This page will soon be deactivated—explore our new, faster, mobile-friendly site, now centralized in MyWorkspace!

Committed to connecting the world

  •  
ITU GSR 2024

ITU-T Recommendations

Search by number:
Others:
Skip Navigation Links
Content search
Advanced search
Provisional name
Equivalent number
Formal description
Study Groups tree viewExpand Study Groups tree view
All SGs
TSAG
Study Group 2
Study Group 3
Study Group 5
Study Group 11
Study Group 12
Study Group 13
Study Group 15
Study Group 17
Study Group 20
Study Group 21
Scroll up
Scroll down

ITU-T X.510 (10/2023)

 عربي | 中文 | English | Español | Français | Русский
Information Technology - Open systems Interconnection - The Directory - Protocol specifications for secure operations
Recommendation ITU-T X.510 | ISO/IEC 9594-11 provides tools and specifications for the design of protocol specifications with built-in cybersecurity. It provides tools for cryptographic algorithms pluck-in features and for cryptographic algorithm migration; it provides formal specification for cryptographic algorithms not provided by other specifications; and it defines some specific protocols. Finally, it provides an annex giving guidance in cryptographic algorithm migration.
Recommendation ITU-T X.510 | ISO/IEC 9594-11 includes tools for specifications for specifying secure protocols using a cryptographic algorithm pluck-in principle allowing communication protocols to be specified without "hard coding" the types of algorithms but allowing different areas to supplement Recommendation ITU-T X.510 | ISO/IEC 9594-11 with the types of cryptographic algorithms that are relevant for specific areas.
The cryptographic algorithm pluck-in feature is dependent on algorithms specified as described in Recommendation ITUT X.509 | ISO/IEC 9594-8. Recommendation ITU-T X.510 | ISO/IEC 9594-11 adds formal algorithm specifications where they otherwise do not exist, and it restructures existing formal specifications where the rules established in Recommendation ITU-T X.510 | ISO/IEC 9594-11 are not followed.
Tools are provided for including cryptographic algorithm migration capabilities in communication protocols. An annex provides guidance in use of these tools.
Recommendation ITU-T X.510 | ISO/IEC 9594-11 specifies a general protocol, called the wrapper protocol, that provides cybersecurity for protocols designed for its protection. The wrapper protocol provides authentication, integrity and optionally confidentiality (encryption). The wrapper protocol allows cybersecurity to be provided independently of the protected protocols, which means that security may be enhanced without affecting protected protocol specifications. The wrapper protocol makes use of all the capabilities for cryptographic algorithm pluck-in and migration capabilities. Recommendation ITU-T X.510 | ISO/IEC 9594-11 also specifies three protocols that make use of the wrapper protocol protection. This includes a protocol for maintenance of authorization and validation lists (AVLs), a protocol for subscribing of public-key certificate status and a protocol for accessing a trust broker.
Citation: https://handle.itu.int/11.1002/1000/15701
Series title: X series: Data networks, open system communications and security
  X.500-X.599: Directory
Approval date: 2023-10-29
Identical standard:ISO/IEC 9594-11 (Common)
Provisional name:X.509prot
Approval process:AAP
Status: In force
Observation:This text was produced through a joint activity with ISO and IEC. According to the agreement with our partners, this document is only available through payment. Please get in touch with sales@itu.int for more information.
Maintenance responsibility: ITU-T Study Group 17
Further details: Patent statement(s)
 Development history

© ITU All Rights Reserved

Back to top