
Developing Security-Enabled Applications • Chapter 11 471
some sort of directory such as an LDAP directory.Trusted CA lists and
CRLs as well as certificate request lists are stored in this database.This
method of record keeping facilitates fast checking and retrieval of infor-
mation by the certificate management service itself.
Now that we have discussed the component of a Public Key
Cryptography System, we move on to the actual real world implementa-
tion: certificate management systems.
Certificate Services
A certificate service is the usual implementation of PKI. A certificate ser-
vice is basically an organization of services surrounding a CA that allo ...