https://wiki.idesg.org/index.php?action=history&feed=atom&title=Secure_Req_13Secure Req 13 - Revision history2026-04-16T10:02:47ZRevision history for this page on the wikiMediaWiki 1.38.4https://wiki.idesg.org/index.php?title=Secure_Req_13&diff=6583&oldid=prevOmaerz: 8 revisions imported: Initial Upload of old pages from IDESG Wiki2018-06-28T04:03:34Z<p>8 revisions imported: Initial Upload of old pages from IDESG Wiki</p>
<p><b>New page</b></p><div>''<< Back to [[Baseline_Functional_Requirements_v1.0|Baseline Functional Requirements Index]]''<br />
<br />
== SECURE-13. REVOCATION ==<br />
Entities that issue credentials or tokens MUST have processes and procedures in place to invalidate credentials and tokens.<br />
<br />
=== SUPPLEMENTAL GUIDANCE ===<br />
Service Providers must be capable of revoking, deactivating, or otherwise invalidating credentials or<br />
tokens. Invalidated credentials include those that have expired, have been determined to be<br />
compromised, or have been canceled by either the issuing entity or user.<br />
<br />
Timeliness of revocation and deactivation may be dictated by regulation, environment, or trust<br />
frameworks.<br />
<br />
=== REFERENCES ===<br />
FICAM TFPAP Trust Criteria, Token & Credential Management, LOA 2-3, #4 (p.32)<br />
<br />
=== APPLIES TO ACTIVITIES ===<br />
[[IDEF Functional Model REGISTRATION|REGISTRATION]], <br />
[[IDEF Functional Model CREDENTIALING|CREDENTIALING]]<br />
<br />
=== KEYWORDS ===<br />
[[IDEF Keywords CREDENTIAL|CREDENTIAL]], [[IDEF Keywords EXPIRY|EXPIRY]], [[IDEF Keywords LOSS|LOSS]], <br />
[[IDEF Keywords PROCESS|PROCESS]], <br />
[[IDEF Keywords REVOCATION|REVOCATION]], [[IDEF Keywords SECURITY|SECURITY]], [[IDEF Keywords TOKEN|TOKEN]]<br />
----<br />
----<br />
Quick Links: [[SALS]] | [[Baseline Functional Requirements v1.0]] | [[Glossary]] |<br />
<br />
----<br />
----</div>Omaerz