SC-12(3): Asymmetric Keys

CSF v1.1 References:

Baselines:

(Not part of any baseline)

Next Version:

Control Statement

The organization produces, controls, and distributes asymmetric cryptographic keys using [Selection: NSA-approved key management technology and processes; approved PKI Class 3 certificates or prepositioned keying material; approved PKI Class 3 or Class 4 certificates and hardware security tokens that protect the user’s private key].