Digital Certificates
Albert Levi, Sabanci University, Turkey
Introduction
Certificate Structure
X.509v3 Certificate Characteristics and Structure
X.509v3 Extension Fields
Other Types of Certificates
Issues and Discussions
Certificate Revocation
Certificate Distribution
Certificates as Electronic IDs
Privacy Concerns
PKIX and X.509
Application Protocols Based on X.509 Certificates
Key Players in the Industry and Their
Certification Practices
Certificate Classes
PKCS Standards Related to Certificates
Summary and Conclusion
Glossary
Cross References
References
INTRODUCTION
Public key cryptography has become popular in information and telecommunication security. Algorithms in this family use two different, but related, keys. One of them is kept private by the key owner, and the other is made public. The private key is used to decrypt messages as well as to sign digital information. The corresponding public key is used to encrypt messages and to verify digital signatures. Because these latter operations can be done by anyone, public keys need to be made public. Although public keys are widely known, it is not computationally feasible to obtain a private key using the corresponding public key.
Public key distribution is not an easy task. Public keys can be distributed through global directories or servers, but the key must be bound to the holder's identity. Without binding, the key holders could use any name they wanted. For example, suppose Charlie creates a key pair and publishes the ...
Get Handbook of Information Security, Volume 1, Key Concepts, Infrastructure, Standards, and Protocols now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.