SC-17 Public Key Infrastructure Certificates

Control: The organization issues public key certificates under an appropriate certificate policy or obtains public key certificates under an appropriate certificate policy from an approved service provider.

Supplemental Guidance: For user certificates, each agency either establishes an agency certification authority cross-certified with the Federal Bridge Certification Authority at medium assurance or higher or uses certificates from an approved, shared service provider, as required by OMB Memorandum 05-24. NIST Special Publication 800-32 provides guidance on public key technology. NIST Special Publication 800-63 provides guidance on remote electronic authentication.

Control Enhancements: (0) None.

Baseline: LOW Not Selected MOD SC-17 HIGH SC-17

Family: System And Communications Protection

Class: Technical

ISO 17799 mapping: 12.3.2

COBIT 4.1 mapping: None.

PCI-DSS v2 mapping: None.