Hi All,
This document provides general guidance and best practices for the management of cryptographic keying material. Among other changes, this revision:
- emphasizes the protection needed for the metadata associated with keys;
- includes discussions on access control, identity authentication, and inventory management for keys and certificates; and
- provides guidance consistent with Federal Information Processing Standards (FIPS) Publication 201, Personal Identity Verification (PIV) of Federal Employees and Contractors, and SP 800-63-3, Digital Identity Guidelines.
Appendix C contains a complete list of changes.
Publication Detail:
https://csrc.nist.gov/publications/detail/sp/800-57-part-1/rev-5/final
------------------------------
Michael Roza CPA, CISA, CIA
------------------------------