Requirements specification for PKI in the public sector

Published under: Stoltenberg's 2nd Government

Publisher Ministry of Government Administration, Reform and Church Affairs

Version 2.0

This document is a general, functional requirements specification for the self-declaration and procurement of a PKI based eID to be utilised in connection with electronic communication with and within the public sector in Norway.

This document is a general, functional requirements specification for the self-declaration and procurement of a PKI based eID to be utilised in connection with electronic communication with and within the public sector in Norway.

PKI solutions that are utilised in public enterprises shall comply with the requirements specification. The specification comes under the provisions of § 27 of the eGovernment Regulations. It is further determined in the regulations regarding voluntary self-declaration procedures that the requirements stated in the requirements specification shall be complied with.

The objective of this document is that it should serve to simplify the procurement process and establish common requirements for secure and standardised PKI services in public administration. The individual enterprise must undertake independent security and vulnerability assessments to determine which security services and security level are required, in accordance with their security objectives and strategy.

Requirements specification for PKI in the public sector - Version 2.0 (1 Mb, PDF)