PKI Flashcards
What is symmetric encryption?
Sharing one key
What is asymmetric encryption?
Having a public and private key-pair
Which version of SSL/TLS should be used?
TLS v1.2 or v1.3
What does SSL/TLS ensure?
Confidentiality. authentication, and data integrity.
What is a CA?
Certificate authority. Issues certificates so you can verify your identity.
What are the three types of SSL/TLS certificates?
Domain validated, organization validated, and extended validated
What are domain validated certificates?
Basically just checks if the applicant has the right to use the domain.
What are organizational validated certificates?
Checks if the applicant has the right to use the domain AND checks that the organization is legit.
What are extended validated certificates?
Makes SURE that that organization is who they say they are. Like 10,000% sure. that someone owns that domain and is who they say they are.
Which certificates are easy to differentiate?
EV is easy to tell, DV and OV are much, much harder.
What are the requirements of certificates?
Only the CA can create and update certs. Anyone can read it and verify it.
What is X.509?
A framework for authentication It contains the public key of the user and gets signed with the private key if a trusted CA.
What are the certificate elements?
Version, serial num, algorithm identifier, issuer, period of validity, subject name, subjects public key info, issuer unique ID, subject unique ID, extensions, signature.
What are some common certificate formats?
PEM, DER (PEM but in binary format), P7B/PKCS#7 and PFX/PKCS#12
What is base 64?
Using a-z, A-Z, 0-9 and “+” and “/” as “digits”. It is used to transmit data over a network designed to deal only with text.
