DATA ITEM DESCRIPTION
Title: Key and Certificate Management Plan (KCMP)
Number: DI-MISC-81688A Approval Date: 20170110
AMSC Number: 9760 Limitation: N/A
DTIC Applicable: No GIDEP Applicable: No
Preparing Activity: NS/I21/I213 Project Number: MISC-2017-001
Applicable Forms: N/A
Use/Relationship. The Key and Certificate Management Plan (KCMP) describes the use and
control of cryptographic products and services used by a cryptographic application
(cryptographic engine, cryptographic module, End Cryptographic Unit (ECU), or system)
throughout its lifetime. The KCMP also identifies and documents the capabilities that the
cryptographic application requires from the current and planned key management infrastructure.
a. KCMP Related Guidance. As the vendor of a cryptographic application may have very little
insight into the items in the KCMP, the Information Assurance Certification Manager (IACM)
will ensure the vendor uses the KCMP Template included as part of this DID and has the
applicable Telecommunications Security Requirements Document (TSRD) cited under
“Reference Documents.” The TSRD is intended for use with the KCMP template to detail other
related and relevant information not covered here.
b. This Data Item Description (DID) contains the content preparation instructions for the data
product generated by the specific and discrete task requirement as delineated in the contract, as
the Key and Certificate Management Plan (KCMP).
c. This DID supersedes DI-MISC-81688.
Requirements:
1. Reference Documents: The applicable issue of the documents cited herein, including their
approval dates and dates of any applicable amendments, notices, and revisions, shall be as
specified in the contract.
1.1 National Security Agency/Central Security Service (NSA/CSS) Policy Manual 1-52
1.2. Telecommunications Security Requirements (TSRD) Commercial Communications
Security (COMSEC) Evaluation Program (CCEP), Section 2.9
1.3. TSRD User Participation Program (UPP), Section 2.9
1.4. Information Assurance Directorate (IAD) Management Directive 110 (“Cryptographic
Key Protection”)
1.5. Key and Certificate Management Plan (KCMP) Template, Version 1.0
1.6. CNSSI No. 4001, “Controlled Cryptographic Items (CCI)”
Downloaded from http://www.everyspec.com
