Resources Standards

This section contains the security standards and specifications supported by Safelayer products.

IETF - Internet Engineering Task Force

  • RFC 5280, RFC 3280: Internet X.509 Public Key Infrastructure. Certificate and Certificate Revocation List (CRL)
  • RFC 3739, RFC 3039: Internet X.509 Public Key Infrastructure. Qualified Certificates Profile
  • RFC 6960, RFC 2560: Internet X.509 Public Key Infrastructure. Online Certificate Status Protocol (OCSP)
  • RFC 3161: Internet X.509 Public Key Infrastructure. Time-Stamp Protocol (TSP)
  • RFC 5816: ESSCertIDv2 Update for RFC 3161
  • RFC 6962: Certificate Transparency
  • RFC 5652, RFC 3852: Cryptographic Message Syntax (CMS)
  • RFC 4511: Lightweight Directory Access Protocol (LDAP): The Protocol
  • RFC 3778: The application/pdf Media Type
  • RFC 2865: Remote Authentication Dial In User Service (RADIUS)
  • RFC 4210: Certificate Management Protocol (CMP)
  • RFC 5246: The Transport Layer Security (TLS) Protocol
  • RFC 6101: The Secure Sockets Layer (SSL) Protocol
  • RFC 5321: Simple Mail Transfer Protocol
  • RFC 1157: A Simple Network Management Protocol (SNMP)
  • RFC 5424: The Syslog Protocol
  • RFC 6749: The OAuth 2.0 Authorization Framework

PKCS Public Key Cryptography Standards

  • PKCS #1 RSA Cryptography Standard
  • PKCS #7 Cryptographic Message Syntax Standard
  • PKCS #10 Certification Request Syntax Standard
  • PKCS #11 Cryptographic Token Interface Standard
  • PKCS #12 Personal Information Exchange Syntax Standard

ITU-T, ISO/IEC and CEN

  • ITU-T Recommendation X.509 | ISO/IEC 9594-8: Information Technology – Open Systems Interconnection – The Directory: Public-Key and Attribute Certificate Frameworks
  • ISO 32000-1, Document management – Portable document format – Part 1: PDF 1.7
  • ISO/IEC 29115 Entity authentication assurance framework
  • CEN/TS 419 261 Security Requirements for Trustworthy Systems Managing Certificates and time-stamps

ETSI European Telecommunications Standards Institute

  • ETSI TS 101 862: Qualified Certificate Profile
  • ETSI TS 102 280: X.509 V.3 Certificate Profile for Certificates Issued to Natural Persons
  • ETSI TS 101 861: Time stamping profile
  • ETSI EN 319 412 Profiles for Trust Service Providers issuing certificates
  • ETSI EN 419 422 Time-stamping protocol and time-stamp profiles
  • ETSI TS 101 733: CMS Advanced Electronic Signatures (CAdES)
  • ETSI TS 101 903: XML Advanced Electronic Signatures (XAdES)
  • ETSI TS 102 176-1: Algorithms and Parameters for Secure Electronic Signatures; Part 1: Hash functions and asymmetric algorithms
  • ETSI TS 102 778: PDF Advanced Electronic Signature Profiles;Part 1: PAdES Overview - a framework document for PAdES
  • ETSI EN 319 102: Procedures for Creation and Validation of AdES Digital Signatures
  • ETSI TS 119 612: Trusted Lists
  • ETSI TS 103 171: XAdES Baseline Profile
  • ETSI TS 103 172: PAdES Baseline Profile
  • ETSI TS 103 173: CAdES Baseline Profile
  • ETSI EN 319 122: CAdES digital signatures
  • ETSI EN 319 132: XAdES digital signatures
  • ETSI EN 319 142: XAdES digital signatures

United States Government Standards

  • FIPS 46-3 Data Encryption Standard - DES, Triple DES
  • FIPS 197 Advanced Encryption Standard - AES
  • FIPS 186 Digital Signature Algorithm - DSA
  • NIST Special Publication 800-63-2- Electronic Authentication Guideline

W3C World Wide Web Consortium

  • XML Signature WG (XML-DSig)
  • XML Encryption WG (XML-Enc)
  • XML Key Management Working Group (XKMS)

OASIS Organization for the Advancement of Structured Information Standards

  • OASIS Web Services Security (WS-Security)
  • OASIS Digital Signature Services (DSS)
  • OASIS Security Assertion Markup Language (SAML)

ePassport Specifications

  • ICAO Doc 9303: Machine Readable Travel Documents
  • ICAO PKD standards
  • Full EAC 1.11 compliant (BSI TR-03110)
  • EU Common Certificate Policy for the EAC infrastructure (BSI TR-03139)
  • SPOC (ČSN 36 9791)
  • BSI TR-03129 PKI for Machine Readable Travel Documents

Other technical specifications

  • Microsoft Cryptographic Application Programming Interface (MS-CAPI)
  • REST/JSON Architecture
  • Simple Certificate Enrollment Protocol (SCEP)
  • Microsoft Windows Enrollment
  • Microsoft Active Directory
  • Apple OTA Enrollment
  • SOAP/HTTP Protocol

We use cookies to improve our website and your experience when using it. Cookies used for the essential operation of this site have already been set. To find out more about the cookies we use and how to delete them, see our Privacy Policy.I accept cookies from this site