U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

This is an archive
(replace .gov by .rip)

SP 800-57 Part 2 Rev. 1 (Draft)

Recommendation for Key Management, Part 2: Best Practices for Key Management Organizations (2nd Draft)

Date Published: November 2018
Comments Due: February 18, 2019 (public comment period is CLOSED)
Email Questions to: keymanagement@nist.gov

Planning Note (1/28/2019): The comment closing date has been extended to February 18, 2019 (originally Jan. 21st).

Author(s)

Elaine Barker (NIST), William Barker (Dakota Consulting)

Announcement

NIST invites public comments on this second draft of Special Publication (SP) 800-57 Part 2 Rev. 1, Recommendation for Key Management Part 2: Best Practices for Key Management Organizations. Part 2 provides guidance when using the cryptographic features of current systems. This revision:

  1. identifies the concepts, functions and elements common to effective systems for the management of symmetric and asymmetric keys;
  2. identifies the security planning requirements and documentation necessary for effective institutional key management;
  3. describes key management specification requirements;
  4. describes cryptographic key management policy documentation that is needed by organizations that use cryptography; and
  5. describes key management practice statement requirements.

Abstract

Keywords

authentication; authorization; availability; backup; certification authority; compromise; confidentiality; cryptographic key; cryptographic module; digital signatures; encryption; integrity; inventory management; key information; key management; cryptographic key management policy; key recovery; private key; public key; public key infrastructure; security plan; symmetric key
Control Families

Access Control; Audit and Accountability; Contingency Planning; Media Protection; Planning; System and Communications Protection; System and Information Integrity

Documentation

Publication:
Draft (2nd) SP 800-57 Part 2 Rev. 1

Supplemental Material:
None available

Other Parts of this Publication:
SP 800-57 Part 1 Rev. 4
SP 800-57 Part 3 Rev. 1

Document History:
04/06/18: SP 800-57 Part 2 Rev. 1 (Draft)
11/20/18: SP 800-57 Part 2 Rev. 1 (Draft)
05/23/19: SP 800-57 Part 2 Rev. 1 (Final)