This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthor

Only authorized users are allowed to rename pages.

Only authorized users are allowed to delete pages.

Page revision history

Version Date Modified Size Author Changes ... Change note

Page References

Incoming links Outgoing links
Certificate Authority
Certificate Authority

Version management

Difference between version and

At line 1 added 31 lines
!!! Overview
In [Cryptography], [{$pagename}] (CA) is an [entity] that __issues__ digital [Certificates].
The digital [Certificate] certifies the ownership of a [Public Key] by the named [Certificate Subject] of the [Certificate].
The [Registration Authority] which is often the same as the [Certificate Authority] performs this by [Identity Proofing] during the [Certificate Request Process].
This [Certificate Request Process] is designed to allow the [Relying Party] to [Trust] upon [Digital Signatures] or [assertions] made by the [Private Key] that corresponds to the [Public Key] is [Authentic|Authentication].
[{$pagename}]s are characteristic of many [Public Key Infrastructure] ([PKI]) schemes.[1]
The [user] is responsible for going through the step of [Certificate Validation] for a [certificate] with a [{$pagename}] to figure out if the [certificate] presented is valid.
Each [{$pagename}] must have a [CAPK] and available to the [user] or device to perform the [Certificate Validation] of any [Certificates].
!! [Trust Anchor] and [{$pagename}]
[{$pagename}] issue uses a [Trust Anchor] [Certificate] (or [Root Certificate]) to sign all [Certificates] that they issue.
!! [{$pagename}] and [Identity Proofing]
A certificate authority, is supposed to, provide outside validation ([Identity Proofing]) that the [certificate], that is sent by a [ServerCertificate] was properly issued to someone who controls that server’s [DNS Domain]. The [DNS Domain] you use in a [browser] then must pass the [Certificate Validation]. The [Identity Proofing] process that domain owner went through to obtain it. The CAs are part of a [Chain of trust] that includes [Development Teams] of [Operating Systems] and [browsers], and represent the weakest link.
The [Threat] of [certificates] were issued that could or did lead to weaknesses has happened multiple times in the last decade. Perhaps the most well-known of these is DigiNotar, a Dutch CA that was compromised in [2011|Year 2011]. One of the certificates was allegedly used by the government of Iran to intercept sessions of its citizens.
This is one of the [Public Key Infrastructure Weaknesses].
!! More Information
There might be more information for this subject on one of the following:
[{ReferringPagesPlugin before='*' after='\n' }]
----
[#1] - [http://en.wikipedia.org/wiki/Certificate_authority]
This page (revision-1) was last changed on 29-Nov-2024 16:16 by UnknownAuthorTop