From 2503ac7bd87ef20d4b15b08eadc1d86e0c5500c1 Mon Sep 17 00:00:00 2001 From: Corey Bonnell Date: Fri, 26 Aug 2022 13:56:39 -0400 Subject: [PATCH] #259 --- docs/BR.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/BR.md b/docs/BR.md index 1065ae30..41f926bf 100644 --- a/docs/BR.md +++ b/docs/BR.md @@ -526,6 +526,8 @@ ETSI TS 102 042, Electronic Signatures and Infrastructures (ESI); Policy require FIPS 140-2, Federal Information Processing Standards Publication - Security Requirements For Cryptographic Modules, Information Technology Laboratory, National Institute of Standards and Technology, May 25, 2001. +FIPS 140-3, Federal Information Processing Standards Publication - Security Requirements For Cryptographic Modules, Information Technology Laboratory, National Institute of Standards and Technology, March 22, 2019. + FIPS 186-4, Federal Information Processing Standards Publication - Digital Signature Standard (DSS), Information Technology Laboratory, National Institute of Standards and Technology, July 2013. ISO 21188:2006, Public key infrastructure for financial services -- Practices and policy framework. @@ -1752,7 +1754,7 @@ If the Issuing CA generated the Private Key on behalf of the Subordinate CA, the ### 6.2.7 Private key storage on cryptographic module -The CA SHALL protect its Private Key in a system or device that has been validated as meeting at least FIPS 140 level 3 or an appropriate Common Criteria Protection Profile or Security Target, EAL 4 (or higher), which includes requirements to protect the Private Key and other assets against known threats. +The CA SHALL protect its Private Key in a system or device that has been validated as meeting at least FIPS 140-2 level 3, FIPS 140-3 level 3, or an appropriate Common Criteria Protection Profile or Security Target, EAL 4 (or higher), which includes requirements to protect the Private Key and other assets against known threats. ### 6.2.8 Activating Private Keys