2 (cont) Do not require a trust chain with NERC or any other single organization as the sole Root CA. Instead, encourage multiple qualified CAs, with the ability to cross-certify.

4 E-MARC Recommendations
Allow the CAs to provide the flexibility of multiple levels of assurance necessary according to risk (e.g. browser certificates for individuals and hardware tokens for shared or role-based systems).

5 E-MARC Recommendations
Recommendation 3 (cont) Allow for two classes of certificates: SSL authentication Non-repudiable certificates

6 E-MARC Recommendations
Revise the requirement for the prospective eMARC CA to identify their assets. For security reasons, it is unlikely that a commercial CA would be willing to identify the types and locations of their CA assets. It is still appropriate for the eMARC certification process to include a site visit to inspect the procedures and facilities.

Download ppt "E-MARC Recommendations"

Similar presentations

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.

PKI Strategy PKI Requirements Standard –Based on e-MARC or other Certificate Policy Statements –Specify key aspects that must be met by CA Cert format.
PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.

PKI Solutions: Buy vs. Build David Wasley, U. California (ret.) Jim Jokl, U. Virginia Nick Davis, U. Wisconsin.
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Exercise Science The Legal & Professional Responsibilities of Personal Trainers.

Exercise Science The Legal & Professional Responsibilities of Personal Trainers.
Health and Safety Committees RENZO BERTOLINI Canadian Centre for Occupational Health and Safety.

Health and Safety Committees RENZO BERTOLINI Canadian Centre for Occupational Health and Safety.
TIES II — Feasibility study for a JISC national certificate issuing service Middleware studies meeting 11 March 2004.

TIES II — Feasibility study for a JISC national certificate issuing service Middleware studies meeting 11 March 2004.
TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.

TCSEC: The Orange Book. TCSEC Trusted Computer System Evaluation Criteria.
Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.

Chapter 7: Key Process Areas for Level 2: Repeatable - Arvind Kabir Yateesh.
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.

ESign-Online Digital Signature Service February 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry.
[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO] [ENTITY NAME] [FUNCTION CERTIFYING] Certification [LOCATION] – [DATES OF ON-SITE VISIT] [Presenter Name,

[INSERT APPLICABLE REGIONAL ENTITY NAME/LOGO] [ENTITY NAME] [FUNCTION CERTIFYING] Certification [LOCATION] – [DATES OF ON-SITE VISIT] [Presenter Name,
Auditing of a Certification Authority Patrick Cain, CISA, CISM The Cooper-Cain Group, Inc.

Auditing of a Certification Authority Patrick Cain, CISA, CISM The Cooper-Cain Group, Inc.
DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.

DoD Information Technology Security Certification and Accreditation Process (DITSCAP) Phase III – Validation Thomas Howard Chris Pierce.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Adoption of PKI Where are we, where should we be, what’s holding us back, and where do we want to go? And: what about authentication vs. authorization?

Adoption of PKI Where are we, where should we be, what’s holding us back, and where do we want to go? And: what about authentication vs. authorization?
© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.
Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.

Secure System Administration & Certification DITSCAP Manual (Chapter 6) Phase 4 Post Accreditation Stephen I. Khan Ted Chapman University of Tulsa Department.
DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.

DITSCAP Phase 2 - Verification Pramod Jampala Christopher Swenson.
Good Hygiene Practices along the coffee chain The Codex General Principles of Food Hygiene Module 2.3.

Good Hygiene Practices along the coffee chain The Codex General Principles of Food Hygiene Module 2.3.

Similar presentations

Ads by Google