DICOM PS3.15 2024b - Security and System Management Profiles

2 Normative References

The following standards contain provisions that, through reference in this text, constitute provisions of this Standard. At the time of publication, the editions indicated were valid. All standards are subject to revision, and parties to agreements based on this Standard are encouraged to investigate the possibilities of applying the most recent editions of the standards indicated below.


Normative RFC's are frequently updated by issuance of subsequent RFC's. The original older RFC is not modified to include references to the newer RFC.

[ISO/IEC Directives, Part 2] ISO/IEC. 2016/05. 7.0. Rules for the structure and drafting of International Standards. http://www.iec.ch/members_experts/refdocs/iec/isoiecdir-2%7Bed7.0%7Den.pdf .

[ISO 7498-1] ISO. 1994. Information Processing Systems - Open Systems Interconnection - Basic Reference Model.

[ISO 7498-2] ISO. 1989. Information processing systems - Open Systems Interconnection - Basic reference Model - Part 2: Security Architecture.

[ISO/TR 8509] ISO. Information Processing Systems - Open Systems Interconnection - Service Conventions. ISO/TR 8509 has been withdrawn. See ISO/IEC 2382-26:1993 Information technology - Vocabulary - Part 26: Open systems interconnection .

[ISO 8649] ISO. 1988. Information processing systems - Open Systems Interconnection - Service definition for the Association Control Service Element (ACSE).

[ISO/IEC 10118-3] ISO. 2004. Information technology - Security techniques - Hash-functions - Part 3: Dedicated hash-functions (RIPEMD-160 reference). The draft RIPEMD-160 specification and sample code are also available at http://homes.esat.kuleuven.be/~bosselae/ripemd160.html .

[ECMA 235] ECMA. March 1996. The ECMA GSS-API Mechanism. http://www.ecma-international.org/publications/standards/Ecma-235.htm .

[ANSI X9.52] ANSI. 1998. Triple Data Encryption Algorithm Modes of Operation.

[DNS-SD] Cheshire S.. DNS Self-Discovery. http://www.dns-sd.org/ .

[FIPS 180-1] National Institute of Standards and Technology. 17 April 1995. SHA-1: Secure Hash Standard.

[FIPS 180-2] National Institute of Standards and Technology. 1 August 2002. SHA-2: Secure Hash Standard.

[ITU-T X.509] ITU. Information technology - Open Systems Interconnection - The directory: Public-key and attribute certificate frameworks. http://www.itu.int/rec/T-REC-X.509 . ITU-T Recommendation X.509 is similar to ISO/IEC 9594-8 1990. However, the ITU-T recommendation is the more familiar form, and was revised in 1993 and 2000, with two sets of corrections in 2001. ITU-T was formerly known as CCITT..

[RFC 1035] IETF. Domain Name System (DNS). http://www.rfc-editor.org/info/rfc1035 .

[RFC 2030] IETF. Simple Network Time Protocol (SNTP) Version 4. http://www.rfc-editor.org/info/rfc2030 .

[RFC 2131] IETF. Dynamic Host Configuration Protocol. http://www.rfc-editor.org/info/rfc2131 .

[RFC 2132] IETF. Dynamic Host Configuration Protocol Options. http://www.rfc-editor.org/info/rfc2132 .

[RFC 2136] IETF. Dynamic Updates in the Domain Name System (DNS UPDATE). http://www.rfc-editor.org/info/rfc2136 .

[RFC 2181] IETF. Clarifications to the DNS Specification. http://www.rfc-editor.org/info/rfc2181 .

[RFC 2219] IETF. Use of DNS Aliases for Network Services. http://www.rfc-editor.org/info/rfc2219 .

[RFC 2246] IETF. Transport Layer Security (TLS) 1.0 Internet Engineering Task Force. http://www.rfc-editor.org/info/rfc2246 .

[RFC 2251] IETF. Lightweight Directory Access Protocol (v3). http://www.rfc-editor.org/info/rfc2251 .

[RFC 2313] IETF. March 1998. PKCS #1: RSA Encryption, Version 1.5. http://www.rfc-editor.org/info/rfc2313 .

[RFC 2437] IETF. October 1998. PKCS #1: RSA Cryptography Specifications - Version 2.0. http://www.rfc-editor.org/info/rfc2437 .

[RFC 2563] IETF. DHCP Option to Disable Stateless Auto-Configuration in IPv4 Clients. http://www.rfc-editor.org/info/rfc2563 .

[RFC 2782] IETF. A DNS RR for specifying the location of services (DNS SRV). http://www.rfc-editor.org/info/rfc2782 .

[RFC 2827] IETF. Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing. http://www.rfc-editor.org/info/rfc2827 .

[RFC 2849] IETF. The LDAP Data Interchange Format (LDIF). http://www.rfc-editor.org/info/rfc2849 .

[RFC 2898] IETF. September 2000. PKCS #5: Password-Based Cryptography Specification Version 2.0. http://www.rfc-editor.org/info/rfc2898 .

[RFC 3161] IETF. March 2000. Internet X.509 Public Key Infrastructure - Time-Stamp Protocol (TSP). http://www.rfc-editor.org/info/rfc3161 .

[RFC 3164] IETF. August 2001. The BSD syslog Protocol. http://www.rfc-editor.org/info/rfc3164 .

[RFC 3211] IETF. December 2001. Password-based Encryption for CMS. http://www.rfc-editor.org/info/rfc3211 .

[RFC 3268] IETF. June 2002. Advanced Encryption Standard (AES) Ciphersuites for Transport Layer Security (TLS). http://www.rfc-editor.org/info/rfc3268 .

[RFC 3447] IETF. February 2003. PKCS #1 RSA Cryptography Specifications Version 2.1. http://www.rfc-editor.org/info/rfc3447 .

[RFC 3370] IETF. August 2002. Cryptographic Message Syntax (CMS) Algorithms. http://www.rfc-editor.org/info/rfc3370 .

[RFC 3565] IETF. July 2003. Use of the Advanced Encryption Standard (AES) Encryption Algorithm in Cryptographic Message Syntax (CMS). http://www.rfc-editor.org/info/rfc3565 .

[RFC 3851] IETF. Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification. http://www.rfc-editor.org/info/rfc3851 .

[RFC 3853] IETF. S/MIME Advanced Encryption Standard (AES) Requirement for the Session Initiation Protocol (SIP). http://www.rfc-editor.org/info/rfc3853 .

[RFC 3881] IETF. September 2004. Security Audit and Access Accountability Message - XML Data Definitions for Healthcare Applications. http://www.rfc-editor.org/info/rfc3881 .

[RFC 4033] IETF. March 2005. DNS Security Introduction and Requirements. http://www.rfc-editor.org/info/rfc4033 .

[RFC 4034] IETF. March 2005. Resource Records for the DNS Security Extensions. http://www.rfc-editor.org/info/rfc4034 .

[RFC 4035] IETF. March 2005. Protocol Modifications for the DNS Security Extensions.

[RFC 5246] IETF. August 2008. The Transport Layer Security (TLS) Protocol Version 1.2. http://www.rfc-editor.org/info/rfc5246 .

[RFC 5424] IETF. The Syslog Protocol. http://www.rfc-editor.org/info/rfc5424 .

[RFC 5425] IETF. Transport Layer Security (TLS) Transport Mapping for Syslog. http://www.rfc-editor.org/info/rfc5425 .

[RFC 5426] IETF. Transmission of Syslog Messages over UDP. http://www.rfc-editor.org/info/rfc5426 .

[RFC 5652] IETF. September 2009. Cryptographic Message Syntax. http://www.rfc-editor.org/info/rfc5652 .

[RFC 5905] IETF. Network Time Protocol Version 4: Protocol and Algorithms Specification. http://www.rfc-editor.org/info/rfc5905 .

[RFC 5906] IETF. Network Time Protocol Version 4: Autokey Specification. http://www.rfc-editor.org/info/rfc5906 .

[RFC 6762] IETF. February 2013. Multicast DNS. http://www.rfc-editor.org/info/rfc6762 .

[RFC 6763] IETF. February 2013. DNS-Based Service Discovery. http://www.rfc-editor.org/info/rfc6763 .

[RFC 8446] IETF. August 2018. The Transport Layer Security (TLS) Protocol Version 1.3. http://www.rfc-editor.org/info/rfc8446 .

[RFC 8553] IETF. DNS AttrLeaf Changes: Fixing Specifications That Use Underscored Node Names. http://www.rfc-editor.org/info/rfc8553 .

[RFC 8633] IETF. RFC8633 Network Time Protocol Best Current Practices. http://www.rfc-editor.org/info/rfc8633 .

[RFC 8996] Moriarty K and Farrell S. March 2021. Deprecating TLS 1.0 and TLS 1.1. BCP 195. http://www.rfc-editor.org/info/rfc8996 .

[RFC 9325] Sheffer Y, Saint-Andre P, and Fossati T. Nov 2022. Recommendations for Secure Use of Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS). BCP 195. RFC 9325. http://www.rfc-editor.org/info/rfc9325 .

[BCP 195] IETF. Information on BCP 195. References RFC 8996 and RFC 9325. http://www.rfc-editor.org/info/bcp195 .

DICOM PS3.15 2024b - Security and System Management Profiles