5.6 Secure access—SSL based extranet appliances

7.9 Public key infrastructure (X.509) standards 195

PKCS #12: Personal Information Exchange Syntax Standard

Specifies

a portable format for storing and/or transporting a user's private keys

and certificates.

PKCS #13: Elliptic Curve Cryptography Standard

This standard is

still under development.

PKCS #14: Pseudorandom Number Generation Standard

This stan-

dard is still under development.

PKCS #15: Cryptographic Token Information Format Standard

This

standard is targeted at establishing a standard that ensures that users

will be able to use cryptographic tokens to identify themselves to

multiple standards-aware applications.

Abstract Syntax Notation number one, or ASN.1, is a standard that

defines a formal notation for the specification of abstract data types. ASN. 1

is a formal notation used for describing data transmitted by telecommuni-

cations protocols. Also, ASN, 1 covers the structural aspects of information.

A main reason for the success of ASN. 1 is that this notation is linked with

several standardized encoding rules' such as the BER (Basic Encoding

Rules) and the PER (Packed Encoding Rules). ASN.1 has been used in

PKCS documents, including PKCS #5 v2.0, PKCS #12 vl.0, and PKCS

#15 vl.0.

7.9

Public key infrastructure (X.509) standards

One topic not covered is where X.509 comes from and what organizations

support it. The "International Telecommunication Union" (ITU) is an

organization formerly known as "Consultative Committee on International

Telephone and Telegraphy" (CCITT). The ITU provides telecommunica-

tions standards as well as the "X." standards, such as X.500 (directory ser-

vices) and X.509 (secure directory services). 8

The "Internet Engineering Task Force" (IETF) is an open international

community of network designers, vendors, and researchers focused on the

evolution of the Internet architecture and the operation of the Internet. 9

The IETF has recognized the

X.509

standards to be used in the Internet

technologies. To understand the IETE you need to look at a document that

they created:

http://wvvw.itu.int/

http://vvvvw.ietf.o rg

I Chapter 7

Get Internet Security now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Internet Security by Tim Speed, Juanita Ellis

Don’t leave empty-handed

Check it out now on O’Reilly