标准摘要
[中文适用范围]: 此建议|国际标准将定义支持数字签名应用所需的 TTP 服务,以实现文档创建的不可否认性。 此建议|国际标准还将定义接口和协议,以实现与这些 TTP 服务相关的实体之间的互操作性。 需要对技术服务和协议进行定义,以允许实施 TTP 服务和相关商业应用。 此建议|国际标准侧重于: ——实施和互操作性; ——服务规范; ——技术要求。 此建议|国际标准不描述 TTP 的管理或其他组织、运营或个人问题。 这些主题主要包含在 ITU-T Rec. 中。 X.842 | ISO/IEC TR 14516,信息技术 - 安全技术 - 受信任第三方服务的使用和管理指南。 注1 - 因为互操作性是本建议书的主要问题|根据国际标准,存在以下限制: i) 本建议书 | 仅涵盖 TTP 向终端实体或另一个 TTP 提供的服务。 国际标准。 ii) 仅涵盖那些可以通过标准化数字消息请求和/或提供的服务。 iii) 仅那些在本建议书 | 时能够就广泛接受的标准化消息达成一致的服务。 已发布的国际标准有详细规定。 当有广泛接受的标准化消息可供使用时,进一步的服务将在单独的文件中指定。 特别是,时间戳服务将在单独的文件中定义。 注2 – 本建议书中的数据结构和消息|国际标准将根据 RFC 文档、RFC 2510 和 RFC 2511(针对证书管理服务)以及 RFC 2560(针对 OCSP 服务)进行指定。 证书请求格式还允许与 PKCS#10 进行互操作。 本说明中提到的文件参考见附件 C。 注 3 - 存在针对特定环境和应用中的 TTP 服务的其他标准化工作,例如 SET 或 EDIFACT。 这些不属于本建议书 | 的范围。 国际标准。 注 4 - 本建议 |国际标准定义了服务的技术规范。 这些规范独立于政策、具体法律法规和组织模型(例如,可能定义认证机构和注册机构之间如何分担职责和责任)。 当然,TTP 提供本建议书中描述的服务的政策|国际标准需要明确 TTP 如何履行法律法规和前面提到的其他方面。 特别是,该策略必须指定如何确定数字签名和证书的有效性。 [外文原描述]: This Recommendation | International Standard will define those TTP services needed to support the application of digital signatures for the purpose of non-repudiation of creation of documents. This Recommendation | International Standard will also define interfaces and protocols to enable interoperability between entities associated with these TTP services. Definitions of technical services and protocols are required to allow for the implementation of TTP services and related commercial applications. This Recommendation | International Standard focuses on: ? implementation and interoperability; ? service specifications; and ? technical requirements. This Recommendation | International Standard does not describe the management of TTPs or other organizational, operational or personal issues. Those topics are mainly covered in ITU-T Rec. X.842 | ISO/IEC TR 14516, Information technology ? Security techniques ? Guidelines on the use and management of Trusted Third Party services. NOTE 1 ? Because interoperability is the main issue of this Recommendation | International Standard, the following restrictions hold: i) Only those services which may be offered by a TTP, either to end entities or to another TTP, are covered in this Recommendation | International Standard. ii) Only those services which may be requested and/or delivered by means of standardizable digital messages are covered. iii) Only those services for which widely acceptable standardized messages can be agreed upon at the time this Recommendation | International Standard is published are specified in detail. Further services will be specified in separate documents when widely acceptable standardized messages are available for them. In particular, time stamping services will be defined in a separate document. NOTE 2 ? The data structures and messages in this Recommendation | International Standard will be specified in accordance to RFC documents, RFC 2510 and RFC 2511 (for certificate management services) and to RFC 2560 (for OCSP services). The certificate request format also allows interoperability with PKCS#10. See Annex C for references to the documents mentioned in this Note. NOTE 3 ? Other standardization efforts for TTP services in specific environments and applications, like SET or EDIFACT, exist. These are outside of the scope of this Recommendation | International Standard. NOTE 4 ? This Recommendation | International Standard defines technical specifications for services. These specifications are independent of policies, specific legal regulations, and organizational models (which, for example, might define how duties and responsibilities are shared between Certification Authorities and Registration Authorities). Of course, the policy of TTPs offering the services described in this Recommendation | International Standard will need to specify how legal regulations and the other aspects mentioned before will be fulfilled by the TTP. In particular, the policy has to specify how the validity of digital signatures and certificates is determined.
英文名称Information technology - Security techniques - Specification of TTP services to support the application of digital signatures