Standards development within the Information Technology sector is harmonized with international standards development. Through the CSA Technical Committee on Information Technology (TCIT), Canadians serve as the Canadian Advisory Committee (CAC) on ISO/IEC Joint Technical Committee 1 on Information Technology (ISO/IEC JTC1) for the Standards Council of Canada (SCC), the ISO member body for Canada and sponsor of the Canadian National Committee of the IEC. Also, as a member of the International Telecommunication Union (ITU), Canada participates in the International Telegraph and Telephone Consultative Committee (ITU-T).
This Standard supersedes CAN/CSA-ISO/IEC 14888-2-02 (adoption of ISO/IEC 14888-2:1999). At the time of publication, ISO/IEC 14888-2:2008 is available from ISO and IEC in English only. CSA will publish the French version when it becomes available from ISO and IEC.
This Standard has been developed in compliance with Standards Council of Canada requirements for National Standards of Canada. It has been published as a National Standard of Canada by CSA Group.
This part of ISO/IEC 14888 specifies digital signatures with appendix whose security is based on the difficulty of factoring the modulus in use. For each signature scheme, it specifies:
a) the relationships and constraints between all the data elements required for signing and verifying;
b) a signature mechanism, i.e., how to produce a signature of a message with the data elements required for signing;
c) a verification mechanism, i.e., how to verify a signature of a message with the data elements required for verifying.
The production of key pairs requires random bits and prime numbers. The production of signatures often requires random bits. Techniques for producing random bits and prime numbers are outside the scope of this part of ISO/IEC 14888. For further information, see ISO/IEC 18031  and ISO/IEC 18032 .
Various means are available to obtain a reliable copy of the public verification key, e.g., a public key certificate.
Techniques for managing keys and certificates are outside the scope of this part of ISO/IEC 14888. For further information, see ISO/IEC 9594-8 , ISO/IEC 11770  and ISO/IEC 15945 .
An update to this product is available.
To receive notifications when an amendment, new edition or update is available to your standard no matter how you purchased it, please register on the Standards Update Service. After registering, enter the List ID for the relevant standard. The List ID can be found in the “CSA Standards Update” section within the first few pages of the standard you’ve purchased. Once notified, you can then update your standard accordingly.
PDF Format Purchased from the CSA Store
If you have purchased or subscribed to a standard from the CSA Store in PDF format, login to your CSA OnDemandTM account to access the updated PDF.
Paper Format Purchased or Purchased from Reseller
If you have purchased a paper copy of the standard from the CSA Store or purchased a standard in paper or PDF format from one of our resellers, login to the Standards Update Service to download the updates in PDF format.
eBook Format Purchased
If you have purchased a standard in eBook format, login to the CSA Reader App to download the updated version of the standard.