Date Published: October 2019
Email Questions to:
This document provides general guidance and best practices for the management of cryptographic keying material. Among other changes, this revision emphasizes the protection needed for the metadata associated with keys; includes discussions on access control, identity authentication, and inventory management for keys and certificates; and provides guidance consistent with Federal Information Processing Standards (FIPS) Publication 201, Personal Identity Verification (PIV) of Federal Employees and Contractors, and SP 800-63, Digital Identity Guidelines. Appendix C contains a complete list of changes.
NOTE: A call for patent claims is included on page iv of this draft. For additional information, see the Information Technology Laboratory (ITL) Patent Policy--Inclusion of Patents in ITL Publications.
Keywords archive; assurances; authentication; authorization; availability; backup; compromise; confidentiality; cryptanalysis; cryptographic key; cryptographic module; digital signature; hash function; key agreement; key information; key-inventory management; key management; key management policy; key recovery; key transport; originator-usage period; private key; public key; recipient-usage period; secret key; split knowledge; trust anchor
Audit and Accountability;
System and Communications Protection;
System and Information Integrity;