Date Published: November 2018
Email Questions to:
Planning Note (1/28/2019):
The comment closing date has been extended to February 18, 2019 (originally Jan. 21st).
NIST invites public comments on this second draft of Special Publication (SP) 800-57 Part 2 Rev. 1, Recommendation for Key Management Part 2: Best Practices for Key Management Organizations. Part 2 provides guidance when using the cryptographic features of current systems. This revision:
- identifies the concepts, functions and elements common to effective systems for the management of symmetric and asymmetric keys;
- identifies the security planning requirements and documentation necessary for effective institutional key management;
- describes key management specification requirements;
- describes cryptographic key management policy documentation that is needed by organizations that use cryptography; and
- describes key management practice statement requirements.
Keywords authentication; authorization; availability; backup; certification authority; compromise; confidentiality; cryptographic key; cryptographic module; digital signatures; encryption; integrity; inventory management; key information; key management; cryptographic key management policy; key recovery; private key; public key; public key infrastructure; security plan; symmetric key
Audit and Accountability;
System and Communications Protection;
System and Information Integrity;