Supplement 8 to ITU-T J-series Recommendations (04/2020) Embedded common interface for exchangeable CA/DRM solutions; Trust environment
Summary
History
FOREWORD
Table of Contents
Introduction
1 Scope
2 References
3 Definitions
     3.1 Terms defined elsewhere
     3.2 Terms defined in this Supplement
4 Abbreviations and acronyms
5 Conventions
6 Overview of ECI Trust Environment
     6.1 Introduction
     6.2 Trust Environment and ECI Ecosystem
     6.3 ECI Certificates and trust
     6.4 ECI export groups and trust
     6.5 Stakeholders of the ECI-Ecosystem
          6.5.1 Definition
          6.5.2 Obligations of the stakeholders
          6.5.3 Liabilities of the stakeholders
7 Role of the ECI Trust Authority
     7.1 Introduction
     7.2 Prerequisites
     7.3 Delegation of responsibility
     7.4 Creation and enforcement of mandatory rules and policies
          7.4.1 Introduction
          7.4.2 Conformance
          7.4.3 Certification
     7.5 Ownership of critical components
     7.6 Responsibility, accountability, and liability
8 Tasks of the ECI Trust Authority
     8.1 Introduction
     8.2 Control and management of Root keys
     8.3 Control and management of Root Revocation List
     8.4 Definition of the process for creating Certificates
     8.5 Definition of the process for revoking Certificates
     8.6 Repository for Certificates and Revocation Lists
     8.7 Creation and management of the technical framework of an ECI ecosystem
     8.8 Creation and management of the contractual framework of an ECI ecosystem
     8.9 Definition of the certification process
     8.10 Conformance of ECI stakeholders
     8.11 Registering, assigning, and managing Id values and keys
     8.12 Creating and updating policies for security and robustness
     8.13 Settling disputes between stakeholders
     8.14 Updating ECI specification(s) and development of future version
     8.15 Point-of-contact for third parties
9 Critical processes and workflows
     9.1 Introduction
     9.2 Certification
     9.3 Revocation
     9.4 Key generation and management
Appendix I  Additional information on security aspects
     I.1 Implementing security related processes
     I.2 The concept behind the three Root keys
Bibliography