README.md

piv-conformance

Tool to verify conformance to the PIV data model on PIV cards per current releases of FIPS 201 and associated publications

References

FIPS Publications

• FIPS 140 Federal Information Processing Standards Publication FIPS 140-2, Security Requirements for Cryptographic Modules
• FIPS 201 Federal Information Processing Standard 201-2, Personal Identity Verification (PIV) of Federal Employees and Contractors

ISO/IEC Publications

• ISO/IEC 17043, Conformity assessment – General requirements for proficiency testing, 2010
• ISO/IEC 10373 Identification Cards—Test Methods. Part 1—Standard for General Characteristic Test of Identification Cards, ISO, 1998. Part 3—Standard for Integrated Circuit Cards with Contacts and Related Interface Devices, ISO, 2001. Part 6—Standard for Proximity Card Support in Identification Cards, ISO, 2001
• ISO/IEC 7816, Identification Cards—Integrated Circuits with Contacts, Parts 1-6, ISO
• ISO/IEC 14443-1:2000, Identification Cards—Contactless Integrated Circuit(s) Cards—Proximity Cards, ISO, 2000

NIST Special Publications

• SP800-73 Interfaces for Personal Identity Verification
• SP800-76 Biometric Specifications for Personal Identity Verification
• SP800-78 Cryptographic Algorithms and Key Sizes for Personal Identity Verification
• SP800-85A PIV Card Application and Middleware Interface Test Guidelines (SP 800-73-4 Compliance)
• SP800-85B PIV Data Model Test Guidelines (DRAFT)
• SP800-96 PIV Card to Reader Interoperability Guidelines
• SP800-116 A Recommendation for the Use of PIV Credentials in Physical Access Control Systems (PACS)

RFCs

• RFC 3370 Cryptographic Message Syntax (CMS) Algorithms
• RFC 3447 Public-Key Cryptography Standards (PKCS) #1: RSA 1233 Cryptography Specifications Version 2.1
• RFC 4122 A Universally Unique IDentifier (UUID) URN Namespace
• RFC 5280 Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
• RFC 5480 Elliptic Curve Cryptography Subject Public Key Information
• RFC 5652 Cryptographic Message Syntax (CMS)
• RFC 5754 Using SHA2 Algorithms with Cryptographic Message Syntax
• RFC 6960 X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP

Other Publications, Memoranda, or Documents

• HSPD-12 Policy for a Common Identification Standard for Federal Employees and Contractors, August 2004
• OMB 11-11 Mandatory Use of Personal Identity Verification (PIV) Credentials
• X.509 Certificate Policy For The U.S. Federal PKI Common Policy Framework
• X.509 Certificate and Certificate Revocation List (CRL) Extensions Profile for the Shared Service Providers (SSP) Program
• Certificate Policy for the Federal Bridge Certification Authority (FBCA)
• PIV Interoperability for Issuers (PIV-I)