U.S. flag   An unofficial archive of your favorite United States government website
Dot gov

Official websites do not use .rip
We are an unofficial archive, replace .rip by .gov in the URL to access the official website. Access our document index here.

Https

We are building a provable archive!
A lock (Dot gov) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)

SP 800-57 Part 2 Rev. 1 (Draft)

Recommendation for Key Management, Part 2: Best Practices for Key Management Organization

Date Published: April 2018
Comments Due: May 31, 2018 (public comment period is CLOSED)
Email Questions to: keymanagement@nist.gov

Author(s)

Elaine Barker (NIST), William Barker (NIST)

Announcement

NIST announces the release of a draft revision of Special Publication (SP) 800-57 Part 2, Recommendation for Key Management, Part 2: Best Practices for Key Management Organization. General guidance and best practices for the management of cryptographic keying material were introduced in Part 1 of SP 800-57. Part 2 introduces key management concepts that must be addressed in key management policies, practice statements and planning documents by any organization that uses cryptography to protect its information; provides guidance for the development of organizational key management policy statements and key management practices statements; and identifies key management information that needs to be documented for all federal applications of cryptography. Appendices provide examples of key management infrastructures and supplemental documentation and planning materials.

The revisions are listed in the final appendix.

Abstract

Keywords

accreditation; assurances; authentication; authorization; availability; backup; certification; compromise; confidentiality; cryptanalysis; cryptographic key; cryptographic module; digital signature; key management; key management policy; key recovery; private key; public key; public key infrastructure; security plan; trust anchor; validation
Control Families

Access Control; Audit and Accountability; Contingency Planning; Media Protection; Planning; System and Communications Protection; System and Information Integrity

Documentation

Publication:
Draft SP 800-57 Part 2 Rev. 1

Supplemental Material:
None available

Other Parts of this Publication:
SP 800-57 Part 1 Rev. 4
SP 800-57 Part 3 Rev. 1

Document History:
04/06/18: SP 800-57 Part 2 Rev. 1 (Draft)
11/20/18: SP 800-57 Part 2 Rev. 1 (Draft)
05/23/19: SP 800-57 Part 2 Rev. 1 (Final)