💼 3.6.5 Retirement or replacement of keys as deemed necessary when the integrity of the key has been weakened, or keys are suspected of being compromised.
-
Contextual name: 💼 3.6.5 Retirement or replacement of keys as deemed necessary when the integrity of the key has been weakened, or keys are suspected of being compromised.
-
ID:
/frameworks/pci-dss-v3.2.1/03/06/05 -
Located in: 💼 3.6 Fully document and implement all keymanagement processes and procedures for cryptographic keys used for encryption of cardholder data.
Description​
If retired or replaced cryptographic keys need to be retained, these keys must be securely archived (for example, by using a key-encryption key). Archived cryptographic keys should only be used for decryption/verification purposes.
Similar​
- Sections
/frameworks/pci-dss-v4.0/03/07/05
- Internal
- ID:
dec-c-56b11eab
- ID:
Similar Sections (Take Policies From)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 3.7.5 Key management policies procedures are implemented to include the retirement, replacement, or destruction of keys used to protect stored account data. |
Similar Sections (Give Policies To)​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 3.7.5 Key management policies procedures are implemented to include the retirement, replacement, or destruction of keys used to protect stored account data. |
Sub Sections​
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|