CAN CSA-ISO IEC 11586-5-2000 Information technology - Open Systems Interconnection - Generic upper layers security Security Exchange Service Element (SESE) Protocol Implementation .pdf

1、CSA I NT E RNATlO N A1 - . National Standard of Canada CAN/CSA-ISOBEC 11 586-5-00 (ISO/IEC 11586-5:1997) International Standard ISO/IEC 11586-5:1997 (first edition, 1997-04-01) has been adopted without modification as CSA Standard CAN/CSA-ISO/IEC 11586-5-00, which has been approved as a National Sta

2、ndard of Canada by the Standards Council of Canada. ISBN 1-55324-052-9 March 2000 Information technology - Open Systems Interconnection - Generic upper layers security: Security Exchange Service Element (SESE) Protocol Implementation Conformance Statement (PICS) proforma (Reaff i r med 2004) Technol

3、ogies de /information - lnterconnexion de systemes ouverts (OSI) - SBcurite generique pour les couches hautes: Proforme de declaration de conformite pour la mise en euvre du protocole (PICSI de /element de service dechange de securite (SESE) Reference number ISO/IEC 11 586-5:1997(E) The Canadian Sta

4、ndards Association, which operates under the name CSA International (CSA), under whose auspices this National Standard has been produced, was chartered in 191 9 and accredited by the Standards Council of Canada to the National Standards system in 1973. It is a not-for-profit, nonstatutory, voluntary

5、 membership association engaged in standards development and certification activities. and users - including manufacturers, consumers, retailers, unions and professional organizations, and governmental agencies. The standards are used widely by industry and commerce and often adopted by municipal, p

6、rovincial, and federal governments in their regulations, particularly in the fields of health, safety, building and construction, and the environment. indicate their support for CSAs standards development by volunteering their time and skills to CSA Committee work and supporting the Associations obj

7、ectives through sustaining memberships. The more than 7000 committee volunteers and the 2000 sustaining memberships together form CSAs total membership from which its Directors are chosen. Sustaining memberships represent a major source of income for CSAs standards development activities. in support

8、 of and as an extension to its standards development activities. To ensure the integrity of its certification process, the Association regularly and continually audits and inspects products that bear the CSA Mark. Toronto, CSA has regional branch offices in major centres across Canada and inspection

9、 and testing agencies in eight countries. Since 191 9, the Association has developed the necessary expertise to meet its corporate mission: CSA is an independent service organization whose mission is to provide an open and effective forum for activities facilitating the exchange of goods and service

10、s through the use of standards, certification and related services to meet national and international needs. For futher information on CSA services, write to CSA International 178 Rexdale Boulevard Toronto, Ontario, M9W 1 R3 Canada CSA standards reflect a national consensus of producers Individuals,

11、 companies, and associations across Canada The Association offers certification and testing services In addition to its head office and laboratory complex in The Standards Council of Canada is the coordinating body of the National Standards system, a federation of independent, autonomous organizatio

12、ns working towards the further development and improvement of voluntary standardization in the national interest. The principal objects of the Council are to foster and promote voluntary standardization as a means of advancing the national economy, benefiting the health, safety, and welfare of the p

13、ublic, assisting and protecting the consumer, facilitating domestic and international trade, and furthering international cooperation in the field of standards. has been approved by the Standards Council of Canada and one which reflects a reasonable agreement among the views of a number of capable i

14、ndividuals whose collective interests provide to the greatest practicable extent a balance of representation of producers, users, consumers, and others with relevant interests, as may be appropriate to the subject in hand. It normally is a standard which is capable of making a significant and timely

15、 contribution to the national interest. Approval of a standard as a National Standard of Canada indicates that a standard conforms to the criteria and procedures established by the Standards Council of Canada. Approval does not refer to the technical content of the standard; this remains the continu

16、ing responsibility of the accredited standards-development organization. Those who have a need to apply standards are encouraged to use National Standards of Canada whenever practicable. These standards are subject to periodic review; therefore, users are cautioned to obtain the latest edition from

17、the organization preparing the standard. The responsibility for approving National Standards of Canada rests with the Standards Council of Canada 45 OConnor Street, Suite 1200 Ottawa, Ontario, K1 P 6N7 Canada A National Standard of Canada is a standard which CSA INTERNATIONAL / - Les normes national

18、es du Canada sont publiees en versions franqaise et anglaise. Although the intended primary application of this Standard is stated in its Scope, it is important to note that it remains the responsibility of the users to judge its suitability for their particular purpose. CAN/CSA-ISO/IEC 7 7586-5-00

19、Information technology - Open Systems Interconnection - Generic upper layers security: Security Exchange Service Element (SESE) Protocol Implementation Conformance Statement (PICS) proforma CAN/CSA-ISO/IEC 11 586-5-00 Information technozogy - Open Systems Interconnection - Generic zipper Zayevs secu

20、rity: Security Exchange Service Element (SESE) PvotocoZ ImpZementa tion Conformance Statement (PICS) pvoforma CSA Preface Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technolo

21、gy (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the IS0 member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member o

22、f the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative committee (ITU-T). This International Standard was reviewed by the CSA TClT under the jurisdiction of the Strategic Steering Committee on Information Technology and deemed

23、 acceptable for use in Canada. (A committee membership list is available on request from the CSA Project Manager.) From time to time, ISO/IEC may publish addenda, corrigenda, etc. The CSA TClT will review these documents for approval and publication. For a listing, refer to the CSA Information Produ

24、cts catalogue or CSA lnfo Update or contact a CSA Sales representative. This Standard has been formally approved, without modification, by these Committees and has been approved as a National Standard of Canada by the Standards Council of Canada. March 2000 0 CSA International - 2000 All rights rese

25、rved. No part of this publication may be reproduced in any form whatsoever without the prior permission of the publisher. ISO/IEC material is reprinted with permission. Inquiries regarding this National Standard of Canada should be addressed to CSA International, 7 78 Rexdale Boulevard, Toronto, Ont

26、ario, M9 W 7 R3. March 2000 CSA/1 INTERNATIONAL STANDARD ISO/IEC 11586-5 First edition 1997-04-01 Information technology - Open Systems Interconnection - Generic upper layers security: Security Exchange Service Element (SESE) Protocol Implementation Conformance Statement (PICS) proforma Technologies

27、 de /information - lnterconnexion de systemes ouverts (OSI) - Securite generique pour les couches hautes: Proforme de declaration de conformite pour la mise en ceuvre du protocole (PICS) de /element de service dechange de securite (SESE) Reference number ISO/IEC 11 586-511 997(E) ISO/IEC 11586-5: 19

28、97 (E) Contents 1 Scope 2 Normative references . Identical Recommendations 1 International Standards Paired Recommendations I International Standards equivalent in technical content 2.1 2.2 3 Definitions 4 Abbreviations . 5 Conventions . 6 Conformance Annex A - Protocol Implementation Conformance St

29、atement (PICS) proforma for the SESE protocol Notations defined for the proforma . A . 1.1 Status column A.1.2 Support column . A.2 PICS numbers . A.3 Completion of the PICS A.4 Date of statement A.5 Implementation details A.6 ITU-T Rec . X.832 I ISOhEC 11586-3 protocol details A.6.1 ITU-T Rec . X.8

30、32 I ISO/IEC 11586-3 technical corrigenda implemented . A.7 Global statement of conformance . A.8 Supported APDUs . A.9 Supported APDU parameters A.9.1 SE-Transfer (SETR) A . 1 A.9.2 SE-U-Abort (SEAB) . A.9.3 SE-P-Abort (SEPA) A.9.4 Problem codes . A.10 Abstract syntax A . 11 Application Context A.1

31、2 Security exchanges A.12.1 Class of Security Exchange Supported . A.12.2 Exchange Supported . A.12.3 Directory Authentication Exchange (one way) . A.12.4 Directory Authentication Exchange (two way) . A.12.5 Simple Negotiation Exchange . 0 ISO/IEC 1997 All rights reserved . Unless otherwise specifie

32、d. no part of this publication may be reproduced or utilized in any form or by any means. electronic or mechanical. including photocopying and microfilm. without permission in writing from the publisher . ISO/IEC Copyright Office . Case postale 56 CH-1211 Geneve 20 Switzerland Page 1 1 1 1 2 2 2 2 3

33、 3 3 3 4 4 4 5 5 5 5 6 6 6 6 7 7 7 7 7 8 8 8 8 11 0 ISOAEC ISO/IEC 11586-5 : 1997 (E) Foreword IS0 (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies that are members

34、of IS0 or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. IS0 and IEC technical committees collaborate in fields of mutual interest. Other international organiz

35、ations, governmental and non-governmental, in liaison with IS0 and IEC, also take part in the work. In the field of information technology, IS0 and IEC have established a joint technical committee, ISOAEC JTC 1. Draft International Standards adopted by the joint technical committee are circulated to

36、 national bodies for voting. Publication as an International Standard requires approval by at least 75 % of the national bodies casting a vote. International Standard ISOAEC 11586-5 was prepared by Joint Technical Committee ISOAEC JTC 1, Information technology, Subcommittee SC 21, Open systems inter

37、connection, data management and open distributed processing, in collaboration with ITU-T. The identical text is published as ITU-T Recommendation X.834. ISOAEC 11586 consists of the following parts, under the general title Information technology - Open Systems Interconnection - Generic upper layers

38、security: - Part I: Overview, models and notation Part 2: Security Exchange Service Element (SESE) service definition Part 3: Security Exchange Service Element (SESE) protocol specification Part 4: Protecting transfer syntax specification Part 5: SecuriQ Exchange Service Element (SESE) Protocol Impl

39、ementation Conformance Statement (PICS) proforma Part 6: Protecting transfer syntax Protocol Implementation Conformance Statement (PICS) Proforma - - - - - Annex A forms an integral part of this part of ISOAEC 11586. . 111 IsO/IEC 11586-5 : 1997 (E) 0 ISO/IEC Introduction This Recommendation I Inter

40、national Standard forms part of a series of Recommendations 1 International Standards that provide generic upper layer security services. The parts are as follows: - Part 1: Overview, Model and Notation. - Part 2: Security Exchange Service Element Service Definition. - Part 3: Security Exchange Serv

41、ice Element Protocol Specification. - Part 4: Protecting Transfer Syntax Specification. - Part 5: Security Exchange Service Element Service PICS Proforma. - Part 6: Protecting Transfer Syntax PICS Proforma. This Recommendation 1 International Standard constitutes Part 5 of the series. Part 3 defines

42、 a protocol for the communication of security exchange information between open systems as part of the operation of a security mechanism. To evaluate the conformance of a particular implementation, it is necessary to have a description of the capabilities and options which have been implemented. Suc

43、h a description is called a Protocol Implementation Conformance Statement (PICS). This Recommendation 1 International Standard includes the PICS proforma for the security exchange service element protocol specified in Part 3 and the security exchanges defined in Part 1, Annex C. iv ISODEC 11586-5 :

44、1997 (E) INTERNATIONAL STANDARD ITU-T RECOMMENDATION INFORMATION TECHNOLOGY - OPEN SYSTEMS INTERCONNECTION - GENERIC UPPER LAYERS SECURITY: SECURITY EXCHANGE SERVICE ELEMENT (SESE) PROTOCOL IMPLEMENTATION CONFORMANCE STATEMENT (PICS) PROFORMA 1 Scope This Recommendation 1 International Standard defi

45、nes a Protocol Implementation Conformance Statement (PICS) proforma for the detailed expression of the conformance requirements of ITU-T Rec. X.832 I ISOAEC 11586-3 and Annex C of ITU-T Rec. X.830 1 ISOAEC 11586-1. This PICS proforma is in compliance with the relevant requirements, and in accordance

46、 with the relevant guidance for a PICS proforma, given in ITU-T Rec. X.291 and ISOAEC 9646-2. Detail of the use of this proforma is provided in this Recommendation I International Standard. Implementations claiming conformance to ITU-T Rec. X.832 I ISOAEC 11586-3 or Annex C of ITU-T Rec. X.830 1 ISO

47、AEC 11586-1 shall complete the proforma as part of the conformance requirements. The level of detail required in the proforma exceeds that of the protocol specification by requiring details to uniquely identify the implementation and the supplier. NOTE - PICS are related to base Recommendations and

48、Standards and only base Recommendations and Standards. PICS structure might be expanded and refined for other documents using the base Standards (e.g. ISPICS). 2 Normative references The following Recommendations and International Standards contain provisions which, through reference in this text, c

49、onstitute provisions of this Recommendation j International Standard. At the time of publication, the editions indicated were valid. All Recommendations and Standards are subject to revision, and the parties to agreements based on this Recommendation I International Standard are encouraged to investigate the possibility of applying the most recent edition of the Recommendations and Standards indicated below. Members of IEC and IS0 maintain registers of currently valid International Standards. The Telecommunication Standardization Bureau of the ITU maintains a list of currently