Transcription
GPO Public Key InfrastructureKey RecoveryPractices StatementVersion 1.0Feb. 20, 2018
U.S. Government Printing OfficeKey Recovery Practices StatementFebruary 20, 2018FINALVersion 1.0SIGNATURE PAGE yv/ / DATEI.S. Government Printing OfficePublic Key Infrastructure Operating Authoritytf/h, ItKU.S. Government Printing OfficeDATEPublic Key Infrastructure Policy Authority ChairFOR OFFICIAL USE ONLYFINAL
U.S. Government Printing OfficeKey Recovery Practices StatementFOR OFFICIAL USE ONLYVersion 1.02February 20, 2018FINALFINAL
U.S. Government Printing OfficeKey Recovery Practices StatementVersion 1.0February 20, 2018FINALChange itial Document ReleaseUS GPOii
U.S. Government Printing OfficeKey Recovery Practices StatementVersion 1.0February 20, 2018FINALTable of Contents1INTRODUCTION . 11.1Overview . 11.2Document name and identification . 21.3PKI Participants . 21.3.1 PKI Authorities . 21.3.2 Key Recovery Authorities. 31.3.3 Trusted Agents . 41.3.4 Key Recovery Requestors . 41.3.5 Relying Parties. 41.3.6 Other Participants . 51.3.7 Relationship to PKI Authorities from CP. 51.4Certificate usage. 51.5Policy Administration . 51.6Definitions and Acronyms . 52PUBLICATION AND REPOSITORY RESPONSIBILITIES . 63IDENTIFICATION AND AUTHENTICATION . 73.1Naming . 73.2Identity Validation. 73.2.1 Method to Prove Possession of Private Key . 73.2.2 Authentication of Organization Identity. 73.2.3 Authentication of Individual Identity. 73.2.4 Non-verified Subscriber Information . 83.2.5 Validation of Authority . 83.2.6 Criteria for Interoperation . 93.3Identification and Authentication for Re-key Requests . 93.4Identification and Authentication for Re-key after Revocation . 94CERTIFICATE LIFE-CYCLE OPERATIONAL REQUIREMENTS . 104.1Key Recovery Application. 104.1.1 Who Can Submit a Key Recovery Application. 104.1.2 Key Escrow Process and Responsibilities. 104.1.3 Key Recovery Process and Responsibilities .104.2Certificate Application Processing.124.3Certificate Issuance.124.4Certificate Acceptance .124.5Key Pair and Certificate Usage .134.6Certificate Renewal. 134.7Certificate Rekey . 134.8Certificate Modification . 134.9Certificate Revocation and Suspension. 133
U.S. Government Printing OfficeKey Recovery Practices Statement4.104.115Version 1.0February 20, 2018FINALCertificate Status Services.13End of Subscription.13FACILITY, MANAGEMENT, AND OPERATIONAL CONTROLS . 145.1Physical Controls .145.2Procedural Controls .145.2.1 Trusted Roles .145.2.2 Number of Persons Required per Task .155.2.3 Identification and Authentication for Each Role .165.2.4 Roles Requiring Separation of Duties .165.3Personnel Controls. 165.4Audit Logging Procedures . 165.4.1 Types of Events Recorded. 165.4.2 Frequency of Processing Logs. 205.4.3 Retention Period for Audit Log . 205.4.4 Protection of Audit Logs. 205.4.5 Audit Log Backup Procedures.215.4.6 Audit Collection System (internal vs. external) .215.4.7 Notification to Event-causing Subject .215.4.8 Vulnerability Assessments .215.5Records Archival .225.5.1 Types of Information Recorded .225.5.2 Retention Period for Archives . 225.5.3 Protection of Archive. 235.5.4 Archive Backup Procedures.235.5.5 Requirements for Time-stamping of Records .235.5.6 Archive Collection System (Internal vs. External) .235.5.7 Procedures to Obtain and Verify Archive Information.235.6Key Changeover .235.7Compromise and Disaster Recovery.235.7.1 Incident and Compromise Handling Procedures .235.7.2 Computing Resources, Software, and/or Data Are Corrupted .245.7.3 Entity (KRS) Private Key Compromise Procedures .245.7.4 Business Continuity Capabilities After a Disaster .245.8Authority Termination .255.8.1 KED Termination .255.8.2 KRA Termination .255.8.3 KRO Termination .255.8.4 Data Decryption Server Termination .256TECHNICAL SECURITY CONTROLS . 266.1Key Pair Generation and Installation.266.1.1 Key Pair Generation.266.1.2 Private Key Delivery to Subscriber.266.1.3 Public Key Delivery to Certificate Issuer.266.1.4 CA Public Key Delivery to Relying Parties .266.1.5 Key Sizes.266.1.6 Public Key Parameters Generation and Quality Checking.266.1.7 Key Usage Purposes (as per X.509 v3 usage field) .264
U.S. Government Printing OfficeKey Recovery Practices Statement6.26.36.46.56.66.76.8Version 1.0February 20, 2018FINALPrivate Key Protection and Cryptographic Module Engineering Controls .26Other Aspects of Key Pair Management .26Activation Data .27Computer Security Controls .27Life Cycle Technical Controls.27Network Security Controls .27Time Stamping.287CERTIFICATE, CRL, AND OCSP PROFILES . 298COMPLIANCE AUDIT AND OTHER ASSESSMENTS . 309OTHER BUSINESS AND LEGAL MATTERS . 319.1Fees .319.2Financial Responsibility.319.3Confidentiality of Business Information .319.4Privacy of Personal Information .319.5Intellectual Property Rights .319.6Representations and Warranties. .319.6.1 KED Representations and Warranties .319.6.2 KRA/KRO Representations and Warranties .329.6.3 Subscriber Representations and Warranties .339.6.4 Requestor Representations and Warranties .349.6.5 Representations and Warranties of Other Participants.359.7Disclaimers of Warranties .369.8Limitations of Liability.369.9Indemnities .369.10 Term and Termination .369.10.1Term .369.10.2Termination.369.10.3Effect of Termination and Survival .369.11 Individual Notices and Communications with Participants .369.12 Amendments.369.13 Dispute Resolution Provisions .369.14 Governing Law.379.15 Compliance with Applicable Law .379.16 Miscellaneous Provisions . 379.17 Other Provisions. 37APPENDIX A: ACRONYMS AND ABBREVIATIONS. 38APPENDIX B: GLOSSARY . 395
U.S. Government Printing OfficeKey Recovery Practices StatementVersion 1.0February 20, 2018FINAL1 INTRODUCTIONKey Recovery is the ability to escrow and recover private keys from public/private key pairsassociated with public key certificates used for key or data encipherment. The concepts ofa Key Recovery System (KRS) are embedded in the Entrust Authority Security ManagerAdministration (SMA) software, which is what the GPO PCA and SCA use for its CAfunctions. The GPO PKI provides the computer system hardware, software, staff andprocedures to store the private keys securely and recover them when appropriate. TheGPO PCA and SCA provides the all the required KRS elements, which consists of the KeyEscrow Database (KED), and Key Recovery Agent (KRA) Workstations. All of the KRSelements are embedded in the Entrust Authority SMA software, along with cryptographicand computer server hardware, and the workstations controlled and administered by theGPO PKI trusted role staff, using the Entrust Authority SMA software and 2 factor hardwaretokens.Since the GPO KRS has a significant impact on the confidentiality services provided by theGPO public key infrastructure (PKI), its design and operation engenders a high degree oftrust. The GPO PCA and SCA CPS and practices comply with the GPO PKI Certificate Policy(CP), which complies with the Federal PKI Key Recovery Policy.1.1OverviewThe key recovery capability identified in this document is based on the principle that allencryption activities using public-key certificates are performed on behalf of the subject ofthe encryption certificate or on behalf of the organization that authorized the issuance of thepublic-key encryption certificates. Therefore, the organization has the right to identify thepersons authorized to recover the decryption private key in order to maintain the continuityof business operations. In addition, there may be a need to access encrypted informationfor investigative and law enforcement purposes; while some Issuing Organizations requirethat the contents of incoming and/or outgoing e-mail be examined for compliance with theOrganization’s policy. This Key Recovery Policy (KRP) provides guidance to ensure thatencrypted data is recovered expeditiously when appropriate.The purpose of this document is to describe the security and authentication requirementsassociated with the implementation of key recovery operations in a manner that meets therequirements of the FPKIPA. This KRP requires a minimum of two Key Recovery Agents(KRAs) acting on a verified request from an authorized party in order to recover keys fromthe Key Escrow Database (KED). Where Subscriber key recovery is permitted, Subscribersmay authenticate themselves to the KED and perform self-recovery without requiringanyone else’s approval. Section 1.3.1.1 describes the KED. Section 1.3.2.2 describes theKRA.1.2Document name and identificationGPO PKI Key Recovery Practices Statement (KRPS).6
U.S. Government Printing OfficeKey Recovery Practices Statement1.3Version 1.0February 20, 2018FINALPKI ParticipantsThe PKI Participants and Authorities are defined in the GPO PCA CPS and GPO SCA CPS,and these definitions are incorporated by reference in this GPO KRPS.1.3.1PKI AuthoritiesThe PKI Participants and Authorities are defined in the GPO PCA CPS and GPO SCACPS, and these definitions are incorporated by reference in this GPO KRPS.1.3.1.1 Key Escrow Database (KED)The KED is embedded into the GPO PCA and SCA Entrust Authority SMA software andhardware systems. Therefore, for the GPO PCA and SCA, the KED is embedded andimplemented in the GPO PCA and SCA Entrust Authority SMA software and hardware.The GPO KED, as embodied by the Entrust Authority SMA software and hardwareimplementation for the GPO PCA and SCA, embodies the functions that maintains thekey escrow repository and responds to key registration requests. The GPO KED alsoresponds to key recovery requests from two or more KRAs or self-recovery by a currentsubscriber.Section 5.2.1 contains the description of trusted roles required to operate the GPO KED.7
U.S. Government Printing OfficeKey Recovery Practices Statement1.3.2Version 1.0February 20, 2018FINALKey Recovery Authorities1.3.2.1 Data Decryption ServerA data decryption server is an automated system that has the capability to obtain subscriberprivate keys from the KED or another data decryption server for data monitoring purposes(e.g. email inspection). Data decryption servers do not provide keys to subscribers or otherthird-party human requestors. A data decryption server is a type of Requestor and mustadhere to physical, personnel, procedural and technical security requirements of the KED.Implementation of a data decryption server by an Issuing Organization is optional; whenimplemented, it shall adhere to the requirements established for the KED.The GPO PKI does not utilize a Data Decryption Server.1.3.2.2 Key Recovery Agent (KRA)For purposes of the GPO KRPS, the GPO KRA role can be fulfilled by either of the followingtwo (2) following GPO PKI trusted roles: GPO Registration Authority (RA), including authorized GPO Local RA’sGPO Security Officer (SO)That is, for Key Recovery, either of the above GPO PKI trusted role staff are authorized bythis GPO KRPS to serve in the role of the GPO KRA.1.3.2.3 Key Recovery Official (KRO)GPO does not utilize the services of a Key Recovery Official (KRO) in the GPO KRPS.8
U.S. Government Printing OfficeKey Recovery Practices Statement1.3.3Version 1.0February 20, 20
GPO public key infrastructure (PKI), its design and operation engenders a high degree of trust. The GPO PCA and SCA CPS and practices comply with the GPO PKI Certificate Policy (CP),
