Conformance Statement

for Product Standard: S/MIME Secure Messaging TRAINING

Version 1.00

This form contains a series of questions that need to be answered. Use an HTML editor or simple text editor to edit the form to provide the answers. DO NOT EDIT ANY OF THE QUESTIONS. Note that the completed Conformance Statement will be made publicly accessible.

As you answer the questions, please keep in mind the following:

All questions must have answers before the form is submitted to The Open Group for review and publication.
Some questions have Rationale statements that will help you in developing your answers.
If you have any questions or concerns, you can send mail to the S/MIME Secure Messaging Certification Administrator at The Open Group.

Enter the name, and organization of the author of this Conformance Statement.

Name	Organization

1. Organization and Course Information

Enter the name of the Organization (Enterprise and Division, if applicable), and the Course Title and Version for the product for which S/MIME Secure Messaging TRAINING certification is being sought.

Enterprise Name	Division / Organization

Course Title and Version Number

2. Conformance Checklist - S/MIME Secure Messaging Training

2.1 Mandatory Requirements

The following table contains a checklist of all the items that should be covered in the syllabus of a conformant S/MIME Secure Messaging training course. For each entry in the Topic column, enter under the Syllabus Reference(s) column the reference to the part of the course syllabus in which the topic is addressed in the course.

There are 6 Topic Areas that must be covered in a conformant course:

Requirements for Secure E-Mail
Basic Internet E-Mail Architecture
Information Security Principles
Introduction to E-Mail Security
Prerequisites for secure E-Mail
Architecture Models for Secure E-Mail
Components of a PKI
Usage of a PKI
Bridge Infrastructures
Implementing a Gateway Encryption System

2.1.1 Requirements for Secure E-Mail

Topic	Syllabus Reference(s)
2.1.1.1 Requirements
2.1.1.2 Use Cases

2.1.2 Basic Internet E-Mail Architecture

Topic	Syllabus Reference(s)
2.1.2.1 Components
2.1.2.2 Standards

2.1.3 Information Security Principles

Topic	Syllabus Reference(s)
2.1.3.1 Scope of Syllabus
2.1.3.2 Trust Models
2.1.3.3 Cryptography
2.1.3.3.1 Asymmetric Key
2.1.3.3.2 Symmetric Key

2.1.4 Introduction to E-Mail Security

Topic	Syllabus Reference(s)
2.1.4.1 Scope of Security
2.1.4.2 Cryptography
2.1.4.3 Digital Signatures
2.1.4.4 Sender Authentication Overview
2.1.4.5 Standards

2.1.5 Prerequisites for Secure E-Mail

Topic	Syllabus Reference(s)
2.1.5.1 Technical
2.1.5.2 Infrastructure
2.1.5.3 Organizational
2.1.5.4 What can be automated?

2.1.6 Architecture Models for Secure E-Mail

Topic	Syllabus Reference(s)
2.1.6.1 "To-End" Desktop
2.1.6.2 "To-Site" Gateway

2.1.7 Components of a PKI

Topic	Syllabus Reference(s)
2.17.1 Certificate
2.1.7.2 Certificate Authority
2.1.7.2.1 Self-Signed Certificates
2.1.7.2.2 Self-Managed Certificates
2.1.7.2.3 External CA Service
2.1.7.3 Registration Authority
2.1.7.4 Key Generation
2.1.7.5 Key Management
2.1.7.6 Directory Service
2.1.7.7 Validation/Revocation Service

2.1.8 Usage of a PKI

Topic	Syllabus Reference(s)
2.1.8.1 Internal Organization and Infrastructure
2.1.8.2 Certificate Policy
2.1.8.3 Certificate Practice Statement
2.1.8.4 PKI Disclosure Statement
2.1.8.5 Relying Party Agreement
2.1.8.6 CP/CPS Audits

2.1.9 Bridge Infrastructures

Topic	Syllabus Reference(s)
2.1.9.1 Requirements/Challenges
2.1.9.2 Out-of-band Delivery
2.1.9.3 Approaches
2.1.9.3.1 Signed List
2.1.9.3.2 Cross Certification
2.1.9.3.3 Participation Requirements

2.1.10 Implementing a Gateway Encryption System

Topic	Syllabus Reference(s)
2.1.10.1 Key Generation
2.1.10.2 Key Exchange
2.1.10.3 Establishing Policy

2.2 Optional Requirements

2.2.1 Architecture Models for Secure E-Mail

Does the Course address any additional models for Secure E-Mail?
Enter "Yes" or "No" as appropriate.