
Explore tens of thousands of sets crafted by our community.
Public Key Infrastructure Terms
29
Flashcards
0/29
Public Key
The key provided to everyone to encrypt messages for the key holder.
Private Key
The confidential key used by the owner to decrypt messages.
Intermediate Certificate
A certificate issued by a trusted CA that can issue other certificates, creating a chain of trust.
Chain of Trust
The series of trusted intermediaries between a root CA and the end-entity certificate.
Encryption
The process of converting information into a secure format that hides its true meaning.
Decryption
The process of converting encrypted information back into its original format.
Asymmetric Encryption
Encryption using a pair of keys, where one key encrypts data, and the other key decrypts it.
Symmetric Encryption
Encryption that uses the same secret key for both encryption and decryption.
Key Pair
A set of two keys used in a PKI, one public and one private, that are mathematically related.
Online Certificate Status Protocol (OCSP)
A protocol for checking the revocation status of a digital X.509 certificate without requiring CRLs.
SSL/TLS
Protocols for establishing authenticated and encrypted links between networked computers.
PKCS
A group of standards for public-key cryptography that includes PKCS#1, PKCS#12, etc., developed by RSA Laboratories.
Certificate Authority (CA)
An entity that issues digital certificates, affirming the identity of the certificate holder.
Hash Function
A function that converts an input (or 'message') into a fixed-size string of bytes, typically for security purposes.
Digital Signature
A mathematical scheme for verifying the authenticity of digital messages or documents.
Certificate Policy (CP)
A document which states the different purposes of certificates and their approved uses within a PKI.
Key Escrow
A process by which keys are held in trust by a third party, allowing encrypted data to be accessed under predefined conditions.
Certificate Practice Statement (CPS)
A document that describes in detail how the CA uses and manages the certificates it issues.
Revocation Reason
An explanation for why a certificate is no longer valid and has been revoked.
Subject Alternative Name (SAN)
An extension to X.509 that allows various values to be associated with a security certificate.
Wildcard Certificate
A public key certificate which can be used with multiple subdomains of a domain.
Extended Validation (EV) Certificate
A certificate where the issuing CA has verified the requesting entity's legal existence and identity to a high degree of rigor.
Digital Certificate
An electronic document used to prove the ownership of a public key.
Certificate Revocation List (CRL)
A list of digital certificate serial numbers that have been revoked by the issuing CA before their scheduled expiration.
Registration Authority (RA)
An authority in a network that verifies user requests for a digital certificate and tells the CA to issue it.
Certificate Signing Request (CSR)
A message sent from an applicant to a CA, containing information required for issuing a digital certificate.
Public Key Cryptography
A cryptographic system that uses a pair of keys, a public key for encrypting data and a private key for decrypting data.
X.509
A standard format for public key certificates, defining their structure.
Root Certificate
A self-signed certificate that identifies the Root CA.
© Hypatia.Tech. 2024 All rights reserved.