PKI Overview
PIV Data Containers
This section lists the supported PIV objects in the profiles of the HID Crescendo Key and the Crescendo 2300 card.
Some profiles support 9 PKIs whereas other profiles support only 5 PKIs:
- Profile 1 supports 5 PKIs
- Profile 2 supports 9 PKIs
For further details, go to SP 800-73-4: Interfaces for Personal Identity Verification, May 2015.
| Container Description | BER-TLV Tag | Key Reference | Access Rule | Profile 1 | Profile 2 | ||
|---|---|---|---|---|---|---|---|
| Update | Read | General Authenticate | |||||
|
Card Capability Container |
5FC107 |
- |
PIN or PIV PIN |
Always |
- |
x | |
|
Card Holder Unique Identifier |
5FC102 |
- |
Always |
- |
x | x | |
|
Printed Information |
5FC109 |
- |
PIN |
- |
x | x | |
|
Key history object |
5FC10C |
- |
Always |
- |
x | x | |
|
X.509 Certificate for PIV Authentication |
5FC105 |
9A |
Always |
PIV PIN |
x | x | |
|
X.509 Certificate for Digital Signature |
5FC10A |
9C |
Always |
PIV PIN |
x | x | |
|
X.509 Certificate for Key Management |
5FC10B |
9D |
Always |
PIV PIN |
x | x | |
|
X.509 Certificate for Key Management 1 |
5FC10D |
82 |
Always |
PIV PIN |
x | x | |
|
X.509 Certificate for Key Management 2 |
5FC10E |
83 |
Always |
PIV PIN |
x | x | |
| X.509 Certificate for Key Management 3 | 5FC10F | 84 | Always |
PIV PIN |
x | ||
| X.509 Certificate for Key Management 4 | 5FC110 | 85 | Always |
PIV PIN |
x | ||
| X.509 Certificate for Key Management 5 | 5FC111 | 86 | Always |
PIV PIN |
x | ||
| X.509 Certificate for Key Management 6 | 5FC112 | 87 | Always |
PIV PIN |
x | ||
See also:
