In order to ensure more and more the openness of the Calypso Standard, CNA has just published a new specification about Security Architecture and Key Ceremony.
This document defines the rules ensuring interoperability and interchangeability of key management systems designed by providers of Calypso secret keys:
- The owner of the keys (e.g. public transport authority) has full control over its keys, always being able to entrust them to any third party of its choice by itself, for any evolution of its system;
- The owner of the keys may freely and securely have secure application modules (SAM) manufactured with its keys by the provider of its choice.
In addition to these rules, those specifications also contains recommendations for the design of a Calypso Key Ceremony with suitable balance among security and constraints. This new specification will allows transport networks to freely choose different providers of its personalized SAMs and Key Ceremony at any time.
Published the 5th March 2018