Explore tens of thousands of sets crafted by our community.
Public Key Infrastructure Terms
29
Flashcards
0/29
Public Key
The key provided to everyone to encrypt messages for the key holder.
Private Key
The confidential key used by the owner to decrypt messages.
Certificate Authority (CA)
An entity that issues digital certificates, affirming the identity of the certificate holder.
Digital Certificate
An electronic document used to prove the ownership of a public key.
Certificate Revocation List (CRL)
A list of digital certificate serial numbers that have been revoked by the issuing CA before their scheduled expiration.
Registration Authority (RA)
An authority in a network that verifies user requests for a digital certificate and tells the CA to issue it.
Certificate Signing Request (CSR)
A message sent from an applicant to a CA, containing information required for issuing a digital certificate.
Public Key Cryptography
A cryptographic system that uses a pair of keys, a public key for encrypting data and a private key for decrypting data.
X.509
A standard format for public key certificates, defining their structure.
Root Certificate
A self-signed certificate that identifies the Root CA.
Intermediate Certificate
A certificate issued by a trusted CA that can issue other certificates, creating a chain of trust.
Chain of Trust
The series of trusted intermediaries between a root CA and the end-entity certificate.
Encryption
The process of converting information into a secure format that hides its true meaning.
Decryption
The process of converting encrypted information back into its original format.
Asymmetric Encryption
Encryption using a pair of keys, where one key encrypts data, and the other key decrypts it.
Symmetric Encryption
Encryption that uses the same secret key for both encryption and decryption.
Key Pair
A set of two keys used in a PKI, one public and one private, that are mathematically related.
Online Certificate Status Protocol (OCSP)
A protocol for checking the revocation status of a digital X.509 certificate without requiring CRLs.
SSL/TLS
Protocols for establishing authenticated and encrypted links between networked computers.
PKCS
A group of standards for public-key cryptography that includes PKCS#1, PKCS#12, etc., developed by RSA Laboratories.
Hash Function
A function that converts an input (or 'message') into a fixed-size string of bytes, typically for security purposes.
Digital Signature
A mathematical scheme for verifying the authenticity of digital messages or documents.
Certificate Policy (CP)
A document which states the different purposes of certificates and their approved uses within a PKI.
Key Escrow
A process by which keys are held in trust by a third party, allowing encrypted data to be accessed under predefined conditions.
Certificate Practice Statement (CPS)
A document that describes in detail how the CA uses and manages the certificates it issues.
Revocation Reason
An explanation for why a certificate is no longer valid and has been revoked.
Subject Alternative Name (SAN)
An extension to X.509 that allows various values to be associated with a security certificate.
Wildcard Certificate
A public key certificate which can be used with multiple subdomains of a domain.
Extended Validation (EV) Certificate
A certificate where the issuing CA has verified the requesting entity's legal existence and identity to a high degree of rigor.
© Hypatia.Tech. 2024 All rights reserved.