GB/T 27928.1-2011 Certificate management for financial services—Part 1:Public key certificates

Scope

This part of GB/T 27928 defines the certificate management system for legal entities and individuals in the financial industry, including:
—— Certificate and credential content;
—— Certificate authorization system, including certificates for digital signatures and encryption key management;
—— Certificate generation, distribution, verification, and update;
—— Authentication structure and certification path;
—— Revocation and recovery procedures;
—— Extensions to the definition of public key certificates and certificate revocation lists.
This standard applies to the management of public key certificates in the financial industry.
〖JP2〗This part of GB/T 27928 also recommends some useful operational procedures (e.g., distribution mechanisms, acceptance criteria for submitted credentials). 〖JP〗
The implementation of this part of GB/T 27928 will also be based on business risks and legal requirements.
This part of GB/T 27928 does not include the following:
—— Protocol messages used between various participants in the certificate management process;
—— Requirements for notaries and time stamps;
—— Requirements for certificate policies and certification practices;
—— Requirements for trusted third parties;
—— Attribute certificates.
Although this part specifies aspects of certificate generation (which may include public key management for encryption keys), it does not address the generation and transmission of encryption keys.
Implementers wishing to comply with GB/T 16264.8 may adopt the certificate structure defined in this standard. Implementers wishing to achieve compatibility with certificate and certificate revocation structures without X.500-related header fields may adopt the ASN.1 structure defined in Appendix A.

Development Information

Referenced Standards

Adopt standards

Related Standards