3.9 public key infrastructure Flashcards
DER
Distinguished encoding rules
DER is used in secure communications, where digitally signed messages must have the same encoding. Binary format.
PEM
Privacy enhanced mail
an email security standard that ensures the safety of electronic mail communication over the internet.
PFX
Personal information exchange
a password-protected file certificate that stores multiple cryptographic objects. It’s commonly used for code signing applications.
.cer
internet security certificate
These files help browsers verify if a website is secure and authentic.
P12
archive file format for storing cryptographic objects as a single file.
P7B
authenticates a device or person
PKI
public key infrastructure
RA
Registration Authority
Verifies the entity requesting the certificate
CRL
certificate revocation list
list of invalid certificates
OCSP
Online Certificate Status Protocol
browser checks for certificate revocation
CN
common name
the fully qualified domain name for the certificate
Subject Alternative Name
SAN certificate
allows multiple domains or hostnames to be secured under one certificate.
OCSP stapling
a process that allows browsers to check if a website’s TLS certificate has been revoked
pinning
reduces risk of fraudulent certificates
certificate chaining
a list of certificates that start from a server’s certificate and terminate with the root certificate.