6.4 Given a scenario, implement public key infrastructure. Flashcards
Certificate Authority (CA)
A certificate authority (CA) is an organization that is responsible for ISSUING, revoking, and distributing certificates
Registration Authority
– Responsible for verifying users’ identities and approving or denying requests for digital certificates.
– RAs do not issue certificates
Certificate Revocation List (CRL)
list that you need to update about revokes certs.
Certificate Revocation List (CRL)
list that you need to update about revoked certs.
Root CA
most trusted entity in PKI.
Intermediate CA
A CA that is subordinate to the root CA by one or more levels and typically issues certificates to other CAs in the public key infrastructure (PKI) hierarchy.
CSR (Certificate Signing Request)
A message sent to a certificate authority from a user or organization to request and apply for a digital certificate
Certificate or Digital Certificate
Signed with the CA’s private key and associates the user’s credentials with a public key.
Key Pair
Asymmetric encryption - 1 Public key & 1 Private Key
Stapling
allows a web server to provide information on the validity of its own certificate
Single-CA Model
A small company that has to get a cert from a CA
Hierarchical CA Model
A self signed CA, large company
Cross-Certification CA Model
A small company buying or partnering with another small company
Bridge CA Model
When a large company buys or partners with nay size company.
Key Escrow
Used to store keys securely, while allowing one or more 3rd parties (key escrow agents) access to the keys under predefined conditions.