Guidelines for Cryptographic Key Management
RFC 4107, “Guidelines for Cryptographic Key Management”, is a Best Current Practice document published in June 2005 by S. Bellovin, R. Housley. The canonical text is published by the RFC Editor.
Abstract
The question often arises of whether a given security system requires some form of automated key management, or whether manual keying is sufficient. This memo provides guidelines for making such decisions. When symmetric cryptographic mechanisms are used in a protocol, the presumption is that automated key management is generally but not always needed. If manual keying is proposed, the burden of proving that automated key management is not required falls to the proposer. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.
What “Best Current Practice” means
Documents the IETF community's recommended operational or procedural practice rather than a protocol specification.
The canonical text of RFC 4107 is hosted at rfc-editor.org. Available in TXT,HTML.
- RFC 4106 The Use of Galois/Counter Mode in IPsec Encapsulating Security Payload
- RFC 4108 Using Cryptographic Message Syntax to Protect Firmware Packages
- RFC 4105 Requirements for Inter-Area MPLS Traffic Engineering
- RFC 4109 Algorithms for Internet Key Exchange version 1
- RFC 4104 Policy Core Extension Lightweight Directory Access Protocol Schema
- RFC 4110 A Framework for Layer 3 Provider-Provisioned Virtual Private Networks
- RFC 4103 RTP Payload for Text Conversation
- RFC 4111 Security Framework for Provider-Provisioned Virtual Private Networks