1. Public Key Infrastructure (PKI): A system that provides the necessary components for secure communication using public key cryptography.
2. Certificate Authority (CA): A trusted entity that issues and manages digital certificates.
3. Registration Authority (RA): An entity responsible for verifying certificate requests and forwarding them to a CA.
4. Digital Certificate: An electronic document that binds a public key to an individual or entity.
5. Certificate Revocation List (CRL): A list of revoked certificates maintained by a CA.
6. Online Certificate Status Protocol (OCSP): A protocol used to check the revocation status of a digital certificate.
7. Certificate Signing Request (CSR): A request sent to a CA to obtain a digital certificate.
8. Common Name (CN): The primary identifier in a certificate, usually a domain name or personal identifier.
9. Distinguished Name (DN): A unique identifier for an entity in a digital certificate.
10. Subject Alternative Name (SAN): A field in a certificate that allows multiple domain names to be covered.
11. Intermediate CA: A subordinate CA that provides a link between the root CA and end-entity certificates.
12. End-Entity Certificate: A certificate issued to an individual, organization, or device.
13. Root Certificate: A self-signed certificate that serves as the trust anchor in a PKI.
14. Wildcard Certificate: A certificate that secures a domain and all its subdomains.
15. Code-Signing Certificate: A certificate used to digitally sign software to verify its authenticity.
16. Self-Signed Certificate: A certificate signed by the same entity it certifies, often used internally.
17. Machine/Computer Certificate: A certificate issued to a computer for authentication.
18. E-mail Certificate: A certificate used for securing e-mail communications.
19. Domain Validation Certificate: A low-trust certificate verifying control over a domain.
20. Extended Validation (EV) Certificate: A high-trust certificate that provides stronger identity verification.
21. X.509: The standard format for digital certificates.
22. Distinguished Encoding Rules (DER): A binary format for encoding certificates.
23. Privacy-Enhanced Mail (PEM): A Base64-encoded certificate format commonly used by CAs.
24. Personal Information Exchange (PFX): A format used to store certificates and private keys together.
25. P12 (.pfx, .p12): A binary format for storing a certificate and private key in one file.
26. P7B (.p7b, .p7c): A format containing certificates but no private keys, used in Windows and Java environments.
27. Stapling: A method that allows a web server to provide OCSP responses directly to clients.
28. Pinning: The practice of associating a host with a specific certificate or public key.
29. Trust Model: The structure defining trust relationships between CAs and certificates.
30. Hierarchical Trust Model: A model with a root CA at the top, issuing certificates to intermediate and end-entity CAs.
31. Peer-to-Peer Trust Model: A model where CAs cross-certify each other without a single root CA.
32. Hybrid Trust Model: A combination of hierarchical and peer-to-peer trust models.
33. Key Escrow: A process where a third party holds a copy of private encryption keys.
34. Certificate Chaining: The linking of certificates from an end-entity to a root CA to establish trust.
Knowt
Note
Studied by 11 people
