Digital Certificates Recap

Question 1

What are common certificate applications?

Answer 1

Server authentication, client authentication, code signing, email signing, time stamping, IP security, windows hardware driver verification, smart card logon, document signing, public key transport.

Question 2

What are common certificate types?

Answer 2

IKE, PKCS #7, PKCS #10, RSA signatures, X.509v3.

Question 3

What are the main stages of key/certificate management?

Answer 3

Initialization, Issued, and Cancellation.

Question 4

What is Initialization?

Answer 4

registration, key pair generation, certificate creation, distribution, dissemination, and backup.

Question 5

What is Issued?

Answer 5

certificate retrieval, validation, key recovery, and update.

Question 6

What is cancellation?

Answer 6

certificate expiration, revocation, key history, and archiving.

Question 7

What are the four steps for obtaining certificates from a CA?

Answer 7

Requester generates key pair
Requester creates Certificate Signing Request (CSR)
Trusted CA generates the digital certificate for the requester.
Trusted CA signs the requester’s digital certificate with their private key.

Question 8

What are the two main encoding schemes for X.509?

Answer 8

PEM (Base64 ASCII text) and DER (binary)

Question 9

What are common certificate file types?

Answer 9

.cer, .crt, .pem, .key, and .der

Question 10

What is the difference between end-to-end authentication and intermediate authentication??

Answer 10

E-TE: Client authenticates itself to the end-service.
I A: Only part of the conversation between entities is authentication.