This section contains the security standards and specifications supported by Safelayer products.
IETF - Internet Engineering Task Force
- RFC 5280, RFC 3280: Internet X.509 Public Key Infrastructure. Certificate and Certificate Revocation List (CRL)
- RFC 3739, RFC 3039: Internet X.509 Public Key Infrastructure. Qualified Certificates Profile
- RFC 6960, RFC 2560: Internet X.509 Public Key Infrastructure. Online Certificate Status Protocol (OCSP)
- RFC 3161: Internet X.509 Public Key Infrastructure. Time-Stamp Protocol (TSP)
- RFC 5816: ESSCertIDv2 Update for RFC 3161
- RFC 6962: Certificate Transparency
- RFC 5652, RFC 3852: Cryptographic Message Syntax (CMS)
- RFC 4511: Lightweight Directory Access Protocol (LDAP): The Protocol
- RFC 3778: The application/pdf Media Type
- RFC 2865: Remote Authentication Dial In User Service (RADIUS)
- RFC 4210: Certificate Management Protocol (CMP)
- RFC 5246: The Transport Layer Security (TLS) Protocol
- RFC 6101: The Secure Sockets Layer (SSL) Protocol
- RFC 5321: Simple Mail Transfer Protocol
- RFC 1157: A Simple Network Management Protocol (SNMP)
- RFC 5424: The Syslog Protocol
- RFC 6749: The OAuth 2.0 Authorization Framework
PKCS Public Key Cryptography Standards
- PKCS #1 RSA Cryptography Standard
- PKCS #7 Cryptographic Message Syntax Standard
- PKCS #10 Certification Request Syntax Standard
- PKCS #11 Cryptographic Token Interface Standard
- PKCS #12 Personal Information Exchange Syntax Standard
ITU-T, ISO/IEC and CEN
- ITU-T Recommendation X.509 | ISO/IEC 9594-8: Information Technology – Open Systems Interconnection – The Directory: Public-Key and Attribute Certificate Frameworks
- ISO 32000-1, Document management – Portable document format – Part 1: PDF 1.7
- ISO/IEC 29115 Entity authentication assurance framework
- CEN/TS 419 261 Security Requirements for Trustworthy Systems Managing Certificates and time-stamps
ETSI European Telecommunications Standards Institute
- ETSI TS 101 862: Qualified Certificate Profile
- ETSI TS 102 280: X.509 V.3 Certificate Profile for Certificates Issued to Natural Persons
- ETSI TS 101 861: Time stamping profile
- ETSI EN 319 412 Profiles for Trust Service Providers issuing certificates
- ETSI EN 419 422 Time-stamping protocol and time-stamp profiles
- ETSI TS 101 733: CMS Advanced Electronic Signatures (CAdES)
- ETSI TS 101 903: XML Advanced Electronic Signatures (XAdES)
- ETSI TS 102 176-1: Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms
- ETSI TS 102 778: PDF Advanced Electronic Signature Profiles;Part 1: PAdES Overview - a framework document for PAdES
- ETSI EN 319 102: Procedures for Creation and Validation of AdES Digital Signatures
- ETSI TS 119 612: Trusted Lists
- ETSI TS 103 171: XAdES Baseline Profile
- ETSI TS 103 172: PAdES Baseline Profile
- ETSI TS 103 173: CAdES Baseline Profile
- ETSI EN 319 122: CAdES digital signatures
- ETSI EN 319 132: XAdES digital signatures
- ETSI EN 319 142: XAdES digital signatures
United States Government Standards
- FIPS 46-3 Data Encryption Standard - DES, Triple DES
- FIPS 197 Advanced Encryption Standard - AES
- FIPS 186 Digital Signature Algorithm - DSA
- NIST Special Publication 800-63-2- Electronic Authentication Guideline
W3C World Wide Web Consortium
- XML Signature WG (XML-DSig)
- XML Encryption WG (XML-Enc)
- XML Key Management Working Group (XKMS)
OASIS Organization for the Advancement of Structured Information Standards
- OASIS Web Services Security (WS-Security)
- OASIS Digital Signature Services (DSS)
- OASIS Security Assertion Markup Language (SAML)
ePassport Specifications
- ICAO Doc 9303: Machine Readable Travel Documents
- ICAO PKD standards
- Full EAC 1.11 compliant (BSI TR-03110)
- EU Common Certificate Policy for the EAC infrastructure (BSI TR-03139)
- SPOC (ČSN 36 9791)
- BSI TR-03129 PKI for Machine Readable Travel Documents
Other technical specifications
- Microsoft Cryptographic Application Programming Interface (MS-CAPI)
- REST/JSON Architecture
- Simple Certificate Enrollment Protocol (SCEP)
- Microsoft Windows Enrollment
- Microsoft Active Directory
- Apple OTA Enrollment
- SOAP/HTTP Protocol