Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 11 Next »



REQ-PKI-11 - Basic validation of the server certificate

 Click here to expand...

IdentifierREQ-PKI-11
TitleBasic validation of the server certificate
RequirementService consumers shall do basic validation of the server certificate:
  • Verify Server Identity:
    • Clients shall validate the server's identity to ensure they are communicating with the intended server and not a malicious actor.
  • Trust Chain Verification:
    • Clients check if the server’s certificate is issued by a trusted Certificate Authority (CA) and verify the entire chain of trust up to a root CA.
  • Certificate Revocation Checks:
    • Clients may check for certificate revocation using Certificate Revocation Lists (CRLs) or the Online Certificate Status Protocol (OCSP).
  • Certificate Expiry and Validity:
    • Ensure the server’s certificate is within its valid date range and hasn’t expired.
  • Certificate Usage and Extensions:
    • Confirm that the server’s certificate is intended for server authentication.
Source

AF5 Information and System Requirements UNDER REVIEW

Guidance

NM 27.0 - NM B2B Reference Manual




TO BE CONTINUED






















  • No labels

Working Draft