05 Public Key Infrastructure (PKI) and TLS_SSL
Studied by 0 people
Call Kai
Learn
Practice Test
Spaced Repetition
Match
Flashcards
Knowt Play1/22
There's no tags or description
Looks like no tags are added yet.
Name | Mastery | Learn | Test | Matching | Spaced | Call with Kai |
|---|
No analytics yet
Send a link to your students to track their progress
23 Terms
Public Key Infrastructure; a system to generate and manage public and private keys
PKI
Using asymmetric encryption to generate or create then encrypt a key for use in symmetric encryption
Electronic Key Exchange
Any communications attack where a third part intercepts communications then passes them on the the legitimate receiver
Man in the Middle (MitM)
Used in PKI; verifies identity of sender wanting a digital key pair
Registration Authority (RA)
Issuer of asymmetric key pair in a PKI; digitally signs the public key certificate; may be part of a CA chain
Certificate Authority (CA)
Any server hosting public key certificates; often hosted by the CA
Public Key Repository
Allows for Subject Alternate Names (SANs); can secure multiple domains, sites and subdomains with one certificate
Multi-Domain Certificate
SSL was the original standard for using public key certs - created by Netscape; SSL is now TLS
TLS/SSL
The combination of specific kinds of asymmetric encryption, symmetric encryption, and hashing to be used between a browser and a web site for secure (https) communications
Cipher Suite
Certificate will only work between these dates; shouldn't be a long time
Certificate Valid Dates
The standard used for digital certificates; old
X509
Used to identify certificates
Certificate Serial Number
Shows the type of hash and public key encryption used in making the CA's digital signature
Certificate Signature Algorithm
List of certificates that have gone bad before their expiration date
Certificate Revocation List (CRL)
This is just a regular hash of the certificate used for identification; NOT part of the CA's digital signature
Certificate Thumbprint
The CA's digital signature
Certificate Signature Value
Any general programming interface; a provided, allowed way to programatically interact with another piece of software
API
Older Microsoft crypto API
CAPI
The new Microsoft crytpo API, uses ECC; integrates with smart cards
CNG
Self-signed; included by default in browsers; trusted because…trust
Root Certificate Authorities
Some CAs can create other CAs, etc. to verify any CA other than a root CA each CA up the path must be verified
Hierarchical Certificate Path
A third party such as the government holds a copy of the private key
Key Escrow
Note 
Flashcards (229)