09/30204756 DC : 0

Foreword
Introduction
1 Scope
2 Normative references
3 Terms and definitions
4 Symbols and abbreviated terms
5 General discussion of key management
  5.1 General
  5.2 Protection of keys
      5.2.1 General aspects of key management
      5.2.2 Protection by cryptographic techniques
      5.2.3 Protection by non-cryptographic techniques
      5.2.4 Protection by physical means
      5.2.5 Protection by organisational means
  5.3 Generic key life cycle model
      5.3.1 Key life cycle definitions
      5.3.2 Transitions between key states
      5.3.3 Transitions, services and keys
6 Concepts of key management
  6.1 Key management services
      6.1.1 Summary of key management services
      6.1.2 Generate-Key
      6.1.3 Register-Key
      6.1.4 Create-Key-Certificate
      6.1.5 Distribute-Key
      6.1.6 Install-Key
      6.1.7 Store key
      6.1.8 Derive-Key
      6.1.9 Archive-Key
      6.1.10 Revoke-Key
      6.1.11 Deregister-Key
      6.1.12 Destroy-Key
  6.2 Support services
      6.2.1 Key management facility services
      6.2.2 User-oriented services
7 Conceptual models for key distribution for two entities
  7.1 Introduction to key distribution
  7.2 Key distribution between two communicating entities
  7.3 Key distribution within one domain
  7.4 Key distribution between two domains
8 Specific service providers
Annex A (informative) - Threats to key management
Annex B (informative) - Key management information objects
Annex C (informative) - Classes of cryptographic applications
  C.1 Common classification of cryptographic systems
  C.2 Authentication services and keys
  C.3 Encryption services and keys
Annex D (informative) - Certificate lifecycle management
  D.1 General
  D.2 Certification Authority (CA)
      D.2.1 CA's responsibilities
      D.2.2 CA's asymmetric key pair
  D.3 Certification process
      D.3.1 Model for public key certification
      D.3.2 Registration
      D.3.3 Relationships between legal entities
      D.3.4 Certificate generation
      D.3.5 Renewal/Lifetime
  D.4 Distribution and use of public key certificate
      D.4.1 Requirements and procedures
      D.4.2 Distribution and storage of public key
             certificates
      D.4.3 Verification of public key certificates
  D.5 Certification paths
  D.6 Certificate revocation
      D.6.1 Revocation requirements
      D.6.2 Revocation lists
Bibliography