+CRY-13 Handling of Compromised Keys
---+CRY-13.01B
---+CRY-13.02B
|
1. Overview
CRY-13 Handling of Compromised Keys
-
| Summary |
Standard |
|
CRY-13.01B
|
The cloud service provider manages the use of compromised cryptographic keys to ensure they are only used in controlled circumstances and solely for decryption or verification (in case of signature keys), while complying with legal and regulatory requirements.
|
|
CRY-13.02B
|
The cloud service provider notifies affected cloud service customers without undue delay that their keys have been compromised and will no longer be used for encryption or signing.
|
1.1 References
1.2 Identified Requirements
1.2 Related Regulation
2. Identified Requirements
Requirements
| Source |
Requirement |
3. Related Regulations
Regulations
| Source |
Regulation |
|