FIPS 201 (Federal Information Processing Standards Publication 201) is a United States federal government standard that specifies Personal Identity Verification (PIV) requirements for Federal employees and contractors.

FIPS 201 places specific requirements on OCSP Responders as specified below:

  • OCSP [RFC6960] status responders shall be implemented as a supplementary certificate status mechanism.
  • The OCSP status responses are digitally signed to support authentication and integrity using a public key and hash algorithm at least as large as that used to sign the certificate.
    • Note: It is the role of the ADSS Server user to ensure that they configure an OCSP response signing key and hash algorithm that is at least as large as, or larger than, the key and hash algorithm size used by the CA which issued the target certificate (i.e. certificate being validated).  For further details on how to configure this within the OCSP Service see this page: Step 3 - Registering Trusted CAs for OCSP Service
  • The OCSP message can also be signed with a larger public key or hash algorithm that satisfies the requirements for signing new PIV information, as specified in Table 3-3 of SP 800-78-1:

Signature Generation Date

Public Key Algorithms and Key Sizes

Hash Algorithms

Padding Scheme

After 12/31/2010

RSA (2048, 3072, or 4096 bits)

SHA-256

PKCS #1 v1.5, PSS

ECDSA (Curve P-256)

SHA-256

N/A

ECDSA (Curve P-384)

SHA-384

N/A

.

  • The object identifiers specified in Table 3-4 in SP800-78-1 must be used in CRLs and OCSP messages to identify the signature algorithm:

Signature Algorithm

Object Identifier

RSA with SHA-1 and PKCS v1.5 padding

sha1WithRSAEncryption ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 5}

RSA with SHA-256 and PKCS v1.5 padding

sha256WithRSAEncryption ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 11}

RSA with SHA-256 and PSS padding

id-RSASSA-PSS ::= {iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-1(1) 10}

ECDSA with SHA-256

ecdsa-with-SHA256 ::= {iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2 (3) 2}

ECDSA with SHA-384

ecdsa-with-SHA384 ::= {iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) ecdsa-with-SHA2 (3) 3}

.

  • The cryptographic module used for signing [OCSP responses] shall be validated to FIPS 140-2 with an overall Security Level 2 (or higher).


The ADSS Server administrator can configure the OCSP service to meet all of the above requirements. ADSS Server has been interoperability tested with a range of FIPS 140-2 Level 2+ hardware cryptographic modules from various suppliers.  Any FIPS 140-2 Level 2+ hardware security module that implements the PKCS#11 interface should work with ADSS Server.  For further details on how to configure the FIPS 140-2 cryptographic module see this section of the manual: Creating a New Hardware Crypto Profile.


See also

Support for Multiple Trust Models

Multiple CA and Unique Certificate Validation Policies
Configuring the OCSP Service

General Policy Settings
Forwarding Modes
Access Control
Transactions Logs
Logs Archiving
Alerts
Advanced Settings
Optimising ADSS OCSP Server Performance
Operating OCSP Service in FIPS 201 Compliant Mode

OCSP Service Interface URLs