ISO/IEC 9594-8: Public-key and Attribute Certificate Frameworks

Just to let you know, we are no longer updating this section.
This is retained as a resource but nothing new has been added since late 2009. No further additions will be made by the DCC.

Date added 26 November 2008
Last edited 11 November 2009

Full Title

ISO/IEC 9594-8: Information Technology - Open Systems Interconnection - The Directory: Public-key and Attribute Certificate Frameworks

Description

ISO/IEC 9594-8 provides a set of 3 frameworks for authentication and secure communication, to be used within a defined security policy. These are:

  • Attribute Certificates, including the definition of the information objects for Privilege Management Infrastructure;
  • Authentication services, including format, creation and storage in the Directory and use of authentication information by applications. Simple authentication (password protected) and strong authentication (encrypted) are described.

The Directory makes use of both Public-key and Attribute Certificates and provides a framework for their use. Extensible specifications and a set of standard extensions schema are provided for: issuing, managing, using and revoking these certificates.

Standards Developing Organisations

ISO
ITU

Rights

No information available.

Lifecycle Action

Access, Use and Reuse

Standard Framework

Electronic Records Management Standards

Standard Types

Authentication
Authorisation

Current Version

2005 - ISO/IEC 9594-8: Information Technology - Open Systems Interconnection - The Directory: Public-key and Attribute Certificate Frameworks [external]
Corrected by Corrigenda ISO/IEC 9594-8: 2005. Full text available for purchase from ISO.

Further Information

Wikipedia entry for X.509 (also published as ISO/IEC 9594-8) [external]
Alternative current version of ISO/IEC 9594-8
Wikipedia entry on Privilege Management Infrastructure [external]
Discusses ISO 9594-8 (ITU-T Recommendation X.509)
X500Standard.com [external]
The website of the X.500 Directory standard explains how the whole X.500 family of standards work together.

Alternative Current Version

Previous Versions

1990 - ISO/IEC 9595-8: Information Technology - Open Systems Interconnection - The Directory: Authentication Frameworks
Superseded
1995 - ISO/IEC 9595-8: Information Technology - Open Systems Interconnection - The Directory: Authentication Frameworks
Superseded
1998 - ISO/IEC 9594: Information Technology - Open Systems Interconnection - The Directory: Authentication Frameworks
Superseded

Referenced Standards

CCITT Recommendation X.800, Security Architecture for Open Systems Interconnection for CCITT Applications
ISO 7498-2: Information Processing Systems - Open Systems Interconnection - Basic Reference Model - Part 2: Security Architecture
ISO/IEC 10021-4: Information Technology - Message Handling Systems (MHS) - Message Transfer System: Abstract Service Definition and Procedures
ISO/IEC 10181-3: Information Technology - Open Systems Interconnection - Security Frameworks for Open Systems: Access Control Framework
ISO/IEC 8824-1: Information Technology - Abstract Syntax Notation One (ASN.1): Specification of Basic Notation
ISO/IEC 8824-2: Information Technology - Abstract Syntax Notation One (ASN.1): Information Object Specification
ISO/IEC 8824-3: Information Technology - Abstract Syntax Notation One (ASN.1): Constraint Specification
ISO/IEC 8824-4: Information Technology - Abstract Syntax Notation One (ASN.1): Parameterization of ASN.1 Specifications
ISO/IEC 8825-1: Information Technology - ASN.1 Encoding Rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)
ISO/IEC 8825-2: Information Technology - ASN.1 Encoding Rules: Specification of Packed Encoding Rules (PER)
ISO/IEC 9594-10: Information Technology - Open Systems Interconnection - The Directory: Use of Systems Management for Administration of the Directory
ISO/IEC 9594-1: Information Technology - Open Systems Interconnection - The Directory: Overview of Concepts, Models and Services.1)
ISO/IEC 9594-2: Information Technology - Open Systems Interconnection - The Directory: Models
ISO/IEC 9594-3: Information Technology - Open Systems Interconnection - The Directory: Abstract Service Definition
ISO/IEC 9594-4: Information Technology - Open Systems Interconnection - The Directory: Procedures for Distributed Operation
ISO/IEC 9594-5: Information Technology - Open Systems Interconnection - The Directory: Protocol Specifications
ISO/IEC 9594-6: Information Technology - Open Systems Interconnection - The Directory: Selected Attribute Types
ISO/IEC 9594-7: Information Technology - Open Systems Interconnection - The Directory: Selected Object Classes
ISO/IEC 9594-9: Information Technology - Open Systems Interconnection - The Directory: Replication
ISO/IEC 9834-1: Information Technology - Open Systems Interconnection - Procedures for the Operation of OSI Registration Authorities: General Procedures