1、 Reference number ISO/IEC 7816-5:2004(E) ISO/IEC 2004INTERNATIONAL STANDARD ISO/IEC 7816-5 Second edition 2004-12-01 Identification cards Integrated circuit cards Part 5: Registration of application providers Cartes didentification Cartes circuit intgr Partie 5: Enregistrement des fournisseurs dappl
2、ication ISO/IEC 7816-5:2004(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobes licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the edit
3、ing. In downloading this file, parties accept therein the responsibility of not infringing Adobes licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be
4、found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at
5、the address given below. ISO/IEC 2004 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address b
6、elow or ISOs member body in the country of the requester. ISO copyright office Case postale 56 CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyrightiso.org Web www.iso.org Published in Switzerland ii ISO/IEC 2004 All rights reservedISO/IEC 7816-5:2004(E) ISO/IEC 2004 All ri
7、ghts reserved iiiContents Page Foreword iv 1 Scope 1 2 Normative references . 1 3 Terms, definitions and abbreviated terms 1 3.1 Terms and definitions. 1 3.2 Abbreviated terms. 1 4 Registration of international identifiers 2 4.1 Request and registration procedures. 2 4.2 Appeal process . 2 4.3 Respo
8、nsibilities of applicants . 3 5 Sponsoring Authorities 3 5.1 Eligibility to become a Sponsoring Authority3 5.2 Responsibilities. 3 6 Registration Management Group (RMG) 4 6.1 Constitution . 4 6.2 Responsibilities. 4 6.3 Voting procedures 5 7 Registration Authority 5 7.1 Appointment 5 7.2 Resignation
9、 5 7.3 General reponsibilities . 5 7.4 Responsibilities to applicants requesting a RID . 6 8 The register of RIDs 6 8.1 Publication and availability 6 8.2 Contents. 6 Annex A (normative) Registration form for a registered application provider identifier of category A . 7 A.1 To be completed by the r
10、equesting organization 7 A.2 To be completed by national standards body 7 A.3 To be completed by ISO/IEC 7816-5 registration authority 7 Annex B (informative) National registration 8 B.1 Introduction . 8 B.2 Operation of national numbering systems.8 B.3 Contact with the registration authority. 8 B.4
11、 Role of registration management group. 8 ISO/IEC 7816-5:2004(E) iv ISO/IEC 2004 All rights reservedForeword ISO (the International Organization for Standardization) and IEC (the International Electrotechnical Commission) form the specialized system for worldwide standardization. National bodies tha
12、t are members of ISO or IEC participate in the development of International Standards through technical committees established by the respective organization to deal with particular fields of technical activity. ISO and IEC technical committees collaborate in fields of mutual interest. Other interna
13、tional organizations, governmental and non-governmental, in liaison with ISO and IEC, also take part in the work. In the field of information technology, ISO and IEC have established a joint technical committee, ISO/IEC JTC 1. International Standards are drafted in accordance with the rules given in
14、 the ISO/IEC Directives, Part 2. The main task of the joint technical committee is to prepare International Standards. Draft International Standards adopted by the joint technical committee are circulated to national bodies for voting. Publication as an International Standard requires approval by at
15、 least 75 % of the national bodies casting a vote. Attention is drawn to the possibility that some of the elements of this document may be the subject of patent rights. ISO and IEC shall not be held responsible for identifying any or all such patent rights. ISO/IEC 7816-5 was prepared by Joint Techn
16、ical Committee ISO/IEC JTC 1, Information technology, Subcommittee SC 17, Cards and personal identification. This second edition cancels and replaces the first edition (ISO/IEC 7816-5:1994) and incorporates the Amendment ISO/IEC 7816-5:1994/Amd.1:1996). The technical content of Clauses 5 and 6 of th
17、e first edition is now to be found in the second edition of ISO/IEC 7816-4, and Annex A has been technically revised. ISO/IEC 7816 consists of the following parts, under the general title Identification cards Integrated circuit cards: Part 1: Cards with contacts: Physical characteristics Part 2: Car
18、ds with contacts: Dimensions and location of the contacts Part 3: Cards with contacts: Electrical interface and transmission protocols Part 4: Organization, security and commands for interchange Part 5: Registration of application providers Part 6: Interindustry data elements for interchange Part 7:
19、 Interindustry commands for Structured Card Query Language (SCQL) Part 8: Commands for security operations Part 9: Commands for card management Part 10: Cards with contacts: Electrical interface for synchronous cards Part 11: Personal verification through biometric methods Part 12: Cards with contac
20、ts: USB electrical interface and operating procedures Part 15: Cryptographic information application INTERNATIONAL STANDARD ISO/IEC 7816-5:2004(E) ISO/IEC 2004 All rights reserved 1Identification cards Integrated circuit cards Part 5: Registration of application providers 1 Scope This part of ISO/IE
21、C 7816 specifies a registration procedure for application providers, and establishes the authorities and procedures to ensure and optimize the reliability of this registration. NOTE 1 ISO/IEC 7816-4 defines the structures of registered application provider identifiers (RIDs), and how to use them. A
22、registered application provider identifier (RID) consists of five bytes. NOTE 2 In international RIDs (assigned by the international registration authority), the first quartet is set to A. NOTE 3 In national RIDs (assigned by a national Registration Authority), the first quartet is set to D and a re
23、levant country code follows (see Annex B). 2 Normative references The following referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amen
24、dments) applies. ISO/IEC 7816-4, Identification cards Integrated circuit cards Part 4: Organization, security and commands for interchange 3 Terms, definitions and abbreviated terms 3.1 Terms and definitions For the purposes of this document, the following terms and definitions, given in ISO/IEC 781
25、6-4, apply. 3.1.1 application provider entity providing the components that make up an application in the card 3.1.2 registered application provider identifier data element (five bytes) that uniquely identifies an application provider 3.2 Abbreviated terms RID Registered application provider identif
26、ier RMG Registration management group ISO/IEC 7816-5:2004(E) 2 ISO/IEC 2004 All rights reserved4 Registration of international identifiers 4.1 Request and registration procedures 4.1.1 Procedure for requesting a RID An application provider (including international organisations) shall apply to the s
27、tandards body of its related country (i.e. national standards body), or in the absence of a national standards body, to the secretariat of the ISO technical body responsible for this part of ISO/IEC 7816 for the assignment of a RID. The applicant shall use the form shown in Annex A. Registration for
28、ms are also available, on request, from the Registration Authority, the secretariat of the Registration Management Group (RMG) and the secretariat of the ISO technical body responsible for this part of ISO/IEC 7816. The national standards body or the secretariat of the ISO technical body responsible
29、 for this part of ISO/IEC 7816 then acts as the “Sponsoring Authority“ (see Clause 5) with respect to the request. 4.1.2 Criteria for approval of a request for a RID Requests for a RID shall meet all the following criteria: a) the applicant shall be a corporate entity or its subsidiaries operating u
30、nder a specific legislative regulation; b) the applicant requesting a RID shall not already have an international RID (registration category A). Exceptionally an applicant may apply for more than one RID, subject to decision by the RMG. 4.1.3 Criteria for rejection of a request for a RID A request f
31、or a RID shall be rejected if any of the following conditions exist: a) the applicant is not an application provider as defined by 3.1.1; b) the applicant has requested a specific number or the reservation in the register of a specific number or has made a request which is outside the scope of this
32、part of ISO/IEC 7816. NOTE Where special circumstances exist, the Sponsoring Authority may approve a request and forward the request to the Registration Authority for assignment of a number. All such assignments must be reported by the Sponsoring Authority to the RMG. 4.2 Appeal process 4.2.1 Appeal
33、 bodies Where a request has been rejected by a Sponsoring Authority, the applicant may appeal to the secretariat of the RMG (see Clause 6). Where a request has been rejected by the RMG, the applicant may appeal to the ISO technical body responsible for this part of ISO/IEC 7816 through the secretari
34、at of that ISO technical body. Applicants may submit for appeal requests that have been rejected by the ISO technical body responsible for this part of ISO/IEC 7816 to the ISO Central Secretariat. Appeal against rejection of a request shall be submitted to the appropriate body within 90 days of the
35、date of the letter of rejection. ISO/IEC 7816-5:2004(E) ISO/IEC 2004 All rights reserved 34.2.2 Information to be provided Where the Sponsoring Authority has rejected a request, the applicant shall provide the following information to the relevant appeal body in support of the appeal: a) Statement o
36、f which rejection clause (see 4.1.3) is disputed and why the applicant believes that the rejected request fulfills the criteria for acceptance (see 4.1.2). b) Statement of special circumstances whereby a specific requirement of the rejected request can be met, but such requirement is outside the cur
37、rent procedures and criteria for acceptance outlined in this this part of ISO/IEC 7816. 4.3 Responsibilities of applicants The responsibilities of applicants shall be: a) to comply fully with the numbering system defined in ISO/IEC 7816-4 and with the procedures for requesting RIDs as contained in t
38、his part of ISO/IEC 7816; b) to forward to its national standards body, or in the absence of a national standards body, to the secretariat of the ISO technical body responsible for this part of ISO/IEC 7816, a completed registration form, (see Annex A) together with the requisite fee; NOTE The regis
39、tration fee is not refundable. c) to retain the completed registration form containing the RID assigned to the applicant by the Registration Authority; d) to inform the Sponsoring Authority of any modification to the data related to the assigned RID. 5 Sponsoring Authorities 5.1 Eligibility to becom
40、e a Sponsoring Authority The following bodies may act as Sponsoring Authorities in processing requests for RIDs: a) any national member body of ISO (or agent appointed to act for its national member body); and b) the ISO technical body responsible for this part of ISO/IEC 7816 (or agent appointed to
41、 act for the ISO technical body). 5.2 Responsibilities The responsibilities of a Sponsoring Authority shall be: a) to comply fully with the numbering system defined in ISO/IEC 7816-4 and with the procedures for requesting RIDs as contained in this part of ISO/IEC 7816; b) to process within 30 days o
42、f receipt of requests, requests for RIDs from within their countries or areas of responsibility; c) to notify the applicant in writing, within 30 days of receipt of the request, as to the disposition of their request. If rejected, to advise applicant of the reason(s); d) to ensure that section A1 of
43、 the registration form has been filled in correctly; ISO/IEC 7816-5:2004(E) 4 ISO/IEC 2004 All rights reservede) to confirm whether or not the applicant already has an international RID; f) to forward to the Registration Authority (see Clause 7) requests for RIDs that meet the approval criteria, tog
44、ether with the requisite fee in a form determined by the Registration Authority; g) on receipt of the number assignment from the Registration Authority, to inform the applicant of the number assignment, returning the completed registration form containing the number assignment to the applicant, info
45、rming it of the requirement to retain the completed registration form as a permanent record; h) to reject requests for a specific number and for reservation of a specific number or any request outside the scope of this part of ISO/IEC 7816; or, where special circumstances exist, to approve such a re
46、quest and to put forward a copy of the relevant papers to the RMG for review; i) to respond to general enquiries covering this part of ISO/IEC 7816; j) to establish and maintain a national numbering system where necessary according to Annex B; k) to forward to the Registration Authority any modifica
47、tion to the data related to an assigned RID. 6 Registration Management Group (RMG) 6.1 Constitution In order to effectively manage the Registration system for applications in IC cards, the ISO technical body responsible for this part of ISO/IEC 7816 has established a RMG, ISO/IEC JTC1/SC17/WG5, whic
48、h is delegated to act on its behalf. The RMG shall be made up as follows: a) a representative of the Registration Authority who shall be a non-voting member of the RMG and shall be expected to attend all meetings; b) each P and L member of the ISO technical body responsible for this part of ISO/IEC
49、7816 is entitled to nominate one delegate and one alternate to the RMG. The alternate may attend all meetings but is entitled to vote only in the absence of the principal delegate; c) the convenor of the RMG and the secretariat of the RMG, nominated from the membership of the RMG. 6.2 Responsibilities The responsibilities of the RMG shall be: a) to ensure that applicants whose requests do not fulfill the conditions in 4.1.2 are rejected and informed of the cause of the rejection and furthermore informe
